ansibleify smtp

2022-04-14 14:48:45 +02:00 · 2022-04-14 14:48:45 +02:00 · 40aab44dec
commit 40aab44dec
parent aefa493b14
11 changed files with 19 additions and 23 deletions
--- a/docker-host.yaml
+++ b/docker-host.yaml
@ -6,3 +6,4 @@
    - common
    - docker
    - webserver
    - internalsmtp
--- a/drone-runner.yaml
+++ b/drone-runner.yaml
@ -5,3 +5,4 @@
    - netplan
    - common
    - docker
    - internalsmtp
--- a/inventory.yaml
+++ b/inventory.yaml
@ -17,4 +17,6 @@ all:
        swagger:
          ansible_host: swagger.stargate.internal
        drone-runner:
-          ansible_host: drone-runner.stargate.internal
+          ansible_host: drone-runner.stargate.internal
        smtp:
          ansible_host: smtp.stargate.internal
--- a/neko.yaml
+++ b/neko.yaml
@ -4,4 +4,5 @@
  roles:
    - common
    - docker
-    - neko
+    - neko
    - internalsmtp
--- a/roles/internalsmtp/defaults/main.yaml
+++ b/roles/internalsmtp/defaults/main.yaml
@ -1,4 +1,4 @@
 ---
 postfix_relayhost: 'smtp.stargate.internal'
-external_domain: 'kmlabz.com'
+external_domain: 'tormakris.dev'
--- a/roles/neko/tasks/main.yaml
+++ b/roles/neko/tasks/main.yaml
@ -60,6 +60,6 @@
  community.general.ufw:
    rule: allow
    direction: in
-    port: 52000:52100
+    port: 59000:59049
    proto: udp
    interface: eth1
--- a/roles/smtpgateway/defaults/main.yaml
+++ b/roles/smtpgateway/defaults/main.yaml
@ -1,5 +1,3 @@
 ---
-postfix_relayhost: 'smtp.sendgrid.net'
+postfix_relayhost: 'smtp-relay.gmail.com:25'
-external_domain: 'kmlabz.com'
+external_domain: 'tormakris.dev'
 username: lofasz
 password: lofasz
--- a/roles/smtpgateway/tasks/main.yaml
+++ b/roles/smtpgateway/tasks/main.yaml
@ -6,12 +6,6 @@
    name:
     - postfix
 - name: Install Postfix SASL credentials
  template:
    src: templates/sasl_passwd
    mode: 600
    dest: /etc/postfix/sasl_passwd
 - name: Install Postfix mail gateway config
  template:
    src: templates/main.cf
@ -20,9 +14,6 @@
 - name: Build /etc/mailname
  shell: hostname --fqdn > /etc/mailname
 - name: Build hashtable of SASL creds
  command: postmap /etc/postfix/sasl_passwd
 - name: Restart Postfix
  service:
    name: postfix
--- a/roles/smtpgateway/templates/main.cf
+++ b/roles/smtpgateway/templates/main.cf
@ -14,10 +14,6 @@ smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
 smtpd_tls_security_level=may
 smtp_tls_CApath=/etc/ssl/certs
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_sasl_security_options = noanonymous
 smtp_sasl_tls_security_options = noanonymous
 smtp_tls_security_level = encrypt
 header_size_limit = 4096000
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
@ -29,7 +25,7 @@ alias_maps = hash:/etc/aliases
 alias_database = hash:/etc/aliases
 myorigin = /etc/mailname
 mydestination = {{ansible_hostname}}.{{external_domain}}, $myhostname, {{ansible_hostname}}, localhost.localdomain, localhost
-relayhost = {{postfix_relayhost}}
+relayhost = [{{postfix_relayhost}}]
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 mailbox_size_limit = 0
 recipient_delimiter = +
--- a/roles/smtpgateway/templates/sasl_passwd
+++ b/roles/smtpgateway/templates/sasl_passwd
@ -1 +0,0 @@
 [{{postfix_relayhost}}:587 {{username}}:{{password}}
--- a/smtp.yaml
+++ b/smtp.yaml
@ -0,0 +1,7 @@
 ---
 - name: "Deploy smtpgateway to smtp.stargate.internal"
  hosts: smtp
  roles:
    - netplan
    - common
    - smtpgateway
		`@ -1 +0,0 @@`
			`[{{postfix_relayhost}}:587 {{username}}:{{password}}`