2020-10-26 23:46:16 +01:00
|
|
|
|
---
|
|
|
|
|
- name: Install Rspamd
|
|
|
|
|
package:
|
|
|
|
|
name: rspamd
|
|
|
|
|
|
|
|
|
|
- name: Create rspamd local.d and override.d
|
|
|
|
|
file:
|
|
|
|
|
path: '/usr/local/etc/rspamd/{{ item }}'
|
|
|
|
|
state: directory
|
|
|
|
|
mode: 0755
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
with_items:
|
|
|
|
|
- local.d
|
|
|
|
|
- override.d
|
|
|
|
|
|
|
|
|
|
- name: Configure rspamd
|
|
|
|
|
template:
|
|
|
|
|
dest: '/usr/local/etc/rspamd/{{ item }}'
|
|
|
|
|
src: '{{ item }}.j2'
|
|
|
|
|
mode: 0444
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
notify:
|
|
|
|
|
- Restart Rspamd
|
|
|
|
|
with_items: '{{ rspamd_config }}'
|
|
|
|
|
|
|
|
|
|
- name: Add /var/log/rspamd to fstab
|
|
|
|
|
mount:
|
|
|
|
|
path: /var/log/rspamd
|
|
|
|
|
src: tmpfs
|
|
|
|
|
fstype: tmpfs
|
|
|
|
|
opts: 'rw,size={{ rspamd_log_size }},mode={{ rspamd_log_mode }},uid={{ rspamd_log_uid }},gid={{ rspamd_log_gid }},late'
|
|
|
|
|
state: mounted
|
|
|
|
|
|
|
|
|
|
- name: Create rspamd HAProxy socket directory
|
|
|
|
|
file:
|
|
|
|
|
path: /var/run/haproxy/rspamd
|
|
|
|
|
state: directory
|
|
|
|
|
owner: haproxy
|
|
|
|
|
group: rspamd
|
|
|
|
|
mode: 0770
|
|
|
|
|
|
|
|
|
|
- name: Create Rspamd service directories
|
|
|
|
|
file:
|
2022-07-04 02:56:34 +02:00
|
|
|
|
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
2020-10-26 23:46:16 +01:00
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
mode: 0755
|
|
|
|
|
with_items: '{{ rspamd_service_dirs }}'
|
|
|
|
|
notify:
|
|
|
|
|
- Reload s6-rc
|
|
|
|
|
- Restart Rspamd log
|
|
|
|
|
- Restart Rspamd
|
|
|
|
|
|
|
|
|
|
- name: Generate Rspamd service scripts
|
|
|
|
|
template:
|
2022-07-04 02:56:34 +02:00
|
|
|
|
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
2020-10-26 23:46:16 +01:00
|
|
|
|
src: '{{ item }}.j2'
|
|
|
|
|
mode: 0555
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
with_items: '{{ rspamd_service_scripts }}'
|
|
|
|
|
notify:
|
|
|
|
|
- Reload s6-rc
|
|
|
|
|
- Restart Rspamd log
|
|
|
|
|
- Restart Rspamd
|
|
|
|
|
|
|
|
|
|
- name: Generate Rspamd service configuration
|
|
|
|
|
copy:
|
2022-07-04 02:56:34 +02:00
|
|
|
|
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
2020-10-26 23:46:16 +01:00
|
|
|
|
content: '{{ item.content }}'
|
|
|
|
|
mode: 0444
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
loop_control:
|
|
|
|
|
label: '{{ item.name }} = {{ item.content }}'
|
|
|
|
|
notify:
|
|
|
|
|
- Reload s6-rc
|
|
|
|
|
- Restart Rspamd log
|
|
|
|
|
- Restart Rspamd
|
|
|
|
|
with_items: '{{ rspamd_service_config }}'
|
|
|
|
|
|
|
|
|
|
- name: Flush handlers
|
|
|
|
|
meta: flush_handlers
|
|
|
|
|
|
|
|
|
|
- name: Start Rspamd
|
2022-07-04 02:56:34 +02:00
|
|
|
|
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change rspamd
|
2020-10-26 23:46:16 +01:00
|
|
|
|
register: change
|
|
|
|
|
changed_when: change.stdout | length > 0
|
|
|
|
|
|
|
|
|
|
- name: Enable Rspamd
|
|
|
|
|
lineinfile:
|
2022-07-04 02:56:34 +02:00
|
|
|
|
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
2020-10-26 23:46:16 +01:00
|
|
|
|
regexp: "^rspamd$"
|
|
|
|
|
line: rspamd
|
|
|
|
|
state: present
|
|
|
|
|
notify:
|
|
|
|
|
- Reload s6-rc
|
|
|
|
|
|
|
|
|
|
- name: Flush handlers (again)
|
|
|
|
|
meta: flush_handlers
|
|
|
|
|
|
|
|
|
|
- name: Tell HAProxy where to find the Rspamd webinterface
|
|
|
|
|
template:
|
|
|
|
|
dest: /usr/local/etc/haproxy/rspamd.cfg
|
|
|
|
|
src: rspamd.cfg.j2
|
|
|
|
|
owner: root
|
|
|
|
|
group: wheel
|
|
|
|
|
mode: 0444
|
|
|
|
|
notify:
|
|
|
|
|
- Reload HAProxy
|
|
|
|
|
|
|
|
|
|
- name: Expose the Rspamd webinterface via HTTPS
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /usr/local/etc/haproxy/sni.map
|
|
|
|
|
regexp: '^{{ ansible_fqdn }} '
|
|
|
|
|
line: '{{ ansible_fqdn }} sni_rspamd'
|
|
|
|
|
notify:
|
|
|
|
|
- Reload HAProxy
|