- name: Install postfix
  ansible.builtin.package:
    name:
      - postfix
      - postfix-pcre
    state: present

- name: Setup correct alias for root mail
  ansible.builtin.lineinfile:
    dest: /etc/postfix/aliases
    state: present
    # YAML requires escape string to be encoded in double quotes.
    regexp: "^(#)?root:\t\t(you|d)"
    line: "root:\t\td"
    owner: root
    group: root
    mode: u+rw,g+r,o+r
  notify:
    - Update aliases
    - Reload postfix

- name: Copy postfix lookup tables
  ansible.builtin.copy:
    src: '{{ item }}'
    dest: /etc/postfix/
    owner: root
    group: root
    mode: u+rw,g+r,o+r
  loop:
    - files/virtual
  notify:
    - Update postfix lookup tables
    - Reload postfix

- name: Copy postfix additional restriction files
  ansible.builtin.copy:
    src: '{{ item }}'
    dest: /etc/postfix/
    owner: root
    group: root
    mode: u+rw,g+r,o+r
  loop:
    - files/sender_access
    - files/body_checks
  notify:
    - Reload postfix

- name: Configure postfix
  ansible.builtin.copy:
    src: '{{ item }}'
    dest: /etc/postfix/
    owner: root
    group: root
    mode: u+rw,g+r,o+r
  loop:
    - files/master.cf
    - files/main.cf
  notify:
    - Check postfix
    - Reload postfix

- name: Copy postfix certificate renewal hook
  ansible.builtin.copy:
    src: files/postfix.sh
    dest: /etc/letsencrypt/renewal-hooks/deploy/postfix.sh
    owner: root
    group: root
    mode: u+rwx,g+r,o+r

- name: Enable postfix systemd service
  ansible.builtin.service:
    name: postfix
    enabled: true
    state: started