--- - name: install filtering packages and monitoring components apt: name: - postfix - postfix-ldap - postfix-pcre - dovecot-core - dovecot-imapd - dovecot-pop3d - dovecot-lmtpd - dovecot-sieve - dovecot-managesieved - dovecot-ldap - dovecot-mysql - apache2 - libapache2-mod-php - roundcube - roundcube-plugins - php-ldap - php-net-sieve - mailgraph - amavis - spamassassin - clamav-daemon - libnet-dns-perl - libmail-spf-perl - pyzor - razor - pfqueue state: latest - name: install compression algorithms for scanning apt: name: - p7zip-full - arj - bzip2 - cabextract - cpio - file - gzip - lhasa - liblz4-tool - lrzip - lzop - nomarch - pax - rar - rpm - unrar-free - unzip - xz-utils - zip state: latest # ClamAV - name: ensure clamav is in amavis group user: name: "clamav" append: "yes" groups: "amavis" - name: ensure amavis is in clamav group user: name: "amavis" append: "yes" groups: "clamav" # Amavis - name: install Amavis configs template: src: "{{ item }}.j2" dest: "/etc/amavis/conf.d/{{ item }}" notify: - restart amavis with_items: - 15-content_filter_mode - 50-user # Postfix - name: install Postfix main configs template: src: "{{ item }}.j2" dest: "/etc/postfix/{{ item }}" notify: - restart postfix with_items: - main.cf - master.cf - helo_access.pcre - transport - name: map transport command: postmap /etc/postfix/transport - name: create LDAP config dir file: name: "/etc/postfix/ldap" state: "directory" - name: install Postfix LDAP configs template: src: "postfix-ldap/{{ item }}.j2" dest: "/etc/postfix/ldap/{{ item }}" mode: "640" group: "postfix" notify: - restart postfix with_items: - catchall_maps.cf - recipient_bcc_maps_domain.cf - recipient_bcc_maps_user.cf - relay_domains.cf - sender_bcc_maps_domain.cf - sender_bcc_maps_user.cf - sender_login_maps.cf - transport_maps_domain.cf - transport_maps_user.cf - virtual_alias_maps.cf - virtual_group_maps.cf - virtual_group_members_maps.cf - virtual_mailbox_domains.cf - virtual_mailbox_maps.cf - name: link /etc/mailname to /etc/hostname file: dest: "/etc/mailname" src: "/etc/hostname" state: "link" force: "yes" # Dovecot - name: install Dovecot main configs template: src: "{{ item }}.j2" dest: "/etc/dovecot/{{ item }}" notify: - restart dovecot with_items: - dovecot.conf - dovecot-ldap.conf - name: add vmail group group: name: "vmail" gid: "2000" state: "present" - name: add vmail user user: name: "vmail" home: "/srv/vmail" shell: "/bin/false" uid: "2000" group: "vmail" state: "present" - name: ensure log ownership file: dest: "/var/log/{{ item }}" owner: "vmail" group: "adm" mode: "644" state: "touch" with_items: - dovecot.log - dovecot-lmtp.log # Roundcube - name: Install roundcube PHP configs template: src: "{{ item }}.j2" dest: "/etc/roundcube/{{ item }}" mode: "640" group: "www-data" with_items: - debian-db.php - config.inc.php - name: Remove default apache2 config file: name: "/etc/apache2/sites-enabled/000-default.conf" state: "absent" notify: - restart apache2 - name: Install roundcube ports config template: src: "ports.conf.j2" dest: "/etc/apache2/ports.conf" notify: - restart apache2 - name: Install roundcube apache2 config template: src: "roundcube.conf.j2" dest: "/etc/roundcube/apache.conf" notify: - restart apache2 - name: create logo dir file: dest: "/var/lib/roundcube/images" state: "directory" - name: install Roundcube logo copy: src: "{{ logo_filename }}" dest: "/var/lib/roundcube/images/{{ logo_filename }}" # General - name: ensure services are running (and enabled at boot) service: name: "{{ item }}" state: "started" enabled: "yes" with_items: - postfix - amavis - clamav-daemon - dovecot