LILiK
/
lilik_playbook
5
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Playbooks to a new Lilik
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
223 Commits
12 Branches
967 KiB
 
 
 
 
Tree: 5d4f6c32b3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5d4f6c32b3'
${ noResults }
lilik_playbook/roles/exim4/tasks/main.yaml

149 lines
4.2 KiB
Raw Blame History

- name: configure exim4-config
debconf:
name: 'exim4-config'
question: '{{ item.key }}'
vtype: 'string'
value: '{{ item.value }}'
with_dict:
exim4/dc_smarthost: '{{ stmp_relay }}'
exim4/dc_minimaldns: false
exim4/dc_postmaster:
exim4/dc_localdelivery: mbox format in /var/mail/
exim4/dc_readhost:
exim4/dc_other_hostnames: '{{ ansible_hostname }}.lilik.it'
exim4/dc_relay_nets:
exim4/exim4-config-title:
exim4/no_config: false
exim4/mailname: '{{ ansible_hostname }}.lilik.it'
exim4/use_split_config: false
exim4/hide_mailname: false
exim4/dc_relay_domains:
notify:
- update exim4 configuration
- restart exim4
- name: configure exim4-config (sympa_transport)
debconf:
name: 'exim4-config'
question: '{{ item.key }}'
vtype: 'string'
value: '{{ item.value }}'
with_dict:
exim4/dc_eximconfig_configtype: mail sent by smarthost; received via SMTP or fetchmail
exim4/dc_local_interfaces:
when: sympa_transport | bool
notify:
- update exim4 configuration
- restart exim4
- name: configure exim4-config (smarthost)
debconf:
name: 'exim4-config'
question: '{{ item.key }}'
vtype: 'string'
value: '{{ item.value }}'
with_dict:
exim4/dc_eximconfig_configtype: mail sent by smarthost; no local mail
exim4/dc_local_interfaces: 127.0.0.1 ; ::1
when: not sympa_transport | bool
notify:
- update exim4 configuration
- restart exim4
- block:
- include_role:
name: service
# static: yes # see static include issue: https://github.com/ansible/ansible/issues/13485
vars:
service_name: exim4
service_packages:
- exim4
- name: generate the TLS key
shell: "/usr/share/doc/exim4-base/examples/exim-gencert"
args:
creates: /etc/exim4/exim.key
notify: restart exim4
- include_role:
name: service
vars:
service_name: opendkim
service_packages:
- opendkim
- opendkim-tools
- name: create opendkim folder
file:
path: /etc/opendkim/
state: directory
mode: 0750
owner: root
group: Debian-exim
- name: create opendkim key for lilik.it
command: opendkim-genkey -D /etc/opendkim/ -d lists.lilik.it -s lists
args:
creates:
- /etc/opendkim/mail.private
- /etc/opendkim/mail.txt
- name: check /etc/opendkim/mail.private permissions
file:
path: /etc/opendkim/mail.private
owner: root
group: Debian-exim
mode: 0640
- name: exim4 macro for TLS, DKIM and sympa aliases
blockinfile:
dest: /etc/exim4/exim4.conf.localmacros
block: |
MAIN_TLS_ENABLE = yes
DKIM_CANON = relaxed
DKIM_SELECTOR = lists
DKIM_DOMAIN = lists.lilik.it
DKIM_PRIVATE_KEY = /etc/opendkim/lists.private
#--------------
# Activating pipe transport in system_aliases router (pipes in /etc/aliases)
.ifndef SYSTEM_ALIASES_PIPE_TRANSPORT
SYSTEM_ALIASES_PIPE_TRANSPORT = address_pipe
.endif
.ifndef SYSTEM_ALIASES_USER
SYSTEM_ALIASES_USER = sympa
.endif
.ifndef SYSTEM_ALIASES_GROUP
SYSTEM_ALIASES_GROUP = sympa
.endif
#--------------
create: yes
notify:
- update exim4 configuration
- restart exim4
- name: exim4 pipe for sympa aliases
blockinfile:
dest: /etc/exim4/exim4.conf.template
block: |
#--------------
# Using alias pipe definitions for the Sympa lists in /etc/mail/sympa/aliases
sympa_aliases:
debug_print = "R: system_aliases for $local_part@$domain"
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/mail/sympa/aliases}}
user = sympa
group = sympa
pipe_transport = address_pipe
#--------------
insertbefore: 'system_aliases:'
notify:
- update-exim4.conf
- restart exim4
when: sympa_transport | bool