WIP: Setup of a mail server #9
29 changed files with 752 additions and 173 deletions
|
@ -15,6 +15,8 @@ ldap_matrix_password: "{{ vault_ldap_matrix_password }}"
|
||||||
ldap_replica_password: "{{ vault_ldap_replica_password }}"
|
ldap_replica_password: "{{ vault_ldap_replica_password }}"
|
||||||
ldap_admin_password: "{{ vault_ldap_admin_password }}"
|
ldap_admin_password: "{{ vault_ldap_admin_password }}"
|
||||||
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"
|
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"
|
||||||
|
ldap_dovecot_bind_dn: "cn=dovecot,ou=service-users,{{ ldap_base }}"
|
||||||
|
ldap_dovecot_password: "{{ vault_ldap_dovecot_password }}"
|
||||||
|
|
||||||
# Databases
|
# Databases
|
||||||
postgresql_services_url: 'services-bdd.adm.auro.re'
|
postgresql_services_url: 'services-bdd.adm.auro.re'
|
||||||
|
@ -68,6 +70,9 @@ keepalived_password: "{{ vault_keepalived_password[apartment_block] }}"
|
||||||
re2o_secret_key: "{{ vault_re2o_secret_key }}"
|
re2o_secret_key: "{{ vault_re2o_secret_key }}"
|
||||||
re2o_db_password: "{{ vault_re2o_db_password }}"
|
re2o_db_password: "{{ vault_re2o_db_password }}"
|
||||||
re2o_aes_key: "{{ vault_re2o_aes_key }}"
|
re2o_aes_key: "{{ vault_re2o_aes_key }}"
|
||||||
|
re2o_hostname: "re2o.auro.re"
|
||||||
|
re2o_api_username: "service-user"
|
||||||
|
re2o_api_password: "{{ vault_re2o_serviceuser_passwd }}"
|
||||||
|
|
||||||
# Radius
|
# Radius
|
||||||
radius_secret_aurore: "{{ vault_radius_secrets.aurore }}"
|
radius_secret_aurore: "{{ vault_radius_secrets.aurore }}"
|
||||||
|
@ -89,3 +94,10 @@ apartment_block_dhcp: "{{ apartment_block }}"
|
||||||
ipv6_base_prefix: "2a09:6840"
|
ipv6_base_prefix: "2a09:6840"
|
||||||
|
|
||||||
is_aurore_host: "{{ 'aurore_vm' in group_names }}"
|
is_aurore_host: "{{ 'aurore_vm' in group_names }}"
|
||||||
|
|
||||||
|
# Mail
|
||||||
|
|
||||||
|
myorigin: "auro.re"
|
||||||
|
# myhostname should be the FQDN (Fully Qualified Domain Name)
|
||||||
|
myhostname: "mail.auro.re"
|
||||||
|
local_network: "10.128.0.0/24"
|
||||||
|
|
|
@ -1,173 +1,176 @@
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
37356434643231623932626166316532633039323736303737363933373263623433653031356331
|
66303361306465306436306562636265303832353830313933363965316261376162313738653737
|
||||||
3431376135666263353431396663363539333164643462340a383832373965653835633937373432
|
3334363661316563633238316632336463323737633066610a306236343636656261623835343466
|
||||||
31393936666535633137333739346135316463636166343063666363633966626639663265373935
|
39386437363564623661333465386338613632316563373164363839623138336165343834313237
|
||||||
3865353439646331640a326137373039666263366330626537363566613135346263663761663732
|
6433343439383431360a633139363034623861396633316632336131333137626239646639326131
|
||||||
65363064356530373430633562623132373565326364656631313639376131313563316136623966
|
65613236363733346330636565303039613737366263356230313734383033383435343433386536
|
||||||
35386236313238396436303765366365346335353166376164353936313536393665326439653861
|
30653263396339656337626239303662326134373231303364613066656339376662643934323466
|
||||||
35623832623365386232353163656339333031323937383862656532636436386334643362653532
|
30643261393463373063623865343537653862353766323538613731353534363639616438313663
|
||||||
66636365316161316536636131613438356464636163386233333333313531353935346264366231
|
66366133643462333935636231636638326364636334613430333062616264663961326362613466
|
||||||
36346561303163663735386533333835313231333965633737376537396531323935383134643563
|
66313730363933653631646638616166343030626465336361313239323731356534313963613530
|
||||||
32643566323564363762306438376431383237313633376437333339623936376664346137333561
|
65383735626234663261393834313232626239666135313566353839616162323732323265633031
|
||||||
65656336303964623964616230306332636535343833336535303832666137663865336564623233
|
62393862663438313237663335396332613661313864303630653533343362333834356262363465
|
||||||
33653361646533613462373163363736386634663038666232313432653037643330653639666663
|
30666232356539386437353438643038333766363362653432366263616338393066363532633064
|
||||||
61643533363938366634616632626131663164393338623539636430363166323935396439373337
|
63646561653264393162303430346662623536363364383862366264393532613461303935653261
|
||||||
34343930336631326634366331353836323465613934383231313364383061636631346633383634
|
39376462623561626336306435323934323130613031623865656432626233616563393365343036
|
||||||
36646439336530353761613831343236373936666632333965323964643862616633303732333230
|
37643463666436386230653339613463633133333661356564646234653632313931333765383666
|
||||||
36313132323965323831336265306565346461343235383864613762343536653434333163616663
|
39646331383939343663306634393531646265363531326636326636616632643437343566656464
|
||||||
34303731666632666630313763323239633435386330363339363631646432633762383464303837
|
64643638616264376130656637386134396161306636333064633731646234396566303934626332
|
||||||
39336630343833646666383237376238316264393262336136393662363261643961666332623138
|
66393466626137336265653933346362396639383064393663613866333337653166343262646536
|
||||||
65633661343265643731396663376262613566613135663161393833373766396632303734336261
|
61333864373737333133626438646538353338663531323961666335333166613363653230643139
|
||||||
30326436363237653431396563326264646335643536616530343863623130643666653733323331
|
38616462306461356135306164376332313538613465316563663566373533396635346635646134
|
||||||
30616363306636396439376661633035326430313363656433636465623737636565333436653031
|
31386661306533383130633130346539303666316663333762383131623535343038613963353336
|
||||||
33326662336239633930303665373965393037303238393630343338383362363439386634613838
|
32336135366435643463613962383833666130363765326631613963363266626633643966663063
|
||||||
61356533383032656663613966383131623333613639633062343639393865376433316464653738
|
33363235353765623961346331393963653130663434356234336538626438616334613761636161
|
||||||
64346465633263383662313934343732363536343662653532393837383062333565636662626634
|
32346234643531396530653636626531653033393863383963663938646135616238393861373738
|
||||||
30393364336566343264373538386230623136316632666237646431333233376562356439626536
|
30346664646465666666333165336636616265303265393236626534343163353633643737366264
|
||||||
61613835346636346139316665623463363339623863373961386661656361363232396533636233
|
63303937306637643033663333353633346166636361323538393063353438353135303665616663
|
||||||
61326236643162623331633066333138326533323835366534336361396263353432373532326437
|
34613230383836343861613661356162363831623363633435646234353839663530363936356238
|
||||||
30666234666235343739343834316234346630373661666634616461383639363664656534663636
|
63383038616631666633653032613435316265626137643730666539393561373264613663656464
|
||||||
33376237313333393632313839373436616631336130393930373136623335666235386162376464
|
30613033373435313036633938353461623335396264313236623065323339623537613164316366
|
||||||
31646437393336313433643534363138636461373837336634646464356437306265353731663362
|
33356432646438636530353230333762346165336661393038666138356561333363613563656665
|
||||||
64316530326536333235386531613931303238363062383639626238346337356539323938663464
|
34306136393233346532303461393736636561316231626231643633333938656435663638306261
|
||||||
62613432376563616238303938663933363564613532333633346132373361346231643130653833
|
33393064333662336466313461363638393339373637303735663736353537363364663235363263
|
||||||
62313631313563343437373032626339366538313764333666353633363637333965633533373633
|
36623663636235363332616433626266653330393633326339376562636165323539313532363535
|
||||||
33353134373730636638633432313932363264623531303135636566653038396131633230343839
|
64386136393631656665343337333738653664613966363361313931313763323563383265623935
|
||||||
35303337613935666231303638663832663339626463353862616139346664356261656433313930
|
31643532346363656462646436343761353938626661383336636436373233343530353130626463
|
||||||
65383336393934633036663261636434636461363161646239363135643536633836353965353462
|
36346330626432376338306339396563316233313836383863303232396439336436363833383063
|
||||||
62636264373332643333356636616230376135363539393139383666363534626131663736393139
|
39663864306533376630623334386336663237666635336661383630616139633736393835666534
|
||||||
36653862303066633365383435363637316262646338663437313435643334383835393238613763
|
61393036363763336632623236383236383639373662393761313834653833316332373733653830
|
||||||
33656136646465373938653263376162633032336536613535356431393135396432636637356632
|
62616563386435396433653930653637643031636462633336663033306531356239346564663564
|
||||||
31306132353632333833643434663930613936646233623935323761353461363139353238396633
|
30636462343263643236316635346163373765393262623365353933313065333532353562333932
|
||||||
63363731613336643635333961336664343430353133373937396565343366363634653330663336
|
62656234656363306266386135313466376665663166623038616637663333353731313564356434
|
||||||
62393866643665393232636232373964616335646363613466373666666661346139373938616463
|
61343235613639386364663533376362613364653562613431393862656265313432623532343965
|
||||||
37613931613033323538323662356432306639626636666338666565343336323363633966316137
|
65326362323534346535326331613262653130623336653231323564376534336261643538333434
|
||||||
32346538303935616265313461383731356462336435303936663931376133616365626466346435
|
31333830653933633562626364363364386630343364376337613436663030333865323433316163
|
||||||
63313333643361363665653862663338376630613666356538616336643139666636663461323163
|
33356438366161626666653731386438643064656538373036393532396432396138353564313833
|
||||||
35613365363032343831653639373866393635633363393961613339313234366232346662646132
|
34643231366439656439336534323039616364396137653661373761343635663366363134623032
|
||||||
36636362356431366631373635613936653162323736303434353130343834323530393330613633
|
62313734313061353065613561613337373338623732326362363436616134343864643439363631
|
||||||
66393130323637346561616435623562313037393161666236323834323836326161613963626236
|
38346339383864373635383462326466303635383661633665663362646165663934336632633838
|
||||||
38343362343335343437656434303130626165646661393638336435343933326462343366323964
|
64373332356664663663613735663163336465353030383365346661326634373832656137393061
|
||||||
39346433663533346262316461623732363963396161353139613663393264623335623832653436
|
34626363383964646439356338343439343336626237626366383663386161663037343339383066
|
||||||
62306337653062666137373930303334643630623432303932303039343764633361613063643965
|
30356332623337626437313235623161373937663532613238353333326265663937653034616135
|
||||||
34646133353132663662303665373836643238323932336663333730363137323532663164633862
|
64663731653965613933636561313730623030656666656232396433646563623137643661643132
|
||||||
39383963336236646161653136626662313764373530623161663437373330666332316362623031
|
30383439343764396137313231353161323835393934373561623666653630656335366434636235
|
||||||
66653832653035353662353638336239313336663765373966383030316137316135303134616439
|
36306162316464613365616330626433306335396130336266616566653661336335346566613763
|
||||||
30386332366639653835663530643931326635373836663166313165633137623738636438663261
|
30373638353230313433333539306664323333646463333334366362613832376534356636383235
|
||||||
34613135643363343232313061616337333562373764663733666666376233313534396132303536
|
30626263383036643034303465366137356665366238366663313837323937646631396262623331
|
||||||
63643030623962626432653938336633313561303236363762353536613464353331373436666238
|
62323366623530663561643036643733323230343832633639663737356530643564643534666366
|
||||||
65623961383736633934326165336637323630613032326163303436646530363063316334366665
|
64646339363235376561363835643166663735643333656230386565653234356565323135333731
|
||||||
35303237613130326339306436343262313733663031333539343163323530653035356431386236
|
65313864316166383566386564303461343031356138386362633834316230396436306533306239
|
||||||
63373564383233653165623034616262393966343262646461303562363763613261656235623533
|
62306132373535363931306664346637663561323530346339373234343633663062393361323532
|
||||||
39643963646266623663343537663364633036373838313139313966663031376162666661363161
|
32653938623738383565353965656636336662323939346331396162623862613038633035643766
|
||||||
36626332313535616638623837666565343734643037343761346238366665646461343532643434
|
30346431393237323735386337643062396433366434396531623130643038366465643132303532
|
||||||
31356339613066646338306262323336373161326531326137353937343139386562383063666433
|
62366266393166333138643238383764656461623361326236333565373762316431373132356263
|
||||||
61343861396465316663373963333237633736313735653138646366323334653963323831383864
|
30396263396264626330613734346361646531626531363639393431366636316135333566393561
|
||||||
61636565333739663633623334336463643362343335663237393161383963373364303864393361
|
65393661333837633236396563333631663036376633666538306564333565653030303135313866
|
||||||
61333935353634336637343961363237346565313633313366376336366139613563333336316565
|
32366234313532656437393964666438393737363437303562633937396437663062616636383564
|
||||||
31653066323537646163666539356663633438386437386432313239356466356635303837326434
|
33393564643066383662323765346535616164633239636235656263336663633562646665393734
|
||||||
66373934303932323732616563353566663766626335356662383732363266346636666231333864
|
31393232376662666431393064643161653730653263313536613963376561386536353536616163
|
||||||
33663634313364353162666462383735653162383438393939306530393064626666366431633432
|
63316237636630306165346633646437636636626331303262663032653662333236646564613363
|
||||||
63363139663632336333333562656339366133646630343533386535393234383638346532326132
|
63616263643266393861386166346139343237633232653734363465303935613264366130336261
|
||||||
65326538373439373839656634613830656138643166616163663430323266366535646463303564
|
63333137633266306465363837646163323266363665396266363437303931353938653638343630
|
||||||
38383537613964643761623330313563633939616432643134333266653038306136613962303162
|
61386561616663303330663634306235336432316365303461623665393338396434346533366130
|
||||||
65393932353131323739333463363764346638633664383539616562353831653033633135656131
|
35303363643334613862613831366464616264386338373566613431303939623638656536306532
|
||||||
35663136613835383538303134646631386331393032653539336632373439326238376233346238
|
31346365623766346566353564613761333563303233336139376639363634616564303336393737
|
||||||
66623164643361646262373766353066633562343739393637653664623339333035323231663633
|
38333637376566393437383264386561386336653135663135356466663430383634313535626233
|
||||||
66373134346231313239616534613065656563653662376434366161303163346533643866376266
|
65646131353961663064316434353564383163646166323832663662373031636531623736643566
|
||||||
39383631396631633932653163343237313166633134346161653463393930613765373239303061
|
37336530636133363561643438663563353963373265333333386434336361326338646666636263
|
||||||
33373466376563373739646130613566666132636666343266306135376636333730613034356430
|
64396438616335393338376632326162326530636431323466646261623531303335656135313834
|
||||||
66373764376234363438613439643931323365636663376236666162643731646366623430373334
|
34613764336234303230373737326662396562303439363535643562386661303861666530366332
|
||||||
32653962343839316534383034353535303839336361366666343961383930383237373164333065
|
62316635343436396535656163393737343664333963356539313037306432643166393333353036
|
||||||
39643965386336393666633666376434303463633035373064383266646434343163396636343237
|
63663266613332363364313863303465366136333862346164306335353838333830343261323365
|
||||||
66366561383237666566643035633635373966306464313765316665363532623638343030633733
|
61373565666665663065666233316639326238323763333336383665653434623031383063613162
|
||||||
34663061663565303730613339623465653934363337396164383164363134373034356339643665
|
33666532363638353130303665646536663139633463343764353962643838353037323865623236
|
||||||
38333662313862393631336533383631306130353963313337663031363061323762613966346333
|
39613832616265376464363234363532323265366362316564343964636539656263376632313538
|
||||||
31356462336431336239353061653165376138326561346266353235636262613932633135303430
|
38653066666165333866646437353264383638366138633538336434623139623264623033656661
|
||||||
64326536643334313262383132616434633131356537393263613761316535356631336461393930
|
36643336343764613136653432316361343963313162326439656662386334356535373361303330
|
||||||
64386564306533656436653161383230313238396336656162656464663637336230663466323530
|
31653963306365373633323937363332636633613266363064363535366136646639643632343031
|
||||||
34353730623033623866393266346134666230623139636132653739313738633037303563396162
|
34393363373861613863313039393336333165386637393265333439396230643735363230363530
|
||||||
35366564376561306530353361616337386361326436366532656662376336373662636135663532
|
61643036353062643164663063343930613536653762633231333931646239343661343738386232
|
||||||
38616631343733646564616264636239623136313037386561646632663463383430343632643935
|
66373934643837323266623866393166373837323034373662306565623534396562326635323362
|
||||||
38663135346664626133373732306461383935366637303235316337376432626464396135343433
|
31613138613261626231663330626664376539366165353836343039336138623931643537363931
|
||||||
31623230653464656538333263353061343761656638386537313163386132326635666531373334
|
62313862313164306337383465333464313966656538643836643639653632663564633232343362
|
||||||
61313364646262346637623165643263313336626561376166326333333636303631353231373365
|
61323033316630616536633938393735343332653965656565663163396335643738646463303130
|
||||||
31656664646330663063383135626534306338303161313438313162313866343035363234333432
|
64363334326165653962656534313939666230373362316438346139356266616566346462356162
|
||||||
65613937373763623163653464636366316131653337346339626565643639663239313631336164
|
61316233346463376162356461623734313431623330633239353730643964616662383966323932
|
||||||
39626263303361653864636433653038613938663037373735343637383733386230353663653865
|
35373962663333653738616562396638633136376635383032313634333931626530393532663531
|
||||||
33663235613338636434303735386432383534663263656634353839663632343738376161393736
|
30356232626566386632356334393939343262393536666130333537646338343063313565623163
|
||||||
35393062656533376261336130663235333766373832306563366538393763646339333334373063
|
64383337303665613630393164383337346132346462373338323933316231386233323061353661
|
||||||
63396332303536336435323665316138613830306531356366383666343334323338616165306338
|
64336337376231383035653861373639373763633337396236373161613833303630316663626331
|
||||||
61626364613062643131656239336466386664316661636664336466303931643236613761323130
|
62633336383834363033316539336261346137303463643337393465393339663966653464336162
|
||||||
63656638633736383734313439366135613038326133646665303035646137393133636163393261
|
66633832383734373635356165343336323866663735353931626466613361636632313437326566
|
||||||
66633864636362393630323436646233303664326634613235633438343930346538633466623064
|
36386631653935633036373831643763656564643138303564306630396539373536383261663366
|
||||||
64643136326363356631343136366333613266336439326335323163306566313537646336383963
|
63333061333431626465353839343564346331323961663939373538636261343336663461336566
|
||||||
35373936356137396366656237343432656236343339376538363339366334646130333030383464
|
61343231633064336561666362633739636435633663653432393862356232356434356439343936
|
||||||
66333961643236653235663865353366313862633138376265366136636438633065653535663931
|
35326237313033363031336162303436383733626365373832333438393436663938316366343161
|
||||||
35393166326337633337313465306565396161393534393563353166343935646362303465333833
|
65656566353535363664386336383137313962333339396530356361363630353365366532656464
|
||||||
32326661633838333563663565643134616139353831343663313134306639656163653138383530
|
39353639626639653535316665383962646331326463353663383630633961353031396131393562
|
||||||
63336462363862353935646563393766316665653561643765326161396439393866643565313161
|
64663661396330356664316536623666383762623934306532636562663038336165376262633661
|
||||||
66343466313465343563316361643732313830633439336534316136303463366633653662643565
|
30373531356163386531623738373837366666323637333932393131366531316439643338373230
|
||||||
33653533626531393536343033333433393032363862343661313836346561376565316361653032
|
39663131313531343736353666376532326566313963623432643965646666333939613538643463
|
||||||
36613738663233333766613236613239336663323931653230313761643765666632363362643034
|
66333762306162623963306136343930306638383933333835626231616466633561633766383564
|
||||||
39646130623161613332636330393936336532653861393935366266396536616465356362396635
|
36653163366336666565626665323966373434383432303430306632333636353337386265323534
|
||||||
62643438643665326163366239386364633434383838613735396231383762316565373665363531
|
61306435356164313731393862383531646665346134616330303237396136313765313233313434
|
||||||
32666131653961656566376631303239323262623330383438386164363162303662306535313162
|
35393065363264323232323537363237303330386635346263306463636233393461393232306534
|
||||||
34343539636463626430386630653934306665333266336234313362343366633366373131383861
|
34636138333038366165343434323937363864366463326330353438313662323035653965383138
|
||||||
31616535346236666264316535646236633363623533656332353037646231653236613664356362
|
34646331356237613461393464386465303834373536336666626539313431303635653831303237
|
||||||
65656333303461646131366365323266656661343864633536396238333962393066336537353234
|
66643536336330303438393161613833346337336333636137336435333830386137653139386665
|
||||||
31353337646131373533346161643432656361366464613437643230366261613662356435303339
|
34636463313438323038616134383932646266656434633861363331393634393030356562646134
|
||||||
33623665373231656539326533353035383038633731386531633064623339653831306430333265
|
36653830326330353962393736393566393839366132643163303862316566633838373537613531
|
||||||
35386538323561663433323939393564336539636432633738663337353937633837323062616266
|
30396636333564623930313636363762636437373138313835393362346237353731316662343661
|
||||||
36363766373661356261643966623937633334303539343665343266386630363663663037396263
|
36636536643534636632646463376333346230383866353736393535313931313066656231336234
|
||||||
61346330313665373533326437623838366634303335383433626137383434333166623138383931
|
65333935653537613239663166303636356466653337643362313834303634623535653166613138
|
||||||
31643333366662333930393039333232613363313065633734303339323265323861633831646663
|
33316638313233613239386235383737623361376132346666393661393464613963616233613033
|
||||||
33663934353664306665346631653561613463643265336431643532333533323764323937653934
|
35386534353462386238313833666234633662353166303463333463346636646565313333613866
|
||||||
32356630383633666538386461653334343363656539383838613239626336366634383266323462
|
62313066366131353961323761306461653732393737386539646461346133626363303563353035
|
||||||
38393534656635313739653461343835336134333166653463316464393063613831653837346663
|
63313536646234396433306361366338386539326366316163363132326230366632383032646233
|
||||||
39626133643239353530303263663635326561306665363034393565326463343061313563366431
|
35626138326633653032393263326261313761623437336630646634636463613533353239353734
|
||||||
39303333396166346138376530646532376333646636613664326536663133623532663462316439
|
65363236373038623965353166656131313835373834386635656361323931653237393336333938
|
||||||
61343239623166616466316465653532646137336135656164386532623266386633326164336566
|
38373737613966356366313636656366363031396639623633373162363363373830363564356336
|
||||||
65623436343531623133353366623763333137303132396435653632623534623061393036656161
|
37373537323462633337663462666637363661313166323038623665393562663862383161383363
|
||||||
36373564306564363432373633326535383038623933343834386634653839353933343965366137
|
64366663656537663837373662313564663033333663633333613733656662303639313630623162
|
||||||
34343334626661656265393461393339346139633136373936653630383732393461386463313263
|
65663165363164343364633132376538653834323764646664626266343534393763663936616339
|
||||||
63366263333637363339323534636234386237393663316435323130663438343930336333643838
|
37336336356164613534653862626230356635333361326266323365353665666531343337613331
|
||||||
34353264373261306439393732343530393765346161653562383939623234356562626664373263
|
61303731313431386633616230393562373331643966306161343730336539313935306662343865
|
||||||
33343234366639663666346564383866623231356164396435363035373063643566326665373864
|
39303237653733663162303664386237376266333963663034636564363032373235646430363837
|
||||||
32616131383530663033633866613236366264636564343462326265373762396364323232393131
|
38636261613564323565336639623533343964663733366138303635303833633738326165643938
|
||||||
39636432356334353439333938643331366263353237633234643233373364393133366537653738
|
38616364663737333535346661356333326238303439626138303465663932393839653362393432
|
||||||
63383531643334656537316663393235646331613365393330633064663939353633383035643866
|
33613236316161323135373162333866666136623062373037383665633034356534333530643037
|
||||||
61376632636430646135363761393131626664326235316639646332366564396561633037363866
|
33363466643030323061373633393233383838616631636266323165656137636532626136353561
|
||||||
65353563643632323364313134613339356563333431353931653738323162316666346466663266
|
64663936396364613236363663316534366162623735336235643631373263616330353036623333
|
||||||
62653433666136613734623361363066336230326562663730643230616463613936633738643135
|
32393334663663393264376630626630653962393632353239356236626334633833306335386333
|
||||||
66373935653939613537306265623532616133353365303433303562353831663534343165316362
|
30356630306630323334663334363063343462383837393663636133343465336537353433663536
|
||||||
39613937326561383264323361666439613865316138386266393261616135346433323466333234
|
66313265613032343838633164633366396236343136303163353365343032353239376539393965
|
||||||
33356138623132383063356633613066356161616662623961313562636636386463346266366137
|
32316361663438623731336537393135336465336161646661366565356338326537646561376434
|
||||||
63396535353236623765626634663132633261643036333762323836636138643737373031653266
|
36626332303661373561306338666533633435393433393832656166656264376266363035366637
|
||||||
37333836383937386238326162626166656134313165336437323834326635623036616130313539
|
64346432336339396636353930363263653838343266623430613730373235376538366465373764
|
||||||
34356337666536666230333231326463343938396366353238313639656531663363636164626438
|
31326537383336633434663231663865353763323235623866633339393633323836366637303536
|
||||||
30656439626361386633343236373733656334353061316239303764363236353639626637376534
|
62313139646562616339356336663838386439313531333030643032333838343332383533663134
|
||||||
36313630613336633533613437663563656436356130336333346432616638343463316636326236
|
32323935376462646130346631656362373035346436376266653164303263653566303037393136
|
||||||
30323737623330393565616532363835373766626432356137376561336261353864333266313033
|
36313038303862373662356662663437353265326433653330343437316230646338306639646532
|
||||||
31663665626439336362363836613032393934613438333663373565393662663066353337343233
|
35653732306239653133656361333330333634376332323737303831666461346165616138663637
|
||||||
31356261396664653865326532326136356134626631333530306633666538376630396163643761
|
63376263333365623037616336303038613536303163343930396635386536363936346465326137
|
||||||
65636630346134353431646137613766326365613463373130666665663166356639333532326238
|
63653835623135353161643765643563396636313635306461376531626332333335393661646431
|
||||||
32303238346632303831316631303733346433366665643234646439363737363462336539343534
|
33323430653464396230366465343236303033356432643066303730323132306238643737376533
|
||||||
62623363353135303732613939613430363338313539616336656433356664343365663835626366
|
65643232323138313562346661396361363730643736626166386664313732326136373531663466
|
||||||
62663232386638323265643133343433303133616437666139616337363036316135356333366533
|
36383630636161376431393135373863356137353737306166393934656437363063363630393864
|
||||||
35666466303365623835663266373765393031643637333663663030366465333764653466373366
|
62663464623932616532636231643964396533396230363837383235666561663032663938373165
|
||||||
38303863373864656431666434353064343166613132656266393939393163326631363931616637
|
32313931373935316137643937623161306330653161336138363562313033613132306164623364
|
||||||
66396161633133646164646339396634623766643065306666373464323562363963333431636638
|
38336435333432323237353734393666646361626535393665306662393831393765636265373938
|
||||||
66616166643762656433646661643931663639353237623461616561363164333634613338636336
|
61303832343631313634393037356662643162643233363731386265323862383034623564393661
|
||||||
30626234333237366563663163366633666165343933316636646630653031393139393534376334
|
30646566643336323038633161356437613666626431613762363530343166633735383365323462
|
||||||
64346166623061303930313432316665646266613834633139306662343537653736393134623032
|
36336364616531393031326361626638323834353365666437363466653234316532396662343365
|
||||||
62643537393239643265663433653737386464353130303130323538626164306637323665623736
|
63393331336336636363313438386461303838306539303161333433313037373361366336653462
|
||||||
39626238333038366263336630373139343064303833646634313331653033396364646462356639
|
65626531646338626532646563346566626536643166313432363231343163313039323461633265
|
||||||
62333331336561373839636631363934653363386365363132646464653363313866616435633138
|
61396263303433383830333865366537633066366231393034623233633436316133303030653236
|
||||||
34623638666534663131616631306566303365623339386137623666633833393134393735623264
|
64366638353634666661666534363763356164333065313136613761626262383239646539626330
|
||||||
35323330366134613635656438323566346263306231343536306539633366653062316638396532
|
31636665326134653836626364616161636265393534666138386234373635313834343338646139
|
||||||
62306133386530386436633661356331323261353738623865333531363036633535643537393362
|
39363432643962623339636463346264343530666133656361316437333837346236353532613131
|
||||||
62396565636566343932373361373163356639313236306161366237356264336330366130333530
|
36626562326536303263373361326565326364363934343430313662376464303532346361653563
|
||||||
63613363313930386438343330376463626438343439313866653039363036316566613932313230
|
62333238633765363363363265303438396631303463376561383832643633353065366633633364
|
||||||
63323330373866613032343235623334336635343062623461366263623033353335623137356439
|
65663634613638336638376632353733646536313839313335383939613565623463313534633335
|
||||||
39393834343230363362
|
33333139343633353830663434643139663839323364643235623832386536633264373434336133
|
||||||
|
63303461383063313738626431663361633730343730623865613936373232616663373636646338
|
||||||
|
31376261376139666531376663613331366539303133353564333036336239343233666238303361
|
||||||
|
303137643632666133393733336431393664
|
||||||
|
|
19
host_vars/mail.auro.re.yml
Normal file
19
host_vars/mail.auro.re.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
certbot:
|
||||||
|
domains:
|
||||||
|
- mail.auro.re
|
||||||
|
- smtp.auro.re
|
||||||
|
mail: tech.aurore@lists.crans.org
|
||||||
|
certname: auro.re
|
||||||
|
|
||||||
|
cert:
|
||||||
|
# path_cert: "/etc/letsencrypt/live/auro.re/cert.pem"
|
||||||
|
# path_chain: "/etc/letsencrypt/live/auro.re/chain.pem"
|
||||||
|
path_fullchain: "/etc/letsencrypt/live/auro.re/fullchain.pem"
|
||||||
|
path_privkey: "/etc/letsencrypt/live/auro.re/privkey.pem"
|
||||||
|
|
||||||
|
nfs:
|
||||||
|
src: "10.128.0.6:/data_mail" # caradoc
|
||||||
|
mount_path: "/var/vmail"
|
||||||
|
dir_owner: vmail
|
||||||
|
dir_group: vmail
|
2
hosts
2
hosts
|
@ -32,7 +32,7 @@ re2o-db.adm.auro.re
|
||||||
services-bdd-local.adm.auro.re
|
services-bdd-local.adm.auro.re
|
||||||
backup.adm.auro.re
|
backup.adm.auro.re
|
||||||
services-web.adm.auro.re
|
services-web.adm.auro.re
|
||||||
mail.adm.auro.re
|
mail.auro.re
|
||||||
wikijs.adm.auro.re
|
wikijs.adm.auro.re
|
||||||
prometheus-aurore.adm.auro.re
|
prometheus-aurore.adm.auro.re
|
||||||
portail.adm.auro.re
|
portail.adm.auro.re
|
||||||
|
|
31
mailserver.yml
Executable file
31
mailserver.yml
Executable file
|
@ -0,0 +1,31 @@
|
||||||
|
#!/usr/bin/env ansible-playbook
|
||||||
|
---
|
||||||
|
# Deploy mail server
|
||||||
|
- hosts: mail.auro.re
|
||||||
|
roles:
|
||||||
|
- mail_utils
|
||||||
|
- mail_certificates
|
||||||
|
- nfs_client
|
||||||
|
# - postfix
|
||||||
|
- dovecot
|
||||||
|
- re2o_service_mailserver
|
||||||
|
# - rspamd
|
||||||
|
# - mail-fail2ban
|
||||||
|
#
|
||||||
|
# Make OVH server send mails through proxy ?
|
||||||
|
# Add multiple MX
|
||||||
|
# Configure DKIM, SPF, Greylisting, etc...
|
||||||
|
|
||||||
|
|
||||||
|
# Deploy Re2o mail service
|
||||||
|
- hosts: mail.auro.re
|
||||||
|
vars:
|
||||||
|
service_repo: https://gitea.auro.re/aurore/re2o-mail-server.git
|
||||||
|
service_name: mail-server
|
||||||
|
service_version: aurore
|
||||||
|
service_config:
|
||||||
|
hostname: re2o-test.adm.auro.re # use test instance for now, should be changed for prod!
|
||||||
|
username: service-user
|
||||||
|
password: "{{ vault_serviceuser_passwd }}"
|
||||||
|
roles:
|
||||||
|
- re2o-service
|
|
@ -23,6 +23,9 @@ authenticator = dns-rfc2136
|
||||||
dns-rfc2136-credentials = /etc/letsencrypt/rfc2136.ini
|
dns-rfc2136-credentials = /etc/letsencrypt/rfc2136.ini
|
||||||
dns-rfc2136-propagation-seconds = 30
|
dns-rfc2136-propagation-seconds = 30
|
||||||
|
|
||||||
|
# Accept TOS
|
||||||
|
agree-tos = True
|
||||||
|
|
||||||
# Wildcard the domain
|
# Wildcard the domain
|
||||||
cert-name = {{ certbot.certname }}
|
cert-name = {{ certbot.certname }}
|
||||||
domains = {{ ", ".join(certbot.domains) }}
|
domains = {{ ", ".join(certbot.domains) }}
|
||||||
|
|
5
roles/dovecot/handlers/main.yml
Normal file
5
roles/dovecot/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: Restart dovecot
|
||||||
|
service:
|
||||||
|
name: dovecot
|
||||||
|
state: restarted
|
65
roles/dovecot/tasks/main.yml
Normal file
65
roles/dovecot/tasks/main.yml
Normal file
|
@ -0,0 +1,65 @@
|
||||||
|
---
|
||||||
|
# Install and configure Dovecot
|
||||||
|
- name: Install Dovecot
|
||||||
|
apt:
|
||||||
|
update_cache: true
|
||||||
|
name:
|
||||||
|
- dovecot-core
|
||||||
|
- dovecot-imapd
|
||||||
|
- dovecot-managesieved
|
||||||
|
- dovecot-lmtpd
|
||||||
|
- dovecot-ldap
|
||||||
|
- dovecot-pop3d
|
||||||
|
register: apt_result
|
||||||
|
retries: 3
|
||||||
|
until: apt_result is succeeded
|
||||||
|
|
||||||
|
# Create the vmail user with UID and GID 5000
|
||||||
|
- name: Create vmail user
|
||||||
|
user:
|
||||||
|
name: vmail
|
||||||
|
uid: 5000
|
||||||
|
group: 5000
|
||||||
|
home: /var/vmail
|
||||||
|
|
||||||
|
# Create mail user seive directory with right ownernship and rights
|
||||||
|
- name: Create mail user sieve directory
|
||||||
|
file:
|
||||||
|
path: /var/vmail/sieve/global
|
||||||
|
state: directory
|
||||||
|
owner: vmail
|
||||||
|
group: vmail
|
||||||
|
mode: 0770
|
||||||
|
|
||||||
|
# Do the same for mailboxes
|
||||||
|
- name: Create mail user mailbox directory
|
||||||
|
file:
|
||||||
|
path: /var/vmail/mailboxes
|
||||||
|
state: directory
|
||||||
|
owner: vmail
|
||||||
|
group: vmail
|
||||||
|
mode: 0770
|
||||||
|
|
||||||
|
# Add the Dovecot configuration files (conf.d)
|
||||||
|
- name: Add Dovecot configuration in conf.d
|
||||||
|
template:
|
||||||
|
src: "conf.d/{{ item }}.j2"
|
||||||
|
dest: "/etc/dovecot/conf.d/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
|
loop:
|
||||||
|
- "10-auth.conf"
|
||||||
|
- "10-mail.conf"
|
||||||
|
- "10-master.conf"
|
||||||
|
- "10-ssl.conf"
|
||||||
|
- "10-logging.conf"
|
||||||
|
notify: Restart dovecot
|
||||||
|
|
||||||
|
# Add the Dovecot configuration file outside of conf.d
|
||||||
|
- name: Add Dovecot configuration outside of conf.d
|
||||||
|
template:
|
||||||
|
src: "dovecot-ldap.conf.ext.j2"
|
||||||
|
dest: "/etc/dovecot/dovecot-ldap.conf.ext"
|
||||||
|
mode: 0600 # only legible by root
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
notify: Restart dovecot
|
10
roles/dovecot/templates/conf.d/10-auth.conf.j2
Normal file
10
roles/dovecot/templates/conf.d/10-auth.conf.j2
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
# Include LDAP conf
|
||||||
|
!include auth-ldap.conf.ext
|
||||||
|
|
||||||
|
# Authentification mechanisms
|
||||||
|
auth_mechanisms = plain login
|
8
roles/dovecot/templates/conf.d/10-logging.conf.j2
Normal file
8
roles/dovecot/templates/conf.d/10-logging.conf.j2
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
# Prefix for each line written to log file. % codes are in strftime(3) format.
|
||||||
|
#log_timestamp = "%b %d %H:%M:%S "
|
||||||
|
log_timestamp = "%Y-%m-%d %H:%M:%S "
|
13
roles/dovecot/templates/conf.d/10-mail.conf.j2
Normal file
13
roles/dovecot/templates/conf.d/10-mail.conf.j2
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
# Mailbox locations and namespaces
|
||||||
|
|
||||||
|
# Simple mail location
|
||||||
|
mail_location = maildir:~/Maildir
|
||||||
|
|
||||||
|
# Plugins
|
||||||
|
mail_plugins = quota
|
||||||
|
#mail_plugins = quota mail_log notify # to be tested
|
26
roles/dovecot/templates/conf.d/10-master.conf.j2
Normal file
26
roles/dovecot/templates/conf.d/10-master.conf.j2
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
# IMAP/POP/STMP auth configuration
|
||||||
|
|
||||||
|
# Authentification
|
||||||
|
service auth {
|
||||||
|
|
||||||
|
# Postfix smtp-auth
|
||||||
|
unix_listener /var/spool/postfix/private/auth {
|
||||||
|
mode = 0660
|
||||||
|
user = postfix
|
||||||
|
group = postfix
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Local LMTP
|
||||||
|
service lmtp {
|
||||||
|
unix_listener /var/spool/postfix/private/dovecot-lmtp {
|
||||||
|
group = postfix
|
||||||
|
mode = 0600
|
||||||
|
user = postfix
|
||||||
|
}
|
||||||
|
}
|
13
roles/dovecot/templates/conf.d/10-ssl.conf.j2
Normal file
13
roles/dovecot/templates/conf.d/10-ssl.conf.j2
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
# SSL and certificates configuration
|
||||||
|
|
||||||
|
# Cetificates location
|
||||||
|
ssl_cert = </etc/letsencrypt/live/auro.re/fullchain.pem
|
||||||
|
ssl_key = </etc/letsencrypt/live/auro.re/privkey.pem
|
||||||
|
|
||||||
|
# Enforce TLS encryption
|
||||||
|
ssl = required
|
31
roles/dovecot/templates/conf.d/20-lmtp.conf
Normal file
31
roles/dovecot/templates/conf.d/20-lmtp.conf
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
##
|
||||||
|
## LMTP specific settings
|
||||||
|
##
|
||||||
|
|
||||||
|
# Support proxying to other LMTP/SMTP servers by performing passdb lookups.
|
||||||
|
#lmtp_proxy = no
|
||||||
|
|
||||||
|
# When recipient address includes the detail (e.g. user+detail), try to save
|
||||||
|
# the mail to the detail mailbox. See also recipient_delimiter and
|
||||||
|
# lda_mailbox_autocreate settings.
|
||||||
|
#lmtp_save_to_detail_mailbox = no
|
||||||
|
|
||||||
|
# Verify quota before replying to RCPT TO. This adds a small overhead.
|
||||||
|
#lmtp_rcpt_check_quota = no
|
||||||
|
|
||||||
|
# Which recipient address to use for Delivered-To: header and Received:
|
||||||
|
# header. The default is "final", which is the same as the one given to
|
||||||
|
# RCPT TO command. "original" uses the address given in RCPT TO's ORCPT
|
||||||
|
# parameter, "none" uses nothing. Note that "none" is currently always used
|
||||||
|
# when a mail has multiple recipients.
|
||||||
|
#lmtp_hdr_delivery_address = final
|
||||||
|
|
||||||
|
protocol lmtp {
|
||||||
|
# Space separated list of plugins to load (default is global mail_plugins).
|
||||||
|
mail_plugins = $mail_plugins sieve
|
||||||
|
}
|
97
roles/dovecot/templates/conf.d/90-quota.conf
Normal file
97
roles/dovecot/templates/conf.d/90-quota.conf
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
##
|
||||||
|
## Quota configuration.
|
||||||
|
##
|
||||||
|
|
||||||
|
# Note that you also have to enable quota plugin in mail_plugins setting.
|
||||||
|
# <doc/wiki/Quota.txt>
|
||||||
|
|
||||||
|
##
|
||||||
|
## Quota limits
|
||||||
|
##
|
||||||
|
|
||||||
|
# Quota limits are set using "quota_rule" parameters. To get per-user quota
|
||||||
|
# limits, you can set/override them by returning "quota_rule" extra field
|
||||||
|
# from userdb. It's also possible to give mailbox-specific limits, for example
|
||||||
|
# to give additional 100 MB when saving to Trash:
|
||||||
|
|
||||||
|
plugin {
|
||||||
|
#quota_rule = *:storage=1G
|
||||||
|
#quota_rule2 = Trash:storage=+100M
|
||||||
|
|
||||||
|
# LDA/LMTP allows saving the last mail to bring user from under quota to
|
||||||
|
# over quota, if the quota doesn't grow too high. Default is to allow as
|
||||||
|
# long as quota will stay under 10% above the limit. Also allowed e.g. 10M.
|
||||||
|
#quota_grace = 10%%
|
||||||
|
|
||||||
|
# Quota plugin can also limit the maximum accepted mail size.
|
||||||
|
#quota_max_mail_size = 100M
|
||||||
|
}
|
||||||
|
|
||||||
|
##
|
||||||
|
## Quota warnings
|
||||||
|
##
|
||||||
|
|
||||||
|
# You can execute a given command when user exceeds a specified quota limit.
|
||||||
|
# Each quota root has separate limits. Only the command for the first
|
||||||
|
# exceeded limit is executed, so put the highest limit first.
|
||||||
|
# The commands are executed via script service by connecting to the named
|
||||||
|
# UNIX socket (quota-warning below).
|
||||||
|
# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
|
||||||
|
|
||||||
|
plugin {
|
||||||
|
#quota_warning = storage=95%% quota-warning 95 %u
|
||||||
|
#quota_warning2 = storage=80%% quota-warning 80 %u
|
||||||
|
}
|
||||||
|
|
||||||
|
# Example quota-warning service. The unix listener's permissions should be
|
||||||
|
# set in a way that mail processes can connect to it. Below example assumes
|
||||||
|
# that mail processes run as vmail user. If you use mode=0666, all system users
|
||||||
|
# can generate quota warnings to anyone.
|
||||||
|
#service quota-warning {
|
||||||
|
# executable = script /usr/local/bin/quota-warning.sh
|
||||||
|
# user = dovecot
|
||||||
|
# unix_listener quota-warning {
|
||||||
|
# user = vmail
|
||||||
|
# }
|
||||||
|
#}
|
||||||
|
|
||||||
|
##
|
||||||
|
## Quota backends
|
||||||
|
##
|
||||||
|
|
||||||
|
# Multiple backends are supported:
|
||||||
|
# dirsize: Find and sum all the files found from mail directory.
|
||||||
|
# Extremely SLOW with Maildir. It'll eat your CPU and disk I/O.
|
||||||
|
# dict: Keep quota stored in dictionary (eg. SQL)
|
||||||
|
# maildir: Maildir++ quota
|
||||||
|
# fs: Read-only support for filesystem quota
|
||||||
|
|
||||||
|
plugin {
|
||||||
|
#quota = dirsize:User quota
|
||||||
|
#quota = maildir:User quota
|
||||||
|
#quota = dict:User quota::proxy::quota
|
||||||
|
#quota = fs:User quota
|
||||||
|
}
|
||||||
|
|
||||||
|
# Multiple quota roots are also possible, for example this gives each user
|
||||||
|
# their own 100MB quota and one shared 1GB quota within the domain:
|
||||||
|
plugin {
|
||||||
|
#quota = dict:user::proxy::quota
|
||||||
|
#quota2 = dict:domain:%d:proxy::quota_domain
|
||||||
|
#quota_rule = *:storage=102400
|
||||||
|
#quota2_rule = *:storage=1048576
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
plugin {
|
||||||
|
quota = maildir:User quota
|
||||||
|
|
||||||
|
quota_status_success = DUNNO
|
||||||
|
quota_status_nouser = DUNNO
|
||||||
|
quota_status_overquota = "452 4.2.2 Mailbox is full and cannot receive any more emails"
|
||||||
|
}
|
20
roles/dovecot/templates/dovecot-ldap.conf.ext.j2
Normal file
20
roles/dovecot/templates/dovecot-ldap.conf.ext.j2
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# Dovecot configuration for Aurore
|
||||||
|
# More info at https://gitea.auro.re/Aurore/ansible
|
||||||
|
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||||
|
|
||||||
|
uris = {{ ldap_master_uri }}
|
||||||
|
dn = {{ ldap_dovecot_bind_dn }}
|
||||||
|
dnpass = {{ ldap_dovecot_password }}
|
||||||
|
base = {{ ldap_user_tree }}
|
||||||
|
|
||||||
|
#user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid
|
||||||
|
#user_filter = (&(objectClass=posixAccount)(uid=%u))
|
||||||
|
|
||||||
|
pass_attrs = uid=user, userPassword=password
|
||||||
|
pass_filter = (&(objectClass=posixAccount)(uid=%u))
|
||||||
|
|
||||||
|
# Convert LDAP lookup to lowercase
|
||||||
|
# would be needed if re2o did not already had lowercase enforced by a
|
||||||
|
# validator
|
||||||
|
#auth_username_format = %Lu
|
3
roles/mail_certificates/handlers/main.yml
Normal file
3
roles/mail_certificates/handlers/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
- name: Generate certificates
|
||||||
|
command: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
38
roles/mail_certificates/tasks/main.yml
Normal file
38
roles/mail_certificates/tasks/main.yml
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
# Very similar to the certbot role, but without nginx
|
||||||
|
# Install Letscrypt tools to generate and manage certificates
|
||||||
|
- name: Install Letsencrypt
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- certbot # letsencrypt
|
||||||
|
- ca-certificates # just in case
|
||||||
|
update_cache: true
|
||||||
|
|
||||||
|
# Create the configuration directory for letsencrypt
|
||||||
|
- name: Create /etc/letsencrypt/conf.d
|
||||||
|
file:
|
||||||
|
path: /etc/letsencrypt/conf.d
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
# Configure certbot
|
||||||
|
- name: Add certbot configuration
|
||||||
|
template:
|
||||||
|
src: "conf.ini.j2"
|
||||||
|
dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||||
|
mode: 0644
|
||||||
|
notify: Generate certificates
|
||||||
|
|
||||||
|
- name: Make sure let's encrypt renewal-hooks exists
|
||||||
|
file:
|
||||||
|
path: /etc/letsencrypt/renewal-hooks/deploy
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
- name: Reload Postfix and Dovecot after certificate renewal
|
||||||
|
template:
|
||||||
|
src: letsencrypt/renewal-hooks/deploy/reload-mail-services.sh.j2
|
||||||
|
dest: /etc/letsencrypt/renewal-hooks/deploy/reload-mail-services.sh
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
# TODO: add motd
|
26
roles/mail_certificates/templates/conf.ini.j2
Normal file
26
roles/mail_certificates/templates/conf.ini.j2
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
# Pour appliquer cette conf et générer la conf de renewal :
|
||||||
|
# certbot --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini certonly
|
||||||
|
|
||||||
|
# Use a 4096 bit RSA key instead of 2048
|
||||||
|
rsa-key-size = 4096
|
||||||
|
|
||||||
|
# Always use the staging/testing server
|
||||||
|
# server = https://acme-staging.api.letsencrypt.org/directory
|
||||||
|
|
||||||
|
# Uncomment and update to register with the specified e-mail address
|
||||||
|
email = {{ certbot.mail }}
|
||||||
|
|
||||||
|
# Uncomment to use a text interface instead of ncurses
|
||||||
|
text = True
|
||||||
|
|
||||||
|
# Use nginx challenge
|
||||||
|
authenticator = standalone
|
||||||
|
|
||||||
|
# Accept TOS
|
||||||
|
agree-tos = True
|
||||||
|
|
||||||
|
# Wildcard the domain
|
||||||
|
cert-name = {{ certbot.certname }}
|
||||||
|
domains = {{ ", ".join(certbot.domains) }}
|
|
@ -0,0 +1,6 @@
|
||||||
|
#!/bin/sh
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
# Reload Postcot and Dovecot after certificates are (re)generated
|
||||||
|
|
||||||
|
systemctl reload postfix
|
||||||
|
systemctl reload dovecot
|
8
roles/mail_utils/tasks/main.yml
Normal file
8
roles/mail_utils/tasks/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
# Install small tools that are usefull on a mailserver
|
||||||
|
- name: Install small utility tools
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- swaks # Swiss Army Knife for SMTP
|
||||||
|
- mutt # small CLI mail client for debug and on-server mail
|
||||||
|
- pwgen # generate strong and cryptographically secure passwords
|
4
roles/nfs_client/defaults/main.yml
Normal file
4
roles/nfs_client/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
nfs:
|
||||||
|
owner: root
|
||||||
|
group: root
|
24
roles/nfs_client/tasks/main.yml
Normal file
24
roles/nfs_client/tasks/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
---
|
||||||
|
# Install NFS client, mount distant storage and add configuration to fstab to make it persistent
|
||||||
|
- name: Install NFS client
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- nfs-common # use this on any NFS machine, be either client or server
|
||||||
|
update_cache: true
|
||||||
|
|
||||||
|
- name: Create mountable dir
|
||||||
|
file:
|
||||||
|
path: "{{ nfs.mount_path }}"
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
owner: "{{ nfs.dir_owner }}"
|
||||||
|
group: "{{ nfs.dir_group }}"
|
||||||
|
|
||||||
|
- name: Mount and add to fstab
|
||||||
|
mount:
|
||||||
|
state: mounted # actively mounted and configured in fstab
|
||||||
|
src: "{{ nfs.src }}"
|
||||||
|
path: "{{ nfs.mount_path }}"
|
||||||
|
fstype: nfs
|
||||||
|
opts: defaults
|
||||||
|
# don't specify dump and fsck to keep the 0 (don't) variable
|
6
roles/postfix/handlers/main.yml
Normal file
6
roles/postfix/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
# Restart Postfix
|
||||||
|
- name: Restart postfix service
|
||||||
|
service:
|
||||||
|
name: postfix
|
||||||
|
state: restarted
|
14
roles/postfix/tasks/main.yml
Normal file
14
roles/postfix/tasks/main.yml
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
# Install and configure Postfix
|
||||||
|
|
||||||
|
- name: Install Postfix
|
||||||
|
apt:
|
||||||
|
name: postfix
|
||||||
|
update_cache: true # apt update beforehand
|
||||||
|
|
||||||
|
- name: Configure Postfix
|
||||||
|
template:
|
||||||
|
src: main.cf.j2
|
||||||
|
dest: /etc/postfix/main.cf
|
||||||
|
mode: 0644
|
||||||
|
notify: Restart postfix service
|
70
roles/postfix/templates/main.cf.j2
Normal file
70
roles/postfix/templates/main.cf.j2
Normal file
|
@ -0,0 +1,70 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# See /usr/share/postfix/main.cf.dist for a full commented version
|
||||||
|
# See BASIC_CONFIGURATION_README and STANDARD_CONFIGURATION_README for more insights
|
||||||
|
# More generally, see the Postfix documentation at http://www.postfix.org
|
||||||
|
|
||||||
|
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
|
||||||
|
biff = no
|
||||||
|
|
||||||
|
# appending .domain is the MUA's job.
|
||||||
|
append_dot_mydomain = no
|
||||||
|
|
||||||
|
# Uncomment the next line to generate "delayed mail" warnings
|
||||||
|
#delay_warning_time = 4h
|
||||||
|
|
||||||
|
readme_directory = no
|
||||||
|
|
||||||
|
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
|
||||||
|
# fresh installs.
|
||||||
|
compatibility_level = 2
|
||||||
|
|
||||||
|
# Send mail as user@{{ myorigin }}
|
||||||
|
myorigin = {{ myorigin }}
|
||||||
|
|
||||||
|
myhostname = {{ myhostname }}
|
||||||
|
|
||||||
|
mydestination = $myhostname localhost.{{ myorigin }} localhost {{ myorigin }}
|
||||||
|
|
||||||
|
# Specify the trusted networks
|
||||||
|
mynetworks = 127.0.0.0/8 {{ local_network }}
|
||||||
|
|
||||||
|
# This host does not relay mail from untrusted networks
|
||||||
|
relay_domains =
|
||||||
|
|
||||||
|
# Allow plus delimiter
|
||||||
|
recipient_delimiter = +
|
||||||
|
|
||||||
|
# Re2o Generated files
|
||||||
|
alias_database = hash:/var/local/re2o-services/mail-server/generated/aliases
|
||||||
|
alias_maps = $alias_database
|
||||||
|
local_recipient_maps = $alias_maps unix:passwd.byname
|
||||||
|
virtual_alias_maps = hash:/var/local/re2o-services/mail-server/generated/virtual
|
||||||
|
relay_recipient_maps = hash:/var/local/re2o-services/mail-server/generated/virtual
|
||||||
|
|
||||||
|
# Tell Postfix to deliver emails to Dovecot through LMTP
|
||||||
|
virtual_transport = lmtp:unix:private/dovecot-lmtp
|
||||||
|
|
||||||
|
# TLS for reception
|
||||||
|
smtpd_use_tls = yes
|
||||||
|
smtpd_tls_security_level = may
|
||||||
|
smtpd_tls_cert_file = {{ cert.path_fullchain }}
|
||||||
|
smtpd_tls_key_file = {{ cert.path_privkey }}
|
||||||
|
smtpd_tls_loglevel = 0
|
||||||
|
smtpd_tls_received_header = yes
|
||||||
|
|
||||||
|
# TLS for sending
|
||||||
|
smtp_use_tls = yes
|
||||||
|
smtp_tls_security_level = may
|
||||||
|
smtp_tls_loglevel = 1
|
||||||
|
smtp_tls_cert_file =
|
||||||
|
smtp_tls_key_file =
|
||||||
|
smtp_tls_CApath = /etc/ssl/certs/
|
||||||
|
|
||||||
|
# Caching TLS sessions
|
||||||
|
smtpd_tls_session_cache_database=btree:/var/lib/postfix/smtpd_tls_session_cache
|
||||||
|
smtp_tls_session_cache_database=btree:/var/lib/postfix/smtp_tls_session_cache
|
||||||
|
|
||||||
|
# Reject mail if user if overquota
|
||||||
|
smtpd_recipient_restrictions =
|
||||||
|
reject_unauth_destination
|
||||||
|
check_policy_service unix:private/quota-status
|
|
@ -12,6 +12,11 @@
|
||||||
retries: 3
|
retries: 3
|
||||||
until: apt_result is succeeded
|
until: apt_result is succeeded
|
||||||
|
|
||||||
|
- name: "Create the local user {{ service_user }}"
|
||||||
|
user:
|
||||||
|
create_home: false
|
||||||
|
name: "{{ service_user }}"
|
||||||
|
|
||||||
- name: "Clone re2o {{ service_name }} project"
|
- name: "Clone re2o {{ service_name }} project"
|
||||||
git:
|
git:
|
||||||
repo: "{{ service_repo }}"
|
repo: "{{ service_repo }}"
|
||||||
|
|
16
roles/re2o_service_mailserver/tasks/main.yml
Normal file
16
roles/re2o_service_mailserver/tasks/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
# Additional configuration for the re2o-service mailserver, you have to deploy the re2o_service first
|
||||||
|
|
||||||
|
- name: Create generated directory
|
||||||
|
file:
|
||||||
|
path: /var/local/re2o-services/mail-server/generated
|
||||||
|
state: directory
|
||||||
|
mode: "0755"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
|
- name: Deploy cron for re2o-mail-server
|
||||||
|
template:
|
||||||
|
src: cron.d/re2o-services-mail-server.j2
|
||||||
|
dest: /etc/cron.d/re2o-services-mail-server
|
||||||
|
mode: 0755
|
|
@ -0,0 +1,3 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
# Regenerate Postfix configuration Re2o API every 5 minutes
|
||||||
|
*/5 * * * * root /usr/bin/python3 /var/local/re2o-services/mail-server/main.py
|
Loading…
Reference in a new issue