104 lines
2.6 KiB
YAML
104 lines
2.6 KiB
YAML
---
|
|
|
|
- name: Install needed packages
|
|
become: true
|
|
ansible.builtin.apt:
|
|
name:
|
|
- dovecot-pgsql
|
|
- dovecot-imapd
|
|
- dovecot-managesieved
|
|
- dovecot-lmtpd
|
|
|
|
- name: Create vmail group
|
|
become: true
|
|
ansible.builtin.group:
|
|
name: vmail
|
|
gid: 5000
|
|
state: present
|
|
|
|
- name: Create vmail user
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: vmail
|
|
uid: 5000
|
|
group: vmail
|
|
home: /var/vmail
|
|
create_home: true
|
|
state: present
|
|
|
|
- name: Add login to auth_mechanisms
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-auth.conf
|
|
regexp: '^auth_mechanisms =.*'
|
|
line: auth_mechanisms = plain login
|
|
notify: Reload dovecot service
|
|
|
|
- name: Remove system auth
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-auth.conf
|
|
regexp: '^#?\!include auth-system.conf.ext'
|
|
line: '#!include auth-system.conf.ext'
|
|
notify: Reload dovecot service
|
|
|
|
- name: Add SQL auth
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-auth.conf
|
|
regexp: '^#?\!include auth-sql.conf.ext'
|
|
line: '!include auth-sql.conf.ext'
|
|
notify: Reload dovecot service
|
|
|
|
- name: Configure mail_location
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-mail.conf
|
|
regexp: '^mail_location =.*'
|
|
line: mail_location = maildir:~/Maildir
|
|
notify: Reload dovecot service
|
|
|
|
- name: Add quota plugin
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-mail.conf
|
|
regexp: '^#?mail_plugins =.*'
|
|
line: mail_plugins = quota
|
|
notify: Reload dovecot service
|
|
|
|
- name: Add postfix auth socket config
|
|
become: true
|
|
ansible.builtin.blockinfile:
|
|
path: /etc/dovecot/conf.d/10-master.conf
|
|
block: |
|
|
unix_listener /var/spool/postfix/private/auth {
|
|
mode = 0660
|
|
user = postfix
|
|
group = postfix
|
|
}
|
|
insertafter: '# Postfix smtp-auth'
|
|
notify: Reload dovecot service
|
|
|
|
- name: Add ssl cert and key config
|
|
become: true
|
|
loop:
|
|
- regexp: '^ssl_cert =.*'
|
|
line: "ssl_cert = </etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/fullchain.pem"
|
|
- regexp: '^ssl_key =.*'
|
|
line: "ssl_key = </etc/letsencrypt/live/{{ ansible_hostname }}.tunuifranken.info/privkey.pem"
|
|
- regexp: '^ssl =.*'
|
|
line: ssl = required
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/dovecot/conf.d/10-ssl.conf
|
|
regexp: "{{ item.regexp }}"
|
|
line: "{{ item.line }}"
|
|
notify: Reload dovecot service
|
|
|
|
- name: Copy dovecot-sql.conf.ext
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: dovecot-sql.conf.ext.j2
|
|
dest: /etc/dovecot/dovecot-sql.conf.ext
|
|
owner: root
|
|
group: root
|
|
mode: "640"
|