Don't reinvent the whell, use existing roles (have to be tested)

mailserver.yml

@@ -8,10 +8,23 @@
     - nfs_client
     - postfix
     - dovecot
-    - re2o-service-mail
 #    - rspamd
 #    - mail-fail2ban
 #
 # Make OVH server send mails through proxy ?
 # Add multiple MX
 # Configure DKIM, SPF, Greylisting, etc...
+
+
+# Deploy Re2o mail service
+ - hosts: mail.auro.re
+   vars:
+     service_repo: https://gitea.auro.re/aurore/re2o-mail-server.git
+     service_name: mail-server
+     service_version: aurore
+     service_config:
+       hostname: re2o-test.adm.auro.re  # use test instance for now, should be changed for prod!
+       username: service-user
+       password: "{{ vault_serviceuser_passwd }}"
+   roles:
+     - re2o-service

roles/re2o-service-mail/tasks/main.yml

@@ -1,43 +0,0 @@
----
-- name: Create re2o mail-server directory
-  file:
-    path: /var/local/re2o-services/mail-server
-    state: directory
-    mode: '0775'
-    owner: root
-    group: root
-
-- name: Clone re2o mail-server repository
-  git:
-    repo: 'http://gitea.auro.re/aurore/re2o-mail-server.git'
-    dest: /var/local/re2o-services/mail-server
-    umask: '002'
-
-- name: Add API configuration
-  template:
-    src: config.ini.j2
-    dest: /var/local/re2o-services/mail-server/config.ini
-    owner: root
-    group: root
-    mode: "0700"
-
-- name: Create generated directory
-  file:
-    path: /var/local/re2o-services/mail-server/generated
-    state: directory
-    mode: "0755"
-    owner: root
-    group: root
-
-- name: Deploy cron for re2o-mail-server
-  template:
-    src: cron.d/re2o-services-mail-server.j2
-    dest: /etc/cron.d/re2o-services-mail-server
-
-- name: Deploy local aliases
-  template:
-    src: re2o-services/mail-server/mail-aliases/{{ item }}.j2
-    dest: /var/local/re2o-services/mail-server/{{ item }}_local
-  loop:
-    - aliases
-    - virtuals

roles/re2o-service-mail/templates/config.ini.j2

@@ -1,6 +0,0 @@
-# {{ ansible_managed }}
-
-[Re2o]
-hostname = {{ re2o_hostname }}
-username = {{ re2o_api_username }}
-password = {{ re2o_api_password }}

roles/re2o-service-mail/templates/cron.d/re2o-services-mail-server.j2

@@ -1,2 +0,0 @@
-{{ ansible_managed | comment }}
-*/5 * * * * root /usr/bin/python3 /var/local/re2o-services/mail-server/main.py