Use a Unix socket instead of a TCP socket as a Unix socket doesn't play nicely with postfix running
smtpd in a chroot. The author of rmilter recommends using a TCP socket per
https://github.com/vstakhov/rmilter/issues/39
Postgres is used by several roles, but the setup is currently part of the 'mailserver' role. By moving it to 'common', it's possible to disable the mailserver without breaking the others.
Instead of registering a handler to run when the database is created,
register a variable and check it immediately to run the schema import.
This avoids a problem where an error between database creation and
schema import 1) leaves the server in a broken state, and 2) rerunning
the playbook doesn't fix it.
- managesieve :: this allows sieve filters to be edited through a
brower
- twofactor_gauthenticator :: allow optional two-factor authentication
when logging into webmail
- carddav :: sync ownCloud contacts with roundcube
Remove duplicate when statement in Let's Encrypt task
While adding the Let's Encrypt offline testing block in 1746afcc we
accidentially duplicated a the 'when' statement. Ansible only looks at
the last when statement for a given block meaning the earlier one has no
use. This commit merges both lines in one.
Currently client email is submitted via ssmtp (port 465). This has been
deprecated for years. The correct way to submit email is via
submission (port 587).
This patch adds port 587 as a second and the default way of submitting
email for delivery. Port 465 remains open for backwards compatibility
with existing clients.
The ownCloud configuration file does not get touched. The virtual host
configuration is modified by sovereign but can be updated in place and
Apache restarted.
Depending on when the client is run, there are no certificates to
update. By default, the client runs in interactive mode and wants to
notify the user of this. This causes Ansible to hang waiting for an
acknowledgement that will never come. Adding the non-interactive flag
fixes this.