From 63a3ecbe58c2bb192c5693af3939eb9e29877e65 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Wed, 10 Jul 2024 18:00:32 +0200 Subject: add extended postfix roles --- roles/mail/postfix/submission/tasks/saslauthd.yml | 48 +++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 roles/mail/postfix/submission/tasks/saslauthd.yml (limited to 'roles/mail/postfix/submission/tasks/saslauthd.yml') diff --git a/roles/mail/postfix/submission/tasks/saslauthd.yml b/roles/mail/postfix/submission/tasks/saslauthd.yml new file mode 100644 index 00000000..065fb255 --- /dev/null +++ b/roles/mail/postfix/submission/tasks/saslauthd.yml @@ -0,0 +1,48 @@ +--- +- name: install saslauthd and sasl-modules + apt: + name: + - sasl2-bin + - libsasl2-modules + state: present + +- name: basic saslauthd options + vars: + saslauthd_options: + START: "yes" + MECHANISMS: "{{ postfix_submission_auth_saslauthd.mechanism }}" + OPTIONS: "-c -m /var/spool/postfix/saslauthd" + loop: "{{ saslauthd_options | dict2items }}" + loop_control: + label: "{{ item.key }} = {{ item.value }}" + lineinfile: + regexp: '^#?\s*{{ item.key }}\s*=' + line: '{{ item.key }}="{{ item.value }}"' + dest: /etc/default/saslauthd + notify: restart saslauthd + +- name: configure saslauthd mechanism + include_tasks: "saslauthd-{{ postfix_submission_auth_saslauthd.mechanism }}.yml" + +- name: configure postfix sasl via saslauthd + copy: + content: | + pwcheck_method: saslauthd + saslauthd_path: /saslauthd/mux + mech_list: plain login + dest: /etc/postfix/sasl/submission.conf + notify: restart postfix + +- name: add postfix user to sasl group + user: + name: postfix + groups: sasl + append: yes + notify: restart postfix + +- name: make sure saslauthd service is enabled and started + systemd: + daemon_reload: yes + name: saslauthd.service + enabled: yes + state: started -- cgit v1.2.3