bonifacelabs-public/blse2-public
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add mail roles

Browse Source
This commit is contained in:
Joshua Boniface
2020-11-21 20:22:14 -05:00
parent fe3b41e057
commit d01e99c3da
47 changed files with 1710 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
package-postfix_filter/tasks/main.yml Normal file
View File

@ -0,0 +1,220 @@
---
#
# Install role packages
#
- name: install filtering packages and monitoring components
apt:
name:
- postfix
- postfix-pcre
- mailgraph
- amavis
- spamassassin
- clamav-daemon
- libnet-dns-perl
- libmail-spf-perl
- postfix-policyd-spf-python
- pfqueue
state: latest
- name: install compression algorithms for scanning
apt:
name:
- p7zip-full
- arj
- bzip2
- cabextract
- cpio
- file
- gzip
- lhasa
- liblz4-tool
- lrzip
- lzop
- nomarch
- pax
- rar
- rpm
- unrar-free
- unzip
- xz-utils
- zip
state: latest
#
# ClamAV
#
- name: ensure clamav is in amavis group
user:
name: "clamav"
append: "yes"
groups: "amavis"
- name: ensure amavis is in clamav group
user:
name: "amavis"
append: "yes"
groups: "clamav"
#
# policyd SPF
#
- name: install policyd-spf config
template:
src: "{{ item }}.j2"
dest: "/etc/postfix-policyd-spf-python/{{ item }}"
notify:
- restart postfix
with_items:
- "policyd-spf.conf"
#
# SpamAssassin
#
- name: install SpamAssassin config
template:
src: "{{ item }}.j2"
dest: "/etc/spamassassin/{{ item }}"
notify:
- restart spamassassin
- restart amavis
with_items:
- "local.cf"
- "90_customrules.cf"
#
# Amavis
#
- name: install Amavis configs
template:
src: "{{ item }}.j2"
dest: "/etc/amavis/conf.d/{{ item }}"
notify:
- restart amavis
with_items:
- "15-content_filter_mode"
- "50-user"
#
# Postfix
#
- name: create the Postfix local config dir
file:
state: directory
dest: "/etc/postfix/local"
- name: install the Postfix main configs
template:
src: "{{ item }}.j2"
dest: "/etc/postfix/{{ item }}"
notify:
- restart postfix
with_items:
- "main.cf"
- "master.cf"
- name: install the Postfix local configs
template:
src: "{{ item }}.j2"
dest: "/etc/postfix/local/{{ item }}"
notify:
- restart postfix
with_items:
- helo_access
- recipient_access
- relay_domains
- transport
- virtual
- name: link /etc/mailname to /etc/hostname
file:
dest: "/etc/mailname"
src: "/etc/hostname"
state: "link"
force: "yes"
#
# Verify and enable services
#
- name: verify and enable services
service:
name: "{{ item }}"
state: "started"
enabled: "yes"
with_items:
- "postfix"
- "amavis"
- "clamav-daemon"
#
# SpamAssassin training
#
- name: download spam sample archive
copy:
src: "spam-sample.txz"
dest: "/var/cache/spam-sample.txz"
owner: "root"
group: "root"
mode: "400"
register: spamsample
- name: make temporary directory
command: "mktemp -d"
register: tempdirspam
when: spamsample.changed
- name: extract spam sample archive to temporary directory
unarchive:
remote_src: "yes"
src: "/var/cache/spam-sample.txz"
dest: "{{ tempdirspam.stdout }}/"
when: spamsample.changed
- name: sa-learn from the spam sample
command: "sa-learn --spam {{ tempdirspam.stdout }}/spam-sample/"
when: spamsample.changed
- name: remove temporary directory
file:
dest: "{{ tempdirspam.stdout }}"
state: "absent"
when: spamsample.changed
- name: download ham sample archive
copy:
src: "ham-sample.txz"
dest: "/var/cache/ham-sample.txz"
owner: "root"
group: "root"
mode: "400"
register: hamsample
- name: make temporary directory
command: "mktemp -d"
register: tempdirham
when: hamsample.changed
- name: extract ham sample archive to temporary directory
unarchive:
remote_src: "yes"
src: "/var/cache/ham-sample.txz"
dest: "{{ tempdirham.stdout }}/"
when: hamsample.changed
- name: sa-learn from the ham sample
command: "sa-learn --ham {{ tempdirham.stdout }}/ham-sample/"
when: hamsample.changed
- name: remove temporary directory
file:
dest: "{{ tempdirham.stdout }}"
state: "absent"
when: hamsample.changed