flyingscorpio/self-hosting
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Use var for the main virtual_domain

Browse source
This commit is contained in:
Tunui Franken 2024-01-12 20:44:44 +01:00
parent 96b171baab
commit 3641d2dd35
7 changed files with 17 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
playbook_mailserver.yml
View file

@ -5,13 +5,15 @@
- name: Install mail server - name: Install mail server
gather_facts: true gather_facts: true
hosts: mailserver,mailserver-test hosts: mailserver,mailserver-test
vars:
virtual_domain: tunuifranken.info
roles: roles:
- role: common_handlers - role: common_handlers
tags: always tags: always
- role: deploy_certificate - role: deploy_certificate
vars: vars:
server_admin: dns@tunuifranken.info server_admin: "dns@{{ virtual_domain }}"
domain: "{{ ansible_hostname }}.tunuifranken.info" domain: "{{ ansible_hostname }}.{{ virtual_domain }}"
tags: cert tags: cert
- role: mailserver_database - role: mailserver_database
tags: database tags: database

10
roles/deploy_certificate/templates/renewal.conf.j2
View file

@ -1,10 +0,0 @@
archive_dir = /etc/letsencrypt/archive/{{ domain }}
cert = /etc/letsencrypt/live/{{ domain }}/cert.pem
privkey = /etc/letsencrypt/live/{{ domain }}/privkey.pem
chain = /etc/letsencrypt/live/{{ domain }}/chain.pem
fullchain = /etc/letsencrypt/live/{{ domain }}/fullchain.pem
[renewalparams]
authenticator = webroot
installer = null
server = https://acme-v02.api.letsencrypt.org/directory

4
roles/mailserver_database/tasks/main.yml
View file

@ -31,8 +31,8 @@
- name: Upload postgresql tables script - name: Upload postgresql tables script
become: true become: true
become_user: postgres become_user: postgres
ansible.builtin.copy: ansible.builtin.template:
src: tables.sql src: tables.sql.j2
dest: ~/mailserver_tables.sql dest: ~/mailserver_tables.sql
mode: "644" mode: "644"

9
roles/mailserver_database/files/tables.sql → roles/mailserver_database/templates/tables.sql.j2
View file

@ -2,7 +2,7 @@ CREATE TABLE IF NOT EXISTS virtual_domains (
id integer primary key generated by default as identity, id integer primary key generated by default as identity,
name varchar(50) NOT NULL UNIQUE name varchar(50) NOT NULL UNIQUE
); );
INSERT INTO virtual_domains (name) VALUES ('tunuifranken.info') ON CONFLICT (name) DO NOTHING; INSERT INTO virtual_domains (name) VALUES ('{{ virtual_domain }}') ON CONFLICT (name) DO NOTHING;
CREATE TABLE IF NOT EXISTS virtual_users ( CREATE TABLE IF NOT EXISTS virtual_users (
id integer primary key generated by default as identity, id integer primary key generated by default as identity,
@ -13,12 +13,15 @@ CREATE TABLE IF NOT EXISTS virtual_users (
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) FOREIGN KEY (domain_id) REFERENCES virtual_domains(id)
ON DELETE CASCADE ON DELETE CASCADE
); );
{% for user in 'abuse', 'dns' %}
INSERT INTO virtual_users (domain_id, email, password, quota) VALUES ( INSERT INTO virtual_users (domain_id, email, password, quota) VALUES (
(SELECT id FROM virtual_domains WHERE name = 'tunuifranken.info'), (SELECT id FROM virtual_domains WHERE name = '{{ virtual_domain }}'),
'abuse@tunuifranken.info', '{{ user }}@{{ virtual_domain }}',
'foo', 'foo',
0 0
) ON CONFLICT (email) DO UPDATE SET password = EXCLUDED.password, quota = EXCLUDED.quota; ) ON CONFLICT (email) DO UPDATE SET password = EXCLUDED.password, quota = EXCLUDED.quota;
{% endfor %}
CREATE TABLE IF NOT EXISTS virtual_aliases ( CREATE TABLE IF NOT EXISTS virtual_aliases (
id integer primary key generated by default as identity, id integer primary key generated by default as identity,

4
roles/mailserver_dovecot/tasks/main.yml
View file

@ -98,9 +98,9 @@
become: true become: true
loop: loop:
- regexp: '^ssl_cert =.*' - regexp: '^ssl_cert =.*'
line: "ssl_cert = </etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/fullchain.pem" line: "ssl_cert = </etc/letsencrypt/live/{{ ansible_hostname }}.{{ virtual_domain }}/fullchain.pem"
- regexp: '^ssl_key =.*' - regexp: '^ssl_key =.*'
line: "ssl_key = </etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/privkey.pem" line: "ssl_key = </etc/letsencrypt/live/{{ ansible_hostname }}.{{ virtual_domain }}/privkey.pem"
- regexp: '^ssl =.*' - regexp: '^ssl =.*'
line: ssl = required line: ssl = required
ansible.builtin.lineinfile: ansible.builtin.lineinfile:

2
roles/mailserver_dovecot/templates/quota-warning.sh.j2
View file

@ -4,7 +4,7 @@ PERCENT=$1
USER=$2 USER=$2
cat << EOF | /usr/lib/dovecot/dovecot-lda -d "$USER" -o "plugin/quota=maildir:User quota:noenforcing" cat << EOF | /usr/lib/dovecot/dovecot-lda -d "$USER" -o "plugin/quota=maildir:User quota:noenforcing"
From: postmaster@{{ ansible_hostname }}.tunuifranken.info From: postmaster@{{ ansible_hostname }}.{{ virtual_domain }}
Subject: Quota warning - $PERCENT% reached Subject: Quota warning - $PERCENT% reached
Your mailbox can only store a limited amount of emails. Your mailbox can only store a limited amount of emails.

4
roles/mailserver_postfix/tasks/main.yml
View file

@ -32,8 +32,8 @@
- smtpd_sasl_auth_enable = yes - smtpd_sasl_auth_enable = yes
- smtpd_tls_security_level = may - smtpd_tls_security_level = may
- smtpd_tls_auth_only = yes - smtpd_tls_auth_only = yes
- "smtpd_tls_cert_file = /etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/fullchain.pem" - "smtpd_tls_cert_file = /etc/letsencrypt/live/{{ ansible_hostname }}.{{ virtual_domain }}/fullchain.pem"
- "smtpd_tls_key_file = /etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/privkey.pem" - "smtpd_tls_key_file = /etc/letsencrypt/live/{{ ansible_hostname }}.{{ virtual_domain }}/privkey.pem"
- smtp_tls_security_level = may - smtp_tls_security_level = may
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/postfix/main.cf path: /etc/postfix/main.cf