Ajout d'une section dovecot oauth

2024-08-30 18:27:36 +02:00 · 2024-08-30 18:27:36 +02:00 · dbc3d72833
commit dbc3d72833
parent f0239ca599
2 changed files with 39 additions and 12 deletions
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,5 +1,5 @@
- name: docker-compose-up
-  shell: |
+- name: Docker-compose-up
+  ansible.builtin.shell: |
    docker compose up -d
  args:
    chdir: /opt/{{ docker_mailserver_service_id }}/
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,18 +1,18 @@
- name: docker directory
-  file:
+- name: Docker directory
+  ansible.builtin.file:
    path: /opt/{{ docker_mailserver_service_id }}/
    state: directory

- name: config directory
-  file:
+- name: Config directory
+  ansible.builtin.file:
    path: /opt/{{ docker_mailserver_service_id }}/{{ item }}
    state: directory
  with_items:
    - config
    - ssl

- name: prepare dovecot custom config
-  blockinfile:
+- name: Prepare dovecot custom config
+  ansible.builtin.blockinfile:
    dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf
    marker: "# {mark} ANSIBLE CONFIGURATION"
    create: true
@ -66,8 +66,35 @@
      #auth_verbose = yes


- name: prepare docker-compose.yml and config
-  template:
+- name: Prepare dovecot custom config
+  when: docker_mailserver_configure_oauth is true
+  ansible.builtin.blockinfile:
+    dest: /opt/{{ docker_mailserver_service_id }}/11-mail-custom.conf
+    marker: "# {mark} OAUTH ANSIBLE CONFIGURATION"
+    insertafter: EOF
+    block: |
+      ### section authentification OpenID
+      auth_mechanisms = $auth_mechanisms xoauth2 oauthbearer
+
+      passdb {
+        driver = oauth2
+        mechanisms = xoauth2 oauthbearer
+        args = /etc/dovecot/dovecot-oauth2.conf.ext
+      }
+
+      # provide SASL via unix socket to postfix
+      service auth {
+        unix_listener /var/spool/postfix/private/auth {
+          mode = 0660
+          # Assuming the default Postfix user and group
+          user = postfix
+          group = postfix
+        }
+      }
+
+
+- name: Prepare docker-compose.yml and config
+  ansible.builtin.template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  with_items:
@ -78,8 +105,8 @@
  notify: docker-compose-up

 - name: Prepare dovecot-oauth2.conf.ext.secrets
+  when: docker_mailserver_configure_oauth is true
  ansible.builtin.copy:
    content: "{{ docker_mailserver_dovecot_oauth2_configuration }}"
    dest: "/opt/{{ docker_mailserver_service_id }}/dovecot-oauth2.conf.ext.secrets"
  notify: docker-compose-up
-  when: docker_mailserver_configure_oauth is true