/home/travis/.ansible/roles/robertdebock.postfix/tasks/main.yml 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
# tasks file for postfix
- name: include assert.yml
  include_tasks: assert.yml
  run_once: yes

- name: install postfix
  package:
    name: "{{ postfix_packages }}"
    state: present

- name: create group
  group:
    name: "{{ postfix_group }}"
    state: present

- name: configure postfix (main.cf)
  template:
    src: main.cf.j2
    dest: /etc/postfix/main.cf
    validate: postconf -d -c %s
    mode: "0644"
  notify:
    - restart postfix

- name: configure postfix (master.cf)
  template:
    src: master.cf.j2
    dest: /etc/postfix/master.cf
    validate: postconf -d -c %s
    mode: "0644"
  notify:
    - restart postfix

- name: force all notified handlers to run
  meta: flush_handlers

- name: configure aliases
  lineinfile:
    path: "{{ postfix_alias_path }}"
    regexp: "^{{ item.name }}:"
    line: "{{ item.name }}: {{ item.destination }}"
    mode: "0644"
  when:
    - postfix_aliases is defined
  loop: "{{ postfix_aliases }}"
  notify:
    - rebuild alias database
    - restart postfix
  loop_control:
    label: "{{ item.name }}"

- name: configure sender_access
  lineinfile:
    path: "{{ postfix_sender_access_path }}"
    regexp: "^{{ item.domain }}"
    line: "{{ item.domain }} {{ item.action }}"
    create: yes
    mode: "0644"
  when:
    - postfix_sender_access is defined
  loop: "{{ postfix_sender_access }}"
  notify:
    - rebuild sender_access database
    - restart postfix
  loop_control:
    label: "{{ item.domain }}"

- name: configure recipient_access
  lineinfile:
    path: "{{ postfix_recipient_access_path }}"
    regexp: "^{{ item.domain }}"
    line: "{{ item.domain }} {{ item.action }}"
    create: yes
    mode: "0644"
  when:
    - postfix_recipient_access is defined
  loop: "{{ postfix_recipient_access }}"
  notify:
    - rebuild recipient_access database
    - restart postfix
  loop_control:
    label: "{{ item.domain }}"

- name: force all notified handlers to run
  meta: flush_handlers

- name: set group owner
  file:
    path: "{{ item }}"
    group: "{{ postfix_group }}"
    mode: "0755"
  loop:
    - /usr/sbin/postqueue
    - /usr/sbin/postdrop
    - /var/spool/postfix/public
    - /var/spool/postfix/maildrop

- name: place selinux type enforcement
  copy:
    src: my-postfix.te
    dest: /etc/my-postfix.te
    mode: "0644"
  notify:
    - create selinux mod for postfix
    - create selinux pp for postfix
    - load selinux pp for postfix
  when:
    - ansible_selinux.status is defined
    - ansible_selinux.status == "enabled"

- name: start and enable postfix
  service:
    name: "{{ postfix_service }}"
    state: started
    enabled: yes

- name: flush handlers
  meta: flush_handlers