infra/ansible-role-mailserver
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-mailserver/tasks/main.yml
Julian Rother d544011b66
Fix inconsistent alias domain catchall behaviour 
Postfix lookups for catchall case on non-alias domain:

1. user@domain
   - virtual_alias_maps.cf -> no match
   - virtual_alias_domain_maps.cf -> no match
   - virtual_alias_domain_catchall_maps.cf -> no match
   - custom virtual_alias_maps -> no match
2. user -> not relevant
3. @domain
   - virtual_alias_maps.cf -> **match**, lookup ends here

With an alias domain the behaviour was:

1. user@domain
   - virtual_alias_maps.cf -> no match
   - virtual_alias_domain_maps.cf -> no match
   - virtual_alias_domain_catchall_maps.cf -> **match**, lookup ends here

In this case custom virtual_alias_maps are ignored.

With this change the behaviour is:

1. user@domain
   - virtual_alias_maps.cf -> no match
   - virtual_alias_domain_maps.cf -> no match
   - virtual_alias_domain_catchall_maps.cf -> no match
   - custom virtual_alias_maps -> no match
2. user -> not relevant
3. @domain
   - virtual_alias_maps.cf -> no match
   - virtual_alias_domain_maps.cf -> **match**, lookup ends here

The change removes virtual_alias_domain_catchall_maps.cf entirely and
rewrites virtual_alias_domain_maps.cf to also work for catchall lookups.
2025-08-28 00:21:21 +02:00

222 lines
5.6 KiB
YAML
Raw Blame History

- name: install packages
ansible.builtin.apt:
pkg:
- postfixadmin
- postfix
- postfix-pgsql
- prometheus-postfix-exporter
- postsrsd
- dovecot-common
- dovecot-imapd
- dovecot-managesieved
- dovecot-pgsql
- name: add vmail group
ansible.builtin.group:
name: vmail
system: true
- name: add vmail user
ansible.builtin.user:
name: vmail
group: vmail
home: /nonexistent
create_home: false
system: true
- name: create /var/mail/vmail
ansible.builtin.file:
path: /var/mail/vmail
state: directory
owner: vmail
group: vmail
mode: '0750'
# postfixadmin
- name: create postfixadmin group
ansible.builtin.group:
name: postfixadmin
system: true
- name: create postfixadmin user
ansible.builtin.user:
name: postfixadmin
group: postfixadmin
groups: www-data
home: /nonexistent
create_home: false
system: true
- name: copy postfixadmin config
ansible.builtin.template:
src: postfixadmin/config.local.php.j2
dest: /etc/postfixadmin/config.local.php
owner: root
group: postfixadmin
mode: "0640"
- name: fix access rights to postfixadmin template cache
ansible.builtin.file:
state: directory
owner: postfixadmin
group: postfixadmin
mode: 0700
path: /var/cache/postfixadmin/templates_c
- name: copy postfixadmin mailbox postdeletion script
ansible.builtin.template:
src: postfixadmin/mailbox-postdeletion.sh.j2
dest: /etc/postfixadmin/mailbox-postdeletion.sh
owner: root
group: root
mode: "0755"
- name: copy postfixadmin sudoers config
ansible.builtin.template:
src: postfixadmin/sudoers.j2
dest: /etc/sudoers.d/10-postfixadmin
owner: root
group: root
mode: "0644"
- name: create directory for deleted mailboxes
ansible.builtin.file:
state: directory
owner: vmail
group: vmail
mode: 0700
path: /var/mail/vmail/.deleted/
- name: add cronjob to cleanup deleted mailboxes
ansible.builtin.cron:
name: cleanup deleted mailboxes
job: 'find /var/mail/vmail/.deleted/ -mindepth 1 -maxdepth 1 -mtime +1 -exec rm -r {} \;'
minute: "37"
# php_version and "restart php-fpm" handler from nginx role
- name: create postfixadmin php pool
ansible.builtin.template:
src: postfixadmin/php-fpm-pool.conf.j2
dest: "/etc/php/{{ php_version }}/fpm/pool.d/postfixadmin.conf"
owner: root
group: root
mode: 0644
notify:
- restart php-fpm
# dovecot
- name: copy dovecot config
ansible.builtin.template:
src: "dovecot/{{ item }}.j2"
dest: "/etc/dovecot/{{ item }}"
owner: root
group: root
mode: 0644
loop:
- dovecot.conf
- dovecot-sql.conf
- dovecot-dict-sql.conf
notify: restart dovecot
- name: create global sieve directories
ansible.builtin.file:
state: directory
owner: root
group: root
mode: 0755
path: "{{ item }}"
loop:
- /etc/dovecot/sieve-scripts
- /etc/dovecot/sieve-extprograms
- name: copy sieve extprograms
ansible.builtin.copy:
content: "{{ item.value }}\n"
dest: "/etc/dovecot/sieve-extprograms/{{ item.key }}"
owner: root
group: root
mode: "0755"
loop: "{{ mailserver.dovecot.sieve_extprograms|dict2items }}"
- name: copy sieve scripts
ansible.builtin.copy:
content: "{{ item.value }}\n"
dest: "/etc/dovecot/sieve-scripts/{{ item.key }}.sieve"
owner: root
group: root
mode: "0644"
loop: |
{%- set result = {'after': mailserver.dovecot.sieve_after, 'before': mailserver.dovecot.sieve_before, 'default': mailserver.dovecot.sieve_default} -%}
{%- for name, handler in mailserver.dovecot.sieve_mailbox_handlers.items() -%}
{%- set tmp = result.update(**{'mailbox_'+name+'_before': handler.before|d(none), 'mailbox_'+name+'_after': handler.after|d(none)}) -%}
{%- endfor -%}
{{ result|dict2items|selectattr('value')|tojson }}
register: mailserver_sieve_scripts
- name: compile sieve scripts
ansible.builtin.shell: "sievec '{{ item.dest }}'"
loop: "{{ mailserver_sieve_scripts.results }}"
- name: copy prometheus-dovecot-master-exporter
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- src: dovecot/prometheus-dovecot-master-exporter.j2
dest: /usr/local/sbin/prometheus-dovecot-master-exporter
mode: "0755"
- src: dovecot/prometheus-dovecot-master-exporter.service.j2
dest: /etc/systemd/system/prometheus-dovecot-master-exporter.service
mode: "0644"
notify: restart prometheus-dovecot-master-exporter
# prometheus-postfix-exporter
- name: configure prometheus postfix exporter
ansible.builtin.template:
src: prometheus-postfix-exporter/default.j2
dest: /etc/default/prometheus-postfix-exporter
owner: root
group: root
mode: 0644
notify:
- restart prometheus-postfix-exporter
# postsrsd
- name: configure postsrsd
ansible.builtin.template:
src: postsrsd/default.j2
dest: /etc/default/postsrsd
owner: root
group: root
mode: 0644
notify:
- restart postsrsd
# postfix
- name: create postfix psql config dir
ansible.builtin.file:
state: directory
owner: root
group: root
mode: 0755
path: "/etc/postfix/pgsql"
- name: copy postfix config
ansible.builtin.template:
src: "postfix/{{ item }}.j2"
dest: "/etc/postfix/{{ item }}"
owner: root
group: root
mode: 0644
loop:
- main.cf
- master.cf
- header_checks
- pgsql/relay_domains.cf
- pgsql/virtual_alias_maps.cf
- pgsql/virtual_alias_domain_maps.cf
- pgsql/virtual_domains_maps.cf
- pgsql/virtual_mailbox_maps.cf
- pgsql/virtual_sender_maps.cf
notify: restart postfix
Reference in a new issue View git blame Copy permalink