roles/mtaserver/tasks/config.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206

- name: Configuration du démon
  template:
    src: main.cf.j2
    dest: /etc/postfix/main.cf
    owner: root
    group: root
    mode: 0644
  notify: restart postfix

- name: Configuration du master
  copy:
    src: master.cf
    dest: /etc/postfix/master.cf
    owner: root
    group: root
    mode: 0644
  when: mtadomain is defined
  notify: restart postfix

- name: Installation des tables dynamiques
  template:
    src: "{{ item.name }}"
    dest: "/etc/postfix/{{ item.filename }}"
    owner: root
    group: root
    mode: 0644
  notify: postmap
  with_items:
    - { name: 'mydestination_table.j2', filename: 'mydestination_table' }
    - { name: 'network_table.j2', filename: 'network_table' }
    - { name: 'relay_recipients.j2', filename: 'relay_recipients' }

- name: Installation des tables statiques
  copy:
    src: virtual
    dest: /etc/postfix/virtual
    owner: root
    group: root
    mode: 0644
  when: mtadomain is defined
  notify: virtualmap

- name: Installation de la table credentials
  copy:
    src: credentials
    dest: /etc/postfix/credentials
    owner: root
    group: root
    mode: 0400
  notify: credentialmap
  when: mtadomain is not defined

- name: Configuration alias root
  lineinfile:
    path: /etc/aliases
    line: 'root: casper@casperlefantom.net'
  notify: aliasmap

- name: Configuration alias matthieu
  lineinfile:
    path: /etc/aliases
    line: 'matthieu: casper'
  when: mtadomain is defined
  notify: aliasmap

- name: Configuration alias casper
  lineinfile:
    path: /etc/aliases
    line: 'casper: casper@casperlefantom.net'
  notify: aliasmap
  when: mtadomain is not defined

- name: Restauration des contextes SELinux des fichiers de conf
  command: /sbin/restorecon -R /etc/postfix/ /etc/aliases
  when: ansible_selinux.status != "disabled"

- name: Création des utilisateurs système
  user:
    name: "{{ item }}"
    state: present
  with_items:
    - "{{ userlist }}"
  when: mtadomain is defined

- name: Configuration du SPF
  copy:
    src: policyd-spf.conf
    dest: /etc/python-policyd-spf/policyd-spf.conf
    mode: 0644
  when: mtadomain is defined

- name: Configuration de OpenDKIM
  copy:
    src: opendkim.conf
    dest: /etc/opendkim.conf
    mode: 0644
  when: mtadomain is defined
  notify: restart opendkim

- name: Configuration des règles de signature
  copy:
    src: "{{ item }}"
    dest: /etc/opendkim
    owner: opendkim
    group: opendkim
    mode: 0640
  with_items:
    - KeyTable
    - SigningTable
    - TrustedHosts
  when: mtadomain is defined
  notify: restart opendkim

- name: Création du répertoire des clés
  file:
    path: /etc/opendkim/keys
    state: directory
    owner: opendkim
    group: opendkim
    mode: 0750
  when: mtadomain is defined

- name: Installation des clés OpenDKIM
  copy:
    src: "keys/{{ item }}"
    dest: "/etc/opendkim/keys/{{ item }}"
    owner: opendkim
    group: opendkim
    mode: 0440
  with_items:
    - casperlefantom.private
    - casperlefantom.txt
    - jaysfoodventure.private
    - jaysfoodventure.txt
  when: mtadomain is defined
  notify: restart opendkim

- name: Désactiviation de protocoles dans dovecot
  lineinfile:
    path: /etc/dovecot/dovecot.conf
    state: present
    backrefs: yes
    regexp: "^protocols = imap pop3 lmtp"
    line: "#protocols = imap pop3 lmtp"
  when: mtadomain is defined
  notify: restart dovecot

- name: Activation du protocole imap dans dovecot
  lineinfile:
    path: /etc/dovecot/dovecot.conf
    state: present
    backrefs: yes
    insertafter: "#protocols = imap pop3 lmtp"
    line: "protocols = imap"
  when: mtadomain is defined
  notify: restart dovecot

- name: Configuration des logs
  lineinfile:
    path: /etc/dovecot/conf.d/10-logging.conf
    state: present
    backrefs: yes
    regexp: "^#verbose_ssl = yes"
    line: "verbose_ssl = yes"
  when: mtadomain is defined
  notify: restart dovecot

- name: Configuration des boites mail imap
  lineinfile:
    path: /etc/dovecot/conf.d/10-mail.conf
    state: present
    backrefs: yes
    insertafter: "#mail_location = "
    line: "mail_location = mbox:~/Mail:INBOX=/var/mail/%u"
  when: mtadomain is defined
  notify: restart dovecot

- name: Configuration du groupe utilisateurs imap
  lineinfile:
    path: /etc/dovecot/conf.d/10-mail.conf
    state: present
    backrefs: yes
    insertafter: "#mail_access_groups ="
    line: "mail_access_groups = mail"
  when: mtadomain is defined
  notify: restart dovecot

- name: Configuration de l'authentification
  copy:
    src: 10-master.conf
    dest: /etc/dovecot/conf.d/10-master.conf
    owner: root
    group: root
    mode: 0644
  when: mtadomain is defined
  notify: restart dovecot

- name: Configuration du ssl
  template:
    src: 10-ssl.conf.j2
    dest: /etc/dovecot/conf.d/10-ssl.conf
    owner: root
    group: root
    mode: 0644
  when: mtadomain is defined
  notify: restart dovecot