WIP: Setup of a mail server #9
29 changed files with 752 additions and 173 deletions
|
@ -15,6 +15,8 @@ ldap_matrix_password: "{{ vault_ldap_matrix_password }}"
|
|||
ldap_replica_password: "{{ vault_ldap_replica_password }}"
|
||||
ldap_admin_password: "{{ vault_ldap_admin_password }}"
|
||||
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"
|
||||
ldap_dovecot_bind_dn: "cn=dovecot,ou=service-users,{{ ldap_base }}"
|
||||
ldap_dovecot_password: "{{ vault_ldap_dovecot_password }}"
|
||||
|
||||
# Databases
|
||||
postgresql_services_url: 'services-bdd.adm.auro.re'
|
||||
|
@ -68,6 +70,9 @@ keepalived_password: "{{ vault_keepalived_password[apartment_block] }}"
|
|||
re2o_secret_key: "{{ vault_re2o_secret_key }}"
|
||||
re2o_db_password: "{{ vault_re2o_db_password }}"
|
||||
re2o_aes_key: "{{ vault_re2o_aes_key }}"
|
||||
re2o_hostname: "re2o.auro.re"
|
||||
re2o_api_username: "service-user"
|
||||
re2o_api_password: "{{ vault_re2o_serviceuser_passwd }}"
|
||||
|
||||
# Radius
|
||||
radius_secret_aurore: "{{ vault_radius_secrets.aurore }}"
|
||||
|
@ -89,3 +94,10 @@ apartment_block_dhcp: "{{ apartment_block }}"
|
|||
ipv6_base_prefix: "2a09:6840"
|
||||
|
||||
is_aurore_host: "{{ 'aurore_vm' in group_names }}"
|
||||
|
||||
# Mail
|
||||
|
||||
myorigin: "auro.re"
|
||||
# myhostname should be the FQDN (Fully Qualified Domain Name)
|
||||
myhostname: "mail.auro.re"
|
||||
local_network: "10.128.0.0/24"
|
||||
|
|
|
@ -1,173 +1,176 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37356434643231623932626166316532633039323736303737363933373263623433653031356331
|
||||
3431376135666263353431396663363539333164643462340a383832373965653835633937373432
|
||||
31393936666535633137333739346135316463636166343063666363633966626639663265373935
|
||||
3865353439646331640a326137373039666263366330626537363566613135346263663761663732
|
||||
65363064356530373430633562623132373565326364656631313639376131313563316136623966
|
||||
35386236313238396436303765366365346335353166376164353936313536393665326439653861
|
||||
35623832623365386232353163656339333031323937383862656532636436386334643362653532
|
||||
66636365316161316536636131613438356464636163386233333333313531353935346264366231
|
||||
36346561303163663735386533333835313231333965633737376537396531323935383134643563
|
||||
32643566323564363762306438376431383237313633376437333339623936376664346137333561
|
||||
65656336303964623964616230306332636535343833336535303832666137663865336564623233
|
||||
33653361646533613462373163363736386634663038666232313432653037643330653639666663
|
||||
61643533363938366634616632626131663164393338623539636430363166323935396439373337
|
||||
34343930336631326634366331353836323465613934383231313364383061636631346633383634
|
||||
36646439336530353761613831343236373936666632333965323964643862616633303732333230
|
||||
36313132323965323831336265306565346461343235383864613762343536653434333163616663
|
||||
34303731666632666630313763323239633435386330363339363631646432633762383464303837
|
||||
39336630343833646666383237376238316264393262336136393662363261643961666332623138
|
||||
65633661343265643731396663376262613566613135663161393833373766396632303734336261
|
||||
30326436363237653431396563326264646335643536616530343863623130643666653733323331
|
||||
30616363306636396439376661633035326430313363656433636465623737636565333436653031
|
||||
33326662336239633930303665373965393037303238393630343338383362363439386634613838
|
||||
61356533383032656663613966383131623333613639633062343639393865376433316464653738
|
||||
64346465633263383662313934343732363536343662653532393837383062333565636662626634
|
||||
30393364336566343264373538386230623136316632666237646431333233376562356439626536
|
||||
61613835346636346139316665623463363339623863373961386661656361363232396533636233
|
||||
61326236643162623331633066333138326533323835366534336361396263353432373532326437
|
||||
30666234666235343739343834316234346630373661666634616461383639363664656534663636
|
||||
33376237313333393632313839373436616631336130393930373136623335666235386162376464
|
||||
31646437393336313433643534363138636461373837336634646464356437306265353731663362
|
||||
64316530326536333235386531613931303238363062383639626238346337356539323938663464
|
||||
62613432376563616238303938663933363564613532333633346132373361346231643130653833
|
||||
62313631313563343437373032626339366538313764333666353633363637333965633533373633
|
||||
33353134373730636638633432313932363264623531303135636566653038396131633230343839
|
||||
35303337613935666231303638663832663339626463353862616139346664356261656433313930
|
||||
65383336393934633036663261636434636461363161646239363135643536633836353965353462
|
||||
62636264373332643333356636616230376135363539393139383666363534626131663736393139
|
||||
36653862303066633365383435363637316262646338663437313435643334383835393238613763
|
||||
33656136646465373938653263376162633032336536613535356431393135396432636637356632
|
||||
31306132353632333833643434663930613936646233623935323761353461363139353238396633
|
||||
63363731613336643635333961336664343430353133373937396565343366363634653330663336
|
||||
62393866643665393232636232373964616335646363613466373666666661346139373938616463
|
||||
37613931613033323538323662356432306639626636666338666565343336323363633966316137
|
||||
32346538303935616265313461383731356462336435303936663931376133616365626466346435
|
||||
63313333643361363665653862663338376630613666356538616336643139666636663461323163
|
||||
35613365363032343831653639373866393635633363393961613339313234366232346662646132
|
||||
36636362356431366631373635613936653162323736303434353130343834323530393330613633
|
||||
66393130323637346561616435623562313037393161666236323834323836326161613963626236
|
||||
38343362343335343437656434303130626165646661393638336435343933326462343366323964
|
||||
39346433663533346262316461623732363963396161353139613663393264623335623832653436
|
||||
62306337653062666137373930303334643630623432303932303039343764633361613063643965
|
||||
34646133353132663662303665373836643238323932336663333730363137323532663164633862
|
||||
39383963336236646161653136626662313764373530623161663437373330666332316362623031
|
||||
66653832653035353662353638336239313336663765373966383030316137316135303134616439
|
||||
30386332366639653835663530643931326635373836663166313165633137623738636438663261
|
||||
34613135643363343232313061616337333562373764663733666666376233313534396132303536
|
||||
63643030623962626432653938336633313561303236363762353536613464353331373436666238
|
||||
65623961383736633934326165336637323630613032326163303436646530363063316334366665
|
||||
35303237613130326339306436343262313733663031333539343163323530653035356431386236
|
||||
63373564383233653165623034616262393966343262646461303562363763613261656235623533
|
||||
39643963646266623663343537663364633036373838313139313966663031376162666661363161
|
||||
36626332313535616638623837666565343734643037343761346238366665646461343532643434
|
||||
31356339613066646338306262323336373161326531326137353937343139386562383063666433
|
||||
61343861396465316663373963333237633736313735653138646366323334653963323831383864
|
||||
61636565333739663633623334336463643362343335663237393161383963373364303864393361
|
||||
61333935353634336637343961363237346565313633313366376336366139613563333336316565
|
||||
31653066323537646163666539356663633438386437386432313239356466356635303837326434
|
||||
66373934303932323732616563353566663766626335356662383732363266346636666231333864
|
||||
33663634313364353162666462383735653162383438393939306530393064626666366431633432
|
||||
63363139663632336333333562656339366133646630343533386535393234383638346532326132
|
||||
65326538373439373839656634613830656138643166616163663430323266366535646463303564
|
||||
38383537613964643761623330313563633939616432643134333266653038306136613962303162
|
||||
65393932353131323739333463363764346638633664383539616562353831653033633135656131
|
||||
35663136613835383538303134646631386331393032653539336632373439326238376233346238
|
||||
66623164643361646262373766353066633562343739393637653664623339333035323231663633
|
||||
66373134346231313239616534613065656563653662376434366161303163346533643866376266
|
||||
39383631396631633932653163343237313166633134346161653463393930613765373239303061
|
||||
33373466376563373739646130613566666132636666343266306135376636333730613034356430
|
||||
66373764376234363438613439643931323365636663376236666162643731646366623430373334
|
||||
32653962343839316534383034353535303839336361366666343961383930383237373164333065
|
||||
39643965386336393666633666376434303463633035373064383266646434343163396636343237
|
||||
66366561383237666566643035633635373966306464313765316665363532623638343030633733
|
||||
34663061663565303730613339623465653934363337396164383164363134373034356339643665
|
||||
38333662313862393631336533383631306130353963313337663031363061323762613966346333
|
||||
31356462336431336239353061653165376138326561346266353235636262613932633135303430
|
||||
64326536643334313262383132616434633131356537393263613761316535356631336461393930
|
||||
64386564306533656436653161383230313238396336656162656464663637336230663466323530
|
||||
34353730623033623866393266346134666230623139636132653739313738633037303563396162
|
||||
35366564376561306530353361616337386361326436366532656662376336373662636135663532
|
||||
38616631343733646564616264636239623136313037386561646632663463383430343632643935
|
||||
38663135346664626133373732306461383935366637303235316337376432626464396135343433
|
||||
31623230653464656538333263353061343761656638386537313163386132326635666531373334
|
||||
61313364646262346637623165643263313336626561376166326333333636303631353231373365
|
||||
31656664646330663063383135626534306338303161313438313162313866343035363234333432
|
||||
65613937373763623163653464636366316131653337346339626565643639663239313631336164
|
||||
39626263303361653864636433653038613938663037373735343637383733386230353663653865
|
||||
33663235613338636434303735386432383534663263656634353839663632343738376161393736
|
||||
35393062656533376261336130663235333766373832306563366538393763646339333334373063
|
||||
63396332303536336435323665316138613830306531356366383666343334323338616165306338
|
||||
61626364613062643131656239336466386664316661636664336466303931643236613761323130
|
||||
63656638633736383734313439366135613038326133646665303035646137393133636163393261
|
||||
66633864636362393630323436646233303664326634613235633438343930346538633466623064
|
||||
64643136326363356631343136366333613266336439326335323163306566313537646336383963
|
||||
35373936356137396366656237343432656236343339376538363339366334646130333030383464
|
||||
66333961643236653235663865353366313862633138376265366136636438633065653535663931
|
||||
35393166326337633337313465306565396161393534393563353166343935646362303465333833
|
||||
32326661633838333563663565643134616139353831343663313134306639656163653138383530
|
||||
63336462363862353935646563393766316665653561643765326161396439393866643565313161
|
||||
66343466313465343563316361643732313830633439336534316136303463366633653662643565
|
||||
33653533626531393536343033333433393032363862343661313836346561376565316361653032
|
||||
36613738663233333766613236613239336663323931653230313761643765666632363362643034
|
||||
39646130623161613332636330393936336532653861393935366266396536616465356362396635
|
||||
62643438643665326163366239386364633434383838613735396231383762316565373665363531
|
||||
32666131653961656566376631303239323262623330383438386164363162303662306535313162
|
||||
34343539636463626430386630653934306665333266336234313362343366633366373131383861
|
||||
31616535346236666264316535646236633363623533656332353037646231653236613664356362
|
||||
65656333303461646131366365323266656661343864633536396238333962393066336537353234
|
||||
31353337646131373533346161643432656361366464613437643230366261613662356435303339
|
||||
33623665373231656539326533353035383038633731386531633064623339653831306430333265
|
||||
35386538323561663433323939393564336539636432633738663337353937633837323062616266
|
||||
36363766373661356261643966623937633334303539343665343266386630363663663037396263
|
||||
61346330313665373533326437623838366634303335383433626137383434333166623138383931
|
||||
31643333366662333930393039333232613363313065633734303339323265323861633831646663
|
||||
33663934353664306665346631653561613463643265336431643532333533323764323937653934
|
||||
32356630383633666538386461653334343363656539383838613239626336366634383266323462
|
||||
38393534656635313739653461343835336134333166653463316464393063613831653837346663
|
||||
39626133643239353530303263663635326561306665363034393565326463343061313563366431
|
||||
39303333396166346138376530646532376333646636613664326536663133623532663462316439
|
||||
61343239623166616466316465653532646137336135656164386532623266386633326164336566
|
||||
65623436343531623133353366623763333137303132396435653632623534623061393036656161
|
||||
36373564306564363432373633326535383038623933343834386634653839353933343965366137
|
||||
34343334626661656265393461393339346139633136373936653630383732393461386463313263
|
||||
63366263333637363339323534636234386237393663316435323130663438343930336333643838
|
||||
34353264373261306439393732343530393765346161653562383939623234356562626664373263
|
||||
33343234366639663666346564383866623231356164396435363035373063643566326665373864
|
||||
32616131383530663033633866613236366264636564343462326265373762396364323232393131
|
||||
39636432356334353439333938643331366263353237633234643233373364393133366537653738
|
||||
63383531643334656537316663393235646331613365393330633064663939353633383035643866
|
||||
61376632636430646135363761393131626664326235316639646332366564396561633037363866
|
||||
65353563643632323364313134613339356563333431353931653738323162316666346466663266
|
||||
62653433666136613734623361363066336230326562663730643230616463613936633738643135
|
||||
66373935653939613537306265623532616133353365303433303562353831663534343165316362
|
||||
39613937326561383264323361666439613865316138386266393261616135346433323466333234
|
||||
33356138623132383063356633613066356161616662623961313562636636386463346266366137
|
||||
63396535353236623765626634663132633261643036333762323836636138643737373031653266
|
||||
37333836383937386238326162626166656134313165336437323834326635623036616130313539
|
||||
34356337666536666230333231326463343938396366353238313639656531663363636164626438
|
||||
30656439626361386633343236373733656334353061316239303764363236353639626637376534
|
||||
36313630613336633533613437663563656436356130336333346432616638343463316636326236
|
||||
30323737623330393565616532363835373766626432356137376561336261353864333266313033
|
||||
31663665626439336362363836613032393934613438333663373565393662663066353337343233
|
||||
31356261396664653865326532326136356134626631333530306633666538376630396163643761
|
||||
65636630346134353431646137613766326365613463373130666665663166356639333532326238
|
||||
32303238346632303831316631303733346433366665643234646439363737363462336539343534
|
||||
62623363353135303732613939613430363338313539616336656433356664343365663835626366
|
||||
62663232386638323265643133343433303133616437666139616337363036316135356333366533
|
||||
35666466303365623835663266373765393031643637333663663030366465333764653466373366
|
||||
38303863373864656431666434353064343166613132656266393939393163326631363931616637
|
||||
66396161633133646164646339396634623766643065306666373464323562363963333431636638
|
||||
66616166643762656433646661643931663639353237623461616561363164333634613338636336
|
||||
30626234333237366563663163366633666165343933316636646630653031393139393534376334
|
||||
64346166623061303930313432316665646266613834633139306662343537653736393134623032
|
||||
62643537393239643265663433653737386464353130303130323538626164306637323665623736
|
||||
39626238333038366263336630373139343064303833646634313331653033396364646462356639
|
||||
62333331336561373839636631363934653363386365363132646464653363313866616435633138
|
||||
34623638666534663131616631306566303365623339386137623666633833393134393735623264
|
||||
35323330366134613635656438323566346263306231343536306539633366653062316638396532
|
||||
62306133386530386436633661356331323261353738623865333531363036633535643537393362
|
||||
62396565636566343932373361373163356639313236306161366237356264336330366130333530
|
||||
63613363313930386438343330376463626438343439313866653039363036316566613932313230
|
||||
63323330373866613032343235623334336635343062623461366263623033353335623137356439
|
||||
39393834343230363362
|
||||
66303361306465306436306562636265303832353830313933363965316261376162313738653737
|
||||
3334363661316563633238316632336463323737633066610a306236343636656261623835343466
|
||||
39386437363564623661333465386338613632316563373164363839623138336165343834313237
|
||||
6433343439383431360a633139363034623861396633316632336131333137626239646639326131
|
||||
65613236363733346330636565303039613737366263356230313734383033383435343433386536
|
||||
30653263396339656337626239303662326134373231303364613066656339376662643934323466
|
||||
30643261393463373063623865343537653862353766323538613731353534363639616438313663
|
||||
66366133643462333935636231636638326364636334613430333062616264663961326362613466
|
||||
66313730363933653631646638616166343030626465336361313239323731356534313963613530
|
||||
65383735626234663261393834313232626239666135313566353839616162323732323265633031
|
||||
62393862663438313237663335396332613661313864303630653533343362333834356262363465
|
||||
30666232356539386437353438643038333766363362653432366263616338393066363532633064
|
||||
63646561653264393162303430346662623536363364383862366264393532613461303935653261
|
||||
39376462623561626336306435323934323130613031623865656432626233616563393365343036
|
||||
37643463666436386230653339613463633133333661356564646234653632313931333765383666
|
||||
39646331383939343663306634393531646265363531326636326636616632643437343566656464
|
||||
64643638616264376130656637386134396161306636333064633731646234396566303934626332
|
||||
66393466626137336265653933346362396639383064393663613866333337653166343262646536
|
||||
61333864373737333133626438646538353338663531323961666335333166613363653230643139
|
||||
38616462306461356135306164376332313538613465316563663566373533396635346635646134
|
||||
31386661306533383130633130346539303666316663333762383131623535343038613963353336
|
||||
32336135366435643463613962383833666130363765326631613963363266626633643966663063
|
||||
33363235353765623961346331393963653130663434356234336538626438616334613761636161
|
||||
32346234643531396530653636626531653033393863383963663938646135616238393861373738
|
||||
30346664646465666666333165336636616265303265393236626534343163353633643737366264
|
||||
63303937306637643033663333353633346166636361323538393063353438353135303665616663
|
||||
34613230383836343861613661356162363831623363633435646234353839663530363936356238
|
||||
63383038616631666633653032613435316265626137643730666539393561373264613663656464
|
||||
30613033373435313036633938353461623335396264313236623065323339623537613164316366
|
||||
33356432646438636530353230333762346165336661393038666138356561333363613563656665
|
||||
34306136393233346532303461393736636561316231626231643633333938656435663638306261
|
||||
33393064333662336466313461363638393339373637303735663736353537363364663235363263
|
||||
36623663636235363332616433626266653330393633326339376562636165323539313532363535
|
||||
64386136393631656665343337333738653664613966363361313931313763323563383265623935
|
||||
31643532346363656462646436343761353938626661383336636436373233343530353130626463
|
||||
36346330626432376338306339396563316233313836383863303232396439336436363833383063
|
||||
39663864306533376630623334386336663237666635336661383630616139633736393835666534
|
||||
61393036363763336632623236383236383639373662393761313834653833316332373733653830
|
||||
62616563386435396433653930653637643031636462633336663033306531356239346564663564
|
||||
30636462343263643236316635346163373765393262623365353933313065333532353562333932
|
||||
62656234656363306266386135313466376665663166623038616637663333353731313564356434
|
||||
61343235613639386364663533376362613364653562613431393862656265313432623532343965
|
||||
65326362323534346535326331613262653130623336653231323564376534336261643538333434
|
||||
31333830653933633562626364363364386630343364376337613436663030333865323433316163
|
||||
33356438366161626666653731386438643064656538373036393532396432396138353564313833
|
||||
34643231366439656439336534323039616364396137653661373761343635663366363134623032
|
||||
62313734313061353065613561613337373338623732326362363436616134343864643439363631
|
||||
38346339383864373635383462326466303635383661633665663362646165663934336632633838
|
||||
64373332356664663663613735663163336465353030383365346661326634373832656137393061
|
||||
34626363383964646439356338343439343336626237626366383663386161663037343339383066
|
||||
30356332623337626437313235623161373937663532613238353333326265663937653034616135
|
||||
64663731653965613933636561313730623030656666656232396433646563623137643661643132
|
||||
30383439343764396137313231353161323835393934373561623666653630656335366434636235
|
||||
36306162316464613365616330626433306335396130336266616566653661336335346566613763
|
||||
30373638353230313433333539306664323333646463333334366362613832376534356636383235
|
||||
30626263383036643034303465366137356665366238366663313837323937646631396262623331
|
||||
62323366623530663561643036643733323230343832633639663737356530643564643534666366
|
||||
64646339363235376561363835643166663735643333656230386565653234356565323135333731
|
||||
65313864316166383566386564303461343031356138386362633834316230396436306533306239
|
||||
62306132373535363931306664346637663561323530346339373234343633663062393361323532
|
||||
32653938623738383565353965656636336662323939346331396162623862613038633035643766
|
||||
30346431393237323735386337643062396433366434396531623130643038366465643132303532
|
||||
62366266393166333138643238383764656461623361326236333565373762316431373132356263
|
||||
30396263396264626330613734346361646531626531363639393431366636316135333566393561
|
||||
65393661333837633236396563333631663036376633666538306564333565653030303135313866
|
||||
32366234313532656437393964666438393737363437303562633937396437663062616636383564
|
||||
33393564643066383662323765346535616164633239636235656263336663633562646665393734
|
||||
31393232376662666431393064643161653730653263313536613963376561386536353536616163
|
||||
63316237636630306165346633646437636636626331303262663032653662333236646564613363
|
||||
63616263643266393861386166346139343237633232653734363465303935613264366130336261
|
||||
63333137633266306465363837646163323266363665396266363437303931353938653638343630
|
||||
61386561616663303330663634306235336432316365303461623665393338396434346533366130
|
||||
35303363643334613862613831366464616264386338373566613431303939623638656536306532
|
||||
31346365623766346566353564613761333563303233336139376639363634616564303336393737
|
||||
38333637376566393437383264386561386336653135663135356466663430383634313535626233
|
||||
65646131353961663064316434353564383163646166323832663662373031636531623736643566
|
||||
37336530636133363561643438663563353963373265333333386434336361326338646666636263
|
||||
64396438616335393338376632326162326530636431323466646261623531303335656135313834
|
||||
34613764336234303230373737326662396562303439363535643562386661303861666530366332
|
||||
62316635343436396535656163393737343664333963356539313037306432643166393333353036
|
||||
63663266613332363364313863303465366136333862346164306335353838333830343261323365
|
||||
61373565666665663065666233316639326238323763333336383665653434623031383063613162
|
||||
33666532363638353130303665646536663139633463343764353962643838353037323865623236
|
||||
39613832616265376464363234363532323265366362316564343964636539656263376632313538
|
||||
38653066666165333866646437353264383638366138633538336434623139623264623033656661
|
||||
36643336343764613136653432316361343963313162326439656662386334356535373361303330
|
||||
31653963306365373633323937363332636633613266363064363535366136646639643632343031
|
||||
34393363373861613863313039393336333165386637393265333439396230643735363230363530
|
||||
61643036353062643164663063343930613536653762633231333931646239343661343738386232
|
||||
66373934643837323266623866393166373837323034373662306565623534396562326635323362
|
||||
31613138613261626231663330626664376539366165353836343039336138623931643537363931
|
||||
62313862313164306337383465333464313966656538643836643639653632663564633232343362
|
||||
61323033316630616536633938393735343332653965656565663163396335643738646463303130
|
||||
64363334326165653962656534313939666230373362316438346139356266616566346462356162
|
||||
61316233346463376162356461623734313431623330633239353730643964616662383966323932
|
||||
35373962663333653738616562396638633136376635383032313634333931626530393532663531
|
||||
30356232626566386632356334393939343262393536666130333537646338343063313565623163
|
||||
64383337303665613630393164383337346132346462373338323933316231386233323061353661
|
||||
64336337376231383035653861373639373763633337396236373161613833303630316663626331
|
||||
62633336383834363033316539336261346137303463643337393465393339663966653464336162
|
||||
66633832383734373635356165343336323866663735353931626466613361636632313437326566
|
||||
36386631653935633036373831643763656564643138303564306630396539373536383261663366
|
||||
63333061333431626465353839343564346331323961663939373538636261343336663461336566
|
||||
61343231633064336561666362633739636435633663653432393862356232356434356439343936
|
||||
35326237313033363031336162303436383733626365373832333438393436663938316366343161
|
||||
65656566353535363664386336383137313962333339396530356361363630353365366532656464
|
||||
39353639626639653535316665383962646331326463353663383630633961353031396131393562
|
||||
64663661396330356664316536623666383762623934306532636562663038336165376262633661
|
||||
30373531356163386531623738373837366666323637333932393131366531316439643338373230
|
||||
39663131313531343736353666376532326566313963623432643965646666333939613538643463
|
||||
66333762306162623963306136343930306638383933333835626231616466633561633766383564
|
||||
36653163366336666565626665323966373434383432303430306632333636353337386265323534
|
||||
61306435356164313731393862383531646665346134616330303237396136313765313233313434
|
||||
35393065363264323232323537363237303330386635346263306463636233393461393232306534
|
||||
34636138333038366165343434323937363864366463326330353438313662323035653965383138
|
||||
34646331356237613461393464386465303834373536336666626539313431303635653831303237
|
||||
66643536336330303438393161613833346337336333636137336435333830386137653139386665
|
||||
34636463313438323038616134383932646266656434633861363331393634393030356562646134
|
||||
36653830326330353962393736393566393839366132643163303862316566633838373537613531
|
||||
30396636333564623930313636363762636437373138313835393362346237353731316662343661
|
||||
36636536643534636632646463376333346230383866353736393535313931313066656231336234
|
||||
65333935653537613239663166303636356466653337643362313834303634623535653166613138
|
||||
33316638313233613239386235383737623361376132346666393661393464613963616233613033
|
||||
35386534353462386238313833666234633662353166303463333463346636646565313333613866
|
||||
62313066366131353961323761306461653732393737386539646461346133626363303563353035
|
||||
63313536646234396433306361366338386539326366316163363132326230366632383032646233
|
||||
35626138326633653032393263326261313761623437336630646634636463613533353239353734
|
||||
65363236373038623965353166656131313835373834386635656361323931653237393336333938
|
||||
38373737613966356366313636656366363031396639623633373162363363373830363564356336
|
||||
37373537323462633337663462666637363661313166323038623665393562663862383161383363
|
||||
64366663656537663837373662313564663033333663633333613733656662303639313630623162
|
||||
65663165363164343364633132376538653834323764646664626266343534393763663936616339
|
||||
37336336356164613534653862626230356635333361326266323365353665666531343337613331
|
||||
61303731313431386633616230393562373331643966306161343730336539313935306662343865
|
||||
39303237653733663162303664386237376266333963663034636564363032373235646430363837
|
||||
38636261613564323565336639623533343964663733366138303635303833633738326165643938
|
||||
38616364663737333535346661356333326238303439626138303465663932393839653362393432
|
||||
33613236316161323135373162333866666136623062373037383665633034356534333530643037
|
||||
33363466643030323061373633393233383838616631636266323165656137636532626136353561
|
||||
64663936396364613236363663316534366162623735336235643631373263616330353036623333
|
||||
32393334663663393264376630626630653962393632353239356236626334633833306335386333
|
||||
30356630306630323334663334363063343462383837393663636133343465336537353433663536
|
||||
66313265613032343838633164633366396236343136303163353365343032353239376539393965
|
||||
32316361663438623731336537393135336465336161646661366565356338326537646561376434
|
||||
36626332303661373561306338666533633435393433393832656166656264376266363035366637
|
||||
64346432336339396636353930363263653838343266623430613730373235376538366465373764
|
||||
31326537383336633434663231663865353763323235623866633339393633323836366637303536
|
||||
62313139646562616339356336663838386439313531333030643032333838343332383533663134
|
||||
32323935376462646130346631656362373035346436376266653164303263653566303037393136
|
||||
36313038303862373662356662663437353265326433653330343437316230646338306639646532
|
||||
35653732306239653133656361333330333634376332323737303831666461346165616138663637
|
||||
63376263333365623037616336303038613536303163343930396635386536363936346465326137
|
||||
63653835623135353161643765643563396636313635306461376531626332333335393661646431
|
||||
33323430653464396230366465343236303033356432643066303730323132306238643737376533
|
||||
65643232323138313562346661396361363730643736626166386664313732326136373531663466
|
||||
36383630636161376431393135373863356137353737306166393934656437363063363630393864
|
||||
62663464623932616532636231643964396533396230363837383235666561663032663938373165
|
||||
32313931373935316137643937623161306330653161336138363562313033613132306164623364
|
||||
38336435333432323237353734393666646361626535393665306662393831393765636265373938
|
||||
61303832343631313634393037356662643162643233363731386265323862383034623564393661
|
||||
30646566643336323038633161356437613666626431613762363530343166633735383365323462
|
||||
36336364616531393031326361626638323834353365666437363466653234316532396662343365
|
||||
63393331336336636363313438386461303838306539303161333433313037373361366336653462
|
||||
65626531646338626532646563346566626536643166313432363231343163313039323461633265
|
||||
61396263303433383830333865366537633066366231393034623233633436316133303030653236
|
||||
64366638353634666661666534363763356164333065313136613761626262383239646539626330
|
||||
31636665326134653836626364616161636265393534666138386234373635313834343338646139
|
||||
39363432643962623339636463346264343530666133656361316437333837346236353532613131
|
||||
36626562326536303263373361326565326364363934343430313662376464303532346361653563
|
||||
62333238633765363363363265303438396631303463376561383832643633353065366633633364
|
||||
65663634613638336638376632353733646536313839313335383939613565623463313534633335
|
||||
33333139343633353830663434643139663839323364643235623832386536633264373434336133
|
||||
63303461383063313738626431663361633730343730623865613936373232616663373636646338
|
||||
31376261376139666531376663613331366539303133353564333036336239343233666238303361
|
||||
303137643632666133393733336431393664
|
||||
|
|
19
host_vars/mail.auro.re.yml
Normal file
19
host_vars/mail.auro.re.yml
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
certbot:
|
||||
domains:
|
||||
- mail.auro.re
|
||||
- smtp.auro.re
|
||||
mail: tech.aurore@lists.crans.org
|
||||
certname: auro.re
|
||||
|
||||
cert:
|
||||
# path_cert: "/etc/letsencrypt/live/auro.re/cert.pem"
|
||||
# path_chain: "/etc/letsencrypt/live/auro.re/chain.pem"
|
||||
path_fullchain: "/etc/letsencrypt/live/auro.re/fullchain.pem"
|
||||
path_privkey: "/etc/letsencrypt/live/auro.re/privkey.pem"
|
||||
|
||||
nfs:
|
||||
src: "10.128.0.6:/data_mail" # caradoc
|
||||
mount_path: "/var/vmail"
|
||||
dir_owner: vmail
|
||||
dir_group: vmail
|
2
hosts
2
hosts
|
@ -32,7 +32,7 @@ re2o-db.adm.auro.re
|
|||
services-bdd-local.adm.auro.re
|
||||
backup.adm.auro.re
|
||||
services-web.adm.auro.re
|
||||
mail.adm.auro.re
|
||||
mail.auro.re
|
||||
wikijs.adm.auro.re
|
||||
prometheus-aurore.adm.auro.re
|
||||
portail.adm.auro.re
|
||||
|
|
31
mailserver.yml
Executable file
31
mailserver.yml
Executable file
|
@ -0,0 +1,31 @@
|
|||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
# Deploy mail server
|
||||
- hosts: mail.auro.re
|
||||
roles:
|
||||
- mail_utils
|
||||
- mail_certificates
|
||||
- nfs_client
|
||||
# - postfix
|
||||
- dovecot
|
||||
- re2o_service_mailserver
|
||||
# - rspamd
|
||||
# - mail-fail2ban
|
||||
#
|
||||
# Make OVH server send mails through proxy ?
|
||||
# Add multiple MX
|
||||
# Configure DKIM, SPF, Greylisting, etc...
|
||||
|
||||
|
||||
# Deploy Re2o mail service
|
||||
- hosts: mail.auro.re
|
||||
vars:
|
||||
service_repo: https://gitea.auro.re/aurore/re2o-mail-server.git
|
||||
service_name: mail-server
|
||||
service_version: aurore
|
||||
service_config:
|
||||
hostname: re2o-test.adm.auro.re # use test instance for now, should be changed for prod!
|
||||
username: service-user
|
||||
password: "{{ vault_serviceuser_passwd }}"
|
||||
roles:
|
||||
- re2o-service
|
|
@ -23,6 +23,9 @@ authenticator = dns-rfc2136
|
|||
dns-rfc2136-credentials = /etc/letsencrypt/rfc2136.ini
|
||||
dns-rfc2136-propagation-seconds = 30
|
||||
|
||||
# Accept TOS
|
||||
agree-tos = True
|
||||
|
||||
# Wildcard the domain
|
||||
cert-name = {{ certbot.certname }}
|
||||
domains = {{ ", ".join(certbot.domains) }}
|
||||
|
|
5
roles/dovecot/handlers/main.yml
Normal file
5
roles/dovecot/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: Restart dovecot
|
||||
service:
|
||||
name: dovecot
|
||||
state: restarted
|
65
roles/dovecot/tasks/main.yml
Normal file
65
roles/dovecot/tasks/main.yml
Normal file
|
@ -0,0 +1,65 @@
|
|||
---
|
||||
# Install and configure Dovecot
|
||||
- name: Install Dovecot
|
||||
apt:
|
||||
update_cache: true
|
||||
name:
|
||||
- dovecot-core
|
||||
- dovecot-imapd
|
||||
- dovecot-managesieved
|
||||
- dovecot-lmtpd
|
||||
- dovecot-ldap
|
||||
- dovecot-pop3d
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
# Create the vmail user with UID and GID 5000
|
||||
- name: Create vmail user
|
||||
user:
|
||||
name: vmail
|
||||
uid: 5000
|
||||
group: 5000
|
||||
home: /var/vmail
|
||||
|
||||
# Create mail user seive directory with right ownernship and rights
|
||||
- name: Create mail user sieve directory
|
||||
file:
|
||||
path: /var/vmail/sieve/global
|
||||
state: directory
|
||||
owner: vmail
|
||||
group: vmail
|
||||
mode: 0770
|
||||
|
||||
# Do the same for mailboxes
|
||||
- name: Create mail user mailbox directory
|
||||
file:
|
||||
path: /var/vmail/mailboxes
|
||||
state: directory
|
||||
owner: vmail
|
||||
group: vmail
|
||||
mode: 0770
|
||||
|
||||
# Add the Dovecot configuration files (conf.d)
|
||||
- name: Add Dovecot configuration in conf.d
|
||||
template:
|
||||
src: "conf.d/{{ item }}.j2"
|
||||
dest: "/etc/dovecot/conf.d/{{ item }}"
|
||||
mode: 0644
|
||||
loop:
|
||||
- "10-auth.conf"
|
||||
- "10-mail.conf"
|
||||
- "10-master.conf"
|
||||
- "10-ssl.conf"
|
||||
- "10-logging.conf"
|
||||
notify: Restart dovecot
|
||||
|
||||
# Add the Dovecot configuration file outside of conf.d
|
||||
- name: Add Dovecot configuration outside of conf.d
|
||||
template:
|
||||
src: "dovecot-ldap.conf.ext.j2"
|
||||
dest: "/etc/dovecot/dovecot-ldap.conf.ext"
|
||||
mode: 0600 # only legible by root
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart dovecot
|
10
roles/dovecot/templates/conf.d/10-auth.conf.j2
Normal file
10
roles/dovecot/templates/conf.d/10-auth.conf.j2
Normal file
|
@ -0,0 +1,10 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
# Include LDAP conf
|
||||
!include auth-ldap.conf.ext
|
||||
|
||||
# Authentification mechanisms
|
||||
auth_mechanisms = plain login
|
8
roles/dovecot/templates/conf.d/10-logging.conf.j2
Normal file
8
roles/dovecot/templates/conf.d/10-logging.conf.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
# Prefix for each line written to log file. % codes are in strftime(3) format.
|
||||
#log_timestamp = "%b %d %H:%M:%S "
|
||||
log_timestamp = "%Y-%m-%d %H:%M:%S "
|
13
roles/dovecot/templates/conf.d/10-mail.conf.j2
Normal file
13
roles/dovecot/templates/conf.d/10-mail.conf.j2
Normal file
|
@ -0,0 +1,13 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
# Mailbox locations and namespaces
|
||||
|
||||
# Simple mail location
|
||||
mail_location = maildir:~/Maildir
|
||||
|
||||
# Plugins
|
||||
mail_plugins = quota
|
||||
#mail_plugins = quota mail_log notify # to be tested
|
26
roles/dovecot/templates/conf.d/10-master.conf.j2
Normal file
26
roles/dovecot/templates/conf.d/10-master.conf.j2
Normal file
|
@ -0,0 +1,26 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
# IMAP/POP/STMP auth configuration
|
||||
|
||||
# Authentification
|
||||
service auth {
|
||||
|
||||
# Postfix smtp-auth
|
||||
unix_listener /var/spool/postfix/private/auth {
|
||||
mode = 0660
|
||||
user = postfix
|
||||
group = postfix
|
||||
}
|
||||
}
|
||||
|
||||
# Local LMTP
|
||||
service lmtp {
|
||||
unix_listener /var/spool/postfix/private/dovecot-lmtp {
|
||||
group = postfix
|
||||
mode = 0600
|
||||
user = postfix
|
||||
}
|
||||
}
|
13
roles/dovecot/templates/conf.d/10-ssl.conf.j2
Normal file
13
roles/dovecot/templates/conf.d/10-ssl.conf.j2
Normal file
|
@ -0,0 +1,13 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
# SSL and certificates configuration
|
||||
|
||||
# Cetificates location
|
||||
ssl_cert = </etc/letsencrypt/live/auro.re/fullchain.pem
|
||||
ssl_key = </etc/letsencrypt/live/auro.re/privkey.pem
|
||||
|
||||
# Enforce TLS encryption
|
||||
ssl = required
|
31
roles/dovecot/templates/conf.d/20-lmtp.conf
Normal file
31
roles/dovecot/templates/conf.d/20-lmtp.conf
Normal file
|
@ -0,0 +1,31 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
##
|
||||
## LMTP specific settings
|
||||
##
|
||||
|
||||
# Support proxying to other LMTP/SMTP servers by performing passdb lookups.
|
||||
#lmtp_proxy = no
|
||||
|
||||
# When recipient address includes the detail (e.g. user+detail), try to save
|
||||
# the mail to the detail mailbox. See also recipient_delimiter and
|
||||
# lda_mailbox_autocreate settings.
|
||||
#lmtp_save_to_detail_mailbox = no
|
||||
|
||||
# Verify quota before replying to RCPT TO. This adds a small overhead.
|
||||
#lmtp_rcpt_check_quota = no
|
||||
|
||||
# Which recipient address to use for Delivered-To: header and Received:
|
||||
# header. The default is "final", which is the same as the one given to
|
||||
# RCPT TO command. "original" uses the address given in RCPT TO's ORCPT
|
||||
# parameter, "none" uses nothing. Note that "none" is currently always used
|
||||
# when a mail has multiple recipients.
|
||||
#lmtp_hdr_delivery_address = final
|
||||
|
||||
protocol lmtp {
|
||||
# Space separated list of plugins to load (default is global mail_plugins).
|
||||
mail_plugins = $mail_plugins sieve
|
||||
}
|
97
roles/dovecot/templates/conf.d/90-quota.conf
Normal file
97
roles/dovecot/templates/conf.d/90-quota.conf
Normal file
|
@ -0,0 +1,97 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
##
|
||||
## Quota configuration.
|
||||
##
|
||||
|
||||
# Note that you also have to enable quota plugin in mail_plugins setting.
|
||||
# <doc/wiki/Quota.txt>
|
||||
|
||||
##
|
||||
## Quota limits
|
||||
##
|
||||
|
||||
# Quota limits are set using "quota_rule" parameters. To get per-user quota
|
||||
# limits, you can set/override them by returning "quota_rule" extra field
|
||||
# from userdb. It's also possible to give mailbox-specific limits, for example
|
||||
# to give additional 100 MB when saving to Trash:
|
||||
|
||||
plugin {
|
||||
#quota_rule = *:storage=1G
|
||||
#quota_rule2 = Trash:storage=+100M
|
||||
|
||||
# LDA/LMTP allows saving the last mail to bring user from under quota to
|
||||
# over quota, if the quota doesn't grow too high. Default is to allow as
|
||||
# long as quota will stay under 10% above the limit. Also allowed e.g. 10M.
|
||||
#quota_grace = 10%%
|
||||
|
||||
# Quota plugin can also limit the maximum accepted mail size.
|
||||
#quota_max_mail_size = 100M
|
||||
}
|
||||
|
||||
##
|
||||
## Quota warnings
|
||||
##
|
||||
|
||||
# You can execute a given command when user exceeds a specified quota limit.
|
||||
# Each quota root has separate limits. Only the command for the first
|
||||
# exceeded limit is executed, so put the highest limit first.
|
||||
# The commands are executed via script service by connecting to the named
|
||||
# UNIX socket (quota-warning below).
|
||||
# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
|
||||
|
||||
plugin {
|
||||
#quota_warning = storage=95%% quota-warning 95 %u
|
||||
#quota_warning2 = storage=80%% quota-warning 80 %u
|
||||
}
|
||||
|
||||
# Example quota-warning service. The unix listener's permissions should be
|
||||
# set in a way that mail processes can connect to it. Below example assumes
|
||||
# that mail processes run as vmail user. If you use mode=0666, all system users
|
||||
# can generate quota warnings to anyone.
|
||||
#service quota-warning {
|
||||
# executable = script /usr/local/bin/quota-warning.sh
|
||||
# user = dovecot
|
||||
# unix_listener quota-warning {
|
||||
# user = vmail
|
||||
# }
|
||||
#}
|
||||
|
||||
##
|
||||
## Quota backends
|
||||
##
|
||||
|
||||
# Multiple backends are supported:
|
||||
# dirsize: Find and sum all the files found from mail directory.
|
||||
# Extremely SLOW with Maildir. It'll eat your CPU and disk I/O.
|
||||
# dict: Keep quota stored in dictionary (eg. SQL)
|
||||
# maildir: Maildir++ quota
|
||||
# fs: Read-only support for filesystem quota
|
||||
|
||||
plugin {
|
||||
#quota = dirsize:User quota
|
||||
#quota = maildir:User quota
|
||||
#quota = dict:User quota::proxy::quota
|
||||
#quota = fs:User quota
|
||||
}
|
||||
|
||||
# Multiple quota roots are also possible, for example this gives each user
|
||||
# their own 100MB quota and one shared 1GB quota within the domain:
|
||||
plugin {
|
||||
#quota = dict:user::proxy::quota
|
||||
#quota2 = dict:domain:%d:proxy::quota_domain
|
||||
#quota_rule = *:storage=102400
|
||||
#quota2_rule = *:storage=1048576
|
||||
}
|
||||
|
||||
|
||||
plugin {
|
||||
quota = maildir:User quota
|
||||
|
||||
quota_status_success = DUNNO
|
||||
quota_status_nouser = DUNNO
|
||||
quota_status_overquota = "452 4.2.2 Mailbox is full and cannot receive any more emails"
|
||||
}
|
20
roles/dovecot/templates/dovecot-ldap.conf.ext.j2
Normal file
20
roles/dovecot/templates/dovecot-ldap.conf.ext.j2
Normal file
|
@ -0,0 +1,20 @@
|
|||
# {{ ansible_managed }}
|
||||
# Dovecot configuration for Aurore
|
||||
# More info at https://gitea.auro.re/Aurore/ansible
|
||||
# And on the Dovecot wiki : https://doc.dovecot.org/
|
||||
|
||||
uris = {{ ldap_master_uri }}
|
||||
dn = {{ ldap_dovecot_bind_dn }}
|
||||
dnpass = {{ ldap_dovecot_password }}
|
||||
base = {{ ldap_user_tree }}
|
||||
|
||||
#user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid
|
||||
#user_filter = (&(objectClass=posixAccount)(uid=%u))
|
||||
|
||||
pass_attrs = uid=user, userPassword=password
|
||||
pass_filter = (&(objectClass=posixAccount)(uid=%u))
|
||||
|
||||
# Convert LDAP lookup to lowercase
|
||||
# would be needed if re2o did not already had lowercase enforced by a
|
||||
# validator
|
||||
#auth_username_format = %Lu
|
3
roles/mail_certificates/handlers/main.yml
Normal file
3
roles/mail_certificates/handlers/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- name: Generate certificates
|
||||
command: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
38
roles/mail_certificates/tasks/main.yml
Normal file
38
roles/mail_certificates/tasks/main.yml
Normal file
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
# Very similar to the certbot role, but without nginx
|
||||
# Install Letscrypt tools to generate and manage certificates
|
||||
- name: Install Letsencrypt
|
||||
apt:
|
||||
name:
|
||||
- certbot # letsencrypt
|
||||
- ca-certificates # just in case
|
||||
update_cache: true
|
||||
|
||||
# Create the configuration directory for letsencrypt
|
||||
- name: Create /etc/letsencrypt/conf.d
|
||||
file:
|
||||
path: /etc/letsencrypt/conf.d
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
# Configure certbot
|
||||
- name: Add certbot configuration
|
||||
template:
|
||||
src: "conf.ini.j2"
|
||||
dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||
mode: 0644
|
||||
notify: Generate certificates
|
||||
|
||||
- name: Make sure let's encrypt renewal-hooks exists
|
||||
file:
|
||||
path: /etc/letsencrypt/renewal-hooks/deploy
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: Reload Postfix and Dovecot after certificate renewal
|
||||
template:
|
||||
src: letsencrypt/renewal-hooks/deploy/reload-mail-services.sh.j2
|
||||
dest: /etc/letsencrypt/renewal-hooks/deploy/reload-mail-services.sh
|
||||
mode: 0755
|
||||
|
||||
# TODO: add motd
|
26
roles/mail_certificates/templates/conf.ini.j2
Normal file
26
roles/mail_certificates/templates/conf.ini.j2
Normal file
|
@ -0,0 +1,26 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
# Pour appliquer cette conf et générer la conf de renewal :
|
||||
# certbot --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini certonly
|
||||
|
||||
# Use a 4096 bit RSA key instead of 2048
|
||||
rsa-key-size = 4096
|
||||
|
||||
# Always use the staging/testing server
|
||||
# server = https://acme-staging.api.letsencrypt.org/directory
|
||||
|
||||
# Uncomment and update to register with the specified e-mail address
|
||||
email = {{ certbot.mail }}
|
||||
|
||||
# Uncomment to use a text interface instead of ncurses
|
||||
text = True
|
||||
|
||||
# Use nginx challenge
|
||||
authenticator = standalone
|
||||
|
||||
# Accept TOS
|
||||
agree-tos = True
|
||||
|
||||
# Wildcard the domain
|
||||
cert-name = {{ certbot.certname }}
|
||||
domains = {{ ", ".join(certbot.domains) }}
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/sh
|
||||
{{ ansible_managed | comment }}
|
||||
# Reload Postcot and Dovecot after certificates are (re)generated
|
||||
|
||||
systemctl reload postfix
|
||||
systemctl reload dovecot
|
8
roles/mail_utils/tasks/main.yml
Normal file
8
roles/mail_utils/tasks/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
# Install small tools that are usefull on a mailserver
|
||||
- name: Install small utility tools
|
||||
apt:
|
||||
name:
|
||||
- swaks # Swiss Army Knife for SMTP
|
||||
- mutt # small CLI mail client for debug and on-server mail
|
||||
- pwgen # generate strong and cryptographically secure passwords
|
4
roles/nfs_client/defaults/main.yml
Normal file
4
roles/nfs_client/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
nfs:
|
||||
owner: root
|
||||
group: root
|
24
roles/nfs_client/tasks/main.yml
Normal file
24
roles/nfs_client/tasks/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
# Install NFS client, mount distant storage and add configuration to fstab to make it persistent
|
||||
- name: Install NFS client
|
||||
apt:
|
||||
name:
|
||||
- nfs-common # use this on any NFS machine, be either client or server
|
||||
update_cache: true
|
||||
|
||||
- name: Create mountable dir
|
||||
file:
|
||||
path: "{{ nfs.mount_path }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ nfs.dir_owner }}"
|
||||
group: "{{ nfs.dir_group }}"
|
||||
|
||||
- name: Mount and add to fstab
|
||||
mount:
|
||||
state: mounted # actively mounted and configured in fstab
|
||||
src: "{{ nfs.src }}"
|
||||
path: "{{ nfs.mount_path }}"
|
||||
fstype: nfs
|
||||
opts: defaults
|
||||
# don't specify dump and fsck to keep the 0 (don't) variable
|
6
roles/postfix/handlers/main.yml
Normal file
6
roles/postfix/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
# Restart Postfix
|
||||
- name: Restart postfix service
|
||||
service:
|
||||
name: postfix
|
||||
state: restarted
|
14
roles/postfix/tasks/main.yml
Normal file
14
roles/postfix/tasks/main.yml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
# Install and configure Postfix
|
||||
|
||||
- name: Install Postfix
|
||||
apt:
|
||||
name: postfix
|
||||
update_cache: true # apt update beforehand
|
||||
|
||||
- name: Configure Postfix
|
||||
template:
|
||||
src: main.cf.j2
|
||||
dest: /etc/postfix/main.cf
|
||||
mode: 0644
|
||||
notify: Restart postfix service
|
70
roles/postfix/templates/main.cf.j2
Normal file
70
roles/postfix/templates/main.cf.j2
Normal file
|
@ -0,0 +1,70 @@
|
|||
# {{ ansible_managed }}
|
||||
# See /usr/share/postfix/main.cf.dist for a full commented version
|
||||
# See BASIC_CONFIGURATION_README and STANDARD_CONFIGURATION_README for more insights
|
||||
# More generally, see the Postfix documentation at http://www.postfix.org
|
||||
|
||||
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
|
||||
biff = no
|
||||
|
||||
# appending .domain is the MUA's job.
|
||||
append_dot_mydomain = no
|
||||
|
||||
# Uncomment the next line to generate "delayed mail" warnings
|
||||
#delay_warning_time = 4h
|
||||
|
||||
readme_directory = no
|
||||
|
||||
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
|
||||
# fresh installs.
|
||||
compatibility_level = 2
|
||||
|
||||
# Send mail as user@{{ myorigin }}
|
||||
myorigin = {{ myorigin }}
|
||||
|
||||
myhostname = {{ myhostname }}
|
||||
|
||||
mydestination = $myhostname localhost.{{ myorigin }} localhost {{ myorigin }}
|
||||
|
||||
# Specify the trusted networks
|
||||
mynetworks = 127.0.0.0/8 {{ local_network }}
|
||||
|
||||
# This host does not relay mail from untrusted networks
|
||||
relay_domains =
|
||||
|
||||
# Allow plus delimiter
|
||||
recipient_delimiter = +
|
||||
|
||||
# Re2o Generated files
|
||||
alias_database = hash:/var/local/re2o-services/mail-server/generated/aliases
|
||||
alias_maps = $alias_database
|
||||
local_recipient_maps = $alias_maps unix:passwd.byname
|
||||
virtual_alias_maps = hash:/var/local/re2o-services/mail-server/generated/virtual
|
||||
relay_recipient_maps = hash:/var/local/re2o-services/mail-server/generated/virtual
|
||||
|
||||
# Tell Postfix to deliver emails to Dovecot through LMTP
|
||||
virtual_transport = lmtp:unix:private/dovecot-lmtp
|
||||
|
||||
# TLS for reception
|
||||
smtpd_use_tls = yes
|
||||
smtpd_tls_security_level = may
|
||||
smtpd_tls_cert_file = {{ cert.path_fullchain }}
|
||||
smtpd_tls_key_file = {{ cert.path_privkey }}
|
||||
smtpd_tls_loglevel = 0
|
||||
smtpd_tls_received_header = yes
|
||||
|
||||
# TLS for sending
|
||||
smtp_use_tls = yes
|
||||
smtp_tls_security_level = may
|
||||
smtp_tls_loglevel = 1
|
||||
smtp_tls_cert_file =
|
||||
smtp_tls_key_file =
|
||||
smtp_tls_CApath = /etc/ssl/certs/
|
||||
|
||||
# Caching TLS sessions
|
||||
smtpd_tls_session_cache_database=btree:/var/lib/postfix/smtpd_tls_session_cache
|
||||
smtp_tls_session_cache_database=btree:/var/lib/postfix/smtp_tls_session_cache
|
||||
|
||||
# Reject mail if user if overquota
|
||||
smtpd_recipient_restrictions =
|
||||
reject_unauth_destination
|
||||
check_policy_service unix:private/quota-status
|
|
@ -12,6 +12,11 @@
|
|||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: "Create the local user {{ service_user }}"
|
||||
user:
|
||||
create_home: false
|
||||
name: "{{ service_user }}"
|
||||
|
||||
- name: "Clone re2o {{ service_name }} project"
|
||||
git:
|
||||
repo: "{{ service_repo }}"
|
||||
|
|
16
roles/re2o_service_mailserver/tasks/main.yml
Normal file
16
roles/re2o_service_mailserver/tasks/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
# Additional configuration for the re2o-service mailserver, you have to deploy the re2o_service first
|
||||
|
||||
- name: Create generated directory
|
||||
file:
|
||||
path: /var/local/re2o-services/mail-server/generated
|
||||
state: directory
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Deploy cron for re2o-mail-server
|
||||
template:
|
||||
src: cron.d/re2o-services-mail-server.j2
|
||||
dest: /etc/cron.d/re2o-services-mail-server
|
||||
mode: 0755
|
|
@ -0,0 +1,3 @@
|
|||
{{ ansible_managed | comment }}
|
||||
# Regenerate Postfix configuration Re2o API every 5 minutes
|
||||
*/5 * * * * root /usr/bin/python3 /var/local/re2o-services/mail-server/main.py
|
Loading…
Reference in a new issue