Improve sql layout and template. andd basic versionscheck

host_vars/mail01.l3d.space/vault.yml

@@ -1,50 +1,62 @@
 $ANSIBLE_VAULT;1.1;AES256
-32356163343836656430373839643235393161393863643362643064653738616436393332383034
-3861323834306562316565383139356636646566316632640a613738393539393138396436636135
-33663230343531613232333031323763353266656262393038306430653835396666316237303739
-3961333263623463370a653337623332383032643038613831646661616562646536363563646234
-63633262386566326138653730363563633465623139346133303166616637383037363935323332
-34653436383661656633386436303564373434653365313434353136363538356134666339366439
-35373435393739343563653033393461396138323532313061303762353566343164393561373338
-63326130313663663261303861386664396131386530353637643830666364303935653465623361
-63383634393464396463346666386563316163333034306463303962656232373965303961366631
-39633363363433333461353131633161616264666234616235653632363735623539636336313036
-66303665656264333636383564623938346336623632356437333238316364306461393661396637
-39313466316233376638343037656665383964616533656337626565653639643635303039333437
-32396235373537353734383932393331616635313436333530326665363332336165396633303061
-34316132653837356236663365383538353065376232626538393933613764313366303263323935
-31323763613431313335663138636563313336313534653163363239353966323961333838613733
-66613736326666616136396264336335313837646335373464303139643638313761656263656337
-30613134373364393335376363316439363936656366653463383934376366313461363866323133
-30383533303532333365366338363932306139393131393365323737393931396535323266316166
-39633539613966333662303933333036666461396466626332353334633533323265653638393438
-62353034323064646234623566313630363633623864346365393932653466663362356430343065
-33656166643035663438383434386531646137613138303730623265616333363233306434313635
-66356363613362333265326432633730373633646462386565303335383363333963366361393234
-32626539663764373130666232313030323938316639323462616438623264336133626432366338
-63343166306630653765643138326231653132656234323332353634333436366230623436373165
-62666434656666623533306136663735343632316332663062326664646261666263306231366536
-34626535366531366534353066373931376435323836386436393632386462346231353866376663
-31373966313066316561326431353930663234313964616435636365623864626233363431306266
-33373334646239326333653038343134663534383162366536383939663031646563656334323262
-66363962366162353563393761383861616366386463333463356336353839313166643832323036
-37346535353963393162656564363465333038366336316637393430366136363966373537316237
-39613564663630626431646263666666636334326564366337333466366161356661326166626533
-36373564663835356337303763616161346139333438356564306533336132643138643733323038
-35666463333735326530653736303233303963353334313062646634356634383365616130353436
-35386130343638343030633431363165366633653264613165373737646232616636363738366165
-31353361333166626565333237353338343933356234303061346163356632643039616365383666
-30666133616265643164336536366136313439383064666630363732623032363534393864656566
-63666366653732353063633163633565373438663064353361613965633863313964316430383237
-31353062353331623439633263366638396332346462663064626639393135383263646635633736
-36666431653430373332373263336533306162316133333761323839643163643634383533633530
-39333465663435663231636134326239636430383664353139626435313137353139383762376233
-35356366663366633938303730323965633136333763303333343730363833666337646638376532
-36663832393364633934333630313635363332306261373633323332653265313061323737396263
-62316664396532353266653166343966333066363562663438353737616266383963363830643661
-35643436373533666434656334343535326462613236306434303035333661626362633530303265
-31383037346466613730313161623234623431633066323561306663633465626630643732316162
-66623465343438393763353162373961663935633733353830353935636237396133363932613936
-63663032333663353239623238343164626265623864663963643134356630633964333132323430
-62386566383264656265356466393463303438343134323562336532393434313634313162376236
-65393564656133643333303764313063376161333531356538636164366665623230
+31623234383732623436363661306139383333633634323633303135663231346266356233336365
+3034316632303630386635363866663135383838633363360a356139363732383533623935393838
+66643662333733333165393835636533616565633263363264636466323431353933653933353033
+3164626132653961390a656663646632343830303563313538623734643338326432666635623031
+65383963346237376363313366356366343633666165396463623435366135356261346339613433
+38313161373431653838356337653434666532636237333066386435376438633535353932626638
+30616335633237393066396638653064616232363135653361376261346365306135623933633635
+64313531383533346163383138613335663430366132373538643935346436656230376639346662
+30373232653465646161396566656539333336616331356238613230383662313264366533346431
+63323039366533663832666466646533313735373931626163313036363431363564633732303963
+62663236653933366637383964343836616162393432386139363866313565376563663738396663
+65303536373039373339326635653661646565376130613530653136643636306334363135313832
+64613038336139323862653739363966643462386335613764646163353964666232623033646135
+30333562303231626663383639333236633365336436333933386337306335363765646633306333
+30656135346663353234366262383237303134613163383936386330383738363561613531343963
+30353830333139636231336239396239366633623835373735393434376161393035346462386235
+62663132626366323365346662386430343262646561366338303633353130353034363036623333
+32363831333833363835633962366563653165643138663932383264363038343763623533333364
+36616438373836666161613836663334666663303666643734323834666539336562386566346632
+33363264376561623235373430366133303330623364353034656338656334633666643936383065
+63373137626334326638333866333934343237303833366437373033363262653439323166646531
+33383262393438646239653162313530386265663633343839326466326130666538643364383133
+35356162373034313830383833336666313331633630336633633633356534663637656466376231
+30316535643235626132356262613134636438363962303030396239376464383230323362313331
+36336662633431633330313838336534306265326662316333373136386432323664663765316564
+35366365376538346163373363376530303766333764353430343165366534623361626634613630
+36326232386530393339323836386639396537383334333032626231616534663934653766303332
+61616565326630336539393636373663393864366432623633353237373465643039373130323739
+64656665646630393139303132363361306134613164323835303538333264336666303762316334
+31316530633663323361316232393765653931653239316139626631656431303731323465376237
+36333165326632623831386538326266633432383938636131653866323166326434303939616433
+35323733376533656634363631323639313439663465373939346533656231303231356232346465
+62376238343632333932636630656462353439383166353734613863333435303735616361393636
+30316536613130376661353761393738633364653332396162366563636335613537353465386630
+63303966343736643639636466373137326132343763393733383536346461343462313831383134
+39323838336434326437373838346132336637663162663838376133313735386235666164303736
+61323938646161393336323936326436633863316430643065376331323863353961643361316666
+62333331316563313263663436626661373738383037653438316566323963353330356466313934
+36363537376237363630353433613035373064343966376265316630653561616437396430616338
+35653539346638616464303735653665313361373262663032653065343138353561666335313335
+61373230336231376530613765316661666664636233333631373630333435356636313861393334
+66383665663538333661386564353834666135356637353238663165303461323865633762353437
+61363237646366323638626331643430326364313639383166343633633631626264323035353133
+35373262663634323630613834323665656261326435313137323262373431336439643033363931
+38663963393637383737366338303635316662333465303462396139333138383935303237326161
+39363734336662333932363766396132303566326466653361316135386235343865353639373736
+31366632343366326666633161323835346433313265643861343963613862646265346439313733
+37646566653635656163653334386631643562613435653335326562333364663035323434343232
+61313138326561373565356233663465393162336638353161613264303863353162366533383664
+62643330373965623564616130313736326266653762336431303733303030383831623732306265
+30363133346535343339373639383962303936393166653136316462306662376464313737313634
+35656332643632306536333636393864326431616136623138663464363730383462666166373163
+62366362666238316439373165643133666136343931356166323665336334343132333236633133
+61396166323931366338656637356438393335663131333364363665366638663338383162626164
+64323565616435366533303330393133613239396434346438356432663065306263643061633662
+31363630626231653431616662333363346433303436373964333536336430373634356363353534
+35393565343032636163386231323831646562633338303630636333383638633234363961363262
+38393162653764346264366333366236316331343730336366656537356434646234646237643433
+62313461306334383633666633666435346561633630613361326463356435623134653738303734
+38643666333037303539623165663032306435383462323035303338663337356562393834323339
+3431

roles/mailserver_preperation/defaults/main.yml

@@ -4,4 +4,27 @@ additional_v4nameserver: '46.182.19.48'
 additional_v6nameserver: '2a02:2970:1002::18'
 additional_dns_maildomains: "{{ ansible_fqdn }}"
 
+# which is the reverse dns and dns name of this mail server
 mailserver_domain: "{{ ansible_fqdn }}"
+
+mailserver__domains: []
+#  - fqdn: example.com
+
+mailserver__accounts: []
+#  - username: 'alice'
+#    domain: 'example.com'
+#    password_hash:  # generate with $(doveadm pw -s SHA512-CRYPT)
+#      # or $ python -c 'import crypt,getpass; print(crypt.crypt(getpass.getpass(), crypt.mksalt(crypt.METHOD_SHA512)))'
+#    quota: '0'
+#    enabled: true
+#    sendonly: false
+
+mailserver__alias:
+#  - src_username: 'bob' # null for catchall
+#    src_domain: 'example.com'
+#    dest_username: 'alice'
+#    dest_domain: 'example.com'
+#    enabled: true
+
+# should we enable basic versionscheck (true is recomended)
+submodules_versioncheck: false

roles/mailserver_preperation/files/schema.sql

@@ -2,14 +2,14 @@ CREATE DATABASE IF NOT EXISTS vmail CHARACTER SET 'utf8';
 
 USE vmail;
 
-CREATE TABLE `domains` (
+CREATE TABLE IF NOT EXISTS `domains` (
     `id` int unsigned NOT NULL AUTO_INCREMENT,
     `domain` varchar(255) NOT NULL,
     PRIMARY KEY (`id`),
     UNIQUE KEY (`domain`)
 );
 
-CREATE TABLE `accounts` (
+CREATE TABLE IF NOT EXISTS `accounts` (
     `id` int unsigned NOT NULL AUTO_INCREMENT,
     `username` varchar(64) NOT NULL,
     `domain` varchar(255) NOT NULL,
@@ -22,9 +22,9 @@ CREATE TABLE `accounts` (
     FOREIGN KEY (`domain`) REFERENCES `domains` (`domain`)
 );
 
-CREATE TABLE `aliases` (
+CREATE TABLE IF NOT EXISTS `aliases` (
     `id` int unsigned NOT NULL AUTO_INCREMENT,
-    `source_username` varchar(64) NOT NULL,
+    `source_username` varchar(64) NULL,
     `source_domain` varchar(255) NOT NULL,
     `destination_username` varchar(64) NOT NULL,
     `destination_domain` varchar(255) NOT NULL,
@@ -34,7 +34,7 @@ CREATE TABLE `aliases` (
     FOREIGN KEY (`source_domain`) REFERENCES `domains` (`domain`)
 );
 
-CREATE TABLE `tlspolicies` (
+CREATE TABLE IF NOT EXISTS  `tlspolicies` (
     `id` int unsigned NOT NULL AUTO_INCREMENT,
     `domain` varchar(255) NOT NULL,
     `policy` enum('none', 'may', 'encrypt', 'dane', 'dane-only', 'fingerprint', 'verify', 'secure') NOT NULL,

roles/mailserver_preperation/tasks/main.yml

@@ -1,4 +1,6 @@
 ---
+- include_tasks: versioncheck.yml
+  when: submodules_versioncheck|bool
 
 - name: "set {{ inventory_hostname }} as hostname"
   become: true

roles/mailserver_preperation/tasks/mariadb.yml

@@ -22,18 +22,20 @@
     dest: /root/.mariadb_schema/config.sql
   register: mysqlconfig
 
-- name: Import database schema
+- name: create database schema
   become: true
-  mssql_db:
+  community.mysql.mysql_db:
     name: vmail
+    encoding: 'utf8'
     state: import
     target: '/root/.mariadb_schema/schema.sql'
   when: mysqlschema.changed
 
 - name: Import database schema
   become: true
-  mssql_db:
+  community.mysql.mysql_db:
     name: vmail
+    encoding: 'utf8'
     state: import
     target: '/root/.mariadb_schema/config.sql'
   when: mysqlconfig.changed

roles/mailserver_preperation/tasks/versioncheck.yml

@@ -0,0 +1,46 @@
+---
+- name: Create directory for versionscheck
+  become: true
+  file:
+    path: '/etc/.ansible-version'
+    state: directory
+    mode: 0755
+  when: submodules_versioncheck|bool
+
+- name: check playbook version
+  become: true
+  slurp:
+    src: "/etc/.ansible-version/{{ playbook_version_path }}"
+  register: playbook_version
+  when: submodules_versioncheck|bool
+  ignore_errors: yes
+  failed_when: false
+
+- name: Print remote role version
+  debug:
+    msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
+  when: submodules_versioncheck|bool
+
+- name: Print locale role version
+  debug:
+    msg: "Local role version: '{{ playbook_version_number|string }}'."
+  when: submodules_versioncheck|bool
+
+- name: Check if your version is outdated
+  fail:
+    msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
+  when:
+    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool
+
+- name: check if '/etc/ansible-version/' is empty
+  find:
+    paths: '/etc/ansible-version/'
+  register: filesFound
+
+- name: write new version to remote disk
+  become: true
+  copy:
+    content: "{{ playbook_version_number }}"
+    dest: "/etc/.ansible-version/{{ playbook_version_path }}"
+    mode: 0644
+  when: submodules_versioncheck|bool

roles/mailserver_preperation/templates/mysqlconfig.sql.j2

@@ -1,27 +1,11 @@
 {#-
-  which table are we setting up
--#}
-use vmail;
-{#-
-  setup mailserver domain
-#}
-insert into domains (domain) values ('{{ mailserver_domain }}');
-{#-
-  create all mail users, domains and enter password hashes...
 
-
-  CREATE TABLE `accounts` (
-    `id` int unsigned NOT NULL AUTO_INCREMENT,
-    `username` varchar(64) NOT NULL,
-    `domain` varchar(255) NOT NULL,
-    `password` varchar(255) NOT NULL,
-    `quota` int unsigned DEFAULT '0',
-    `enabled` boolean DEFAULT '0',
-    `sendonly` boolean DEFAULT '0',
-    PRIMARY KEY (id),
-    UNIQUE KEY (`username`, `domain`),
-    FOREIGN KEY (`domain`) REFERENCES `domains` (`domain`)
-  );
+  This is the mysql command template for updating all existing users, domains and alias config.
+  The following yml is an example confiuration...
+############
+---
+  mailserver__domains:
+    - fqdn: example.com
 
   mailserver__accounts:
     - username: 'alice'
@@ -39,34 +23,77 @@ insert into domains (domain) values ('{{ mailserver_domain }}');
       dest_domain: 'example.com'
       enabled: true
 
-#}
-{% for account in mailserver__accounts %}
+###############
+
+  OK, first we select the wanted database!
+
+-#}
+
+use vmail;
+
 {#
-  INSERT into accounts (username, domain, password, quota, enabled, sendonly) values ('{{ account["username"] }}', '{{ account["domain"] }}', '{{ account["password_hash"] }}', {{ account["quota"]|default(0) | int }}, {{ account["enabled"] | bool |ternary('true', 'false') }} , {{ account["sendonly"] | bool |ternary('true', 'false' }});
+
+  Next we will define all existing domains.
+  We use INSERT IGNORE to insert the domains and ignore duplicates.
+
+  To delete a domain you have to do it manually using mysql commands or sth. like that!
+
+-#}
+
+INSERT IGNORE INTO domains
+  (domain)
+values
+{% for domain in mailserver__domains %}
+  ('{{ domain["fqdn"] }}')
+  {%- if loop.last -%}
+    ;
+  {%- else -%}
+    ,
+  {%- endif %}
+
+{% endfor %}
+
+{#-
+
+  Now we will define the users and passwords.
+  We will use REPLACE to replace updated entrys or add new one.
+
 #}
+
 REPLACE into accounts
   (username, domain, password, quota, enabled, sendonly)
 values
-  ('{{ account["username"] }}', '{{ account["domain"] }}', '{{ account["password_hash"] }}', {{ account["quota"]|default(0) | int }}, {{ account["enabled"] | bool | ternary('true', 'false') }} , {{ account["sendonly"] | bool | ternary('true', 'false' )}});
+{% for account in mailserver__accounts %}
+  ('{{ account["username"] }}', '{{ account["domain"] }}', '{{ account["password_hash"] }}', {{ account["quota"]|default(0) | int }}, {{ account["enabled"] | bool | ternary('true', 'false') }} , {{ account["sendonly"] | bool | ternary('true', 'false' )}})
+  {%- if loop.last -%}
+    ;
+  {%- else -%}
+    ,
+  {%- endif %}
+
 {% endfor %}
-{#-
-  create all mail aliases and stuff like that...
-#}
-{% for alias in mailserver__alias %}
+
 {#
-  INSERT into aliases
-    (source_username, source_domain, destination_username, destination_domain, enabled)
-  values
-    ('{{ alias["src_username"] }}', '{{ alias["src_domain"] }}', '{{ alias["dest_username"] }}', '{{ alias["dest_domain"] }}', {{ alias["enabled"] | bool | ternary('true', 'false') }});
+
+  Last we will define some aliases and catchall...
+
 #}
+
 REPLACE into aliases
   (source_username, source_domain, destination_username, destination_domain, enabled)
 values
+{% for alias in mailserver__alias %}
   (
     {%- if alias["src_username"] == 'null' -%}
       null
     {%- else -%}
       '{{ alias["src_username"] }}'
     {%- endif -%}
-      , '{{ alias["src_domain"] }}', '{{ alias["dest_username"] }}', '{{ alias["dest_domain"] }}', {{ alias["enabled"] | bool | ternary('true', 'false') }});
+      , '{{ alias["src_domain"] }}', '{{ alias["dest_username"] }}', '{{ alias["dest_domain"] }}', {{ alias["enabled"] | bool | ternary('true', 'false') }})
+  {%- if loop.last -%}
+    ;
+  {%- else -%}
+    ,
+  {%- endif %}
+
 {% endfor %}

roles/mailserver_preperation/vars/main.yml

@@ -0,0 +1,3 @@
+---
+playbook_version_number: 32 # should be int
+playbook_version_path: 'role-mailserver_roles-ansile_github.com.version'