WIP: Setup of a mail server

otthorn commented

2021-02-04 02:21:38 +01:00

Owner

Creating a full fledged mail server at Aurore

Before merging, to sure to...

TODO :

Add {{ ansible_managed }} in the config files where it is missing
Please yaml linter
Please ansible linter
Run the whole playbook one last time to check if the result is idempotent
Add a motd for each service (re2o-mailserver, Postfix, Dovecot, rspamd, etc...) and give a link of where to find them if necessary
Add apt retry and update cache everywhere where it is needed

register: apt_result
retries: 3
until: apt_result is succeeded

Rebase from master to avoid changing re2o-service password
Resolve merge conflicts (most notablly in the vault)
Re-deploy the new re2o-service password
Add the service mail-server to re2o (prod)
Change re2o instance (from re2o-test)

Creating a full fledged mail server at Aurore Before merging, to sure to... TODO : - [ ] Add `{{ ansible_managed }}` in the config files where it is missing - [ ] Please yaml linter - [ ] Please ansible linter - [ ] Run the whole playbook one last time to check if the result is idempotent - [ ] Add a motd for each service (re2o-mailserver, Postfix, Dovecot, rspamd, etc...) and give a link of where to find them if necessary - [ ] Add apt retry and update cache everywhere where it is needed ```yaml register: apt_result retries: 3 until: apt_result is succeeded ``` - [x] Rebase from master to avoid changing re2o-service password - [x] Resolve merge conflicts (most notablly in the vault) - [x] Re-deploy the new re2o-service password - [ ] Add the service `mail-server` to re2o (prod) - [ ] Change re2o instance (from `re2o-test`)

otthorn added 60 commits 2021-02-04 02:21:39 +01:00

Add mail vars b2fb30d46d

Add (initial) postfix role b412210d56

Add (initial) mail-utils role 846665961a

Add (initial) mailserver playbook

continuous-integration/drone/push Build is failing

Details

9c0f7010a7

fix yaml lint

continuous-integration/drone/push Build is failing

Details

bb8bd718a9

Starting the dovecot task 9a04934bd2

commented unused tasks for the moment

continuous-integration/drone/push Build is failing

Details

ca6d4a9839

Added the certificates gestion

continuous-integration/drone/push Build is failing

Details

8557db5e89

Add nfs-client role

continuous-integration/drone/push Build is failing

Details

1847a5a698

fix var names for better hierarchy

continuous-integration/drone/push Build is failing

Details

f901669341

Added NFS host_var for mail.auro.re

continuous-integration/drone/push Build is failing

Details

807ecda890

mail is no longer in adm

continuous-integration/drone/push Build is failing

Details

17a64241d6

Fix yaml lint 5c9ae10a8c

fix ansible-lint

continuous-integration/drone/push Build is failing

Details

d873b3f3a8

add sain defaults for NFS client

continuous-integration/drone/push Build is failing

Details

e77047a532

dashes are evil, use underscore in var names 7e03eafeaa

fix typo 72d486119e

oupsie, reverse this

continuous-integration/drone/push Build is failing

Details

a5a0e5ccfe

Agree to Letsencrypt TOS

continuous-integration/drone/push Build is failing

Details

06917ce46b

Add the mail-certificate role

continuous-integration/drone/push Build is failing

Details

9d4c630c7e

Please linter

continuous-integration/drone/push Build is failing

Details

ee16220591

fix ansible lint v2 -- we actually git add the file this time

continuous-integration/drone/push Build is failing

Details

a8cbe4549c

Starting to try out postfix config

continuous-integration/drone/push Build is failing

Details

851e459b6f

Apt retry mechanism a54c5832a3

Config outside of conf.d

continuous-integration/drone/push Build is failing

Details

241997396b

fix typo

continuous-integration/drone/push Build is failing

Details

e1d8382fed

dovecot handlers

continuous-integration/drone/push Build is failing

Details

d3cf2c7e5f

auth config 765ce39625

maildir conf

continuous-integration/drone/push Build is failing

Details

79b75cae00

renamed to fit jinja template

continuous-integration/drone/push Build is failing

Details

f991befbc6

Add IMAP/POP/SMTP auth conf

continuous-integration/drone/push Build is failing

Details

026e35adc7

Add ssl conf

continuous-integration/drone/push Build is failing

Details

1297884ce1

dovecot ldap conf

continuous-integration/drone/push Build is failing

Details

ad1a1602eb

dovecot vars eb257b966b

Add dovecot bind password into the vault

continuous-integration/drone/push Build is failing

Details

645f0fd445

Add dovecot role to the mailserver 418da50049

reload -> restart bd8942eff2

fix typo 58064df056

rename roles to match regex set by linter de2758f4d6

Fix mode, shoudl always be set

continuous-integration/drone/push Build is failing

Details

094334e069

use underscores instead of dashes inside role names

continuous-integration/drone/push Build is failing

Details

b8e4ece8a7

use command instead of shell when no shell functionality is required 8b66ba059b

User handlers to run when something changed

continuous-integration/drone/push Build is failing

Details

99a46af244

add local_network variable

continuous-integration/drone/push Build is failing

Details

24fa5a969c

fix typo and indentation problem

continuous-integration/drone/push Build is failing

Details

8612f835af

Fix indentation... again d05425745f

fix conf.d template files path

continuous-integration/drone/push Build is failing

Details

b50ef60e8a

Add sane logging timestamp format

continuous-integration/drone/push Build is failing

Details

fcb53b7cf5

remove non-existant conf file from the role

continuous-integration/drone/push Build is failing

Details

af4d66c85b

Don't add conf.d/*.conf into a file that is itself already there! dumb dumb

continuous-integration/drone/push Build is failing

Details

c45dab323a

Add config in the right section

continuous-integration/drone/push Build is failing

Details

809f5f9cc9

Add LMTP for Postfix-Dovecot communication

continuous-integration/drone/push Build is failing

Details

b2a49c1e42

Fix syntax: don't forget the underscore

continuous-integration/drone/push Build is failing

Details

52a29ff010

Enable Dovecot sieve 2673f771d9

Add quota to dovecot

continuous-integration/drone/push Build is failing

Details

c85b2b58fe

Add re2o mail server to the roles of the mailserver playbook 1c20193fc8

Add re2o mail server

continuous-integration/drone/push Build is failing

Details

cf58c2bac5

Re2o API config 9e91f2e9d5

add re2o service mail cron

continuous-integration/drone/push Build is failing

Details

1c7b4f8560

Add Re2o API vars

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

1e59bec323

otthorn added 1 commit 2021-02-04 02:24:50 +01:00

Mail VM has a public addr now and FQDN is mail.auro.re

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

0a7de4fc78

otthorn added 1 commit 2021-02-04 13:03:07 +01:00

Use correct re2o API vars (don't add them twice in vault, reuse them)

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

ebf712d0bc

otthorn added 1 commit 2021-02-04 14:48:00 +01:00

Don't reinvent the whell, use existing roles (have to be tested)

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

27cfcc1320

otthorn added 1 commit 2021-02-04 23:19:03 +01:00

Postfix conf add certs and other security related modifications

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

2c531d1af2

otthorn added 2 commits 2021-02-04 23:35:24 +01:00

Add additional role for mailserver e316679e13

fix yaml syntax

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

efa34dab42

otthorn added 1 commit 2021-02-04 23:44:43 +01:00

Fix broken vars

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

43053e57f9

otthorn added 1 commit 2021-02-05 00:05:36 +01:00

Post renewal hook for certbot to reload dovecot and postfix

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

256d2d5df4

otthorn added 1 commit 2021-02-05 00:07:47 +01:00

move files to the right place and fix small typo

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

77918e00ce

otthorn added 1 commit 2021-02-05 00:09:21 +01:00

Remove file since I did not git mv correclty...

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

b35922346e

otthorn added 1 commit 2021-02-05 01:18:12 +01:00

Fix postfix cert variables

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

c0cd3946fb

otthorn added 1 commit 2021-02-05 01:35:56 +01:00

Add postfix quota check

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

5f48a46522

otthorn added 1 commit 2021-02-05 01:51:08 +01:00

Correct typo, this one was sneaky!

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

faba1d2005

otthorn force-pushed mailserver from faba1d2005 to 659847bbfa

2021-02-06 12:30:40 +01:00

Compare

otthorn force-pushed mailserver from 659847bbfa to 4cd6a2d2c5

2021-02-06 12:54:46 +01:00

Compare

otthorn added 74 commits 2021-02-20 13:47:39 +01:00

Add mail vars b2fb30d46d

Add (initial) postfix role b412210d56

Add (initial) mail-utils role 846665961a

Add (initial) mailserver playbook

continuous-integration/drone/push Build is failing

Details

9c0f7010a7

fix yaml lint

continuous-integration/drone/push Build is failing

Details

bb8bd718a9

Starting the dovecot task 9a04934bd2

commented unused tasks for the moment

continuous-integration/drone/push Build is failing

Details

ca6d4a9839

Added the certificates gestion

continuous-integration/drone/push Build is failing

Details

8557db5e89

Add nfs-client role

continuous-integration/drone/push Build is failing

Details

1847a5a698

fix var names for better hierarchy

continuous-integration/drone/push Build is failing

Details

f901669341

Added NFS host_var for mail.auro.re

continuous-integration/drone/push Build is failing

Details

807ecda890

mail is no longer in adm

continuous-integration/drone/push Build is failing

Details

17a64241d6

Fix yaml lint 5c9ae10a8c

fix ansible-lint

continuous-integration/drone/push Build is failing

Details

d873b3f3a8

add sain defaults for NFS client

continuous-integration/drone/push Build is failing

Details

e77047a532

dashes are evil, use underscore in var names 7e03eafeaa

fix typo 72d486119e

oupsie, reverse this

continuous-integration/drone/push Build is failing

Details

a5a0e5ccfe

Agree to Letsencrypt TOS

continuous-integration/drone/push Build is failing

Details

06917ce46b

Add the mail-certificate role

continuous-integration/drone/push Build is failing

Details

9d4c630c7e

Please linter

continuous-integration/drone/push Build is failing

Details

ee16220591

fix ansible lint v2 -- we actually git add the file this time

continuous-integration/drone/push Build is failing

Details

a8cbe4549c

Starting to try out postfix config

continuous-integration/drone/push Build is failing

Details

851e459b6f

Apt retry mechanism a54c5832a3

Config outside of conf.d

continuous-integration/drone/push Build is failing

Details

241997396b

fix typo

continuous-integration/drone/push Build is failing

Details

e1d8382fed

dovecot handlers

continuous-integration/drone/push Build is failing

Details

d3cf2c7e5f

auth config 765ce39625

maildir conf

continuous-integration/drone/push Build is failing

Details

79b75cae00

renamed to fit jinja template

continuous-integration/drone/push Build is failing

Details

f991befbc6

Add IMAP/POP/SMTP auth conf

continuous-integration/drone/push Build is failing

Details

026e35adc7

Add ssl conf

continuous-integration/drone/push Build is failing

Details

1297884ce1

dovecot ldap conf

continuous-integration/drone/push Build is failing

Details

ad1a1602eb

dovecot vars eb257b966b

Add dovecot bind password into the vault

continuous-integration/drone/push Build is failing

Details

645f0fd445

Add dovecot role to the mailserver 418da50049

reload -> restart bd8942eff2

fix typo 58064df056

rename roles to match regex set by linter de2758f4d6

Fix mode, shoudl always be set

continuous-integration/drone/push Build is failing

Details

094334e069

use underscores instead of dashes inside role names

continuous-integration/drone/push Build is failing

Details

b8e4ece8a7

use command instead of shell when no shell functionality is required 8b66ba059b

User handlers to run when something changed

continuous-integration/drone/push Build is failing

Details

99a46af244

add local_network variable

continuous-integration/drone/push Build is failing

Details

24fa5a969c

fix typo and indentation problem

continuous-integration/drone/push Build is failing

Details

8612f835af

Fix indentation... again d05425745f

fix conf.d template files path

continuous-integration/drone/push Build is failing

Details

b50ef60e8a

Add sane logging timestamp format

continuous-integration/drone/push Build is failing

Details

fcb53b7cf5

remove non-existant conf file from the role

continuous-integration/drone/push Build is failing

Details

af4d66c85b

Don't add conf.d/*.conf into a file that is itself already there! dumb dumb

continuous-integration/drone/push Build is failing

Details

c45dab323a

Add config in the right section

continuous-integration/drone/push Build is failing

Details

809f5f9cc9

Add LMTP for Postfix-Dovecot communication

continuous-integration/drone/push Build is failing

Details

b2a49c1e42

Fix syntax: don't forget the underscore

continuous-integration/drone/push Build is failing

Details

52a29ff010

Enable Dovecot sieve 2673f771d9

Add quota to dovecot

continuous-integration/drone/push Build is failing

Details

c85b2b58fe

Add re2o mail server to the roles of the mailserver playbook 1c20193fc8

Add re2o mail server

continuous-integration/drone/push Build is failing

Details

cf58c2bac5

Re2o API config 9e91f2e9d5

add re2o service mail cron

continuous-integration/drone/push Build is failing

Details

1c7b4f8560

Add Re2o API vars

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

1e59bec323

Mail VM has a public addr now and FQDN is mail.auro.re

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

0a7de4fc78

Use correct re2o API vars (don't add them twice in vault, reuse them)

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

ebf712d0bc

Don't reinvent the whell, use existing roles (have to be tested)

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

27cfcc1320

Postfix conf add certs and other security related modifications

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

2c531d1af2

Add additional role for mailserver e316679e13

fix yaml syntax

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

efa34dab42

Fix broken vars

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

43053e57f9

Post renewal hook for certbot to reload dovecot and postfix

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

256d2d5df4

move files to the right place and fix small typo

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

77918e00ce

Remove file since I did not git mv correclty...

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

b35922346e

Fix postfix cert variables

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

c0cd3946fb

Add postfix quota check

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

5f48a46522

Correct typo, this one was sneaky!

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

faba1d2005

Merge branch 'mailserver' of ssh://gitea.auro.re:2222/Aurore/ansible into mailserver

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

a2cbf4a487

otthorn added 1 commit 2021-02-20 14:00:51 +01:00

Merge branch 'master' into mailserver

continuous-integration/drone/push Build is failing

Details

continuous-integration/drone/pr Build is failing

Details

b06ac0647c

otthorn added 4 commits 2021-02-20 14:18:22 +01:00

🚨 fix trailling spaces and space in front of comment 6dae04fe62

🚨 fix risky-file-permission 6958bbf17a

🚨 fix trailling-spaces 5d8874b489

🚨 fix risky-file-permissions

continuous-integration/drone/push Build is passing

Details

continuous-integration/drone/pr Build is passing

Details

0283c0c589

continuous-integration/drone/push Build is passing

Details

continuous-integration/drone/pr Build is passing

Details

This pull request has changes conflicting with the target branch.

group_vars/all/vault.yml
hosts
roles/certbot/templates/letsencrypt/conf.d/certname.ini.j2
group_vars/all/vars.yml

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin mailserver:mailserver

git checkout mailserver

WIP: Setup of a mail server #9

Checkout