Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
Kishi85 | e85b3354dd | |
Kishi85 | cceb1a3bdd | |
Kishi85 | 805fe16f48 | |
Kishi85 | 2ecd06d066 | |
Kishi85 | 1a116703db | |
Kishi85 | cc91246e92 |
|
@ -1,34 +1,41 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
35656330333661626336313338653930656431376632383430306534623037363634636665343663
|
||||
6263626531383966323434623136316332316264303733320a366463616239663666366233643361
|
||||
62346437326330643833346464326535383163613766303031353332366561636261306361366638
|
||||
3834313434633836610a386632336361333234333832366665663636313161643064636462393633
|
||||
36353164323165613862656366396638393365633433393365643635356233303564646664633232
|
||||
62633934386639353262643163323133353766616132396234346234616162616139346431663861
|
||||
64316230373961656230666335366361373531643738343736613336653634613366306363623232
|
||||
65653036646239613332313036366134376465623362633036343831623663613562633838313835
|
||||
65393433323934633334663966616263393462383564303635323837616165366138636231373564
|
||||
62373436636631373130623836333964393761343539366666633530303037393132613461363633
|
||||
61653735323030636136376631373462646163343930383062356632666234353034376364653638
|
||||
32343038336661343538663165333432353632633030363335333865646366393038373361623132
|
||||
65363037336566633466653866336364666130343865353334383662616662613132353338643234
|
||||
37346631323139316630323132656135646266356636656634376430386163636630653335376565
|
||||
30303638356134323062353732353866643136613837363335613933343264356266656430343637
|
||||
35333965383833396266633563616261393232386536613635313835303135303866396166616233
|
||||
64363631373531623066386438323262613866303965396461323964363362393963383633643166
|
||||
64353230366231326339353231393161636439303730306332306461396337376161633266383666
|
||||
37623261656132393062313961633262346230323665393730386261623665346232626263383332
|
||||
32646338383335633236316662643239303238623330376231316664386232646630363562346534
|
||||
34626563643735356231373438376365316162396465666133646238623739333632316339393833
|
||||
30383565396430396139363033653531656233303464626234386364626135386432663837353863
|
||||
64303262643166623530643436346634366163373365323737643739626364353462663066616637
|
||||
65663464386238656163383037656361343132346636666338646431373232393434363364333833
|
||||
33386461633433323937343335653839623139633832333266323834613466383633643435383537
|
||||
31393863646137356239626332356138623130656436353636353361356530623039373239376633
|
||||
34626261336566366261643961353066366639363836326664363439616638313837343231663133
|
||||
30663363376265393838383164663236303264323063363565323238366235373731346531363262
|
||||
63366561306639323962303737336434646361623662626438306136623635623666623462373237
|
||||
62323232393538666137323763656162376633383566353337346433623630306362646337333734
|
||||
63356435626435396634333662613839343235633031383230326262316137303539623436623830
|
||||
64363738616131333831663635613739343763356362373230343064333239633534346531363963
|
||||
3538
|
||||
62653832366533633630666164373335323639346135306332363862666664366665636331363763
|
||||
6130613737633137346130376266306439363232316163320a653036616261323530656531383962
|
||||
35623365323866346132303933353766633635663736346234663630306437393533663130336536
|
||||
6237623036636139360a656132396561646130646435306537326235616563643338623838373033
|
||||
30353131343363633031333165626465623635313239353131323363363564656337623265386230
|
||||
66376138363361396163316431346632666433396361356433353363336166646435393036633162
|
||||
63656430666435303365636236356537633239346565666361616366306666653236616232633434
|
||||
65323038643136346661343636346265393137336333663339336630386339393865633437363332
|
||||
32313937323566393761303065663039616530333639663266666133336630656535326638376665
|
||||
36363931313364616230346261316263386161643430333932653936623538613738333632353330
|
||||
39366164346166656430616466316264376437333263616466393963303339323234626331626661
|
||||
66373932396139636461306434343266373438663663613338306538343438313432353366323433
|
||||
38643431396532316239316230616661633064353463366331643763303239343835333338623163
|
||||
36356637316265376135633364386262363361333937653936663535376234393031633865313062
|
||||
34316333373139336634316366656632646130343539623231643839343362366238306537376563
|
||||
32613739366466366230313763616234393362666563336335636238663537383162376331376161
|
||||
64353736346332613962376335626163373662663231656263363232633663633565356336306633
|
||||
66386461633566623265623535373035346462613637303130373962393237346466323237333439
|
||||
35366163323033383839373866363733343030333464666362633031656332653138653439366639
|
||||
33386137616164323465663964393732373933313839383465323961323433356531306565376530
|
||||
32303132303936313639373935376130363237326661633831616131376138313231396138383232
|
||||
39303231323436366634343432316433383530323332613563656331363235336564663737306163
|
||||
34653937316132633661306138613161323230646363363764623034663664323464303634303230
|
||||
33623364646332396562333064336366363633633439373634316561393565316265616462616662
|
||||
31626339363239313462386664323666323131373363366430393734336566393031353563363836
|
||||
30353765313161633262623865376230373730663966663966626430613464643938303534333962
|
||||
37653963636565663037386438373530383930653463643535653536616661616531633032363763
|
||||
63393263353534373830313436646563633935303731386563323561623030376432616636616531
|
||||
61323463333862623036653963663436333334393435343332346235373736646135633161356539
|
||||
64396634613334643339626131646365616164623761613439356232383061353665336637336165
|
||||
38623266643663333236386237663033663436396235393636366166646662393264616661383036
|
||||
32376266636334663630626437326262303431613331626337356438386238303964383531323361
|
||||
62333763376335393134353865626661336161666234343165613430373932343861336236363639
|
||||
61393437353136343931343334666636656261346265633839636631316130653861303334653864
|
||||
33653965313333303534613835396332396637623539313138383435383861366238353564613634
|
||||
61623966623864636461306138643737636135303565626439373762366438303538393566643862
|
||||
32393335343065663332363064383737316638326131386435613735633633323537326234356261
|
||||
33393661626363373334666135396236613434643731353935323430653834356233383638613561
|
||||
31313266373265316361333635333664346663336139663231303430326133636538626365306435
|
||||
36643738363835363736
|
||||
|
|
|
@ -2,14 +2,19 @@
|
|||
|
||||
- name: Install dependencies
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
- git
|
||||
- python-cryptography
|
||||
- python-dnspython
|
||||
- python-yaml
|
||||
loop:
|
||||
- python3-cryptography
|
||||
- python3-dnspython
|
||||
- python3-yaml
|
||||
- python3-pkg-resources
|
||||
|
||||
- name: Find current acertmgr version
|
||||
get_url: url="https://raw.githubusercontent.com/moepman/acertmgr/master/version.txt" dest=/tmp/acertmgr.version
|
||||
vars:
|
||||
ansible_connection: local
|
||||
|
||||
- name: Install acertmgr
|
||||
git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version={{ acertmgr_version }}
|
||||
apt: deb="https://github.com/moepman/acertmgr/releases/download/{{ lookup('file', '/tmp/acertmgr.version') }}/python3-acertmgr_{{ lookup('file', '/tmp/acertmgr.version') }}-1_all.deb"
|
||||
|
||||
- name: Create config directories
|
||||
file: path=/etc/acertmgr state=directory mode=0755
|
||||
|
@ -21,4 +26,4 @@
|
|||
file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory
|
||||
|
||||
- name: Enable acertmgr cronjob
|
||||
cron: name=certmgr special_time=daily job=/opt/acertmgr/acertmgr.py
|
||||
cron: name=certmgr special_time=daily job=/usr/bin/acertmgr
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install dependencies
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- git
|
||||
- python3-flask
|
||||
- python3-flaskext.wtf
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
logrotate_excludes:
|
||||
- "/etc/logrotate.d/alternatives"
|
||||
- "/etc/logrotate.d/apt"
|
||||
- "/etc/logrotate.d/dpkg"
|
||||
- "/etc/logrotate.d/dbconfig-common"
|
||||
- "/etc/logrotate.d/btmp"
|
||||
- "/etc/logrotate.d/wtmp"
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install misc software
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- dnsutils
|
||||
- htop
|
||||
- less
|
||||
|
@ -17,7 +17,7 @@
|
|||
|
||||
- name: Install software on KVM VMs
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- acpid
|
||||
- qemu-guest-agent
|
||||
when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
|
||||
|
@ -25,7 +25,7 @@
|
|||
- name: Configure misc software
|
||||
copy: src={{ item.src }} dest={{ item.dest }}
|
||||
diff: no
|
||||
with_items:
|
||||
loop:
|
||||
- { src: '.zshrc', dest: '/root/.zshrc' }
|
||||
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
|
||||
- { src: 'motd', dest: '/etc/motd' }
|
||||
|
@ -45,7 +45,7 @@
|
|||
|
||||
- name: Fix network interface names
|
||||
copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- 50-virtio-kernel-names.link
|
||||
- 99-default.link
|
||||
notify: update-initramfs
|
||||
|
@ -81,16 +81,24 @@
|
|||
paths: "/etc/logrotate.d/"
|
||||
register: "logrotateconfigs"
|
||||
|
||||
- name: Set logrotate.d/* to daily
|
||||
- name: Convert found files to path list
|
||||
set_fact:
|
||||
alllogrotateconfigpaths: "{{ logrotateconfigs.files | map(attribute='path') | list }}"
|
||||
|
||||
- name: Exclude files from ansible management
|
||||
set_fact:
|
||||
logrotateconfigpaths: "{{ alllogrotateconfigpaths | difference(logrotate_excludes) }}"
|
||||
|
||||
- name: 'Set logrotate.d/* to daily'
|
||||
replace:
|
||||
path: "{{ item }}"
|
||||
regexp: "(?:weekly|monthly)"
|
||||
replace: "daily"
|
||||
loop: "{{ logrotateconfigs.files }}"
|
||||
loop: "{{ logrotateconfigpaths }}"
|
||||
|
||||
- name: Set logrotate.conf rotation to 7
|
||||
- name: 'Set /etc/logrotate.d/* rotation to 7'
|
||||
replace:
|
||||
path: "{{ item }}"
|
||||
regexp: "rotate [0-9]+"
|
||||
replace: "rotate 7"
|
||||
loop: "{{ logrotateconfigs.files }}"
|
||||
loop: "{{ logrotateconfigpaths }}"
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
- name: Install misc software
|
||||
pkgng: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- vim-lite
|
||||
- htop
|
||||
- zsh
|
||||
|
||||
- name: Configure misc software
|
||||
copy: src={{ item.src }} dest={{ item.dest }}
|
||||
with_items:
|
||||
loop:
|
||||
- { src: '.zshrc', dest: '/root/.zshrc' }
|
||||
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install misc software
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- dnsutils
|
||||
- htop
|
||||
- ipmitool
|
||||
|
@ -13,7 +13,7 @@
|
|||
|
||||
- name: Configure misc software
|
||||
copy: src={{ item.src }} dest={{ item.dest }}
|
||||
with_items:
|
||||
loop:
|
||||
- { src: '.zshrc', dest: '/root/.zshrc' }
|
||||
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
|
||||
- { src: 'motd', dest: '/etc/motd' }
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
- name: Configure dhcp server
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- default/isc-dhcp-server
|
||||
- dhcp/dhcpd.conf
|
||||
notify: Restart isc-dhcp-server
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install powerdns
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- pdns-server
|
||||
- pdns-backend-sqlite3
|
||||
|
||||
|
|
|
@ -2,6 +2,6 @@
|
|||
|
||||
- name: Restart powerdns
|
||||
service: name={{ item }} state=restarted
|
||||
with_items:
|
||||
loop:
|
||||
- pdns
|
||||
- pdns-recursor
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install powerdns
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- pdns-server
|
||||
- pdns-recursor
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
|||
- name: Configure powerdns
|
||||
template: src={{ item }}.j2 dest=/etc/powerdns/{{ item }}
|
||||
notify: Restart powerdns
|
||||
with_items:
|
||||
loop:
|
||||
- pdns.conf
|
||||
- recursor.conf
|
||||
- bindbackend.conf
|
||||
|
@ -21,6 +21,6 @@
|
|||
|
||||
- name: Start the powerdns services
|
||||
service: name={{ item }} state=started enabled=yes
|
||||
with_items:
|
||||
loop:
|
||||
- pdns
|
||||
- pdns-recursor
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
- name: Install PostgreSQL
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- postgresql
|
||||
- python-psycopg2
|
||||
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
|
||||
- name: Install packages
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- build-essential
|
||||
- git
|
||||
- nodejs
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install dependencies
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- fping
|
||||
- git
|
||||
- graphviz
|
||||
|
@ -47,7 +47,7 @@
|
|||
path: "{{ item }}"
|
||||
regexp: ';?date\.timezone'
|
||||
line: 'date.timezone = Europe/Berlin'
|
||||
with_items:
|
||||
loop:
|
||||
- /etc/php/7.3/cli/php.ini
|
||||
- /etc/php/7.3/fpm/php.ini
|
||||
|
||||
|
|
|
@ -2,3 +2,9 @@
|
|||
|
||||
mail_postsrsd_secret: "{{ vault_mail_postsrsd_secret }}"
|
||||
mail_srs_domain: "srs.{{ mail_domain }}"
|
||||
|
||||
mailman3_site_owner: "mailman3@binary-kitchen.de"
|
||||
mailman3_dbname: "mailman3"
|
||||
mailman3_dbuser: "mailman3"
|
||||
mailman3_dbpass: "{{ vault_mail_mailman3_dbpass }}"
|
||||
mailman3_restadminpass: "{{ vault_mail_mailman3_restadminpass }}"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/var/log/dovecot/*.log {
|
||||
weekly
|
||||
rotate 4
|
||||
daily
|
||||
rotate 7
|
||||
missingok
|
||||
notifempty
|
||||
compress
|
||||
|
|
|
@ -17,12 +17,15 @@
|
|||
- name: Restart rspamd
|
||||
service: name=rspamd state=restarted
|
||||
|
||||
- name: Restart mailman3
|
||||
service: name=mailman3 state=restarted
|
||||
|
||||
- name: Run acertmgr
|
||||
command: /opt/acertmgr/acertmgr.py
|
||||
|
||||
- name: Run postmap
|
||||
command: postmap /etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- postfix/helo_access
|
||||
- postfix/recipient_access
|
||||
- postfix/transport
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
|
||||
- name: Install packages
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- bsd-mailx
|
||||
- dovecot-core
|
||||
- dovecot-imapd
|
||||
|
@ -18,7 +18,10 @@
|
|||
- dovecot-sieve
|
||||
- fcgiwrap
|
||||
- mailman
|
||||
- mailman3
|
||||
- mailman3-full
|
||||
- python-psycopg2
|
||||
- python3-psycopg2
|
||||
- postgresql
|
||||
- postfix
|
||||
- redis-server
|
||||
- redis-tools
|
||||
|
@ -55,7 +58,7 @@
|
|||
- name: Render rspamd config templates
|
||||
template: src=rspamd/local.d/{{ item }}.j2 dest=/etc/rspamd/local.d/{{ item }}
|
||||
notify: Restart rspamd
|
||||
with_items:
|
||||
loop:
|
||||
- options.inc
|
||||
- settings.conf
|
||||
- arc.conf
|
||||
|
@ -63,7 +66,7 @@
|
|||
|
||||
- name: Copy spam learn/unlearn sieve and shell scripts
|
||||
copy: src=dovecot/{{ item }} dest=/var/vmail/.sieve/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- bin/learn-spam.sh
|
||||
- bin/learn-ham.sh
|
||||
- move-spam.sieve
|
||||
|
@ -72,7 +75,7 @@
|
|||
|
||||
- name: Configure dovecot
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- dovecot/dovecot-ldap.conf.ext
|
||||
- dovecot/dovecot-ldap.conf.lmtp
|
||||
- dovecot/local.conf
|
||||
|
@ -80,14 +83,14 @@
|
|||
|
||||
- name: Compile sieve scripts
|
||||
shell: sievec /var/vmail/.sieve/{{ item|basename }}
|
||||
with_items:
|
||||
loop:
|
||||
- move-spam.sieve
|
||||
- report-spam.sieve
|
||||
- report-ham.sieve
|
||||
|
||||
- name: Ensure learn scripts are executable
|
||||
file: mode=0750 path=/var/vmail/.sieve/bin/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- learn-spam.sh
|
||||
- learn-ham.sh
|
||||
|
||||
|
@ -104,7 +107,7 @@
|
|||
|
||||
- name: Configure mailman
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- mailman/mm_cfg.py
|
||||
notify: Restart postfix
|
||||
|
||||
|
@ -124,26 +127,40 @@
|
|||
file: path=/etc/nginx/ssl/{{ mailman_domain }}.key owner=root mode=0400
|
||||
notify: Restart nginx
|
||||
|
||||
- name: Configure PostgreSQL database
|
||||
postgresql_db: name={{ mailman3_dbname }}
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Configure PostgreSQL user
|
||||
postgresql_user: db={{ mailman3_dbname }} name={{ mailman3_dbuser }} password={{ mailman3_dbpass }} priv=ALL state=present
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Configure mailman3
|
||||
template: src=mailman/mailman.cfg.j2 dest=/etc/mailman3/mailman.cfg
|
||||
notify: Restart mailman3
|
||||
|
||||
- name: Create postfix ssl directory
|
||||
file: path=/etc/postfix/ssl state=directory mode=0750 owner=postfix group=postfix
|
||||
|
||||
- name: Configure postfix
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- postfix/main.cf
|
||||
- postfix/master.cf
|
||||
notify: Restart postfix
|
||||
|
||||
- name: Configure postsrsd
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- default/postsrsd
|
||||
- postsrsd.secret
|
||||
notify: Restart postsrsd
|
||||
|
||||
- name: Configure postfix maps
|
||||
template: src={{ item }}.j2 dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- postfix/helo_access
|
||||
- postfix/transport
|
||||
- postfix/virtual-alias
|
||||
|
@ -185,3 +202,6 @@
|
|||
|
||||
- name: Start rspamd
|
||||
service: name=rspamd state=started enabled=yes
|
||||
|
||||
- name: Start mailman3
|
||||
service: name=mailman3 state=started enabled=yes
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
[mailman]
|
||||
site_owner: {{ mailman3_site_owner }}
|
||||
noreply_address: noreply
|
||||
default_language: en
|
||||
sender_headers: from from_ reply-to sender
|
||||
email_commands_max_lines: 10
|
||||
pending_request_life: 3d
|
||||
cache_life: 7d
|
||||
pre_hook:
|
||||
post_hook:
|
||||
layout: debian
|
||||
filtered_messages_are_preservable: no
|
||||
html_to_plain_text_command: /usr/bin/lynx -dump $filename
|
||||
listname_chars: [-_.0-9a-z]
|
||||
|
||||
[shell]
|
||||
prompt: >>>
|
||||
banner: Welcome to the GNU Mailman shell
|
||||
use_ipython: no
|
||||
history_file:
|
||||
|
||||
[paths.debian]
|
||||
var_dir: /var/lib/mailman3
|
||||
queue_dir: $var_dir/queue
|
||||
bin_dir: /usr/lib/mailman3/bin
|
||||
list_data_dir: $var_dir/lists
|
||||
log_dir: /var/log/mailman3
|
||||
lock_dir: $var_dir/locks
|
||||
data_dir: $var_dir/data
|
||||
cache_dir: $var_dir/cache
|
||||
etc_dir: /etc/mailman3
|
||||
ext_dir: $var_dir/ext
|
||||
messages_dir: $var_dir/messages
|
||||
archive_dir: $var_dir/archives
|
||||
template_dir: $var_dir/templates
|
||||
pid_file: /run/mailman3/master.pid
|
||||
lock_file: $lock_dir/master.lck
|
||||
|
||||
[database]
|
||||
class: mailman.database.postgresql.PostgreSQLDatabase
|
||||
url: postgres://{{ mailman3_dbuser }}:{{ mailman3_dbpass }}@localhost/{{ mailman3_dbname }}
|
||||
debug: no
|
||||
|
||||
[logging.debian]
|
||||
format: %(asctime)s (%(process)d) %(message)s
|
||||
datefmt: %b %d %H:%M:%S %Y
|
||||
propagate: no
|
||||
level: info
|
||||
path: mailman.log
|
||||
[webservice]
|
||||
hostname: localhost
|
||||
port: 8001
|
||||
use_https: no
|
||||
show_tracebacks: yes
|
||||
api_version: 3.1
|
||||
admin_user: restadmin
|
||||
admin_pass: {{ mailman3_restadminpass }}
|
||||
|
||||
[mta]
|
||||
incoming: mailman.mta.postfix.LMTP
|
||||
outgoing: mailman.mta.deliver.deliver
|
||||
smtp_host: localhost
|
||||
smtp_port: 25
|
||||
smtp_user:
|
||||
smtp_pass:
|
||||
lmtp_host: 127.0.0.1
|
||||
lmtp_port: 8024
|
||||
configuration: python:mailman.config.postfix
|
|
@ -11,6 +11,7 @@ inet_interfaces = all
|
|||
inet_protocols = all
|
||||
message_size_limit = 50000000
|
||||
recipient_delimiter = +
|
||||
owner_request_special = no
|
||||
unknown_local_recipient_reject_code = 550
|
||||
strict_rfc821_envelopes = yes
|
||||
disable_vrfy_command = yes
|
||||
|
@ -115,9 +116,15 @@ unverified_recipient_reject_code = 550
|
|||
unverified_recipient_reject_reason = Recipient unknown
|
||||
|
||||
# mailman
|
||||
relay_domains = {{ mailman_domain }}
|
||||
relay_recipient_maps = hash:/var/lib/mailman/data/virtual-mailman
|
||||
transport_maps = hash:/etc/postfix/transport
|
||||
relay_domains =
|
||||
hash:/var/lib/mailman3/data/postfix_domains
|
||||
{{ mailman_domain }}
|
||||
local_recipient_maps =
|
||||
hash:/var/lib/mailman3/data/postfix_lmtp
|
||||
hash:/var/lib/mailman/data/virtual-mailman
|
||||
transport_maps =
|
||||
hash:/var/lib/mailman3/data/postfix_lmtp
|
||||
hash:/etc/postfix/transport
|
||||
mailman_destination_recipient_limit = 1
|
||||
|
||||
# postsrsd
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
- name: Install matrix
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- matrix-synapse-py3
|
||||
- postgresql
|
||||
- python-psycopg2
|
||||
|
@ -28,7 +28,7 @@
|
|||
|
||||
- name: Configure matrix
|
||||
template: src=matrix-synapse/{{ item }}.j2 dest=/etc/matrix-synapse/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- homeserver.yaml
|
||||
- log.yaml
|
||||
- conf.d/server_name.yaml
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install software for members
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- ansible
|
||||
- git
|
||||
- irssi
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
- name: Install packages
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- php-redis
|
||||
- php7.3
|
||||
- php7.3-bcmath
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
- name: Create DH parameters
|
||||
command: openssl dhparam -outform PEM -out {{ item }} 2048 creates={{ item }}
|
||||
when: nginx_ssl == True
|
||||
with_items:
|
||||
loop:
|
||||
- /etc/nginx/dhparam.pem
|
||||
|
||||
- name: Configure nginx
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install dependencies
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- php7.3-fpm
|
||||
- php7.3-ldap
|
||||
- php7.3-mysql
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
|
||||
- name: Install prosody
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- prosody
|
||||
- libsasl2-modules-ldap
|
||||
- sasl2-bin
|
||||
|
@ -25,7 +25,7 @@
|
|||
|
||||
- name: Configure sasl
|
||||
copy: src={{ item }} dest=/etc/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- default/saslauthd
|
||||
- sasl/xmpp.conf
|
||||
|
||||
|
|
|
@ -24,19 +24,19 @@
|
|||
|
||||
- name: Create DH parameters
|
||||
command: openssl dhparam -outform PEM -out {{ item }} 2048 creates={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- /etc/freeradius/3.0/certs/dh
|
||||
notify: Restart freeradius
|
||||
|
||||
- name: Configure radius server
|
||||
template: src={{ item }}.j2 dest=/etc/freeradius/3.0/{{ item }} owner=freerad group=freerad
|
||||
with_items:
|
||||
loop:
|
||||
- clients.conf
|
||||
notify: Restart freeradius
|
||||
|
||||
- name: Configure radius server
|
||||
copy: src={{ item }} dest=/etc/freeradius/3.0/{{ item }} owner=freerad group=freerad
|
||||
with_items:
|
||||
loop:
|
||||
- mods-available/eap
|
||||
- mods-config/files/authorize
|
||||
- sites-available/default
|
||||
|
@ -47,7 +47,7 @@
|
|||
|
||||
- name: Ensure sites are symlinked
|
||||
file: src=../sites-available/{{ item }} dest=/etc/freeradius/3.0/sites-enabled/{{ item }} state=link
|
||||
with_items:
|
||||
loop:
|
||||
- default
|
||||
- inner-tunnel
|
||||
notify: Restart freeradius
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
- name: Copy schema definitons
|
||||
copy: src={{ item }} dest=/etc/ldap/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- schema/kitchen.schema
|
||||
- schema/openssh-lpk.schema
|
||||
- schema/radius.schema
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
- name: Install unattended upgrades
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- unattended-upgrades
|
||||
- debian-goodies
|
||||
|
||||
- name: Configure unattended upgrades
|
||||
template: src={{ item }}.j2 dest=/etc/apt/apt.conf.d/{{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- 02periodic
|
||||
- 50unattended-upgrades
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Install dependencies
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- php-fpm
|
||||
- php-ldap
|
||||
- php-sqlite3
|
||||
|
|
Loading…
Reference in New Issue