db+postfixadmin

This commit is contained in:
genofire 2020-07-22 19:51:50 +02:00
parent 4097334294
commit ba04341956
7 changed files with 147 additions and 23 deletions

View File

@ -1 +1,8 @@
# Ansible Role for a Mailserver
## Dependencies on Ansible
- psycopg2
```
pacman -S python-psycopg2
```

View File

@ -1,2 +1,17 @@
---
mailserver_postfixadmin_domain: ""
mailserver_db_type: "pgsql"
mailserver_db_host: "localhost"
mailserver_db_name: "mailserver"
mailserver_db_user: "mailserver"
mailserver_db_password: "{{ lookup('password', 'credentials/' + inventory_hostname + '/mailserver/db_password length=15') }}"
mailserver_postfixadmin_mail_domain: "sum7.eu"
mailserver_postfixadmin_mail_admin: "admin@{{ mailserver_postfixadmin_mail_domain }}"
mailserver_postfixadmin_setup: ""
mailserver_postfixadmin_default_aliases:
abuse: "abuse@{{ mailserver_postfixadmin_mail_domain }}"
hostmaster: "hostmaster@{{ mailserver_postfixadmin_mail_domain }}"
postmaster: "postmaster@{{ mailserver_postfixadmin_mail_domain }}"
webmaster: "webmaster@{{ mailserver_postfixadmin_mail_domain }}"

View File

@ -1,27 +1,42 @@
- name: package
- name: Install PostgreSQL
package:
state: latest
name:
- postgresql
- postfixadmin
- python-psycopg2
- postgresql-old-upgrade
- postgis
- name: nginx local
notify: reload nginx
when: mailserver_postfixadmin_domain == ""
template:
src: postfixadmin-local.nginx
dest: /etc/nginx/local.d/postfixadmin.act
- name: Ensure a locale exists
locale_gen:
name: en_US.UTF-8
state: present
- name: nginx domain
notify: reload nginx
when: mailserver_postfixadmin_domain != ""
template:
src: postfixadmin-domain.nginx
dest: /etc/nginx/sites.d/postfixadmin.act
- name: init db
become: yes
become_user: postgres
become_method: su
command: initdb --locale=en_US.UTF-8 -E UTF8 -D /var/lib/postgres/data
args:
creates: /var/lib/postgres/data/postgresql.conf
- name: allow access php to postfixadmin.conf
file:
path: "/etc/webapps/postfixadmin/{{ item }}"
group: http
with_items:
- config.inc.php
- config.local.php
- name: start db
systemd:
name: postgresql
enabled: yes
state: started
- name: create db user
postgresql_user:
login_host: "{{ mailserver_db_host }}"
name: "{{ mailserver_db_user }}"
password: "{{ mailserver_db_password }}"
- name: create db
postgresql_db:
login_host: "{{ mailserver_db_host }}"
name: "{{ mailserver_db_name }}"
owner: "{{ mailserver_db_user }}"
encoding: UTF-8
lc_collate: en_US.UTF-8
lc_ctype: en_US.UTF-8

View File

@ -19,6 +19,9 @@
- name: Run userdatabase
import_tasks: db.yml
- name: Run postfixadmin
import_tasks: postfixadmin.yml
- name: Run dovecot
import_tasks: dovecot.yml

41
tasks/postfixadmin.yml Normal file
View File

@ -0,0 +1,41 @@
- name: package
package:
name:
- postfixadmin
- name: nginx local
notify: reload nginx
when: mailserver_postfixadmin_domain == ""
template:
src: postfixadmin-local.nginx
dest: /etc/nginx/local.d/postfixadmin.act
- name: nginx domain
notify: reload nginx
when: mailserver_postfixadmin_domain != ""
template:
src: postfixadmin-domain.nginx
dest: /etc/nginx/sites.d/postfixadmin.act
- name: config postfixadmin
template:
src: postfixadmin.local.php
dest: /etc/webapps/postfixadmin/config.local.php
- name: allow access php to postfixadmin.conf
file:
path: "/etc/webapps/postfixadmin/{{ item }}"
owner: http
group: http
with_items:
- config.inc.php
- config.local.php
- name: config caching
file:
path: "{{ item }}"
owner: http
group: http
with_items:
- "/usr/share/webapps/postfixadmin/templates_c/"
- "/var/cache/postfixadmin/templates_c/"

View File

@ -13,7 +13,7 @@ location /postfixadmin/public {
include fastcgi.conf;
fastcgi_param PHP_ADMIN_VALUE open_basedir=/etc/webapps/postfixadmin/:/usr/share/webapps/postfixadmin:/tmp:/usr/share/pear:/dev/urandom;
fastcgi_param PHP_ADMIN_VALUE open_basedir=/etc/webapps/postfixadmin/:/usr/share/webapps/postfixadmin:/var/cache/postfixadmin/:/tmp:/usr/share/pear:/dev/urandom;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;

View File

@ -0,0 +1,43 @@
<?php
$CONF['configured'] = true;
$CONF['database_type'] = '{{ mailserver_db_type }}';
$CONF['database_host'] = '{{ mailserver_db_host }}';
$CONF['database_name'] = '{{ mailserver_db_name }}';
$CONF['database_user'] = '{{ mailserver_db_user }}';
$CONF['database_password'] = '{{ mailserver_db_password }}';
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['encrypt'] = 'dovecot:SHA512-CRYPT';
$CONF['theme'] = 'sum7';
$CONF['page_size'] = '10';
$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['maxquota'] = '0';
{% if mailserver_postfixadmin_domain == "" %}
$CONF['footer_text'] = 'Return to {{ inventory_hostname }}/postfixadmin';
$CONF['footer_link'] = 'https://{{ inventory_hostname }}/postfixadmin';
{% else %}
$CONF['footer_text'] = 'Return to {{ mailserver_postfixadmin_domain }}';
$CONF['footer_link'] = 'https://{{ mailserver_postfixadmin_domain }}';
{% endif %}
$CONF['default_aliases'] = array (
{% for k,v in mailserver_postfixadmin_default_aliases.items() %}
'{{ k }}' => '{{ v }}',
{% endfor %}
);
$CONF['admin_email'] = '{{ mailserver_postfixadmin_mail_admin }}';
$CONF['admin_name'] = 'Hosting of {{ mailserver_postfixadmin_mail_domain }}';
$CONF['password_validation'] = array(
# '/regular expression/' => '$PALANG key (optional: + parameter)',
'/.{5}/' => 'password_too_short 5', # minimum length 5 characters
'/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters
# '/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
);