ansible-role-postfix/tasks/postfix.yml

---
- name: "Postfix | Copy main.cf"
  ansible.builtin.template:
    src: postfix/main.cf.j2
    dest: /etc/postfix/main.cf
    mode: "0644"
  notify: reload postfix
  tags: maincf

- name: "Postfix | Copy master.cf"
  ansible.builtin.template:
    src: postfix/master.cf
    dest: /etc/postfix/master.cf
    mode: "0644"
  notify: restart postfix
  tags: mastercf

- name: "Postfix | Create configuration directory"
  ansible.builtin.file:
    path: "{{ postfix_conf_dir }}"
    state: directory
    mode: "0755"

- name: "Postfix | Copy lookup tables"
  ansible.builtin.copy:
    src: "postfix/conf.d/{{ item }}"
    dest: "{{ postfix_conf_dir }}/{{ item }}"
    mode: "0644"
  loop:
    - header_checks
    - header_checks_inbound

- name: "Postfix | Copy lookup tables from templates"
  ansible.builtin.template:
    src: "postfix/conf.d/{{ item }}.j2"
    dest: "{{ postfix_conf_dir }}/{{ item }}"
    mode: "0644"
  loop:
    - bad_smtp_auth_users
    - bogus_mx
    - canonical
    - client_checks
    - destination_limit
    - header_add
    - header_treatment
    - helo_checks
    - permit_sasl_login_mismatch
    - postscreen_access
    - relay_by_sender
    - relay_checks
    - sender_canonical
    - sender_checks
    - smtp_sasl_auth_password
    - transport_global_exceptions
    - transport_relay
  notify: reload postfix

- name: "Postfix | Run postmap"
  ansible.builtin.command: "postmap {{ item.table | default('cdb') }}:{{ item.file }}"
  args:
    chdir: "{{ postfix_conf_dir }}"
  changed_when: false
  notify: reload postfix
  loop:
    - file: bad_smtp_auth_users
    - file: canonical
    - file: client_checks
    - file: destination_limit
    - file: permit_sasl_login_mismatch
    - file: relay_checks
    - file: sender_canonical
    - file: sender_checks
    - file: transport_relay

- name: "Postfix | Create dhparam file"
  community.crypto.openssl_dhparam:
    path: "{{ postfix_dhparam_file }}"
    size: 4096
  when: postfix_type == "internet"
Initial commit 2023-03-20 20:01:04 +01:00			`---`
			`- name: "Postfix \| Copy main.cf"`
			`ansible.builtin.template:`
			`src: postfix/main.cf.j2`
			`dest: /etc/postfix/main.cf`
			`mode: "0644"`
			`notify: reload postfix`
Fixes and Typos 2023-04-19 12:56:49 +02:00			`tags: maincf`
Initial commit 2023-03-20 20:01:04 +01:00
			`- name: "Postfix \| Copy master.cf"`
			`ansible.builtin.template:`
			`src: postfix/master.cf`
			`dest: /etc/postfix/master.cf`
			`mode: "0644"`
			`notify: restart postfix`
Fixes and Typos 2023-04-19 12:56:49 +02:00			`tags: mastercf`
Initial commit 2023-03-20 20:01:04 +01:00
			`- name: "Postfix \| Create configuration directory"`
			`ansible.builtin.file:`
			`path: "{{ postfix_conf_dir }}"`
			`state: directory`
			`mode: "0755"`

			`- name: "Postfix \| Copy lookup tables"`
			`ansible.builtin.copy:`
			`src: "postfix/conf.d/{{ item }}"`
			`dest: "{{ postfix_conf_dir }}/{{ item }}"`
			`mode: "0644"`
			`loop:`
			`- header_checks`
			`- header_checks_inbound`

			`- name: "Postfix \| Copy lookup tables from templates"`
			`ansible.builtin.template:`
			`src: "postfix/conf.d/{{ item }}.j2"`
			`dest: "{{ postfix_conf_dir }}/{{ item }}"`
			`mode: "0644"`
			`loop:`
			`- bad_smtp_auth_users`
Create bogus mx list via host_vars 2023-04-19 11:33:01 +02:00			`- bogus_mx`
Introduce more configuration variables 2023-04-19 12:47:39 +02:00			`- canonical`
Initial commit 2023-03-20 20:01:04 +01:00			`- client_checks`
			`- destination_limit`
			`- header_add`
			`- header_treatment`
Add missing template 2023-03-24 19:39:44 +01:00			`- helo_checks`
Initial commit 2023-03-20 20:01:04 +01:00			`- permit_sasl_login_mismatch`
			`- postscreen_access`
			`- relay_by_sender`
			`- relay_checks`
Introduce more configuration variables 2023-04-19 12:47:39 +02:00			`- sender_canonical`
Initial commit 2023-03-20 20:01:04 +01:00			`- sender_checks`
Add template for sasl auth configuration 2023-03-31 17:19:01 +02:00			`- smtp_sasl_auth_password`
Initial commit 2023-03-20 20:01:04 +01:00			`- transport_global_exceptions`
			`- transport_relay`
			`notify: reload postfix`

			`- name: "Postfix \| Run postmap"`
			`ansible.builtin.command: "postmap {{ item.table \| default('cdb') }}:{{ item.file }}"`
			`args:`
			`chdir: "{{ postfix_conf_dir }}"`
			`changed_when: false`
			`notify: reload postfix`
			`loop:`
			`- file: bad_smtp_auth_users`
Run postmap on new files 2023-05-02 20:15:29 +02:00			`- file: canonical`
Initial commit 2023-03-20 20:01:04 +01:00			`- file: client_checks`
			`- file: destination_limit`
			`- file: permit_sasl_login_mismatch`
			`- file: relay_checks`
Run postmap on new files 2023-05-02 20:15:29 +02:00			`- file: sender_canonical`
Initial commit 2023-03-20 20:01:04 +01:00			`- file: sender_checks`
			`- file: transport_relay`

			`- name: "Postfix \| Create dhparam file"`
			`community.crypto.openssl_dhparam:`
			`path: "{{ postfix_dhparam_file }}"`
			`size: 4096`
Add conditionals to disable tasks dor intenal mail servers 2023-04-19 15:14:03 +02:00			`when: postfix_type == "internet"`