From e2754146e8590d18e33f908c21ecc44db16a61e5 Mon Sep 17 00:00:00 2001
From: Petar Cubela <pec@softbox.de>
Date: Wed, 4 Dec 2024 10:51:54 +0100
Subject: [PATCH] added smtp role from tu mail project

---
 group_vars/mailout.yml        |  1 +
 hosts.ini                     |  4 +++
 roles/smtp/handlers/main.yml  |  4 +++
 roles/smtp/tasks/main.yml     | 23 ++++++++++++++++
 roles/smtp/templates/mailname |  1 +
 roles/smtp/templates/main.cf  | 51 +++++++++++++++++++++++++++++++++++
 6 files changed, 84 insertions(+)
 create mode 100644 group_vars/mailout.yml
 create mode 100644 roles/smtp/handlers/main.yml
 create mode 100644 roles/smtp/tasks/main.yml
 create mode 100644 roles/smtp/templates/mailname
 create mode 100644 roles/smtp/templates/main.cf

diff --git a/group_vars/mailout.yml b/group_vars/mailout.yml
new file mode 100644
index 0000000..dedd85b
--- /dev/null
+++ b/group_vars/mailout.yml
@@ -0,0 +1 @@
+domain_base: mailout.glt.lan
diff --git a/hosts.ini b/hosts.ini
index c765be9..cd2e1d0 100644
--- a/hosts.ini
+++ b/hosts.ini
@@ -4,3 +4,7 @@
 [owncloud]
 10.0.101.99 ansible_user=sbxadmin ansible_port=22
 
+
+[mailout]
+10.54.15.6 ansible_user=sbxadmin ansible_port=22
+
diff --git a/roles/smtp/handlers/main.yml b/roles/smtp/handlers/main.yml
new file mode 100644
index 0000000..8c305d0
--- /dev/null
+++ b/roles/smtp/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Reload postfix
+  service:
+    name: postfix
+    state: reloaded
diff --git a/roles/smtp/tasks/main.yml b/roles/smtp/tasks/main.yml
new file mode 100644
index 0000000..da40e76
--- /dev/null
+++ b/roles/smtp/tasks/main.yml
@@ -0,0 +1,23 @@
+---
+- name: Perform a dist-upgrade.
+  ansible.builtin.apt:
+    upgrade: dist
+    update_cache: yes
+
+- name: Set mailname
+  template:
+    src: templates/mailname
+    dest: /etc/mailname
+
+- name: Install postfix
+  package:
+    name:
+      - postfix
+      - mailutils
+    state: present
+
+- name: Copy the config file
+  template:
+    src: templates/main.cf
+    dest: /etc/postfix/main.cf
+  notify: Reload postfix
diff --git a/roles/smtp/templates/mailname b/roles/smtp/templates/mailname
new file mode 100644
index 0000000..7f51fda
--- /dev/null
+++ b/roles/smtp/templates/mailname
@@ -0,0 +1 @@
+{{ domain_base }}
diff --git a/roles/smtp/templates/main.cf b/roles/smtp/templates/main.cf
new file mode 100644
index 0000000..1287490
--- /dev/null
+++ b/roles/smtp/templates/main.cf
@@ -0,0 +1,51 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific:  Specifying a file name will cause the first
+# line of that file to be used as the name.  The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
+# fresh installs.
+compatibility_level = 3.6
+
+
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_tls_security_level=may
+
+smtp_tls_CApath=/etc/ssl/certs
+smtp_tls_security_level=may
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
+myhostname = mailoutgltlan.glt.lan
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = mailout.glt.lan, $myhostname, {{ domain_base }}, , , localhost, mailoutgltlan
+relayhost = 129.187.254.15
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.54.15.11 192.157.167.116 192.157.163.234 10.0.25.172 10.54.0.80
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+inet_protocols = all
+
+
+
+