bonifacelabs-public/blse2-public
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add mail roles

Browse Source
This commit is contained in:
Joshua Boniface
2020-11-21 20:22:14 -05:00
parent fe3b41e057
commit d01e99c3da
47 changed files with 1710 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

222
package-postfix_access/tasks/main.yml Normal file
View File

@ -0,0 +1,222 @@
---
- name: install filtering packages and monitoring components
apt:
name:
- postfix
- postfix-ldap
- postfix-pcre
- dovecot-core
- dovecot-imapd
- dovecot-pop3d
- dovecot-lmtpd
- dovecot-sieve
- dovecot-managesieved
- dovecot-ldap
- dovecot-mysql
- apache2
- libapache2-mod-php
- roundcube
- roundcube-plugins
- php-ldap
- php-net-sieve
- mailgraph
- amavis
- spamassassin
- clamav-daemon
- libnet-dns-perl
- libmail-spf-perl
- pyzor
- razor
- pfqueue
state: latest
- name: install compression algorithms for scanning
apt:
name:
- p7zip-full
- arj
- bzip2
- cabextract
- cpio
- file
- gzip
- lhasa
- liblz4-tool
- lrzip
- lzop
- nomarch
- pax
- rar
- rpm
- unrar-free
- unzip
- xz-utils
- zip
state: latest
# ClamAV
- name: ensure clamav is in amavis group
user:
name: "clamav"
append: "yes"
groups: "amavis"
- name: ensure amavis is in clamav group
user:
name: "amavis"
append: "yes"
groups: "clamav"
# Amavis
- name: install Amavis configs
template:
src: "{{ item }}.j2"
dest: "/etc/amavis/conf.d/{{ item }}"
notify:
- restart amavis
with_items:
- 15-content_filter_mode
- 50-user
# Postfix
- name: install Postfix main configs
template:
src: "{{ item }}.j2"
dest: "/etc/postfix/{{ item }}"
notify:
- restart postfix
with_items:
- main.cf
- master.cf
- helo_access.pcre
- transport
- name: map transport
command: postmap /etc/postfix/transport
- name: create LDAP config dir
file:
name: "/etc/postfix/ldap"
state: "directory"
- name: install Postfix LDAP configs
template:
src: "postfix-ldap/{{ item }}.j2"
dest: "/etc/postfix/ldap/{{ item }}"
mode: "640"
group: "postfix"
notify:
- restart postfix
with_items:
- catchall_maps.cf
- recipient_bcc_maps_domain.cf
- recipient_bcc_maps_user.cf
- relay_domains.cf
- sender_bcc_maps_domain.cf
- sender_bcc_maps_user.cf
- sender_login_maps.cf
- transport_maps_domain.cf
- transport_maps_user.cf
- virtual_alias_maps.cf
- virtual_group_maps.cf
- virtual_group_members_maps.cf
- virtual_mailbox_domains.cf
- virtual_mailbox_maps.cf
- name: link /etc/mailname to /etc/hostname
file:
dest: "/etc/mailname"
src: "/etc/hostname"
state: "link"
force: "yes"
# Dovecot
- name: install Dovecot main configs
template:
src: "{{ item }}.j2"
dest: "/etc/dovecot/{{ item }}"
notify:
- restart dovecot
with_items:
- dovecot.conf
- dovecot-ldap.conf
- name: add vmail group
group:
name: "vmail"
gid: "2000"
state: "present"
- name: add vmail user
user:
name: "vmail"
home: "/srv/vmail"
shell: "/bin/false"
uid: "2000"
group: "vmail"
state: "present"
- name: ensure log ownership
file:
dest: "/var/log/{{ item }}"
owner: "vmail"
group: "adm"
mode: "644"
state: "touch"
with_items:
- dovecot.log
- dovecot-lmtp.log
# Roundcube
- name: Install roundcube PHP configs
template:
src: "{{ item }}.j2"
dest: "/etc/roundcube/{{ item }}"
mode: "640"
group: "www-data"
with_items:
- debian-db.php
- config.inc.php
- name: Remove default apache2 config
file:
name: "/etc/apache2/sites-enabled/000-default.conf"
state: "absent"
notify:
- restart apache2
- name: Install roundcube ports config
template:
src: "ports.conf.j2"
dest: "/etc/apache2/ports.conf"
notify:
- restart apache2
- name: Install roundcube apache2 config
template:
src: "roundcube.conf.j2"
dest: "/etc/roundcube/apache.conf"
notify:
- restart apache2
- name: create logo dir
file:
dest: "/var/lib/roundcube/images"
state: "directory"
- name: install Roundcube logo
copy:
src: "{{ logo_filename }}"
dest: "/var/lib/roundcube/images/{{ logo_filename }}"
# General
- name: ensure services are running (and enabled at boot)
service:
name: "{{ item }}"
state: "started"
enabled: "yes"
with_items:
- postfix
- amavis
- clamav-daemon
- dovecot