From a5105a330af202e5880c004d7c997882cdb96681 Mon Sep 17 00:00:00 2001
From: Dmitry Ilvokhin <d@ilvokhin.com>
Date: Sat, 6 Apr 2024 19:53:25 +0100
Subject: Add postfix role

---
 roles/postfix/tasks/main.yml | 57 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 roles/postfix/tasks/main.yml

(limited to 'roles/postfix/tasks')

diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml
new file mode 100644
index 0000000..63a760d
--- /dev/null
+++ b/roles/postfix/tasks/main.yml
@@ -0,0 +1,57 @@
+- name: Install postfix
+  ansible.builtin.package:
+    name:
+      - postfix
+      - postfix-pcre
+    state: present
+
+- name: Copy postfix lookup tables
+  ansible.builtin.copy:
+    src: '{{ item }}'
+    dest: /etc/postfix/
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+  loop:
+    - files/virtual
+  notify:
+    - Update postfix lookup tables
+    - Reload postfix
+
+- name: Copy postfix additional restriction files
+  ansible.builtin.copy:
+    src: '{{ item }}'
+    dest: /etc/postfix/
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+  loop:
+    - files/sender_access
+    - files/body_checks
+  notify:
+    - Reload postfix
+
+- name: Configure postfix
+  ansible.builtin.copy:
+    src: files/main.cf
+    dest: /etc/postfix/main.cf
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+  notify:
+    - Check postfix
+    - Reload postfix
+
+- name: Copy postfix certificate renewal hook
+  ansible.builtin.copy:
+    src: files/postfix.sh
+    dest: /etc/letsencrypt/renewal-hooks/deploy/postfix.sh
+    owner: root
+    group: root
+    mode: u+rwx,g+r,o+r
+
+- name: Enable postfix systemd service
+  ansible.builtin.service:
+    name: postfix
+    enabled: yes
+    state: started
-- 
cgit v1.2.3-70-g09d2