forked from ISTI-ansible-roles/ansible-roles
Force a postfix restart after a configuration change without waiting for the handlers to kick in. Add 'compatibility_level=2' on Ubuntu 18.04.
This commit is contained in:
parent
9d6370b776
commit
5ca80e638a
|
@ -14,21 +14,31 @@
|
||||||
|
|
||||||
- name: Write the postfix main configuration file
|
- name: Write the postfix main configuration file
|
||||||
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0444
|
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0444
|
||||||
notify: Restart postfix
|
register: postfix_main_restart_needed
|
||||||
|
|
||||||
- name: Activate the submission port on the postfix master file
|
- name: Activate the submission port on the postfix master file
|
||||||
template: src=postfix-master.cf.j2 dest=/etc/postfix/master.cf owner=root group=root mode=0444
|
template: src=postfix-master.cf.j2 dest=/etc/postfix/master.cf owner=root group=root mode=0444
|
||||||
notify: Restart postfix
|
register: postfix_master_restart_needed
|
||||||
|
|
||||||
|
when: postfix_install_packages | bool
|
||||||
|
tags: postfix-relay
|
||||||
|
|
||||||
|
- block:
|
||||||
- name: Ensure that postfix is started and enabled
|
- name: Ensure that postfix is started and enabled
|
||||||
service: name=postfix state=started enabled=yes
|
service: name=postfix state=started enabled=yes
|
||||||
when: postfix_enabled
|
when: postfix_enabled | bool
|
||||||
|
|
||||||
- name: Ensure that postfix is stopped and disabled
|
- name: Ensure that postfix is stopped and disabled
|
||||||
service: name=postfix state=stopped enabled=no
|
service: name=postfix state=stopped enabled=no
|
||||||
when: not postfix_enabled
|
when: not postfix_enabled | bool
|
||||||
|
|
||||||
when: postfix_install_packages
|
- name: Restart postfix
|
||||||
|
service: name=postfix state=restarted
|
||||||
|
when: ( postfix_main_restart_needed is changed ) or ( postfix_master_restart_needed is changed )
|
||||||
|
|
||||||
|
when:
|
||||||
|
- postfix_install_packages | bool
|
||||||
|
- postfix_enabled | bool
|
||||||
tags: postfix-relay
|
tags: postfix-relay
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
|
@ -41,8 +51,8 @@
|
||||||
notify: Reload NRPE server
|
notify: Reload NRPE server
|
||||||
|
|
||||||
when:
|
when:
|
||||||
- postfix_install_packages
|
- postfix_install_packages | bool
|
||||||
- postfix_nagios_check
|
- postfix_nagios_check | bool
|
||||||
tags: [ 'postfix-relay', 'nagios', 'nrpe' ]
|
tags: [ 'postfix-relay', 'nagios', 'nrpe' ]
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
|
@ -54,5 +64,5 @@
|
||||||
yum: pkg={{ postfix_relay_rh_pkgs }} state=absent
|
yum: pkg={{ postfix_relay_rh_pkgs }} state=absent
|
||||||
when: ansible_distribution_file_variety == "RedHat"
|
when: ansible_distribution_file_variety == "RedHat"
|
||||||
|
|
||||||
when: not postfix_install_packages
|
when: not postfix_install_packages | bool
|
||||||
tags: postfix-relay
|
tags: postfix-relay
|
||||||
|
|
|
@ -63,10 +63,12 @@ smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
||||||
smtp_sasl_security_options = {{ postfix_smtp_sasl_security_options }}
|
smtp_sasl_security_options = {{ postfix_smtp_sasl_security_options }}
|
||||||
smtp_sasl_tls_security_options = {{ postfix_smtp_sasl_tls_security_options }}
|
smtp_sasl_tls_security_options = {{ postfix_smtp_sasl_tls_security_options }}
|
||||||
smtp_sasl_mechanism_filter = {{ postfix_smtp_sasl_mechanism_filter }}
|
smtp_sasl_mechanism_filter = {{ postfix_smtp_sasl_mechanism_filter }}
|
||||||
{% if ansible_distribution_major_version >= '18' %}
|
{% if ansible_distribution_file_variety == "Debian" %}
|
||||||
|
{% if ansible_distribution_version is version_compare('18.04', '>=') %}
|
||||||
smtpd_relay_restrictions = permit_mynetworks, defer_unauth_destination
|
smtpd_relay_restrictions = permit_mynetworks, defer_unauth_destination
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
{% if postfix_relay_server %}
|
{% if postfix_relay_server %}
|
||||||
smtpd_sasl_path = smtpd
|
smtpd_sasl_path = smtpd
|
||||||
smtpd_sasl_auth_enable = yes
|
smtpd_sasl_auth_enable = yes
|
||||||
|
@ -92,3 +94,8 @@ smtpd_sender_restrictions = reject_unknown_sender_domain
|
||||||
# authenticated clients may specify any destination domain.
|
# authenticated clients may specify any destination domain.
|
||||||
smtpd_relay_restrictions = permit_sasl_authenticated, reject
|
smtpd_relay_restrictions = permit_sasl_authenticated, reject
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if ansible_distribution_file_variety == "Debian" %}
|
||||||
|
{% if ansible_distribution_version is version_compare('18.04', '>=') %}
|
||||||
|
compatibility_level=2
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
|
Loading…
Reference in New Issue