thomas
/
sovereign
보기 1
좋아요 0
포크 0
코드 이슈 0 풀 리퀘스트 0 릴리즈 0 위키 Activity
설명 없음
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1090 커밋
1 브렌치
트리: 902271b55c
브랜치 태그
${ item.name }
Create branch ${ searchTerm }
from '902271b55c'
${ noResults }
sovereign/roles/mailserver/tasks/dovecot.yml

dovecot.yml 3.5KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. ---

  2. # Installs and configures the Dovecot IMAP/POP3 server.

  3. 

  4. - name: Install Dovecot and related packages

  5.   apt:

  6.     name: "{{ packages }}"

  7.     state: present

  8.   vars:

  9.     packages:

  10.     - dovecot-core

  11.     - dovecot-imapd

  12.     - dovecot-lmtpd

  13.     - dovecot-managesieved

  14.     - dovecot-pgsql

  15.     - dovecot-pop3d

  16.     - dovecot-antispam

  17.   tags:

  18.     - dependencies

  19. 

  20. - name: Create vmail group

  21.   group:

  22.     name=vmail

  23.     state=present

  24.     gid=5000

  25. 

  26. - name: Create vmail user

  27.   user:

  28.     name=vmail

  29.     group=vmail

  30.     state=present

  31.     uid=5000

  32.     home=/data

  33.     shell=/usr/sbin/nologin

  34. 

  35. - name: Ensure mail directory is in place

  36.   file:

  37.     state=directory

  38.     path=/data/mail

  39.     owner=vmail

  40.     group=dovecot

  41.     mode=0770

  42. 

  43. - name: Ensure mail domain directories are in place

  44.   file:

  45.     state=directory

  46.     path=/data/mail/{{ item.name }}

  47.     owner=vmail

  48.     group=dovecot

  49.     mode=0770

  50.   with_items: '{{ virtual_domains }}'

  51. 

  52. - name: Ensure mail directories are in place

  53.   file:

  54.     state=directory

  55.     path=/data/mail/{{ item.domain }}/{{ item.account }}

  56.     owner=vmail

  57.     group=dovecot

  58.   with_items: '{{ mail_virtual_users }}'

  59. 

  60. - name: Copy dovecot.conf into place

  61.   copy:

  62.     src=etc_dovecot_dovecot.conf

  63.     dest=/etc/dovecot/dovecot.conf

  64. 

  65. - name: Create before.d sieve scripts directory

  66.   file:

  67.     path=/etc/dovecot/sieve/before.d

  68.     state=directory

  69.     owner=vmail

  70.     group=dovecot

  71.     recurse=yes

  72.     mode=0770

  73.   notify: restart dovecot

  74. 

  75. - name: Configure sieve script moving spam into Junk folder

  76.   copy:

  77.     src=etc_dovecot_sieve_before.d_no-spam.sieve

  78.     dest=/etc/dovecot/sieve/before.d/no-spam.sieve

  79.     owner=vmail

  80.     group=dovecot

  81.   notify: restart dovecot

  82. 

  83. - name: Configure learning spam sieve script

  84.   copy:

  85.     src=etc_dovecot_sieve_learn_spam.sieve

  86.     dest=/etc/dovecot/sieve/learn_spam.sieve

  87.     owner=vmail

  88.     group=dovecot

  89.   notify: restart dovecot

  90. 

  91. - name: Configure learning ham sieve script

  92.   copy:

  93.     src=etc_dovecot_sieve_learn_ham.sieve

  94.     dest=/etc/dovecot/sieve/learn_ham.sieve

  95.     owner=vmail

  96.     group=dovecot

  97.   notify: restart dovecot

  98. 

  99. - name: Copy additional Dovecot configuration files in place

  100.   copy:

  101.     src=etc_dovecot_conf.d_{{ item }}

  102.     dest=/etc/dovecot/conf.d/{{ item }}

  103.   with_items:

  104.     - 10-auth.conf

  105.     - 10-mail.conf

  106.     - 10-master.conf

  107.     - 90-antispam.conf

  108.     - 90-sieve.conf

  109.     - auth-sql.conf.ext

  110.   notify: restart dovecot

  111. 

  112. - name: Copy additional Dovecot SOLR configuration file in place

  113.   copy:

  114.     src=etc_dovecot_conf.d_90-plugin.conf

  115.     dest=/etc/dovecot/conf.d/90-plugin.conf

  116.   notify: restart dovecot

  117.   when: ansible_distribution_version != '11'

  118. 

  119. - name: Template additional Dovecot configuration files

  120.   template:

  121.     src=etc_dovecot_conf.d_{{ item }}.j2

  122.     dest=/etc/dovecot/conf.d/{{ item }}

  123.   with_items:

  124.     - 10-ssl.conf

  125.     - 15-lda.conf

  126.     - 20-imap.conf

  127.   notify: restart dovecot

  128. 

  129. - name: Template dovecot-sql.conf.ext

  130.   template:

  131.     src=etc_dovecot_dovecot-sql.conf.ext.j2

  132.     dest=/etc/dovecot/dovecot-sql.conf.ext

  133.   notify: restart dovecot

  134. 

  135. - name: Ensure correct permissions on Dovecot config directory

  136.   file:

  137.     state=directory

  138.     path=/etc/dovecot

  139.     group=dovecot

  140.     owner=vmail

  141.     mode=0770

  142.     recurse=yes

  143.   notify: restart dovecot

  144. 

  145. - name: Set firewall rules for dovecot

  146.   ufw: rule=allow port={{ item }} proto=tcp

  147.   with_items:

  148.     - imaps

  149.     - pop3s

  150.   tags: ufw

  151. 

  152. - name: Update post-certificate-renewal task

  153.   copy:

  154.     content: "#!/bin/bash\n\nservice dovecot restart\n"

  155.     dest: /etc/letsencrypt/postrenew/dovecot.sh

  156.     mode: 0755

  157.     owner: root

  158.     group: root