ansible-role-postfix/tasks/tls-helper.yml
2023-03-20 20:01:04 +01:00

65 lines
1.8 KiB
YAML

---
- name: "TLS-helper | Clone repository"
ansible.builtin.git:
repo: "https://github.com/systemli/mail-tls-helper.git"
dest: "/opt/mail-tls-helper"
version: main
- name: "TLS-helper | Copy Readme"
ansible.builtin.copy:
src: mail-tls-helper/readme.txt
dest: /opt/mail-tls-helper/
mode: "0644"
- name: "TLS-help | Copy allowlist"
ansible.builtin.template:
src: postfix/allowlist.txt
dest: /opt/mail-tls-helper/allowlist.txt
mode: "0644"
- name: "TLS-helper | Create directory"
ansible.builtin.file:
path: "{{ tls_helper_postfix_dir }}"
state: directory
owner: postfix
group: postfix
mode: "0755"
- name: "TLS-helper | Create transport map"
ansible.builtin.file:
path: "{{ tls_helper_postfix_dir }}/{{ tls_helper_domains_file }}"
state: touch
owner: postfix
group: postfix
mode: "0644"
- name: "TLS-helper | Run postmap"
ansible.builtin.command:
cmd: "postmap {{ postfix_default_db_type }}:{{ tls_helper_domains_file }}"
chdir: "{{ tls_helper_postfix_dir }}"
- name: "TLS-helper | Link files"
ansible.builtin.file:
path: "{{ postfix_conf_dir }}/{{ item }}"
src: "{{ tls_helper_postfix_dir }}/{{ item }}"
state: link
loop:
- "{{ tls_helper_domains_file }}"
- "{{ tls_helper_domains_file }}.{{ postfix_default_db_type }}"
- name: "TLS-helper | Remove default logrotate configuration for mail logging"
ansible.builtin.lineinfile:
path: /etc/logrotate.d/rsyslog
line: "{{ item }}"
state: absent
loop:
- /var/log/mail.info
- /var/log/mail.warn
- /var/log/mail.err
- /var/log/mail.log
- name: "TLS-helper | Create new logrotate configuration"
ansible.builtin.template:
src: logrotate.conf
dest: /etc/logrotate.d/maillog
mode: "0644"