HGKeeper

Make dovecot Use the host's tls cert the apache role created

2021-05-23, Gary Kramlich

a9e5db611879

Parents a561771f0e5b
Children fad77591ea2e

Make dovecot Use the host's tls cert the apache role created

2 files changed, 39 insertions(+), 20 deletions(-)

+5 -0

roles/mail/handlers/main.yaml

+34 -20

roles/mail/tasks/dovecot.yaml

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/roles/mail/handlers/main.yaml Sun May 23 03:00:06 2021 -0500

@@ -0,0 +1,5 @@

+---

+- name: "reload dovecot"

+ systemd:

+ name: "dovecot"

+ state: "reloaded"

~~--- a/roles/mail/tasks/dovecot.yaml Sun May 23 02:40:54 2021 -0500~~

+++ b/roles/mail/tasks/dovecot.yaml Sun May 23 03:00:06 2021 -0500

@@ -1,25 +1,39 @@

~~-- name: add vmail group~~

+---

+- name: "add vmail group"

group:

~~- name: vmail~~

~~- system: yes~~

+ name: "vmail"

+ system: "yes"

tags:

~~- - group~~

~~- - user~~

-

~~-- name: add vmail user~~

+ - "group"

+ - "user"

+- name: "add vmail user"

user:

~~- name: vmail~~

~~- group: vmail~~

~~- system: yes~~

~~- home: /nonexistent~~

~~- shell: /bin/false~~

+ name: "vmail"

+ group: "vmail"

+ system: "yes"

+ home: "/nonexistent"

+ shell: "/bin/false"

tags:

~~- - user~~

+ - "user"

+- name: "create /srv/mail directory"

+ file:

+ path: "/srv/mail"

+ state: "directory"

+ mode: "0750"

+ owner: "vmail"

+ group: "vmail"

+- name: "symlink tls certs"

+ file:

+ src: "{{ item.src }}"

+ dest: "/etc/dovecot/private/{{ item.dest }}"

+ state: "link"

+ loop:

+ - src: "/etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem"

+ dest: "dovecot.pem"

+ - src: "/etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem"

+ dest: "dovecot.key"

+ loop_control:

+ label: "{{ item.dest }}"

+ notify:

+ - "reload dovecot"

~~-- name: create /srv/mail directory~~

~~- file:~~

~~- path: /srv/mail~~

~~- state: directory~~

~~- mode: 0750~~

~~- owner: vmail~~

~~- group: vmail~~

imfreedom/ansible