Create certficate config in mail role.

2016-02-28 15:30:57 +01:00 · 2016-02-28 15:30:57 +01:00 · 3bfa0391b1
commit 3bfa0391b1
parent 2732c1a4ca
2 changed files with 31 additions and 0 deletions
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@ -81,6 +81,10 @@
  notify: Run postmap
  tags: mail

+- name: Configure certificate manager
+  template: src=certs.j2 dest=/etc/acme/domains.d/{{ ansible_fqdn }}_mail.conf
+  tags: mail
+
 - name: Create razor directory structure
  command: razor-admin -create chdir=/var/lib/amavis creates=/var/lib/amavis/.razor
  become: yes
--- a/roles/mail/templates/certs.j2
+++ b/roles/mail/templates/certs.j2
@ -0,0 +1,27 @@
+---
+
+{{ ansible_fqdn }}:
+- path: /etc/postfix/ssl/{{ ansible_fqdn }}.crt
+  user: postfix
+  group: postfix
+  perm: '400'
+  format: crt
+  notify: 'service postfix reload'
+- path: /etc/postfix/ssl/{{ ansible_fqdn }}.key
+  user: postfix
+  group: postfix
+  perm: '400'
+  format: key
+  notify: 'service postfix reload'
+- path: /etc/dovecot/ssl/{{ ansible_fqdn }}.crt
+  user: dovecot
+  group: dovecot
+  perm: '400'
+  format: crt
+  notify: 'service dovecot reload'
+- path: /etc/dovecot/ssl/{{ ansible_fqdn }}.key
+  user: dovecot
+  group: dovecot
+  perm: '400'
+  format: key
+  notify: 'service dovecot reload'