From 8d6156069374bd8f30fd9aedba88313039ae61cd Mon Sep 17 00:00:00 2001 From: L3D Date: Sat, 9 Jan 2021 04:28:13 +0100 Subject: [PATCH] Improve mailserver groups --- roles/mailserver_preperation/README.md | 4 +++ .../mailserver_preperation/defaults/main.yml | 19 ++++++++--- roles/mailserver_preperation/tasks/hosts.yml | 30 +++++++++++++++++ roles/mailserver_preperation/tasks/main.yml | 30 +++-------------- roles/mailserver_preperation/tasks/user.yml | 32 +++++++++++++++++++ roles/mailserver_preperation/vars/main.yml | 2 +- 6 files changed, 86 insertions(+), 31 deletions(-) create mode 100644 roles/mailserver_preperation/README.md create mode 100644 roles/mailserver_preperation/tasks/hosts.yml create mode 100644 roles/mailserver_preperation/tasks/user.yml diff --git a/roles/mailserver_preperation/README.md b/roles/mailserver_preperation/README.md new file mode 100644 index 0000000..b13512a --- /dev/null +++ b/roles/mailserver_preperation/README.md @@ -0,0 +1,4 @@ +Requirements: + - unbound for dns from localhost + - rspamd... maybe + ... diff --git a/roles/mailserver_preperation/defaults/main.yml b/roles/mailserver_preperation/defaults/main.yml index 5bdb6ce..d228818 100644 --- a/roles/mailserver_preperation/defaults/main.yml +++ b/roles/mailserver_preperation/defaults/main.yml @@ -1,12 +1,23 @@ --- -set_additional_nameserver: true -additional_v4nameserver: '46.182.19.48' -additional_v6nameserver: '2a02:2970:1002::18' -additional_dns_maildomains: "{{ ansible_fqdn }}" # which is the reverse dns and dns name of this mail server mailserver_domain: "{{ ansible_fqdn }}" +# configure proper dns resolution +set_additional_nameserver: true +additional_v4nameserver: '46.182.19.48' +additional_v6nameserver: '2a02:2970:1002::18' + +# add additional entrys do your local /etc/hosts for the localhost entry +additional_dns_maildomains: "{{ mailserver_domain }}" + +# mailser settings +mailserver__user: 'vmail' +mailserver__group: 'vmail' +mailserver__home: '/var/vmail' +mailserver__shell: '/bin/false' + + mailserver__domains: [] # - fqdn: example.com diff --git a/roles/mailserver_preperation/tasks/hosts.yml b/roles/mailserver_preperation/tasks/hosts.yml new file mode 100644 index 0000000..220beee --- /dev/null +++ b/roles/mailserver_preperation/tasks/hosts.yml @@ -0,0 +1,30 @@ +--- +- name: "set {{ mailserver_domain }} as hostname" + become: true + hostname: + name: "{{ mailserver_domain }}" + +- name: Add hostname to /etc/hosts + become: true + lineinfile: + dest: /etc/hosts + regexp: "^127.0.1.1" + line: "127.0.1.1 {{ inventory_hostname }} {{ ansible_hostname }} {{ additional_dns_maildomains }}" + state: present + +- name: Set /etc/mailname + become: true + copy: + dest: "/etc/mailname" + content: "{{ mailserver_domain }}" + +- name: set own dns resolver + become: true + template: + src: templates/resolve.conf.j2 + dest: /etc/resolv.conf + mode: 0644 + owner: root + group: root + + diff --git a/roles/mailserver_preperation/tasks/main.yml b/roles/mailserver_preperation/tasks/main.yml index 9005040..b714e50 100644 --- a/roles/mailserver_preperation/tasks/main.yml +++ b/roles/mailserver_preperation/tasks/main.yml @@ -2,33 +2,11 @@ - include_tasks: versioncheck.yml when: submodules_versioncheck|bool -- name: "set {{ inventory_hostname }} as hostname" - become: true - hostname: - name: "{{ inventory_hostname }}" +- name: configure local hostnames + include_tasks: hosts.yml -- name: Add hostname to /etc/hosts - become: true - lineinfile: - dest: /etc/hosts - regexp: "^127.0.1.1" - line: "127.0.1.1 {{ inventory_hostname }} {{ ansible_hostname }} {{ additional_dns_maildomains }}" - state: present - -- name: Set /etc/mailname - become: true - copy: - dest: "/etc/mailname" - content: "{{ inventory_hostname }}" - -- name: set own dns resolver - become: true - template: - src: templates/resolve.conf.j2 - dest: /etc/resolv.conf - mode: 0644 - owner: root - group: root +- name: configure vmail user + include_tasks: user.yml - name: configure mariadb include_tasks: mariadb.yml diff --git a/roles/mailserver_preperation/tasks/user.yml b/roles/mailserver_preperation/tasks/user.yml new file mode 100644 index 0000000..8846ea8 --- /dev/null +++ b/roles/mailserver_preperation/tasks/user.yml @@ -0,0 +1,32 @@ +--- +- name: create mail group + group: + name: "{{ mailserver__group }}" + state: present + +- name: Create mail user + become: true + user: + name: "{{ mailserver__user }}" + home: "{{ mailserver__home }}" + group: "{{ mailserver__group }}" + shell: "{{ mailserver__shell }}" + +- name: Create mail user sieve directory + become: true + file: + path: "{{ mailserver__home }}/sieve/global" + state: directory + owner: vmail + group: vmail + mode: 0770 + recurse: true + +- name: Create mail user mailbox directory + bevome: true + file: + path: /var/vmail/mailboxes + state: directory + owner: vmail + group: vmail + mode: 0770 diff --git a/roles/mailserver_preperation/vars/main.yml b/roles/mailserver_preperation/vars/main.yml index 30d428c..aa39641 100644 --- a/roles/mailserver_preperation/vars/main.yml +++ b/roles/mailserver_preperation/vars/main.yml @@ -1,3 +1,3 @@ --- -playbook_version_number: 32 # should be int +playbook_version_number: 33 # should be int playbook_version_path: 'role-mailserver_roles-ansile_github.com.version'