mdk
/
infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Exim to smarthost to galae.

This commit is contained in:
Julien Palard 2024-03-07 18:22:31 +01:00
parent 2cee788bbb
commit b37c42d8c6
Signed by: mdk
GPG Key ID: 0EFC1AC1006886F8
5 changed files with 104 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
base.yml
View File

@ -82,43 +82,6 @@
notify: restart sshd
tags: ssh
- name: msmtp config
copy:
dest: /etc/msmtprc
content: |
defaults
auth on
tls on
tls_starttls off
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile /var/log/msmtp
account galae
auth plain
host mail.galae.net
port 465
from {{ vault_smtp_username }}
user {{ vault_smtp_username }}
password {{ vault_smtp_password }}
account default : galae
- name: Install msmtp
apt:
name: [msmtp, msmtp-mta, bsd-mailx]
- name: Ensure root crontab sends email from me
community.general.cronvar:
user: root
name: MAILFROM
value: "{{ vault_smtp_username }}"
- name: Ensure my crontab sends email from me
community.general.cronvar:
user: mdk
name: MAILFROM
value: "{{ vault_smtp_username }}"
- name: Ensure root crontab sends email to me
community.general.cronvar:
user: root

29
group_vars/all/vault.yml
View File

@ -1,14 +1,17 @@
$ANSIBLE_VAULT;1.1;AES256
65373439643337356162343830646336623863646137656265386537386663363332383833653531
3533623932363765306539363834326133373563363231370a616639616331383930663032326432
30326535303866363130636330396465343966643065666564616665343933653061663939643265
6561353837323236660a663966626237633164383164346165336161616662323466333334326639
30303064303733613562363666613238393138666639346133323635623665336338663766356566
35633637366566393962336265343063366439363439313531396430393331376637656433306561
37333531333739643165386665343332343363636230663662656538376537633131613862353462
39373235333535643866646461383235346464636135333833306134313632633263626235396534
65303335373536356530373937373737333230333433613630613337616562383338613038366133
31613534646663653032623366643530353738356435316633643533353031383436343230353765
34633131333634613535636235363166376636316530393430343330346163646463383162393362
66633735356536616138613562396334616233323037663534313966353633353838646137363166
6562
38396564386463643965633165623963303837663765353832636434646430303233626131333462
3438346362303630336132313962353632643935626636610a386366663232353762623931316665
37653833323566356133376232653562376461336637303933393233336432636633323531633866
6665343132313338630a656233626432323865343065666637626230346437393531393534633134
39303231366263646337303264346231613234373263633134636336616165613435333863353531
30303838383133646535383765326532623832303466353837316636316339613034613330656330
35633363663937373433323235623433396536643732643033353666383762336165666461336633
30326433316663663363313862353332363932313834653863666662353732303332366239663537
65303736633538323932353862313463623733336164346162346231653731343836613536326631
34633461303362626366393463366364653264346138393064363261383331613364343563623861
34616533653534626134376337366635636166313234346533613764376332666662373439336232
35346139346633306235636165323163376132313135323033633666383165616631623735643434
36316465646465383064626261666136313039353361393732353633313837326562623035313436
65313561343963636366643064343237393766363236636265343435666230393638323631326262
35393264646538343737326363393037306231306530643836356565626261356264373365616664
63363565366532313239

3
inventory.yml
View File

@ -1,5 +1,8 @@
[mdk]
www.mdk.fr ansible_host=51.15.187.166 online_server=sd-131717
[laptops]
zhakar.local ansible_host=127.0.0.1
[silence]
silence.local ansible_host=192.168.1.210

6
roles/exim/handlers/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: restart exim4
service:
name: 'exim4'
state: restarted
enabled: yes

79
roles/exim/tasks/main.yml Normal file
View File

@ -0,0 +1,79 @@
---
- name: Install exim4 packages
apt:
name: exim4-daemon-light
state: present
cache_valid_time: 86400
- name: Exim macros
copy:
dest: /etc/exim4/conf.d/main/000_mdk_macros
owner: root
group: root
mode: 0644
content: |
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
REMOTE_SMTP_SMARTHOST_PROTOCOL = smtps
# MAIN_LOG_SELECTOR = +all
notify: restart exim4
- name: Exim wild rewrite
copy:
dest: /etc/exim4/conf.d/rewrite/99_mdk_rewrite
owner: root
group: root
mode: 0644
content: |
*@+local_domains "${lookup{${local_part}}wildlsearch{/etc/email-addresses}\
{$value}fail}" Ffrs
*@ETC_MAILNAME "${lookup{${local_part}}wildlsearch{/etc/email-addresses}\
{$value}fail}" Ffrs
notify: restart exim4
- name: Exim email addresses
copy:
dest: /etc/email-addresses
owner: root
group: root
mode: 0644
content: |
*: {{ smtp_username }}
notify: restart exim4
- name: Exim smarthost password
copy:
dest: /etc/exim4/passwd.client
owner: root
group: Debian-exim
mode: 0640
content: |
{{ smtp_host }}:{{ smtp_username }}:{{ smtp_password }}
notify: restart exim4
- name: Exim smarthost config
copy:
dest: /etc/exim4/update-exim4.conf.conf
owner: root
group: root
mode: 0644
content: |
dc_eximconfig_configtype='smarthost'
dc_other_hostnames='{{ inventory_hostname_short }}'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost='{{ smtp_host }}::{{ smtp_port }}'
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='maildir_home'
register: update_exim4_conf_conf
- name: Exim generate config
when: update_exim4_conf_conf is changed
command: update-exim4.conf
notify: restart exim4