forked from ISTI-ansible-roles/ansible-roles
Manage the transport and virtual_domains maps.
This commit is contained in:
parent
c036b0bf8b
commit
d53b569189
|
@ -62,6 +62,9 @@ postfix_milter_action: tempfail
|
|||
# SMTP server that not accept authenticated clients.
|
||||
#############################################################################
|
||||
postfix_smtpd_server: False
|
||||
# SMTP server that routes emails coming from outside
|
||||
#############################################################################
|
||||
postfix_mx_server: False
|
||||
#############################################################################
|
||||
# SMTP submission server: accepts authenticated clients
|
||||
#############################################################################
|
||||
|
@ -106,12 +109,25 @@ postfix_sasl_ldap_referrals: no
|
|||
#
|
||||
|
||||
postfix_use_domain_name: False
|
||||
postfix_inet_lmtp_enabled: False
|
||||
postfix_inet_lmtp_host: '127.0.0.1'
|
||||
postfix_inet_lmtp_port: 24
|
||||
postfix_virtual_transport_enabled: False
|
||||
postfix_virtual_transport_protocol: 'lmtp'
|
||||
postfix_lmtp_protocol: 'inet'
|
||||
postfix_lmtp_host: '127.0.0.1'
|
||||
postfix_lmtp_port: 24
|
||||
postfix_delivery_soft_bounce: False
|
||||
postfix_recipient_delimiter: '+'
|
||||
postfix_local_recipients: False
|
||||
postfix_transport_map_enabled: False
|
||||
postfix_transport_maps:
|
||||
- 'hash:/etc/postfix/transport'
|
||||
|
||||
postfix_transport_data: []
|
||||
#
|
||||
# Example:
|
||||
# postfix_transport_data:
|
||||
# - { domain: 'example.com', action: 'smtp:[dest.smtp.example.com]:25' }
|
||||
postfix_rbl_enabled: True
|
||||
postfix_rbl_list: 'zen.spamhaus.org'
|
||||
|
||||
postfix_mynetworks: hash:/etc/postfix/network_table
|
||||
postfix_mynetworks_data:
|
||||
|
@ -125,9 +141,23 @@ postfix_alias_databases: '{{ postfix_alias_maps }}'
|
|||
|
||||
postfix_virtual_addresses: False
|
||||
postfix_virtual_mailbox_domains: 'hash:/etc/postfix/virtual_domains'
|
||||
postfix_virtual_mailbox_domains_data: []
|
||||
#
|
||||
# Example. The 'action' part is optional:
|
||||
# postfix_virtual_mailbox_domains_data:
|
||||
# - { domain: 'example.com', action: 'OK' }
|
||||
|
||||
postfix_virtual_mailbox_maps:
|
||||
- 'hash:/etc/postfix/vmailbox_maps'
|
||||
|
||||
postfix_virtual_domains: False
|
||||
postfix_virtual_alias_domains: 'hash:/etc/postfix/virtual_domains'
|
||||
postfix_virtual_alias_domains_data: []
|
||||
#
|
||||
# Example. The 'action' part is optional:
|
||||
# postfix_virtual_alias_domains_data:
|
||||
# - { domain: 'example.com', action: 'OK' }
|
||||
|
||||
postfix_virtual_alias_maps:
|
||||
- 'hash:/etc/postfix/virtual'
|
||||
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- import_tasks: smtp-common-packages.yml
|
||||
- import_tasks: smtp-configuration.yml
|
||||
- import_tasks: postfix_firewalld.yml
|
||||
when: ansible_distribution_file_variety == "RedHat"
|
||||
- import_tasks: smtp-sasl-auth.yml
|
||||
|
|
|
@ -26,38 +26,9 @@
|
|||
when: postfix_tls_encryption_level != "old"
|
||||
notify: Reload postfix
|
||||
|
||||
- name: Write the postfix main configuration file
|
||||
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0444
|
||||
register: postfix_main_restart_needed
|
||||
|
||||
- name: The postfix master.cf file adapts to the service role
|
||||
template: src=master.cf.j2 dest=/etc/postfix/master.cf owner=root group=root mode=0444
|
||||
register: postfix_master_restart_needed
|
||||
|
||||
- name: Write the postfix network_table map
|
||||
template: src=network_table.j2 dest=/etc/postfix/network_table owner=root group=root mode=0444
|
||||
register: postfix_network_table_status
|
||||
|
||||
when: postfix_install_packages | bool
|
||||
tags: [ 'postfix', 'postfix_conf' ]
|
||||
|
||||
- block:
|
||||
- name: Ensure that postfix is started and enabled
|
||||
service: name=postfix state=started enabled=yes
|
||||
|
||||
- name: Update the network hash table
|
||||
shell: postmap hash:/etc/postfix/network_table
|
||||
when: postfix_network_table_status is changed
|
||||
|
||||
- name: Restart postfix
|
||||
service: name=postfix state=restarted
|
||||
when: ( postfix_main_restart_needed is changed ) or ( postfix_master_restart_needed is changed )
|
||||
|
||||
when:
|
||||
- postfix_install_packages | bool
|
||||
- postfix_enabled | bool
|
||||
tags: [ 'postfix', 'postfix_conf' ]
|
||||
|
||||
- block:
|
||||
- name: Ensure that postfix is stopped and disabled
|
||||
service: name=postfix state=stopped enabled=no
|
||||
|
@ -67,7 +38,6 @@
|
|||
- not postfix_enabled | bool
|
||||
tags: postfix
|
||||
|
||||
|
||||
- block:
|
||||
- name: Install the postfix NRPE nagios check
|
||||
copy: src={{ item }} dest={{ nagios_plugins_dir }}/{{ item }} owner=root group=nagios mode=0555
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
---
|
||||
- name: Postfix main configuration
|
||||
block:
|
||||
- name: Write the postfix main configuration file
|
||||
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0444
|
||||
register: postfix_main_restart_needed
|
||||
|
||||
- name: The postfix master.cf file adapts to the service role
|
||||
template: src=master.cf.j2 dest=/etc/postfix/master.cf owner=root group=root mode=0444
|
||||
register: postfix_master_restart_needed
|
||||
|
||||
when: postfix_enabled | bool
|
||||
tags: [ 'postfix', 'postfix_conf' ]
|
||||
|
||||
- name: Postfix maps installation
|
||||
block:
|
||||
- name: Write the postfix network_table map
|
||||
template: src=network_table.j2 dest=/etc/postfix/network_table owner=root group=root mode=0444
|
||||
register: postfix_network_table_status
|
||||
|
||||
- name: Write the postfix virtual_domains map
|
||||
template: src=virtual_domains.j2 dest=/etc/postfix/virtual_domains owner=root group=root mode=0444
|
||||
register: postfix_virtual_domains_status
|
||||
|
||||
- name: Write the postfix transport map
|
||||
template: src=transport.j2 dest=/etc/postfix/transport owner=root group=root mode=0444
|
||||
register: postfix_transport_table_status
|
||||
when: postfix_transport_map_enabled | bool
|
||||
|
||||
- name: Update the network hash table
|
||||
shell: postmap hash:/etc/postfix/network_table
|
||||
when: postfix_network_table_status is changed
|
||||
|
||||
- name: Update the virtual_domains
|
||||
shell: postmap hash:/etc/postfix/virtual_domains
|
||||
when: postfix_virtual_domains_status is changed
|
||||
|
||||
- name: Update the transport hash table
|
||||
shell: postmap hash:/etc/postfix/transport
|
||||
when: postfix_transport_table_status is changed
|
||||
|
||||
when: postfix_enabled | bool
|
||||
tags: [ 'postfix', 'postfix_conf', 'postfix_maps' ]
|
||||
|
||||
- block:
|
||||
- name: Ensure that postfix is started and enabled
|
||||
service: name=postfix state=started enabled=yes
|
||||
|
||||
- name: Restart postfix
|
||||
service: name=postfix state=restarted
|
||||
when: ( postfix_main_restart_needed is changed ) or ( postfix_master_restart_needed is changed )
|
||||
|
||||
when: postfix_enabled | bool
|
||||
tags: [ 'postfix', 'postfix_conf' ]
|
|
@ -343,6 +343,9 @@ relayhost = {{ postfix_relay_host }}:{{ postfix_relay_port }}
|
|||
# TRANSPORT MAP
|
||||
#
|
||||
# See the discussion in the ADDRESS_REWRITING_README document.
|
||||
{% if postfix_transport_map_enabled %}
|
||||
transport_maps = {% for tmap in postfix_transport_maps %}{{ tmap }}{% if not loop.last %}, {% endif %}{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
# ALIAS DATABASE
|
||||
#
|
||||
|
@ -478,14 +481,18 @@ recipient_delimiter = {{ postfix_recipient_delimiter }}
|
|||
#
|
||||
#fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp
|
||||
#fallback_transport =
|
||||
{% if postfix_inet_lmtp_enabled %}
|
||||
virtual_transport = lmtp:inet:{{ postfix_inet_lmtp_host }}:{{ postfix_inet_lmtp_port }}
|
||||
{% endif %}
|
||||
{% if postfix_virtual_transport_enabled %}
|
||||
virtual_transport = {{ postfix_virtual_transport_protocol }}:{{ postfix_lmtp_protocol }}:{{ postfix_lmtp_host }}:{{ postfix_lmtp_port }}
|
||||
|
||||
{% if postfix_virtual_addresses %}
|
||||
virtual_mailbox_domains = {{ postfix_virtual_mailbox_domains }}
|
||||
virtual_mailbox_maps = {% for mbmap in postfix_virtual_mailbox_maps %}{{ mbmap }} {% endfor %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if postfix_virtual_domains %}
|
||||
virtual_alias_domains = = {{ postfix_virtual_alias_domains }}
|
||||
{% endif %}
|
||||
{% if postfix_virtual_addresses %}
|
||||
virtual_alias_maps = {% for mbmap in postfix_virtual_alias_maps %}{{ mbmap }} {% endfor %}
|
||||
|
||||
virtual_mailbox_limit = {{ postfix_message_size_limit }}
|
||||
|
@ -570,7 +577,24 @@ smtpd_client_restrictions =
|
|||
{% if postfix_submission_server %}
|
||||
permit_sasl_authenticated
|
||||
{% endif %}
|
||||
{% if postfix_mx_server %}
|
||||
reject_unknown_sender_domain
|
||||
reject_non_fqdn_sender
|
||||
reject_non_fqdn_recipient
|
||||
reject_invalid_hostname
|
||||
# reject_non_fqdn_hostname
|
||||
reject_unauth_destination
|
||||
reject_unknown_recipient_domain
|
||||
reject_unlisted_recipient
|
||||
{% if postfix_rbl_enabled %}
|
||||
reject_rbl_client {{ postfix_rbl_list }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if postfix_mx_server %}
|
||||
permit
|
||||
{% else %}
|
||||
reject
|
||||
{% endif %}
|
||||
{% if postfix_submission_server %}
|
||||
smtpd_sasl_path = smtpd
|
||||
smtpd_sasl_auth_enable = yes
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
{% for map in postfix_transport_data %}
|
||||
{{ map.domain }} {{ map.action }}
|
||||
{% endfor %}
|
|
@ -0,0 +1,11 @@
|
|||
{% if postfix_virtual_domains | bool %}
|
||||
{% for dom in postfix_virtual_alias_domains_data %}
|
||||
{{ dom.domain }} OK
|
||||
{% endfor %}
|
||||
{% elif postfix_virtual_addresses | bool %}
|
||||
{% for dom in postfix_virtual_mailbox_domains_data %}
|
||||
{{ dom.domain }} OK
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
localdomain OK
|
||||
{% endif %}
|
Loading…
Reference in New Issue