Add basic LDAP config for recipients and senders

2020-07-03 13:46:00 +02:00 · 2020-07-03 13:46:00 +02:00 · 782a07a450
commit 782a07a450
parent 660b1900c8
5 changed files with 46 additions and 12 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -15,5 +15,9 @@ postfix:
  virtual_mailbox_domains: []
  mynetworks: []
  mydestination: []
+  ldap:
+    enable: false
+    server_host: ldap.example.com
+    search_base: "dc=example,dc=com"

 postfixmaps: []
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,23 +1,23 @@
 - name: install postfix
  apt:
-    pkg: postfix
+    pkg:
+      - postfix
+      - postfix-ldap

 - name: remove exim4 package
  apt:
    name: exim4
    state: absent

- name: copy main.cf
+- name: copy postfix config
  template:
-    src: main.cf.j2
-    dest: /etc/postfix/main.cf
-  notify:
-  - restart postfix
-
- name: copy master.cf
-  template:
-    src: master.cf.j2
-    dest: /etc/postfix/master.cf
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+  with_items:
+    - { src: "main.cf.j2", dest: "/etc/postfix/main.cf" }
+    - { src: "master.cf.j2", dest: "/etc/postfix/master.cf" }
+    - { src: "virtual-senders.cf.j2", dest: "/etc/postfix/virtual-senders.cf" }
+    - { src: "virtual-recipients.cf.j2", dest: "/etc/postfix/virtual-recipients.cf" }
  notify:
  - restart postfix

--- a/templates/main.cf.j2
+++ b/templates/main.cf.j2
@ -69,6 +69,13 @@ dovecot_destination_recipient_limit = 1
 virtual_transport = dovecot
 {% endif %}

+{% if postfix.ldap.enable %}
+# LDAP config
+smtpd_sender_login_maps = proxy:ldap:/etc/postfix/virtual-senders.cf
+virtual_mailbox_maps = proxy:ldap:/etc/postfix/virtual-recipients.cf
+local_recipient_maps = $virtual_mailbox_maps
+{% endif %}
+
 # opendkim

 {% if postfix.enable_opendkim %}
--- a/templates/virtual-recipients.cf.j2
+++ b/templates/virtual-recipients.cf.j2
@ -0,0 +1,12 @@
+{% if postfix.ldap.enable %}
+bind = yes
+# bind_dn =
+# bind_pw =
+server_host = {{ postfix.ldap.server_host }}
+search_base = {{ postfix.ldap.recipients.search_base }}
+query_filter = {{ postfix.ldap.recipients.query_filter }}
+result_attribute = cn
+result_format =%s
+{% else %}
+# LDAP is not configured for this server.
+{% endif %}
--- a/templates/virtual-senders.cf.j2
+++ b/templates/virtual-senders.cf.j2
@ -0,0 +1,11 @@
+{% if postfix.ldap.enable %}
+bind = yes
+# bind_dn =
+# bind_pw =
+server_host = {{ postfix.ldap.server_host }}
+search_base = {{ postfix.ldap.senders.search_base }}
+query_filter = {{ postfix.ldap.senders.query_filter }}
+result_attribute = cn
+{% else %}
+# LDAP is not configured for this server.
+{% endif %}