Parcourir la source

Mailserver cleanup, removed arm support.

Thomas Buck il y a 5 ans
Parent
révision
2cc5126928

+ 3
- 0
roles/mailserver/handlers/main.yml Voir le fichier

@@ -16,3 +16,6 @@
16 16
 
17 17
 - name: restart rspamd
18 18
   service: name=rspamd state=restarted
19
+
20
+- name: restart apache
21
+  service: name=apache2 state=restarted

+ 20
- 4
roles/mailserver/tasks/autoconfig.yml Voir le fichier

@@ -5,16 +5,32 @@
5 5
 #
6 6
 
7 7
 - name: Create directory for mail autoconfiguration virtualhost
8
-  file: state=directory path=/var/www/autoconfig group=www-data owner=root
8
+  file:
9
+    state=directory
10
+    path=/var/www/autoconfig
11
+    owner=root
12
+    group=www-data
9 13
 
10 14
 - name: Create directory holding the autoconfig XML file
11
-  file: state=directory path=/var/www/autoconfig/mail group=www-data owner=root
15
+  file:
16
+    state=directory
17
+    path=/var/www/autoconfig/mail
18
+    owner=root
19
+    group=www-data
12 20
 
13 21
 - name: Create the autoconfig XML file
14
-  template: src=var_www_autoconfig_mail_config-v1.1.j2 dest=/var/www/autoconfig/mail/config-v1.1.xml group=www-data owner=root
22
+  template:
23
+    src=var_www_autoconfig_mail_config-v1.1.j2
24
+    dest=/var/www/autoconfig/mail/config-v1.1.xml
25
+    owner=root
26
+    group=www-data
15 27
 
16 28
 - name: Configure the mail autoconfiguration virtualhost
17
-  template: src=etc_apache2_sites-available_autoconfig.j2 dest=/etc/apache2/sites-available/autoconfig.conf group=root owner=root
29
+  template:
30
+    src=etc_apache2_sites-available_autoconfig.j2
31
+    dest=/etc/apache2/sites-available/autoconfig.conf
32
+    owner=root
33
+    group=root
18 34
   notify: restart apache
19 35
 
20 36
 - name: Enable the mail autoconfiguration virtualhost

+ 9
- 2
roles/mailserver/tasks/checkrbl.yml Voir le fichier

@@ -1,5 +1,12 @@
1 1
 - name: Download check-rbl
2
-  get_url: url=https://raw.githubusercontent.com/lukecyca/check-rbl/e2bd60f5e5175375cd2f7f1b1b752473e3a23640/check-rbl.pl dest=/opt/check-rbl.pl sha256sum=22093bd59ed84cb7ee6e336fb2a4ab73dbe3a05837d2bab9b491a21df16b35d8
2
+  get_url:
3
+    url=https://raw.githubusercontent.com/lukecyca/check-rbl/e2bd60f5e5175375cd2f7f1b1b752473e3a23640/check-rbl.pl
4
+    dest=/opt/check-rbl.pl
5
+    sha256sum=22093bd59ed84cb7ee6e336fb2a4ab73dbe3a05837d2bab9b491a21df16b35d8
3 6
 
4 7
 - name: Install nightly check-rbl cronjob
5
-  cron: name="check-rbl" hour="2" minute="0" job="perl /opt/check-rbl.pl -i {{ ansible_default_ipv4.address }}"
8
+  cron:
9
+    name="check-rbl"
10
+    hour="3"
11
+    minute="0"
12
+    job="perl /opt/check-rbl.pl -i {{ ansible_default_ipv4.address }}"

+ 66
- 28
roles/mailserver/tasks/dovecot.yml Voir le fichier

@@ -1,6 +1,12 @@
1
+---
2
+# Installs and configures the Dovecot IMAP/POP3 server.
3
+
1 4
 - name: Install Dovecot and related packages
2
-  apt: pkg={{ item }} update_cache=yes state=present
3
-  with_items:
5
+  apt:
6
+    name: "{{ packages }}"
7
+    state: present
8
+  vars:
9
+    packages:
4 10
     - dovecot-core
5 11
     - dovecot-imapd
6 12
     - dovecot-lmtpd
@@ -11,38 +17,65 @@
11 17
   tags:
12 18
     - dependencies
13 19
 
14
-- name: Install Postgres for Dovecot
15
-  apt: pkg=postgresql state=present
16
-  tags:
17
-    - dependencies
18
-
19 20
 - name: Create vmail group
20
-  group: name=vmail state=present gid=5000
21
+  group:
22
+    name=vmail
23
+    state=present
24
+    gid=5000
21 25
 
22 26
 - name: Create vmail user
23
-  user: name=vmail group=vmail state=present uid=5000 home=/data shell=/usr/sbin/nologin
27
+  user:
28
+    name=vmail
29
+    group=vmail
30
+    state=present
31
+    uid=5000
32
+    home=/data
33
+    shell=/usr/sbin/nologin
24 34
 
25 35
 - name: Ensure mail domain directories are in place
26
-  file: state=directory path=/data/{{ item.name }} owner=vmail group=dovecot mode=0770
36
+  file:
37
+    state=directory
38
+    path=/data/{{ item.name }}
39
+    owner=vmail
40
+    group=dovecot
41
+    mode=0770
27 42
   with_items: '{{ virtual_domains }}'
28 43
 
29 44
 - name: Ensure mail directories are in place
30
-  file: state=directory path=/data/{{ item.domain }}/{{ item.account }} owner=vmail group=dovecot
45
+  file:
46
+    state=directory
47
+    path=/data/{{ item.domain }}/{{ item.account }}
48
+    owner=vmail
49
+    group=dovecot
31 50
   with_items: '{{ mail_virtual_users }}'
32 51
 
33 52
 - name: Copy dovecot.conf into place
34
-  copy: src=etc_dovecot_dovecot.conf dest=/etc/dovecot/dovecot.conf
53
+  copy:
54
+    src=etc_dovecot_dovecot.conf
55
+    dest=/etc/dovecot/dovecot.conf
35 56
 
36 57
 - name: Create before.d sieve scripts directory
37
-  file: path=/etc/dovecot/sieve/before.d state=directory owner=vmail group=dovecot recurse=yes mode=0770
58
+  file:
59
+    path=/etc/dovecot/sieve/before.d
60
+    state=directory
61
+    owner=vmail
62
+    group=dovecot
63
+    recurse=yes
64
+    mode=0770
38 65
   notify: restart dovecot
39 66
 
40 67
 - name: Configure sieve script moving spam into Junk folder
41
-  copy: src=etc_dovecot_sieve_before.d_no-spam.sieve dest=/etc/dovecot/sieve/before.d/no-spam.sieve owner=vmail group=dovecot
68
+  copy:
69
+    src=etc_dovecot_sieve_before.d_no-spam.sieve
70
+    dest=/etc/dovecot/sieve/before.d/no-spam.sieve
71
+    owner=vmail
72
+    group=dovecot
42 73
   notify: restart dovecot
43 74
 
44 75
 - name: Copy additional Dovecot configuration files in place
45
-  copy: src=etc_dovecot_conf.d_{{ item }} dest=/etc/dovecot/conf.d/{{ item }}
76
+  copy:
77
+    src=etc_dovecot_conf.d_{{ item }}
78
+    dest=/etc/dovecot/conf.d/{{ item }}
46 79
   with_items:
47 80
     - 10-auth.conf
48 81
     - 10-mail.conf
@@ -53,25 +86,30 @@
53 86
     - auth-sql.conf.ext
54 87
   notify: restart dovecot
55 88
 
56
-- name: Template 10-ssl.conf
57
-  template: src=etc_dovecot_conf.d_10-ssl.conf.j2 dest=/etc/dovecot/conf.d/10-ssl.conf
58
-  notify: restart dovecot
59
-
60
-- name: Template 15-lda.conf
61
-  template: src=etc_dovecot_conf.d_15-lda.conf.j2 dest=/etc/dovecot/conf.d/15-lda.conf
62
-  notify: restart dovecot
63
-
64
-- name: Template 20-imap.conf
65
-  template: src=etc_dovecot_conf.d_20-imap.conf.j2 dest=/etc/dovecot/conf.d/20-imap.conf
89
+- name: Template additional Dovecot configuration files
90
+  template:
91
+    src=etc_dovecot_conf.d_{{ item }}.j2
92
+    dest=/etc/dovecot/conf.d/{{ item }}
93
+  with_items:
94
+    - 10-ssl.conf
95
+    - 15-lda.conf
96
+    - 20-imap.conf
66 97
   notify: restart dovecot
67 98
 
68 99
 - name: Template dovecot-sql.conf.ext
69
-  template: src=etc_dovecot_dovecot-sql.conf.ext.j2 dest=/etc/dovecot/dovecot-sql.conf.ext
100
+  template:
101
+    src=etc_dovecot_dovecot-sql.conf.ext.j2
102
+    dest=/etc/dovecot/dovecot-sql.conf.ext
70 103
   notify: restart dovecot
71 104
 
72 105
 - name: Ensure correct permissions on Dovecot config directory
73
-  file: state=directory path=/etc/dovecot
74
-          group=dovecot owner=vmail mode=0770 recurse=yes
106
+  file:
107
+    state=directory
108
+    path=/etc/dovecot
109
+    group=dovecot
110
+    owner=vmail
111
+    mode=0770
112
+    recurse=yes
75 113
   notify: restart dovecot
76 114
 
77 115
 - name: Set firewall rules for dovecot

+ 3
- 0
roles/mailserver/tasks/main.yml Voir le fichier

@@ -1,3 +1,6 @@
1
+---
2
+# Installs and configures the mail system.
3
+
1 4
 - include: postfix.yml
2 5
   tags: postfix
3 6
 - include: dovecot.yml

+ 36
- 23
roles/mailserver/tasks/rspamd.yml Voir le fichier

@@ -2,51 +2,62 @@
2 2
 # Installs and configures the Rspamd spam filtering system.
3 3
 
4 4
 - name: Ensure repository key for Rspamd is in place
5
-  apt_key: url=https://rspamd.com/apt-stable/gpg.key state=present
6
-  when: ansible_architecture != "armv7l"
7
-  tags:
8
-    - dependencies
9
-
10
-- name: Ensure yunohost repository key for Rspamd is in place for ARM
11
-  apt_key: url=http://repo.yunohost.org/debian/yunohost.asc state=present
12
-  when: ansible_architecture == "armv7l"
5
+  apt_key:
6
+    url=https://rspamd.com/apt-stable/gpg.key
7
+    state=present
13 8
   tags:
14 9
     - dependencies
15 10
 
16 11
 - name: Add Rspamd repository
17
-  apt_repository: repo="deb https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main"
18
-  when: ansible_architecture != "armv7l"
19
-  tags:
20
-    - dependencies
21
-
22
-- name: Add yunohost Rspamd repository for ARM
23
-  apt_repository: repo="deb http://repo.yunohost.org/debian {{ ansible_distribution_release }} stable"
24
-  when: ansible_architecture == "armv7l"
12
+  apt_repository:
13
+    repo="deb https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main"
25 14
   tags:
26 15
     - dependencies
27 16
 
28 17
 - name: Install Rspamd and Redis
29
-  apt: pkg={{ item }} state=present update_cache=yes
30
-  with_items:
18
+  apt:
19
+    name: "{{ packages }}"
20
+    state: present
21
+  vars:
22
+    packages:
31 23
     - rspamd
32 24
     - redis-server
33 25
   tags:
34 26
     - dependencies
35 27
 
36 28
 - name: Copy DMARC configuration into place
37
-  template: src=etc_rspamd_local.d_dmarc.conf.j2 dest=/etc/rspamd/local.d/dmarc.conf owner=root group=root mode="0644"
29
+  template:
30
+    src=etc_rspamd_local.d_dmarc.conf.j2
31
+    dest=/etc/rspamd/local.d/dmarc.conf
32
+    owner=root
33
+    group=root
34
+    mode="0644"
38 35
   notify: restart rspamd
39 36
 
40 37
 - name: Configure Rspamd to use Redis
41
-  copy: src=etc_rspamd_local.d_redis.conf dest=/etc/rspamd/local.d/redis.conf owner=root group=root mode="0644"
38
+  copy:
39
+    src=etc_rspamd_local.d_redis.conf
40
+    dest=/etc/rspamd/local.d/redis.conf
41
+    owner=root
42
+    group=root
43
+    mode="0644"
42 44
   notify: restart rspamd
43 45
 
44 46
 - name: Copy DKIM configuration into place
45
-  copy: src=etc_rspamd_override.d_dkim_signing.conf dest=/etc/rspamd/override.d/dkim_signing.conf owner=root group=root mode="0644"
47
+  copy:
48
+    src=etc_rspamd_override.d_dkim_signing.conf
49
+    dest=/etc/rspamd/override.d/dkim_signing.conf
50
+    owner=root
51
+    group=root
52
+    mode="0644"
46 53
   notify: restart rspamd
47 54
 
48 55
 - name: Create dkim key directory
49
-  file: path=/var/lib/rspamd/dkim state=directory owner=_rspamd group=_rspamd
56
+  file:
57
+    path=/var/lib/rspamd/dkim
58
+    state=directory
59
+    owner=_rspamd
60
+    group=_rspamd
50 61
 
51 62
 - name: Generate DKIM keys
52 63
   shell: rspamadm dkim_keygen -s default -d {{ item.name }} -k {{ item.name }}.default.key > {{ item.name }}.default.txt
@@ -56,4 +67,6 @@
56 67
   with_items: "{{ virtual_domains }}"
57 68
 
58 69
 - name: Start redis
59
-  service: name=redis-server state=started
70
+  service:
71
+    name=redis-server
72
+    state=started

+ 3
- 0
roles/mailserver/tasks/solr.yml Voir le fichier

@@ -1,3 +1,6 @@
1
+---
2
+# Installs and configures the Solr full-text-search.
3
+
1 4
 - name: Install Solr and related packages
2 5
   apt: pkg={{ item }} state=present
3 6
   with_items:

Chargement…
Annuler
Enregistrer