First postfix tests

2019-03-04 12:51:13 +01:00
7 changed files with 110 additions and 0 deletions
--- a/postfix.yml
+++ b/postfix.yml
@ -0,0 +1,17 @@
+---
+# All ovh servers should send mail throught proxy
+- hosts: ovh:!proxy.adm.auro.re
+  vars:
+    local_network: 10.128.0.0/16
+    relayhost: proxy.adm.auro.re
+    myorigin: auro.re
+  roles:
+    - postfix-non-mailhost
+
+# Proxy should send emails
+- hosts: proxy.adm.auro.re
+  vars:
+    local_network: 10.128.0.0/16
+    myorigin: auro.re
+  roles:
+    - postfix-mailhost
--- a/roles/postfix-mailhost/handlers/main.yml
+++ b/roles/postfix-mailhost/handlers/main.yml
@ -0,0 +1,6 @@
+---
+# Restart postfix when conf changes
+- name: Restart postfix service
+  service:
+    name: postfix
+    state: restarted
--- a/roles/postfix-mailhost/tasks/main.yml
+++ b/roles/postfix-mailhost/tasks/main.yml
@ -0,0 +1,11 @@
+---
+- name: Install postfix
+  apt:
+    name: postfix
+    update_cache: true
+
+- name: Configure postfix
+  template:
+    src: postfix/main.cf.j2
+    dest: /etc/postfix/main.cf
+  notify: Restart postfix service
--- a/roles/postfix-mailhost/templates/postfix/main.cf.j2
+++ b/roles/postfix-mailhost/templates/postfix/main.cf.j2
@ -0,0 +1,29 @@
+# {{ ansible_managed }}
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+# Template based on /usr/share/postfix/main.cf.debian
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
+# fresh installs.
+compatibility_level = 2
+
+# Send mail as user@{{ myorigin }}
+myorigin = {{ myorigin }}
+
+mydestination = $myhostname localhost.{{ myorigin }} localhost {{ myorigin }}
+
+# Specify the trusted networks
+mynetworks = 127.0.0.0/8 {{ local_network }}
+
+# This host does not relay mail from untrusted networks
+relay_domains =
--- a/roles/postfix-non-mailhost/handlers/main.yml
+++ b/roles/postfix-non-mailhost/handlers/main.yml
@ -0,0 +1,6 @@
+---
+# Restart postfix when conf changes
+- name: Restart postfix service
+  service:
+    name: postfix
+    state: restarted
--- a/roles/postfix-non-mailhost/tasks/main.yml
+++ b/roles/postfix-non-mailhost/tasks/main.yml
@ -0,0 +1,11 @@
+---
+- name: Install postfix
+  apt:
+    name: postfix
+    update_cache: true
+
+- name: Configure postfix
+  template:
+    src: postfix/main.cf.j2
+    dest: /etc/postfix/main.cf
+  notify: Restart postfix service
--- a/roles/postfix-non-mailhost/templates/postfix/main.cf.j2
+++ b/roles/postfix-non-mailhost/templates/postfix/main.cf.j2
@ -0,0 +1,30 @@
+# {{ ansible_managed }}
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+# Template based on /usr/share/postfix/main.cf.debian
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
+# fresh installs.
+compatibility_level = 2
+
+# Send mail as user@{{ myorigin }}
+myorigin = {{ myorigin }}
+
+# Specify the trusted networks
+mynetworks = 127.0.0.0/8 {{ local_network }}
+
+# This host does not relay mail from untrusted networks
+relay_domains =
+
+# This is needed if no direct Internet access is available
+relayhost = {{ relayhost }}