ansible-infra/playbooks/roles/send_only_mail_server
julian 8bc60e42a8 Extend distribution_check role to account for Ansible changes reg. facts
Somewhere between ansible [core 2.14.4] and ansible [core 2.15.0] the
logic for the distribution_version Ansible fact got changed. With the
newer Ansible version Debians distribution_version gets reported as 11.7
as opposed to getting reported as 11 with the old Ansible version. To
still allow for useful distribution checks, extend the
distribution_check role by allowing the specification of
distribution_major_versions and distribution_releases as well.
This way you can check for an Ubuntu version by using
distribution_version (which for example resolves to 18.04, while
distribution_major_version would resolve to 18 in that case) and check
for a Debian version by using distribution_major_version (which for
example resolves to 11, while distribution_version would resolve to 11.7
in that case).
2023-07-08 19:58:02 +02:00
..
files Add send_only_mailserver role and deploy Send-Only-Mailserver with it 2023-05-09 23:01:57 +02:00
handlers Add send_only_mailserver role and deploy Send-Only-Mailserver with it 2023-05-09 23:01:57 +02:00
meta Extend distribution_check role to account for Ansible changes reg. facts 2023-07-08 19:58:02 +02:00
tasks Make Rspamd configs world-readable 2023-05-26 03:27:56 +02:00
templates Add send_only_mailserver role and deploy Send-Only-Mailserver with it 2023-05-09 23:01:57 +02:00
README.md Add send_only_mailserver role and deploy Send-Only-Mailserver with it 2023-05-09 23:01:57 +02:00

Role send_only_mail_server

Makes sure a send-only mail server is deployed using OpenSMTPD and Rspamd for DKIM signing.

Make sure to manually set a DMARC record and MX record for the mail domains.

Supported Distributions

The following distributions are supported:

  • Debian 11

Required Arguments

For the required arguments look at the argument_specs.yaml

Also make sure to set the following for the cert role dependency:

  • cert__acme_account_email

Updates

This role doesn't handle updates. However it uses the system package manager for installing all the packages, so when you're making sure the system packages are up-to-date, you're handling updates for the packages installed by this role as well.

hosts

The hosts for this role need to be the machines on which you want to deploy a mail server.