Labels Milestones

WIP: Setup of a mail server #9

Draft

otthorn wants to merge 151 commits from mailserver into master

pull from: mailserver

merge into: aurore:master

aurore:new-infra

aurore:bird

aurore:dns

aurore:aruba

aurore:radius

aurore:on-en-a-litteralement-rien-a-foutre

aurore:radvd

aurore:keepalived

aurore:ifupdown2

aurore:master

aurore:dhcp

aurore:cleanup_no_ldap_for_servers

aurore:infra_router

aurore:ask_vault_pass

aurore:borgfix

aurore:auditd

aurore:prometheus_apt_pending_and_reboot

aurore:move_host_vars

aurore:prometheus-ipmi-exporter

aurore:fix-portail

aurore:crans

aurore:apt

aurore:remove_old_db_servers

aurore:rspamd

aurore:wireguard-ovh

aurore:pass

aurore:nullmailer

aurore:logs

aurore:re2o-master

aurore:mail_server

Conversation 0 Commits 151 Files Changed 29

otthorn commented 3 years ago

Owner

Creating a full fledged mail server at Aurore

Before merging, to sure to...

TODO :

• Add {{ ansible_managed }} in the config files where it is missing
• Please yaml linter
• Please ansible linter
• Run the whole playbook one last time to check if the result is idempotent
• Add a motd for each service (re2o-mailserver, Postfix, Dovecot, rspamd, etc...) and give a link of where to find them if necessary
• Add apt retry and update cache everywhere where it is needed

register: apt_result
retries: 3
until: apt_result is succeeded

• Rebase from master to avoid changing re2o-service password
• Resolve merge conflicts (most notablly in the vault)
• Re-deploy the new re2o-service password
• Add the service mail-server to re2o (prod)
• Change re2o instance (from re2o-test)

Creating a full fledged mail server at Aurore Before merging, to sure to... TODO : - [ ] Add `{{ ansible_managed }}` in the config files where it is missing - [ ] Please yaml linter - [ ] Please ansible linter - [ ] Run the whole playbook one last time to check if the result is idempotent - [ ] Add a motd for each service (re2o-mailserver, Postfix, Dovecot, rspamd, etc...) and give a link of where to find them if necessary - [ ] Add apt retry and update cache everywhere where it is needed ```yaml register: apt_result retries: 3 until: apt_result is succeeded ``` - [x] Rebase from master to avoid changing re2o-service password - [x] Resolve merge conflicts (most notablly in the vault) - [x] Re-deploy the new re2o-service password - [ ] Add the service `mail-server` to re2o (prod) - [ ] Change re2o instance (from `re2o-test`)

otthorn added 60 commits 3 years ago

b2fb30d46d Add mail vars

b412210d56 Add (initial) postfix role

846665961a Add (initial) mail-utils role

9c0f7010a7 Add (initial) mailserver playbook

bb8bd718a9 fix yaml lint

9a04934bd2 Starting the dovecot task

ca6d4a9839 commented unused tasks for the moment

8557db5e89 Added the certificates gestion

1847a5a698 Add nfs-client role

f901669341 fix var names for better hierarchy

807ecda890 Added NFS host_var for mail.auro.re

17a64241d6 mail is no longer in adm

5c9ae10a8c Fix yaml lint

d873b3f3a8 fix ansible-lint

e77047a532 add sain defaults for NFS client

7e03eafeaa dashes are evil, use underscore in var names

72d486119e fix typo

a5a0e5ccfe oupsie, reverse this

06917ce46b Agree to Letsencrypt TOS

9d4c630c7e Add the mail-certificate role

ee16220591 Please linter

a8cbe4549c fix ansible lint v2 -- we actually git add the file this time

851e459b6f Starting to try out postfix config

a54c5832a3 Apt retry mechanism

241997396b Config outside of conf.d

e1d8382fed fix typo

d3cf2c7e5f dovecot handlers

765ce39625 auth config

79b75cae00 maildir conf

f991befbc6 renamed to fit jinja template

026e35adc7 Add IMAP/POP/SMTP auth conf

1297884ce1 Add ssl conf

ad1a1602eb dovecot ldap conf

eb257b966b dovecot vars

645f0fd445 Add dovecot bind password into the vault

418da50049 Add dovecot role to the mailserver

bd8942eff2 reload -> restart

58064df056 fix typo

de2758f4d6 rename roles to match regex set by linter

094334e069 Fix mode, shoudl always be set

b8e4ece8a7 use underscores instead of dashes inside role names

8b66ba059b use command instead of shell when no shell functionality is required

99a46af244 User handlers to run when something changed

24fa5a969c add local_network variable

8612f835af fix typo and indentation problem

d05425745f Fix indentation... again

b50ef60e8a fix conf.d template files path

fcb53b7cf5 Add sane logging timestamp format

af4d66c85b remove non-existant conf file from the role

c45dab323a Don't add conf.d/*.conf into a file that is itself already there! dumb dumb

809f5f9cc9 Add config in the right section

b2a49c1e42 Add LMTP for Postfix-Dovecot communication

52a29ff010 Fix syntax: don't forget the underscore

2673f771d9 Enable Dovecot sieve

c85b2b58fe Add quota to dovecot

1c20193fc8 Add re2o mail server to the roles of the mailserver playbook

cf58c2bac5 Add re2o mail server

9e91f2e9d5 Re2o API config

1c7b4f8560 add re2o service mail cron

1e59bec323 Add Re2o API vars

otthorn added 1 commit 3 years ago

0a7de4fc78 Mail VM has a public addr now and FQDN is mail.auro.re

otthorn added 1 commit 3 years ago

ebf712d0bc Use correct re2o API vars (don't add them twice in vault, reuse them)

otthorn added 1 commit 3 years ago

27cfcc1320 Don't reinvent the whell, use existing roles (have to be tested)

otthorn added 1 commit 3 years ago

2c531d1af2 Postfix conf add certs and other security related modifications

otthorn added 2 commits 3 years ago

e316679e13 Add additional role for mailserver

efa34dab42 fix yaml syntax

otthorn added 1 commit 3 years ago

43053e57f9 Fix broken vars

otthorn added 1 commit 3 years ago

256d2d5df4 Post renewal hook for certbot to reload dovecot and postfix

otthorn added 1 commit 3 years ago

77918e00ce move files to the right place and fix small typo

otthorn added 1 commit 3 years ago

b35922346e Remove file since I did not git mv correclty...

otthorn added 1 commit 3 years ago

c0cd3946fb Fix postfix cert variables

otthorn added 1 commit 3 years ago

5f48a46522 Add postfix quota check

otthorn added 1 commit 3 years ago

faba1d2005 Correct typo, this one was sneaky!

otthorn force-pushed mailserver from faba1d2005 to 659847bbfa 3 years ago

otthorn force-pushed mailserver from 659847bbfa to 4cd6a2d2c5 3 years ago

otthorn added 74 commits 3 years ago

b2fb30d46d Add mail vars

b412210d56 Add (initial) postfix role

846665961a Add (initial) mail-utils role

9c0f7010a7 Add (initial) mailserver playbook

bb8bd718a9 fix yaml lint

9a04934bd2 Starting the dovecot task

ca6d4a9839 commented unused tasks for the moment

8557db5e89 Added the certificates gestion

1847a5a698 Add nfs-client role

f901669341 fix var names for better hierarchy

807ecda890 Added NFS host_var for mail.auro.re

17a64241d6 mail is no longer in adm

5c9ae10a8c Fix yaml lint

d873b3f3a8 fix ansible-lint

e77047a532 add sain defaults for NFS client

7e03eafeaa dashes are evil, use underscore in var names

72d486119e fix typo

a5a0e5ccfe oupsie, reverse this

06917ce46b Agree to Letsencrypt TOS

9d4c630c7e Add the mail-certificate role

ee16220591 Please linter

a8cbe4549c fix ansible lint v2 -- we actually git add the file this time

851e459b6f Starting to try out postfix config

a54c5832a3 Apt retry mechanism

241997396b Config outside of conf.d

e1d8382fed fix typo

d3cf2c7e5f dovecot handlers

765ce39625 auth config

79b75cae00 maildir conf

f991befbc6 renamed to fit jinja template

026e35adc7 Add IMAP/POP/SMTP auth conf

1297884ce1 Add ssl conf

ad1a1602eb dovecot ldap conf

eb257b966b dovecot vars

645f0fd445 Add dovecot bind password into the vault

418da50049 Add dovecot role to the mailserver

bd8942eff2 reload -> restart

58064df056 fix typo

de2758f4d6 rename roles to match regex set by linter

094334e069 Fix mode, shoudl always be set

b8e4ece8a7 use underscores instead of dashes inside role names

8b66ba059b use command instead of shell when no shell functionality is required

99a46af244 User handlers to run when something changed

24fa5a969c add local_network variable

8612f835af fix typo and indentation problem

d05425745f Fix indentation... again

b50ef60e8a fix conf.d template files path

fcb53b7cf5 Add sane logging timestamp format

af4d66c85b remove non-existant conf file from the role

c45dab323a Don't add conf.d/*.conf into a file that is itself already there! dumb dumb

809f5f9cc9 Add config in the right section

b2a49c1e42 Add LMTP for Postfix-Dovecot communication

52a29ff010 Fix syntax: don't forget the underscore

2673f771d9 Enable Dovecot sieve

c85b2b58fe Add quota to dovecot

1c20193fc8 Add re2o mail server to the roles of the mailserver playbook

cf58c2bac5 Add re2o mail server

9e91f2e9d5 Re2o API config

1c7b4f8560 add re2o service mail cron

1e59bec323 Add Re2o API vars

0a7de4fc78 Mail VM has a public addr now and FQDN is mail.auro.re

ebf712d0bc Use correct re2o API vars (don't add them twice in vault, reuse them)

27cfcc1320 Don't reinvent the whell, use existing roles (have to be tested)

2c531d1af2 Postfix conf add certs and other security related modifications

e316679e13 Add additional role for mailserver

efa34dab42 fix yaml syntax

43053e57f9 Fix broken vars

256d2d5df4 Post renewal hook for certbot to reload dovecot and postfix

77918e00ce move files to the right place and fix small typo

b35922346e Remove file since I did not git mv correclty...

c0cd3946fb Fix postfix cert variables

5f48a46522 Add postfix quota check

faba1d2005 Correct typo, this one was sneaky!

a2cbf4a487 Merge branch 'mailserver' of ssh://gitea.auro.re:2222/Aurore/ansible into mailserver

otthorn added 1 commit 3 years ago

b06ac0647c Merge branch 'master' into mailserver

otthorn added 4 commits 3 years ago

6dae04fe62 🚨 fix trailling spaces and space in front of comment

6958bbf17a 🚨 fix risky-file-permission

5d8874b489 🚨 fix trailling-spaces

0283c0c589 🚨 fix risky-file-permissions

All checks were successful

continuous-integration/drone/push Build is passing

Details

continuous-integration/drone/pr Build is passing

Details

This pull request has changes conflicting with the target branch.

• group_vars/all/vault.yml
• hosts
• roles/certbot/templates/letsencrypt/conf.d/certname.ini.j2
• group_vars/all/vars.yml

Sign in to join this conversation.

Reviewers

Request review

No reviewers

Labels

Apply labels

Clear labels

No items

No Label

Milestone

Set milestone

Clear milestone

No items

No Milestone

Assignees

Assign users

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: aurore/ansible#9

Write Preview

Loading…

Cancel

Save

There is no content yet.