ansible-role-docker_mailserver/tasks/main.yml

- name: Docker directory
  ansible.builtin.file:
    path: /opt/{{ docker_mailserver_service_id }}/
    state: directory

- name: Config directory
  ansible.builtin.file:
    path: /opt/{{ docker_mailserver_service_id }}/{{ item }}
    state: directory
  with_items:
    - config
    - ssl

- name: Prepare dovecot custom config
  ansible.builtin.blockinfile:
    dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf
    marker: "# {mark} ANSIBLE CONFIGURATION"
    create: true
    block: |
      # System user and group used to access mails. If you use multiple, userdb
      # can override these by returning uid or gid fields. You can use either numbers
      # or names. <doc/wiki/UserIds.txt>
      mail_uid = 5000
      mail_gid = 5000
      mail_home = /var/mail/%d/%n

      # permet d'utiliser à la fois le + et le _ comme delimiteur dans les adresses email
      # doit être paramétré de même dans postfix
      recipient_delimiter = {{ docker_mailserver_recipient_delimiter }}

      ### section quotas ldap
      mail_plugins = $mail_plugins quota

      protocol imap {
        # Enable the IMAP QUOTA extension, allowing IMAP clients to ask for the
        # current quota usage.
        mail_plugins = $mail_plugins imap_quota
      }

      plugin {
        quota_grace = 10%%
        # 10% is the default
        quota_status_success = DUNNO
        quota_status_nouser = DUNNO
        quota_status_overquota = "552 5.2.2 Mailbox is full"
        quota = count:User quota
        quota_rule2 = Trash:storage=+100M
        quota_vsizes = yes
        quota_exceeded_message = La taille maximale de la boite de votre destinataire est atteinte.
        quota_warning = storage=95%% quota-warning 95 %u libretic.fr
        quota_warning2 = storage=80%% quota-warning 80 %u libretic.fr
        quota_warning3 = -storage=100%% quota-warning below %u libretic.fr
      }

      service quota-warning {
        executable = script /usr/local/bin/quota-warning
      #  user = root
        unix_listener quota-warning {
          mode = 0666
        }
      }

      ### debug
      #auth_debug = yes
      #mail_debug = yes
      #auth_verbose = yes


- name: Prepare dovecot custom config
  when: docker_mailserver_configure_oauth is true
  ansible.builtin.blockinfile:
    dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf
    marker: "# {mark} OAUTH ANSIBLE CONFIGURATION"
    insertafter: EOF
    block: |
      ### section authentification OpenID
      auth_mechanisms = $auth_mechanisms xoauth2 oauthbearer

      passdb {
        driver = oauth2
        mechanisms = xoauth2 oauthbearer
        args = /etc/dovecot/dovecot-oauth2.conf.ext
      }

      # provide SASL via unix socket to postfix
      service auth {
        unix_listener /var/spool/postfix/private/auth {
          mode = 0660
          # Assuming the default Postfix user and group
          user = postfix
          group = postfix
        }
      }


- name: Prepare docker-compose.yml and config
  ansible.builtin.template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  with_items:
    - { src: docker-compose.yml, dest: "/opt/{{ docker_mailserver_service_id }}/" }
    - { src: policyd-spf.conf, dest: "/opt/{{ docker_mailserver_service_id }}/" }
    - { src: jail.local, dest: "/opt/{{ docker_mailserver_service_id }}/" }
    - { src: mailserver.vars, dest: "/opt/{{ docker_mailserver_service_id }}/" }
  notify: docker-compose-up

- name: Prepare dovecot-oauth2.conf.ext.secrets
  when: docker_mailserver_configure_oauth is true
  ansible.builtin.copy:
    content: "{{ docker_mailserver_dovecot_oauth2_configuration }}"
    dest: "/opt/{{ docker_mailserver_service_id }}/dovecot-oauth2.conf.ext.secrets"
  notify: docker-compose-up
Ajout d'une section dovecot oauth 2024-08-30 18:27:36 +02:00			`- name: Docker directory`
			`ansible.builtin.file:`
Commit initial 2024-01-14 12:36:32 +01:00			`path: /opt/{{ docker_mailserver_service_id }}/`
			`state: directory`

Ajout d'une section dovecot oauth 2024-08-30 18:27:36 +02:00			`- name: Config directory`
			`ansible.builtin.file:`
Commit initial 2024-01-14 12:36:32 +01:00			`path: /opt/{{ docker_mailserver_service_id }}/{{ item }}`
			`state: directory`
			`with_items:`
			`- config`
			`- ssl`
Ajout d'une section dovecot oauth 2024-08-30 18:27:36 +02:00
			`- name: Prepare dovecot custom config`
			`ansible.builtin.blockinfile:`
Commit initial 2024-01-14 12:36:32 +01:00			`dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf`
			`marker: "# {mark} ANSIBLE CONFIGURATION"`
			`create: true`
			`block: \|`
			`# System user and group used to access mails. If you use multiple, userdb`
			`# can override these by returning uid or gid fields. You can use either numbers`
			`# or names. <doc/wiki/UserIds.txt>`
			`mail_uid = 5000`
			`mail_gid = 5000`
			`mail_home = /var/mail/%d/%n`

			`# permet d'utiliser à la fois le + et le _ comme delimiteur dans les adresses email`
			`# doit être paramétré de même dans postfix`
			`recipient_delimiter = {{ docker_mailserver_recipient_delimiter }}`

			`### section quotas ldap`
			`mail_plugins = $mail_plugins quota`

			`protocol imap {`
			`# Enable the IMAP QUOTA extension, allowing IMAP clients to ask for the`
			`# current quota usage.`
			`mail_plugins = $mail_plugins imap_quota`
			`}`

			`plugin {`
			`quota_grace = 10%%`
			`# 10% is the default`
			`quota_status_success = DUNNO`
			`quota_status_nouser = DUNNO`
			`quota_status_overquota = "552 5.2.2 Mailbox is full"`
			`quota = count:User quota`
			`quota_rule2 = Trash:storage=+100M`
			`quota_vsizes = yes`
			`quota_exceeded_message = La taille maximale de la boite de votre destinataire est atteinte.`
			`quota_warning = storage=95%% quota-warning 95 %u libretic.fr`
			`quota_warning2 = storage=80%% quota-warning 80 %u libretic.fr`
			`quota_warning3 = -storage=100%% quota-warning below %u libretic.fr`
			`}`

			`service quota-warning {`
			`executable = script /usr/local/bin/quota-warning`
			`# user = root`
			`unix_listener quota-warning {`
			`mode = 0666`
			`}`
			`}`

			`### debug`
			`#auth_debug = yes`
			`#mail_debug = yes`
			`#auth_verbose = yes`


Ajout d'une section dovecot oauth 2024-08-30 18:27:36 +02:00			`- name: Prepare dovecot custom config`
			`when: docker_mailserver_configure_oauth is true`
			`ansible.builtin.blockinfile:`
			`dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf`
			`marker: "# {mark} OAUTH ANSIBLE CONFIGURATION"`
			`insertafter: EOF`
			`block: \|`
			`### section authentification OpenID`
			`auth_mechanisms = $auth_mechanisms xoauth2 oauthbearer`

			`passdb {`
			`driver = oauth2`
			`mechanisms = xoauth2 oauthbearer`
			`args = /etc/dovecot/dovecot-oauth2.conf.ext`
			`}`

			`# provide SASL via unix socket to postfix`
			`service auth {`
			`unix_listener /var/spool/postfix/private/auth {`
			`mode = 0660`
			`# Assuming the default Postfix user and group`
			`user = postfix`
			`group = postfix`
			`}`
			`}`


			`- name: Prepare docker-compose.yml and config`
			`ansible.builtin.template:`
Commit initial 2024-01-14 12:36:32 +01:00			`src: "{{ item.src }}"`
			`dest: "{{ item.dest }}"`
			`with_items:`
			`- { src: docker-compose.yml, dest: "/opt/{{ docker_mailserver_service_id }}/" }`
			`- { src: policyd-spf.conf, dest: "/opt/{{ docker_mailserver_service_id }}/" }`
			`- { src: jail.local, dest: "/opt/{{ docker_mailserver_service_id }}/" }`
			`- { src: mailserver.vars, dest: "/opt/{{ docker_mailserver_service_id }}/" }`
			`notify: docker-compose-up`
variable docker_mailserver_configure_oauth 2024-08-30 12:24:33 +02:00
			`- name: Prepare dovecot-oauth2.conf.ext.secrets`
Ajout d'une section dovecot oauth 2024-08-30 18:27:36 +02:00			`when: docker_mailserver_configure_oauth is true`
variable docker_mailserver_configure_oauth 2024-08-30 12:24:33 +02:00			`ansible.builtin.copy:`
			`content: "{{ docker_mailserver_dovecot_oauth2_configuration }}"`
			`dest: "/opt/{{ docker_mailserver_service_id }}/dovecot-oauth2.conf.ext.secrets"`
			`notify: docker-compose-up`