diff options
Diffstat (limited to 'chaos-at-home/ch-imap-proxy.yml')
-rw-r--r-- | chaos-at-home/ch-imap-proxy.yml | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/chaos-at-home/ch-imap-proxy.yml b/chaos-at-home/ch-imap-proxy.yml index d1479ce1..f3fad1df 100644 --- a/chaos-at-home/ch-imap-proxy.yml +++ b/chaos-at-home/ch-imap-proxy.yml @@ -14,3 +14,62 @@ request: challenge: http-self-test: false + post_tasks: + - name: install stunnel package + apt: + name: stunnel4 + state: present + + - name: generate stunnel config for imap + copy: + dest: /etc/stunnel/imap.conf + content: | + cert = /var/lib/acme/live/imap.chaos-at-home.org/fullchain + key = /var/lib/acme/live/imap.chaos-at-home.org/privkey + + [imap] + client = yes + accept = 127.0.0.1:143 + connect = 192.168.28.250:143 + protocol = imap + verify = 0 + + [imaps] + options = NO_SSLv2 + options = NO_SSLv3 + options = NO_TLSv1 + options = NO_TLSv1.1 + accept = 993 + connect = 127.0.0.1:143 + notify: restart stunnel4 + + - name: install systemd service unit for service-ip + copy: + dest: /etc/systemd/system/imap-service-ip.service + content: | + [Unit] + Description=Assign IMAP Sevice IP + After=network.target + + [Service] + Type=oneshot + ExecStart=/usr/sbin/ip addr add dev {{ network.primary.name }} {{ network_services.imap.addr }}/32 + ExecStop=/usr/sbin/ip addr del dev {{ network.primary.name }} {{ network_services.imap.addr }}/32 + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + register: service_ip_systemd_unit + + - name: make sure service-ip systemd unit is enabeld and started + systemd: + daemon_reload: yes + name: imap-service-ip.service + state: "{{ (service_ip_systemd_unit is changed) | ternary('restarted', 'started') }}" + enabled: yes + + handlers: + - name: restart stunnel4 + service: + name: stunnel4 + state: restarted |