mail: Use postgresql for mailman3

mail: fix logrotate config
mail: Setup postfix up for mailman3
2020-02-29 20:51:28 +01:00 · 2020-02-29 19:39:15 +01:00 · 2020-02-29 19:09:37 +01:00 · 2020-02-17 20:22:52 +01:00 · 2020-02-04 15:01:13 +01:00 · 2020-02-03 19:46:31 +01:00
30 changed files with 228 additions and 96 deletions
--- a/group_vars/all/vault.yml
+++ b/group_vars/all/vault.yml
@ -1,34 +1,41 @@
 $ANSIBLE_VAULT;1.1;AES256
-35656330333661626336313338653930656431376632383430306534623037363634636665343663
-6263626531383966323434623136316332316264303733320a366463616239663666366233643361
-62346437326330643833346464326535383163613766303031353332366561636261306361366638
-3834313434633836610a386632336361333234333832366665663636313161643064636462393633
-36353164323165613862656366396638393365633433393365643635356233303564646664633232
-62633934386639353262643163323133353766616132396234346234616162616139346431663861
-64316230373961656230666335366361373531643738343736613336653634613366306363623232
-65653036646239613332313036366134376465623362633036343831623663613562633838313835
-65393433323934633334663966616263393462383564303635323837616165366138636231373564
-62373436636631373130623836333964393761343539366666633530303037393132613461363633
-61653735323030636136376631373462646163343930383062356632666234353034376364653638
-32343038336661343538663165333432353632633030363335333865646366393038373361623132
-65363037336566633466653866336364666130343865353334383662616662613132353338643234
-37346631323139316630323132656135646266356636656634376430386163636630653335376565
-30303638356134323062353732353866643136613837363335613933343264356266656430343637
-35333965383833396266633563616261393232386536613635313835303135303866396166616233
-64363631373531623066386438323262613866303965396461323964363362393963383633643166
-64353230366231326339353231393161636439303730306332306461396337376161633266383666
-37623261656132393062313961633262346230323665393730386261623665346232626263383332
-32646338383335633236316662643239303238623330376231316664386232646630363562346534
-34626563643735356231373438376365316162396465666133646238623739333632316339393833
-30383565396430396139363033653531656233303464626234386364626135386432663837353863
-64303262643166623530643436346634366163373365323737643739626364353462663066616637
-65663464386238656163383037656361343132346636666338646431373232393434363364333833
-33386461633433323937343335653839623139633832333266323834613466383633643435383537
-31393863646137356239626332356138623130656436353636353361356530623039373239376633
-34626261336566366261643961353066366639363836326664363439616638313837343231663133
-30663363376265393838383164663236303264323063363565323238366235373731346531363262
-63366561306639323962303737336434646361623662626438306136623635623666623462373237
-62323232393538666137323763656162376633383566353337346433623630306362646337333734
-63356435626435396634333662613839343235633031383230326262316137303539623436623830
-64363738616131333831663635613739343763356362373230343064333239633534346531363963
-3538
+62653832366533633630666164373335323639346135306332363862666664366665636331363763
+6130613737633137346130376266306439363232316163320a653036616261323530656531383962
+35623365323866346132303933353766633635663736346234663630306437393533663130336536
+6237623036636139360a656132396561646130646435306537326235616563643338623838373033
+30353131343363633031333165626465623635313239353131323363363564656337623265386230
+66376138363361396163316431346632666433396361356433353363336166646435393036633162
+63656430666435303365636236356537633239346565666361616366306666653236616232633434
+65323038643136346661343636346265393137336333663339336630386339393865633437363332
+32313937323566393761303065663039616530333639663266666133336630656535326638376665
+36363931313364616230346261316263386161643430333932653936623538613738333632353330
+39366164346166656430616466316264376437333263616466393963303339323234626331626661
+66373932396139636461306434343266373438663663613338306538343438313432353366323433
+38643431396532316239316230616661633064353463366331643763303239343835333338623163
+36356637316265376135633364386262363361333937653936663535376234393031633865313062
+34316333373139336634316366656632646130343539623231643839343362366238306537376563
+32613739366466366230313763616234393362666563336335636238663537383162376331376161
+64353736346332613962376335626163373662663231656263363232633663633565356336306633
+66386461633566623265623535373035346462613637303130373962393237346466323237333439
+35366163323033383839373866363733343030333464666362633031656332653138653439366639
+33386137616164323465663964393732373933313839383465323961323433356531306565376530
+32303132303936313639373935376130363237326661633831616131376138313231396138383232
+39303231323436366634343432316433383530323332613563656331363235336564663737306163
+34653937316132633661306138613161323230646363363764623034663664323464303634303230
+33623364646332396562333064336366363633633439373634316561393565316265616462616662
+31626339363239313462386664323666323131373363366430393734336566393031353563363836
+30353765313161633262623865376230373730663966663966626430613464643938303534333962
+37653963636565663037386438373530383930653463643535653536616661616531633032363763
+63393263353534373830313436646563633935303731386563323561623030376432616636616531
+61323463333862623036653963663436333334393435343332346235373736646135633161356539
+64396634613334643339626131646365616164623761613439356232383061353665336637336165
+38623266643663333236386237663033663436396235393636366166646662393264616661383036
+32376266636334663630626437326262303431613331626337356438386238303964383531323361
+62333763376335393134353865626661336161666234343165613430373932343861336236363639
+61393437353136343931343334666636656261346265633839636631316130653861303334653864
+33653965313333303534613835396332396637623539313138383435383861366238353564613634
+61623966623864636461306138643737636135303565626439373762366438303538393566643862
+32393335343065663332363064383737316638326131386435613735633633323537326234356261
+33393661626363373334666135396236613434643731353935323430653834356233383638613561
+31313266373265316361333635333664346663336139663231303430326133636538626365306435
+36643738363835363736
--- a/roles/acertmgr/tasks/main.yml
+++ b/roles/acertmgr/tasks/main.yml
@ -2,14 +2,19 @@

 - name: Install dependencies
  apt: name={{ item }}
-  with_items:
-  - git
-  - python-cryptography
-  - python-dnspython
-  - python-yaml
+  loop:
+  - python3-cryptography
+  - python3-dnspython
+  - python3-yaml
+  - python3-pkg-resources
+
+- name: Find current acertmgr version
+  get_url: url="https://raw.githubusercontent.com/moepman/acertmgr/master/version.txt" dest=/tmp/acertmgr.version
+  vars:
+    ansible_connection: local

 - name: Install acertmgr
-  git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version={{ acertmgr_version }}
+  apt: deb="https://github.com/moepman/acertmgr/releases/download/{{ lookup('file', '/tmp/acertmgr.version') }}/python3-acertmgr_{{ lookup('file', '/tmp/acertmgr.version') }}-1_all.deb"

 - name: Create config directories
  file: path=/etc/acertmgr state=directory mode=0755
@ -21,4 +26,4 @@
  file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory

 - name: Enable acertmgr cronjob
-  cron: name=certmgr special_time=daily job=/opt/acertmgr/acertmgr.py
+  cron: name=certmgr special_time=daily job=/usr/bin/acertmgr
--- a/roles/bk-dss/tasks/main.yml
+++ b/roles/bk-dss/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install dependencies
  apt: name={{ item }}
-  with_items:
+  loop:
  - git
  - python3-flask
  - python3-flaskext.wtf
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@ -0,0 +1,8 @@
+---
+logrotate_excludes:
+- "/etc/logrotate.d/alternatives"
+- "/etc/logrotate.d/apt"
+- "/etc/logrotate.d/dpkg"
+- "/etc/logrotate.d/dbconfig-common"
+- "/etc/logrotate.d/btmp"
+- "/etc/logrotate.d/wtmp"
--- a/roles/common/tasks/Debian.yml
+++ b/roles/common/tasks/Debian.yml
@ -2,7 +2,7 @@

 - name: Install misc software
  apt: name={{ item }}
-  with_items:
+  loop:
  - dnsutils
  - htop
  - less
@ -17,7 +17,7 @@

 - name: Install software on KVM VMs
  apt: name={{ item }}
-  with_items:
+  loop:
  - acpid
  - qemu-guest-agent
  when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
@ -25,7 +25,7 @@
 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
  diff: no
-  with_items:
+  loop:
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
  - { src: 'motd', dest: '/etc/motd' }
@ -45,7 +45,7 @@

 - name: Fix network interface names
  copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
-  with_items:
+  loop:
  - 50-virtio-kernel-names.link
  - 99-default.link
  notify: update-initramfs
@ -81,16 +81,24 @@
    paths: "/etc/logrotate.d/"
  register: "logrotateconfigs"

- name: Set logrotate.d/* to daily
+- name: Convert found files to path list
+  set_fact:
+    alllogrotateconfigpaths: "{{ logrotateconfigs.files | map(attribute='path') | list }}"
+
+- name: Exclude files from ansible management
+  set_fact:
+    logrotateconfigpaths: "{{ alllogrotateconfigpaths | difference(logrotate_excludes) }}"
+
+- name: 'Set logrotate.d/* to daily'
  replace:
    path: "{{ item }}"
    regexp: "(?:weekly|monthly)"
    replace: "daily"
-  loop: "{{ logrotateconfigs.files }}"
+  loop: "{{ logrotateconfigpaths }}"

- name: Set logrotate.conf rotation to 7
+- name: 'Set /etc/logrotate.d/* rotation to 7'
  replace:
    path: "{{ item }}"
    regexp: "rotate [0-9]+"
    replace: "rotate 7"
-  loop: "{{ logrotateconfigs.files }}"
+  loop: "{{ logrotateconfigpaths }}"
--- a/roles/common/tasks/FreeBSD.yml
+++ b/roles/common/tasks/FreeBSD.yml
@ -2,13 +2,13 @@

 - name: Install misc software
  pkgng: name={{ item }}
-  with_items:
+  loop:
  - vim-lite
  - htop
  - zsh

 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
-  with_items:
+  loop:
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
--- a/roles/common/tasks/Proxmox.yml
+++ b/roles/common/tasks/Proxmox.yml
@ -2,7 +2,7 @@

 - name: Install misc software
  apt: name={{ item }}
-  with_items:
+  loop:
  - dnsutils
  - htop
  - ipmitool
@ -13,7 +13,7 @@

 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
-  with_items:
+  loop:
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
  - { src: 'motd', dest: '/etc/motd' }
--- a/roles/dhcpd/tasks/main.yml
+++ b/roles/dhcpd/tasks/main.yml
@ -5,7 +5,7 @@

 - name: Configure dhcp server
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - default/isc-dhcp-server
  - dhcp/dhcpd.conf
  notify: Restart isc-dhcp-server
--- a/roles/dns-extern/tasks/main.yml
+++ b/roles/dns-extern/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install powerdns
  apt: name={{ item }}
-  with_items:
+  loop:
   - pdns-server
   - pdns-backend-sqlite3

--- a/roles/dns-intern/handlers/main.yml
+++ b/roles/dns-intern/handlers/main.yml
@ -2,6 +2,6 @@

 - name: Restart powerdns
  service: name={{ item }} state=restarted
-  with_items:
+  loop:
   - pdns
   - pdns-recursor
--- a/roles/dns-intern/tasks/main.yml
+++ b/roles/dns-intern/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install powerdns
  apt: name={{ item }}
-  with_items:
+  loop:
   - pdns-server
   - pdns-recursor

@ -12,7 +12,7 @@
 - name: Configure powerdns
  template: src={{ item }}.j2 dest=/etc/powerdns/{{ item }}
  notify: Restart powerdns
-  with_items:
+  loop:
  - pdns.conf
  - recursor.conf
  - bindbackend.conf
@ -21,6 +21,6 @@

 - name: Start the powerdns services
  service: name={{ item }} state=started enabled=yes
-  with_items:
+  loop:
  - pdns
  - pdns-recursor
--- a/roles/gogs/tasks/main.yml
+++ b/roles/gogs/tasks/main.yml
@ -14,7 +14,7 @@

 - name: Install PostgreSQL
  apt: name={{ item }}
-  with_items:
+  loop:
  - postgresql
  - python-psycopg2

--- a/roles/hackmd/tasks/main.yml
+++ b/roles/hackmd/tasks/main.yml
@ -29,7 +29,7 @@

 - name: Install packages
  apt: name={{ item }}
-  with_items:
+  loop:
  - build-essential
  - git
  - nodejs
--- a/roles/librenms/tasks/main.yml
+++ b/roles/librenms/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install dependencies
  apt: name={{ item }}
-  with_items:
+  loop:
  - fping
  - git
  - graphviz
@ -47,7 +47,7 @@
    path: "{{ item }}"
    regexp: ';?date\.timezone'
    line: 'date.timezone = Europe/Berlin'
-  with_items:
+  loop:
  - /etc/php/7.3/cli/php.ini
  - /etc/php/7.3/fpm/php.ini

--- a/roles/mail/defaults/main.yml
+++ b/roles/mail/defaults/main.yml
@ -2,3 +2,9 @@

 mail_postsrsd_secret: "{{ vault_mail_postsrsd_secret }}"
 mail_srs_domain: "srs.{{ mail_domain }}"
+
+mailman3_site_owner: "mailman3@binary-kitchen.de"
+mailman3_dbname: "mailman3"
+mailman3_dbuser: "mailman3"
+mailman3_dbpass: "{{ vault_mail_mailman3_dbpass }}"
+mailman3_restadminpass: "{{ vault_mail_mailman3_restadminpass }}"
--- a/roles/mail/files/logrotate.d/dovecot
+++ b/roles/mail/files/logrotate.d/dovecot
@ -1,6 +1,6 @@
 /var/log/dovecot/*.log {
-  weekly
-  rotate 4
+  daily
+  rotate 7
  missingok
  notifempty
  compress
--- a/roles/mail/handlers/main.yml
+++ b/roles/mail/handlers/main.yml
@ -17,12 +17,15 @@
 - name: Restart rspamd
  service: name=rspamd state=restarted

+- name: Restart mailman3
+  service: name=mailman3 state=restarted
+
 - name: Run acertmgr
  command: /opt/acertmgr/acertmgr.py

 - name: Run postmap
  command: postmap /etc/{{ item }}
-  with_items:
+  loop:
  - postfix/helo_access
  - postfix/recipient_access
  - postfix/transport
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@ -8,7 +8,7 @@

 - name: Install packages
  apt: name={{ item }}
-  with_items:
+  loop:
  - bsd-mailx
  - dovecot-core
  - dovecot-imapd
@ -18,7 +18,10 @@
  - dovecot-sieve
  - fcgiwrap
  - mailman
-  - mailman3
+  - mailman3-full
+  - python-psycopg2
+  - python3-psycopg2
+  - postgresql
  - postfix
  - redis-server
  - redis-tools
@ -55,7 +58,7 @@
 - name: Render rspamd config templates
  template: src=rspamd/local.d/{{ item }}.j2 dest=/etc/rspamd/local.d/{{ item }}
  notify: Restart rspamd
-  with_items:
+  loop:
  - options.inc
  - settings.conf
  - arc.conf
@ -63,7 +66,7 @@

 - name: Copy spam learn/unlearn sieve and shell scripts
  copy: src=dovecot/{{ item }} dest=/var/vmail/.sieve/{{ item }}
-  with_items:
+  loop:
  - bin/learn-spam.sh
  - bin/learn-ham.sh
  - move-spam.sieve
@ -72,7 +75,7 @@

 - name: Configure dovecot
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - dovecot/dovecot-ldap.conf.ext
  - dovecot/dovecot-ldap.conf.lmtp
  - dovecot/local.conf
@ -80,14 +83,14 @@

 - name: Compile sieve scripts
  shell: sievec /var/vmail/.sieve/{{ item|basename }}
-  with_items:
+  loop:
  - move-spam.sieve
  - report-spam.sieve
  - report-ham.sieve

 - name: Ensure learn scripts are executable
  file: mode=0750 path=/var/vmail/.sieve/bin/{{ item }}
-  with_items:
+  loop:
  - learn-spam.sh
  - learn-ham.sh

@ -104,7 +107,7 @@

 - name: Configure mailman
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - mailman/mm_cfg.py
  notify: Restart postfix

@ -124,26 +127,40 @@
  file: path=/etc/nginx/ssl/{{ mailman_domain }}.key owner=root mode=0400
  notify: Restart nginx

+- name: Configure PostgreSQL database
+  postgresql_db: name={{ mailman3_dbname }}
+  become: true
+  become_user: postgres
+
+- name: Configure PostgreSQL user
+  postgresql_user: db={{ mailman3_dbname }} name={{ mailman3_dbuser }} password={{ mailman3_dbpass }} priv=ALL state=present
+  become: true
+  become_user: postgres
+
+- name: Configure mailman3
+  template: src=mailman/mailman.cfg.j2 dest=/etc/mailman3/mailman.cfg
+  notify: Restart mailman3
+
 - name: Create postfix ssl directory
  file: path=/etc/postfix/ssl state=directory mode=0750 owner=postfix group=postfix

 - name: Configure postfix
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - postfix/main.cf
  - postfix/master.cf
  notify: Restart postfix

 - name: Configure postsrsd
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - default/postsrsd
  - postsrsd.secret
  notify: Restart postsrsd

 - name: Configure postfix maps
  template: src={{ item }}.j2 dest=/etc/{{ item }}
-  with_items:
+  loop:
  - postfix/helo_access
  - postfix/transport
  - postfix/virtual-alias
@ -185,3 +202,6 @@

 - name: Start rspamd
  service: name=rspamd state=started enabled=yes
+
+- name: Start mailman3
+  service: name=mailman3 state=started enabled=yes
--- a/roles/mail/templates/mailman/mailman.cfg.j2
+++ b/roles/mail/templates/mailman/mailman.cfg.j2
@ -0,0 +1,68 @@
+[mailman]
+site_owner: {{ mailman3_site_owner }}
+noreply_address: noreply
+default_language: en
+sender_headers: from from_ reply-to sender
+email_commands_max_lines: 10
+pending_request_life: 3d
+cache_life: 7d
+pre_hook:
+post_hook:
+layout: debian
+filtered_messages_are_preservable: no
+html_to_plain_text_command: /usr/bin/lynx -dump $filename
+listname_chars: [-_.0-9a-z]
+
+[shell]
+prompt: >>>
+banner: Welcome to the GNU Mailman shell
+use_ipython: no
+history_file:
+
+[paths.debian]
+var_dir: /var/lib/mailman3
+queue_dir: $var_dir/queue
+bin_dir: /usr/lib/mailman3/bin
+list_data_dir: $var_dir/lists
+log_dir: /var/log/mailman3
+lock_dir: $var_dir/locks
+data_dir: $var_dir/data
+cache_dir: $var_dir/cache
+etc_dir: /etc/mailman3
+ext_dir: $var_dir/ext
+messages_dir: $var_dir/messages
+archive_dir: $var_dir/archives
+template_dir: $var_dir/templates
+pid_file: /run/mailman3/master.pid
+lock_file: $lock_dir/master.lck
+
+[database]
+class: mailman.database.postgresql.PostgreSQLDatabase
+url: postgres://{{ mailman3_dbuser }}:{{ mailman3_dbpass }}@localhost/{{ mailman3_dbname }}
+debug: no
+
+[logging.debian]
+format: %(asctime)s (%(process)d) %(message)s
+datefmt: %b %d %H:%M:%S %Y
+propagate: no
+level: info
+path: mailman.log
+[webservice]
+hostname: localhost
+port: 8001
+use_https: no
+show_tracebacks: yes
+api_version: 3.1
+admin_user: restadmin
+admin_pass: {{ mailman3_restadminpass }}
+
+[mta]
+incoming: mailman.mta.postfix.LMTP
+outgoing: mailman.mta.deliver.deliver
+smtp_host: localhost
+smtp_port: 25
+smtp_user:
+smtp_pass:
+lmtp_host: 127.0.0.1
+lmtp_port: 8024
+configuration: python:mailman.config.postfix
--- a/roles/mail/templates/postfix/main.cf.j2
+++ b/roles/mail/templates/postfix/main.cf.j2
@ -11,6 +11,7 @@ inet_interfaces = all
 inet_protocols = all
 message_size_limit = 50000000
 recipient_delimiter = +
+owner_request_special = no
 unknown_local_recipient_reject_code = 550
 strict_rfc821_envelopes = yes
 disable_vrfy_command = yes
@ -115,9 +116,15 @@ unverified_recipient_reject_code = 550
 unverified_recipient_reject_reason = Recipient unknown

 # mailman
-relay_domains = {{ mailman_domain }}
-relay_recipient_maps = hash:/var/lib/mailman/data/virtual-mailman
-transport_maps = hash:/etc/postfix/transport
+relay_domains =
+    hash:/var/lib/mailman3/data/postfix_domains
+    {{ mailman_domain }}
+local_recipient_maps =
+    hash:/var/lib/mailman3/data/postfix_lmtp
+    hash:/var/lib/mailman/data/virtual-mailman
+transport_maps =
+    hash:/var/lib/mailman3/data/postfix_lmtp
+    hash:/etc/postfix/transport
 mailman_destination_recipient_limit = 1

 # postsrsd
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@ -11,7 +11,7 @@

 - name: Install matrix
  apt: name={{ item }}
-  with_items:
+  loop:
  - matrix-synapse-py3
  - postgresql
  - python-psycopg2
@ -28,7 +28,7 @@

 - name: Configure matrix
  template: src=matrix-synapse/{{ item }}.j2 dest=/etc/matrix-synapse/{{ item }}
-  with_items:
+  loop:
  - homeserver.yaml
  - log.yaml
  - conf.d/server_name.yaml
--- a/roles/member-sw/tasks/main.yml
+++ b/roles/member-sw/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install software for members
  apt: name={{ item }}
-  with_items:
+  loop:
  - ansible
  - git
  - irssi
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -11,7 +11,7 @@

 - name: Install packages
  apt: name={{ item }}
-  with_items:
+  loop:
  - php-redis
  - php7.3
  - php7.3-bcmath
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@ -20,7 +20,7 @@
 - name: Create DH parameters
  command: openssl dhparam -outform PEM -out {{ item }} 2048 creates={{ item }}
  when: nginx_ssl == True
-  with_items:
+  loop:
  - /etc/nginx/dhparam.pem

 - name: Configure nginx
--- a/roles/partdb/tasks/main.yml
+++ b/roles/partdb/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install dependencies
  apt: name={{ item }}
-  with_items:
+  loop:
  - php7.3-fpm
  - php7.3-ldap
  - php7.3-mysql
--- a/roles/prosody/tasks/main.yml
+++ b/roles/prosody/tasks/main.yml
@ -9,7 +9,7 @@

 - name: Install prosody
  apt: name={{ item }}
-  with_items:
+  loop:
  - prosody
  - libsasl2-modules-ldap
  - sasl2-bin
@ -25,7 +25,7 @@

 - name: Configure sasl
  copy: src={{ item }} dest=/etc/{{ item }}
-  with_items:
+  loop:
  - default/saslauthd
  - sasl/xmpp.conf

--- a/roles/radius/tasks/main.yml
+++ b/roles/radius/tasks/main.yml
@ -24,19 +24,19 @@

 - name: Create DH parameters
  command: openssl dhparam -outform PEM -out {{ item }} 2048 creates={{ item }}
-  with_items:
+  loop:
  - /etc/freeradius/3.0/certs/dh
  notify: Restart freeradius

 - name: Configure radius server
  template: src={{ item }}.j2 dest=/etc/freeradius/3.0/{{ item }} owner=freerad group=freerad
-  with_items:
+  loop:
  - clients.conf
  notify: Restart freeradius

 - name: Configure radius server
  copy: src={{ item }} dest=/etc/freeradius/3.0/{{ item }} owner=freerad group=freerad
-  with_items:
+  loop:
  - mods-available/eap
  - mods-config/files/authorize
  - sites-available/default
@ -47,7 +47,7 @@

 - name: Ensure sites are symlinked
  file: src=../sites-available/{{ item }} dest=/etc/freeradius/3.0/sites-enabled/{{ item }} state=link
-  with_items:
+  loop:
  - default
  - inner-tunnel
  notify: Restart freeradius
--- a/roles/slapd/tasks/main.yml
+++ b/roles/slapd/tasks/main.yml
@ -13,7 +13,7 @@

 - name: Copy schema definitons
  copy: src={{ item }} dest=/etc/ldap/{{ item }}
-  with_items:
+  loop:
  - schema/kitchen.schema
  - schema/openssh-lpk.schema
  - schema/radius.schema
--- a/roles/uau/tasks/main.yml
+++ b/roles/uau/tasks/main.yml
@ -2,12 +2,12 @@

 - name: Install unattended upgrades
  apt: name={{ item }}
-  with_items:
+  loop:
  - unattended-upgrades
  - debian-goodies

 - name: Configure unattended upgrades
  template: src={{ item }}.j2 dest=/etc/apt/apt.conf.d/{{ item }}
-  with_items:
+  loop:
  - 02periodic
  - 50unattended-upgrades
--- a/roles/web/tasks/main.yml
+++ b/roles/web/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Install dependencies
  apt: name={{ item }}
-  with_items:
+  loop:
  - php-fpm
  - php-ldap
  - php-sqlite3
Author	SHA1	Message	Date
Kishi85	e85b3354dd	mail: Use postgresql for mailman3	2020-02-29 20:51:28 +01:00
Kishi85	cceb1a3bdd	mail: fix logrotate config	2020-02-29 19:39:15 +01:00
Kishi85	805fe16f48	mail: Setup postfix up for mailman3	2020-02-29 19:09:37 +01:00
Kishi85	2ecd06d066	acertmgr: Use latest package from github instead of git checkout	2020-02-17 20:22:52 +01:00
Kishi85	1a116703db	Add excludes to logrotate.d config and update to correct paths	2020-02-04 15:01:13 +01:00
Kishi85	cc91246e92	replace deprecated with_items with loop	2020-02-03 19:46:31 +01:00