mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2025-01-18 08:06:16 +01:00
59 lines
1.7 KiB
YAML
59 lines
1.7 KiB
YAML
---
|
|
|
|
- name: install dovecot
|
|
pacman: name=dovecot,pigeonhole state=present
|
|
|
|
# FIXME: check directory permissions
|
|
- name: create dovecot configuration directory
|
|
file: path=/etc/dovecot state=directory owner=root group=root mode=0755
|
|
|
|
- name: create dhparam
|
|
command: openssl dhparam -out /etc/dovecot/dh.pem 4096 creates=/etc/dovecot/dh.pem
|
|
|
|
- name: install dovecot.conf
|
|
template: src=dovecot.conf.j2 dest=/etc/dovecot/dovecot.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload dovecot
|
|
|
|
- name: install PAM config
|
|
copy: src=pam.d.dovecot dest=/etc/pam.d/dovecot mode=0644 owner=root group=root
|
|
|
|
- name: create dovecot sieve dir
|
|
file: path=/etc/dovecot/sieve state=directory owner=root group=root mode=0755
|
|
|
|
- name: install spam-to-folder.sieve
|
|
copy: src=spam-to-folder.sieve dest=/etc/dovecot/sieve/ mode=0644 owner=root group=root
|
|
notify:
|
|
- run sievec
|
|
|
|
- name: install dovecot cert renewal hook
|
|
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/dovecot owner=root group=root mode=0755
|
|
|
|
- name: start and enable dovecot
|
|
service: name=dovecot enabled=yes state=started
|
|
|
|
- name: open firewall holes
|
|
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
|
|
with_items:
|
|
- pop3s
|
|
- imaps
|
|
- managesieve
|
|
when: configure_firewall
|
|
tags:
|
|
- firewall
|
|
|
|
- name: install systemd timers
|
|
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
|
with_items:
|
|
- dovecot-cleanup.timer
|
|
- dovecot-cleanup.service
|
|
|
|
- name: activate systemd timers
|
|
systemd:
|
|
name: "{{ item }}"
|
|
state: started
|
|
enabled: yes
|
|
daemon_reload: yes
|
|
with_items:
|
|
- dovecot-cleanup.timer
|