blob: 6930dd8cf0c95a981e062e8f6e3bb523b708d5ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
- name: Configuration du démon
template:
src: main.cf.j2
dest: /etc/postfix/main.cf
owner: root
group: root
mode: 0644
notify: restart postfix
- name: Configuration du master
copy:
src: master.cf
dest: /etc/postfix/master.cf
owner: root
group: root
mode: 0644
when: mtadomain is defined
notify: restart postfix
- name: Installation des tables dynamiques
template:
src: "{{ item.name }}"
dest: "/etc/postfix/{{ item.filename }}"
owner: root
group: root
mode: 0644
notify: postmap
with_items:
- { name: 'mydestination_table.j2', filename: 'mydestination_table' }
- { name: 'network_table.j2', filename: 'network_table' }
- { name: 'relay_recipients.j2', filename: 'relay_recipients' }
- name: Installation des tables statiques
copy:
src: virtual
dest: /etc/postfix/virtual
owner: root
group: root
mode: 0644
when: mtadomain is defined
notify: virtualmap
- name: Installation de la table credentials
copy:
src: credentials
dest: /etc/postfix/credentials
owner: root
group: root
mode: 0400
notify: credentialmap
when: mtadomain is not defined
- name: Configuration alias root
lineinfile:
path: /etc/aliases
line: "root: {{ userlist.0 }}@{{ basedomain }}"
notify: aliasmap
- name: Configuration alias matthieu
lineinfile:
path: /etc/aliases
line: 'matthieu: casper'
when: mtadomain is defined
notify: aliasmap
- name: Configuration alias casper
lineinfile:
path: /etc/aliases
line: "casper: {{ userlist.0 }}@{{ basedomain }}"
notify: aliasmap
when: mtadomain is not defined
- name: Restauration des contextes SELinux des fichiers de conf
command: /sbin/restorecon -R /etc/postfix/ /etc/aliases
when: ansible_selinux.status != "disabled"
- name: Création des utilisateurs système
user:
name: "{{ item }}"
state: present
with_items:
- "{{ userlist }}"
when: mtadomain is defined
- name: Configuration du SPF
copy:
src: policyd-spf.conf
dest: /etc/python-policyd-spf/policyd-spf.conf
mode: 0644
when: mtadomain is defined
- name: Configuration de OpenDKIM
copy:
src: opendkim.conf
dest: /etc/opendkim.conf
mode: 0644
when: mtadomain is defined
notify: restart opendkim
- name: Configuration des règles de signature
copy:
src: "{{ item }}"
dest: /etc/opendkim
owner: opendkim
group: opendkim
mode: 0640
with_items:
- KeyTable
- SigningTable
- TrustedHosts
when: mtadomain is defined
notify: restart opendkim
- name: Création du répertoire des clés
file:
path: /etc/opendkim/keys
state: directory
owner: opendkim
group: opendkim
mode: 0750
when: mtadomain is defined
- name: Installation des clés OpenDKIM
copy:
src: "keys/{{ item }}"
dest: "/etc/opendkim/keys/{{ item }}"
owner: opendkim
group: opendkim
mode: 0440
with_items:
- casperlefantom.private
- casperlefantom.txt
- jaysfoodventure.private
- jaysfoodventure.txt
when: mtadomain is defined
notify: restart opendkim
- name: Désactiviation de protocoles dans dovecot
lineinfile:
path: /etc/dovecot/dovecot.conf
state: present
backrefs: yes
regexp: "^protocols = imap pop3 lmtp"
line: "#protocols = imap pop3 lmtp"
when: mtadomain is defined
notify: restart dovecot
- name: Activation du protocole imap dans dovecot
lineinfile:
path: /etc/dovecot/dovecot.conf
insertafter: "#protocols = imap pop3 lmtp"
line: "protocols = imap"
when: mtadomain is defined
notify: restart dovecot
- name: Configuration des logs
lineinfile:
path: /etc/dovecot/conf.d/10-logging.conf
state: present
backrefs: yes
regexp: "^#verbose_ssl = yes"
line: "verbose_ssl = yes"
when: mtadomain is defined
notify: restart dovecot
- name: Configuration des boites mail imap
lineinfile:
path: /etc/dovecot/conf.d/10-mail.conf
insertafter: "#mail_location = "
line: "mail_location = mbox:~/Mail:INBOX=/var/mail/%u"
when: mtadomain is defined
notify: restart dovecot
- name: Configuration du groupe utilisateurs imap
lineinfile:
path: /etc/dovecot/conf.d/10-mail.conf
insertafter: "#mail_access_groups ="
line: "mail_access_groups = mail"
when: mtadomain is defined
notify: restart dovecot
- name: Configuration de l'authentification
copy:
src: 10-master.conf
dest: /etc/dovecot/conf.d/10-master.conf
owner: root
group: root
mode: 0644
when: mtadomain is defined
notify: restart dovecot
- name: Configuration du ssl
template:
src: 10-ssl.conf.j2
dest: /etc/dovecot/conf.d/10-ssl.conf
owner: root
group: root
mode: 0644
when: mtadomain is defined
notify: restart dovecot
|