diff options
author | Christian Pointner <equinox@spreadspace.org> | 2024-07-29 16:19:31 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2024-07-29 16:19:31 +0200 |
commit | 0999c78f7efa79e7936a11288d5930dca5698dbb (patch) | |
tree | 758848f6da856f09c2818de8f0cde4f949be05e4 /roles/mail/postfix/mx/tasks | |
parent | redis-server: add configurable storage volume (diff) |
iniital role postfix/mx - still work in progress!topic/extended-postfix-roles
Diffstat (limited to 'roles/mail/postfix/mx/tasks')
-rw-r--r-- | roles/mail/postfix/mx/tasks/main.yml | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/roles/mail/postfix/mx/tasks/main.yml b/roles/mail/postfix/mx/tasks/main.yml new file mode 100644 index 00000000..5ef5ff42 --- /dev/null +++ b/roles/mail/postfix/mx/tasks/main.yml @@ -0,0 +1,42 @@ +--- +- name: configure TLS + when: postfix_mx_tls is defined + block: + - name: generate/install/fetch TLS certificate + vars: + x509_certificate_name: "postfix-{{ postfix_mx_hostname }}" + x509_certificate_config: "{{ postfix_mx_tls.certificate_config | default({}) }}" + x509_certificate_hostnames: + - "{{ postfix_mx_hostname }}" + x509_certificate_reload_services: + - postfix + include_role: + name: "x509/{{ postfix_mx_tls.certificate_provider }}/cert" + +## TODO: configure virtual and relay domains and maps + +- name: configure spam filtering using rspamd + when: postfix_mx_spam_filter == "rspamd" + block: + - name: add postfix user to rspamd group + user: + name: postfix + groups: _rspamd + append: yes + notify: restart postfix + + - name: configure postfix milter config for rspamd + vars: + postfix_options: + milter_protocol: "6" + milter_default_action: "accept" + smtpd_milters: "unix:rspamd/rspamd-proxy.sock" + non_smtpd_milters: "unix:rspamd/rspamd-proxy.sock" + loop: "{{ postfix_options | dict2items }}" + loop_control: + label: "{{ item.key }} = {{ item.value }}" + lineinfile: + regexp: "^#?\\s*{{ item.key }}\\s*=" + line: "{{ item.key }} = {{ item.value }}" + dest: /etc/postfix/main.cf + notify: restart postfix |