Cleanup postfix task. Move password hashing into top level config file.

group_vars/sovereign

@@ -20,7 +20,7 @@ virtual_domains:
 mail_virtual_users:
   - account: "{{ main_user_name }}"
     domain: "{{ domain }}"
-    password: TODO
+    password: "{{ 'changeme' | doveadm_pw_hash }}"
     domain_pk_id: 1
 mail_virtual_aliases:
   - source: "root@{{ domain }}"

roles/mailserver/defaults/main.yml

@@ -14,8 +14,10 @@ mail_server_hostname: "mail.{{ domain }}"
 mail_server_autoconfig_hostname: "autoconfig.{{ domain }}"
 mail_header_privacy: 1
 
-# virtual domains
-mail_virtual_domains: []
+friendly_networks:
+  - ""
+
+virtual_domains: []
 mail_virtual_users: []
 mail_virtual_aliases: []
 

roles/mailserver/tasks/postfix.yml

@@ -1,6 +1,12 @@
+---
+# Installs and configures the Postfix SMTP server.
+
 - name: Install Postfix and related packages
-  apt: pkg={{ item }} state=present
-  with_items:
+  apt:
+    name: "{{ packages }}"
+    state: present
+  vars:
+    packages:
     - libsasl2-modules
     - postfix
     - postfix-pcre
@@ -12,35 +18,73 @@
     - dependencies
 
 - name: Create database user for mail server
-  postgresql_user: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_username }} password="{{ mail_db_password }}" encrypted=yes state=present
+  postgresql_user:
+    login_host=localhost
+    login_user={{ db_admin_username }}
+    login_password="{{ db_admin_password }}"
+    name={{ mail_db_username }}
+    password="{{ mail_db_password }}"
+    encrypted=yes
+    state=present
   notify: import sql postfix
 
 - name: Create database for mail server
-  postgresql_db: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_database }} state=present owner={{ mail_db_username }}
+  postgresql_db:
+    login_host=localhost
+    login_user={{ db_admin_username }}
+    login_password="{{ db_admin_password }}"
+    name={{ mail_db_database }}
+    state=present
+    owner={{ mail_db_username }}
   notify: import sql postfix
 
 - name: Copy import.sql
-  template: src=mailserver.sql.j2 dest=/etc/postfix/import.sql owner=root group=root mode=0600
+  template:
+    src=mailserver.sql.j2
+    dest=/etc/postfix/import.sql
+    owner=root
+    group=root
+    mode=0600
   notify: import sql postfix
 
 - name: Create postfix maps directory
-  file: path=/etc/postfix/maps state=directory owner=root group=root
+  file:
+    path=/etc/postfix/maps
+    state=directory
+    owner=root
+    group=root
   when: mail_header_privacy == 1
 
 - name: Copy smtp_header_checks.pcre
-  copy: src=etc_postfix_maps_smtp_header_checks.pcre dest=/etc/postfix/maps/smtp_header_checks.pcre owner=root group=root
+  copy:
+    src=etc_postfix_maps_smtp_header_checks.pcre
+    dest=/etc/postfix/maps/smtp_header_checks.pcre
+    owner=root
+    group=root
   when: mail_header_privacy == 1
 
 - name: Copy main.cf
-  template: src=etc_postfix_main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root
+  template:
+    src=etc_postfix_main.cf.j2
+    dest=/etc/postfix/main.cf
+    owner=root
+    group=root
   notify: restart postfix
 
 - name: Copy master.cf
-  copy: src=etc_postfix_master.cf dest=/etc/postfix/master.cf owner=root group=root
+  copy:
+    src=etc_postfix_master.cf
+    dest=/etc/postfix/master.cf
+    owner=root
+    group=root
   notify: restart postfix
 
 - name: Copy additional postfix configuration files
-  template: src=etc_postfix_{{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root
+  template:
+    src=etc_postfix_{{ item }}.j2
+    dest=/etc/postfix/{{ item }}
+    owner=root
+    group=root
   with_items:
     - pgsql-virtual-alias-maps.cf
     - pgsql-virtual-mailbox-domains.cf

roles/mailserver/templates/etc_postfix_mysql-virtual-alias-maps.cf.j2

@@ -1,5 +0,0 @@
-user = {{ mail_db_username }}
-password = {{ mail_db_password }}
-hosts = 127.0.0.1
-dbname = {{ mail_db_database }}
-query = SELECT destination FROM virtual_aliases WHERE source='%s'

roles/mailserver/templates/etc_postfix_mysql-virtual-mailbox-domains.cf.j2

@@ -1,5 +0,0 @@
-user = {{ mail_db_username }}
-password = {{ mail_db_password }}
-hosts = 127.0.0.1
-dbname = {{ mail_db_database }}
-query = SELECT 1 FROM virtual_domains WHERE name='%s'

roles/mailserver/templates/etc_postfix_mysql-virtual-mailbox-maps.cf.j2

@@ -1,5 +0,0 @@
-user = {{ mail_db_username }}
-password = {{ mail_db_password }}
-hosts = 127.0.0.1
-dbname = {{ mail_db_database }}
-query = SELECT 1 FROM virtual_users WHERE email='%s'

roles/mailserver/templates/mailserver.sql.j2

@@ -44,7 +44,7 @@ INSERT INTO "virtual_domains" ("id", "name")
 INSERT INTO "virtual_users"  ("domain_id", "password" , "email")
 	VALUES (
 		'{{ virtual_user.domain_pk_id }}',
-		'{{ virtual_user.password | doveadm_pw_hash }}',
+		'{{ virtual_user.password }}',
 		'{{ virtual_user.account }}@{{ virtual_user.domain }}'
 	);
 {% endfor %}