Initial commit

tasks/tls-helper.yml

@@ -0,0 +1,65 @@
+---
+- name: "TLS-helper | Clone repository"
+  ansible.builtin.git:
+    repo: "https://github.com/systemli/mail-tls-helper.git"
+    dest: "/opt/mail-tls-helper"
+    version: main
+
+- name: "TLS-helper | Copy Readme"
+  ansible.builtin.copy:
+    src: mail-tls-helper/readme.txt
+    dest: /opt/mail-tls-helper/
+    mode: "0644"
+
+- name: "TLS-help | Copy allowlist"
+  ansible.builtin.template:
+    src: postfix/allowlist.txt
+    dest: /opt/mail-tls-helper/allowlist.txt
+    mode: "0644"
+
+- name: "TLS-helper | Create directory"
+  ansible.builtin.file:
+    path: "{{ tls_helper_postfix_dir }}"
+    state: directory
+    owner: postfix
+    group: postfix
+    mode: "0755"
+
+- name: "TLS-helper | Create transport map"
+  ansible.builtin.file:
+    path: "{{ tls_helper_postfix_dir }}/{{ tls_helper_domains_file }}"
+    state: touch
+    owner: postfix
+    group: postfix
+    mode: "0644"
+
+- name: "TLS-helper | Run postmap"
+  ansible.builtin.command:
+    cmd: "postmap {{ postfix_default_db_type }}:{{ tls_helper_domains_file }}"
+    chdir: "{{ tls_helper_postfix_dir }}"
+
+- name: "TLS-helper | Link files"
+  ansible.builtin.file:
+    path: "{{ postfix_conf_dir }}/{{ item }}"
+    src: "{{ tls_helper_postfix_dir }}/{{ item }}"
+    state: link
+  loop:
+    - "{{ tls_helper_domains_file }}"
+    - "{{ tls_helper_domains_file }}.{{ postfix_default_db_type }}"
+
+- name: "TLS-helper | Remove default logrotate configuration for mail logging"
+  ansible.builtin.lineinfile:
+    path: /etc/logrotate.d/rsyslog
+    line: "{{ item }}"
+    state: absent
+  loop:
+    - /var/log/mail.info
+    - /var/log/mail.warn
+    - /var/log/mail.err
+    - /var/log/mail.log
+
+- name: "TLS-helper | Create new logrotate configuration"
+  ansible.builtin.template:
+    src: logrotate.conf
+    dest: /etc/logrotate.d/maillog
+    mode: "0644"