---
- name: Create the spamassassin user and install the Spamassassin packages on RH based systems
block:
- name: Create the spamassassin user
user: name={{ spamassassin_user }} home={{ spamassassin_home }} comment="Spamassassin Service Account" createhome=no shell=/usr/sbin/nologin system=yes
- name: spamassassin packages, RH/CentOS
yum: pkg={{ spamassassin_rh_packages }} state=present
- name: spamassassin perl DB* packages, RH/CentOS
yum: pkg={{ spamassassin_sql_rh_packages }} state=present
when: spamassassin_db_user_config | bool
- name: Perl modules, from CPAN
cpanm:
name: '{{ item }}'
installdeps: True
system_lib: False
with_items: '{{ spamassassin_rh_perl_packages }}'
- name: Set some SELinux booleans related to spamassassin
seboolean: name={{ item }} state=yes persistent=yes
with_items:
- 'spamassassin_can_network'
- 'spamd_update_can_network'
when: ansible_distribution_file_variety == "RedHat"
tags: [ 'spamassassin', 'spamassassin_packages' ]
- name: Disable the sought rules
block:
- name: Remove the soughtrules configuration and database files
file: dest={{ item }} state=absent
with_items:
- '{{ spamassassin_conf_dir }}/channel.d/sought.conf'
- '/var/lib/spamassassin/{{ spamassassin_rules_version }}/sought_rules_yerp_org.cf'
- '/var/lib/spamassassin/{{ spamassassin_rules_version }}/sought_rules_yerp_org'
notify: Restart spamassassin
when: spamassassin_disable_soughtrules
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_sought' ]
- name: Install pyzor from pip
block:
- name: Install the pyzor pip packages
pip: name={{ spamassassin_pyzor_pip_packages }} state=present
notify: Restart spamassassin
- name: Create the pyzor home
file: dest={{ spamassassin_conf_dir }}/pyzor state=directory owner={{ spamassassin_user }} mode=0750
- name: Install the pyzor configuration
template: src=pyzor-config.j2 dest={{ spamassassin_conf_dir }}/pyzor/config owner=root group={{ spamassassin_user }} mode=0440
notify: Restart spamassassin
when: spamassassin_enable_pyzor
tags: [ 'spamassassin', 'pyzor', 'spamassassin_conf' ]
- name: Clamav plugin from the spamassassin site
block:
- name: Install the Clamav plugin code
template: src=clamav-plugin.pm.j2 dest={{ spamassassin_conf_dir }}/clamav.pm owner=root group=root mode='0644'
notify: Restart spamassassin
- name: Install the Clamav plugin configuration. Single score
template: src=clamav-plugin-conf.cf.j2 dest={{ spamassassin_conf_dir }}/clamav.cf owner=root group=root mode='0644'
notify: Restart spamassassin
when: not spamassassin_clamav_multiple_scores
- name: Install the Clamav plugin configuration. Multiple scores
template: src=clamav-plugin-multiple-scores-conf.cf.j2 dest={{ spamassassin_conf_dir }}/clamav.cf owner=root group=root mode='0644'
notify: Restart spamassassin
when: spamassassin_clamav_multiple_scores
when:
- spamassassin_clamav_old_plugin
- not spamassassin_clamav_github_plugin
tags: [ 'spamassassin', 'clamav', 'spamassassin_conf', 'clamav_spamassassin' ]
- name: Clamav plugin, from github
block:
- name: Get the clamav plugin code from github
get_url: url={{ spamassassin_clamav_github_plugin_url }} dest={{ spamassassin_conf_dir }}/clamav.pm owner=root group=root mode='0644'
notify: Restart spamassassin
- name: Install the Clamav github plugin configuration
template: src=clamav-github-plugin-conf.cf.j2 dest={{ spamassassin_conf_dir }}/clamav.cf owner=root group=root mode='0644'
notify: Restart spamassassin
when:
- not spamassassin_clamav_old_plugin
- spamassassin_clamav_github_plugin
tags: [ 'spamassassin', 'clamav', 'spamassassin_conf', 'clamav_spamassassin' ]
- name: Remove the clamav plugin
block:
- name: Remove the clamav plugin files
file: dest={{ spamassassin_conf_dir }}/{{ item }} state=absent
with_items:
- 'clamav.cf'
- 'clamav.pm'
notify: Restart spamassassin
when:
- not spamassassin_clamav_old_plugin
- not spamassassin_clamav_github_plugin
tags: [ 'spamassassin', 'clamav', 'spamassassin_conf', 'clamav_spamassassin' ]
- name: OLE2macro plugin, from github
block:
- name: Get the OLE2macro plugin code from github
get_url: url={{ spamassassin_ole2macro_github_plugin_url }} dest={{ spamassassin_conf_dir }}/ole2macro.pm owner=root group=root mode='0644'
notify: Restart spamassassin
- name: Install the OLE2macro plugin configuration
template: src=ole2macro.cf.j2 dest={{ spamassassin_conf_dir }}/ole2macro.cf owner=root group=root mode='0644'
notify: Restart spamassassin
- name: ole2 required packages, EL
yum: pkg={{ spamassassin_ole2_perl_packages }} state=present
when: ansible_distribution_file_variety == "RedHat"
when: spamassassin_ole2macro_github_plugin
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_ole2macro' ]
- name: Remove the ole2macro plugin
block:
- name: Remove the ole2macro plugin files
file: dest={{ spamassassin_conf_dir }}/{{ item }} state=absent
with_items:
- 'ole2macro.cf'
- 'ole2macro.pm'
notify: Restart spamassassin
when: not spamassassin_ole2macro_github_plugin
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_ole2macro' ]
- name: dmarc plugin, from github
block:
- name: dmarc required packages, EL
yum: pkg={{ spamassassin_dmarc_perl_requirements }} state=present
when: ansible_distribution_file_variety == "RedHat"
- name: dmarc perl module, from CPAN
cpanm:
name: '{{ item }}'
installdeps: True
system_lib: False
with_items: '{{ spamassassin_dmarc_perl_packages }}'
- name: Get the dmarc plugin code from github
get_url: url={{ spamassassin_dmarc_github_plugin_url }} dest={{ spamassassin_conf_dir }}/dmarc.pm owner=root group=root mode='0644'
notify: Restart spamassassin
- name: Install the dmarc plugin configuration
template: src=dmarc.cf.j2 dest={{ spamassassin_conf_dir }}/dmarc.cf owner=root group=root mode='0644'
notify: Restart spamassassin
when: spamassassin_dmarc_github_plugin
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_dmarc' ]
- name: Remove the ole2macro plugin
block:
- name: Remove the clamav plugin files
file: dest={{ spamassassin_conf_dir }}/{{ item }} state=absent
with_items:
- 'dmarc.cf'
- 'dmarc.pm'
notify: Restart spamassassin
when: not spamassassin_dmarc_github_plugin
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_dmarc' ]
- name: Manage the letsencrypt configuration
block:
- name: Check if the letsencrypt certificates are in place
stat: path={{ letsencrypt_acme_certs_dir }}/privkey
register: letsencrypt_keyfile
- name: Copy the letsencrypt certificate key into the right place
copy: src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ spamassassin_home }}/client-key.pem owner={{ spamassassin_user }} group={{ spamassassin_group }} mode=0400 remote_src=yes force=yes
when: letsencrypt_keyfile.stat.exists is defined and letsencrypt_keyfile.stat.exists | bool
notify: Restart spamassassin
- name: Copy the letsencrypt public certificate into the right place
copy: src={{ letsencrypt_acme_certs_dir }}/fullchain dest={{ spamassassin_home }}/client-cert.pem owner={{ spamassassin_user }} group={{ spamassassin_group }} mode=0444 remote_src=yes force=yes
when: letsencrypt_keyfile.stat.exists is defined and letsencrypt_keyfile.stat.exists | bool
notify: Restart spamassassin
- name: Create the acme hooks directory if it does not yet exist
file: dest={{ letsencrypt_acme_sh_services_scripts_dir }} state=directory owner=root group=root
- name: Install a script that fix the letsencrypt certificate for mysql and then reload the service
template: src=letsencrypt-spamassassin-hook.sh.j2 dest={{ letsencrypt_acme_sh_services_scripts_dir }}/spamassassin owner=root group=root mode=4555
when:
- letsencrypt_acme_install is defined and letsencrypt_acme_install
- spamassassin_spamd_ssl_enabled | bool
tags: [ 'spamassassin', 'letsencrypt', 'spamassassin_letsencrypt' ]
- name: Install the Spamassassin base configuration
block:
- name: spamassassin local config
template: src=spamassassin-local.cf.j2 dest={{ spamassassin_conf_dir }}/local.cf owner=root group={{ spamassassin_group }} mode=0440
notify: Reload spamassassin
- name: spamassassin spamd defaults
template: src=spamassassin_sysconfig.j2 dest=/etc/sysconfig/spamassassin owner=root group=root mode=0444
notify: Reload spamassassin
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_local_conf' ]
- name: Install the Spamassassin DB configuration
block:
- name: spamassassin db config
template: src=spamassassin-db.cf.j2 dest={{ spamassassin_conf_dir }}/db.cf owner=root group={{ spamassassin_group }} mode=0440
notify: Reload spamassassin
when: spamassassin_db_user_config | bool
tags: [ 'spamassassin', 'spamassassin_conf' ]
- name: Install the Spamassassin DB configuration
block:
- name: Copy the spamassassin postgresql sql schema files
copy: src={{ spamassassin_db_sql_file }} dest={{ item.schema_file }} force=no
with_items: '{{ psql_db_data }}'
register: pdns_schema
when: item.schema_file is defined
- name: Install the spamassassin schema file
postgresql_db: name={{ item.name }} login_host='localhost' login_user={{ item.user }} login_password={{ item.pwd }} state=restore target={{ item.schema_file }} port={{ psql_db_port }}
with_items: '{{ psql_db_data }}'
when:
- pdns_schema is changed
- item.schema_file is defined
delegate_to: '{{ spamassassin_db_external_host }}'
run_once: True
when: spamassassin_db_user_config | bool
tags: [ 'spamassassin', 'spamassassin_conf' ]
- name: Manage the spamassassin service
block:
- name: Ensure that the spamassassin service is started and enabled
service: name=spamassassin state=started enabled=yes
when: spamassassin_install | bool
tags: [ 'spamassassin', 'spamassassin_conf', 'spamassassin_service' ]