88 lines
2.3 KiB
YAML
88 lines
2.3 KiB
YAML
- name: Installation de postfix et de mailutils
|
|
tags: install postfix
|
|
apt:
|
|
name:
|
|
- postfix
|
|
- mailutils
|
|
- libsasl2-modules
|
|
state: latest
|
|
|
|
- name: Copie du fichier sasl_passwd
|
|
tags: sasl_passwd
|
|
copy:
|
|
src: sasl_passwd
|
|
dest: /etc/postfix/sasl/
|
|
|
|
- name: ajout relay host gmail
|
|
tags: postfix
|
|
replace:
|
|
path: /etc/postfix/main.cf
|
|
regexp: '^relayhost ='
|
|
replace: 'relayhost = [smtp.gmail.com]:587'
|
|
notify: restart postfix
|
|
|
|
- name: ajout lignes conf postfix
|
|
tags: postfix
|
|
blockinfile:
|
|
path: /etc/postfix/main.cf
|
|
block: |
|
|
#TLS
|
|
smtp_use_tls = yes
|
|
#SASL
|
|
smtp_sasl_auth_enable = yes
|
|
#pas d auth anonyme
|
|
smtp_sasl_security_options = noanonymous
|
|
#chemin sasl_passwd
|
|
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
|
|
#chemin certificats CA
|
|
smtp_tls_CAfile = /etc/postfix/cacert.pem
|
|
notify: restart postfix
|
|
|
|
#- name: Copie du fichier main.cf
|
|
# tags: main.cf
|
|
# template:
|
|
# src: main.cf.j2
|
|
# dest: /etc/postfix.main.cf
|
|
|
|
|
|
- name: Commande postmap identifiants
|
|
tags: postmap
|
|
command: postmap /etc/postfix/sasl/sasl_passwd
|
|
notify: restart postfix
|
|
|
|
- name: Ensure directory exists for local self-signed TLS certs.
|
|
file:
|
|
path: /etc/ssl/certs/postfix
|
|
state: directory
|
|
|
|
- name: Generate an OpenSSL private key
|
|
community.crypto.openssl_privatekey:
|
|
path: /etc/ssl/certs/postfix/privkey.pem
|
|
|
|
- name: Generate an OpenSSL CSR
|
|
community.crypto.openssl_csr:
|
|
path: /etc/ssl/certs/postfix/postfix.csr
|
|
privatekey_path: /etc/ssl/certs/postfix/privkey.pem
|
|
common_name: "GSB2023.LAN"
|
|
|
|
- name: Generate a Self Signed OpenSSL certificate.
|
|
community.crypto.x509_certificate:
|
|
path: /etc/ssl/certs/postfix/fullchain.pem
|
|
privatekey_path: /etc/ssl/certs/postfix/privkey.pem
|
|
csr_path: /etc/ssl/certs/postfix/postfix.csr
|
|
provider: selfsigned
|
|
|
|
- name: Copy certificate preserve owner and permissions to be used with postfix
|
|
copy:
|
|
remote_src: true
|
|
src: /etc/ssl/certs/postfix/fullchain.pem
|
|
dest: /etc/postfix/cacert.pem
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: restart postfix
|
|
|
|
- name: message d'information pour gmail
|
|
tags: msg2
|
|
debug: msg="Il faut activer les applications moins sécurisées sur le compte google"
|