Add role service-nullmailer

This commit is contained in:
Tobias Hachmer 2018-01-07 17:39:51 +01:00
parent 90f486eb60
commit b246e8982b
8 changed files with 121 additions and 0 deletions

View file

@ -19,6 +19,8 @@ bgp_ipv6_transfer_net: fd37:b4dc:4b1e::/64
http_domain_internal: ffmwu.org http_domain_internal: ffmwu.org
http_domain_external: freifunk-mwu.de http_domain_external: freifunk-mwu.de
mail_domain: freifunk-mwu.de
meshes: meshes:
- id: mz - id: mz
site_number: 37 site_number: 37

View file

@ -33,3 +33,4 @@
- service-bind-slave - service-bind-slave
- service-respondd - service-respondd
- service-vnstat - service-vnstat
- service-nullmailer

View file

@ -0,0 +1,15 @@
# Ansible role service-nullmailer
Diese Ansible role installiert postfix und konfiguriert diesen als null client.
- schreibt /etc/mailname
- schreibt /etc/postfix/main.cf
- setzt root alias in /etc/aliases
## Benötigte Variablen
- Variable `inventory_hostname`
- Variable `mail_domain` (Gruppen-Variable)
- Liste `nullmailer_packages` (Rollen-Variable)
- Variable `nullmailer_relayhost`(Rollen-Variable)
- Variable `admin_mail_address` (Rollen-Variable)

View file

@ -0,0 +1,14 @@
---
- name: reload systemd unit postfix
systemd:
name: postfix
state: reloaded
- name: restart systemd unit postfix
systemd:
name: postfix
state: restarted
- name: run postalias
command: postalias /etc/aliases
changed_when: False

View file

@ -0,0 +1,32 @@
---
- name: install postfix packages
package:
name: "{{ item }}"
state: present
with_items: "{{ nullmailer_packages }}"
- name: write /etc/mailname
template:
src: mailname.j2
dest: /etc/mailname
mode: 0644
owner: root
group: root
notify: reload systemd unit postfix
- name: configure mail aliases
lineinfile:
path: /etc/aliases
state: present
regexp: '^root:'
line: "root: {{ admin_mail_address }}"
notify: run postalias
- name: write /etc/postfix/main.cf
template:
src: main.cf.j2
dest: /etc/postfix/main.cf
mode: 0644
owner: root
group: root
notify: reload systemd unit postfix

View file

@ -0,0 +1 @@
{{ mail_domain }}

View file

@ -0,0 +1,48 @@
#
# {{ ansible_managed }}
#
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = /usr/share/doc/postfix
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level = encrypt
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = {{ inventory_hostname }}
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination =
relayhost = {{ nullmailer_relayhost }}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all
html_directory = /usr/share/doc/postfix/html

View file

@ -0,0 +1,8 @@
---
nullmailer_packages:
- postfix
- postfix-doc
- mailutils
nullmailer_relayhost: "[fd37:b4dc:4b1e::a25:101]"
admin_mail_address: "admin@lists.freifunk-mwu.de"