diff options
| author | Lars Wirzenius <liw@liw.fi> | 2016-04-23 12:45:18 +0100 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2016-04-23 12:45:18 +0100 |
| commit | 63cb88114de8a0bd257697878f2388a1a01543a2 (patch) | |
| tree | eacd47a27411a0910468b6b289306d73b19994fd /ansible/roles/mail-client | |
| parent | 482b32167f791e84475f3b1df645049fab0fce75 (diff) | |
| download | ansibleness-63cb88114de8a0bd257697878f2388a1a01543a2.tar.gz | |
Configure postfix
Diffstat (limited to 'ansible/roles/mail-client')
| -rw-r--r-- | ansible/roles/mail-client/tasks/main.yml | 8 | ||||
| -rw-r--r-- | ansible/roles/mail-client/templates/main.cf | 46 |
2 files changed, 54 insertions, 0 deletions
diff --git a/ansible/roles/mail-client/tasks/main.yml b/ansible/roles/mail-client/tasks/main.yml index e100dc5..813cd6a 100644 --- a/ansible/roles/mail-client/tasks/main.yml +++ b/ansible/roles/mail-client/tasks/main.yml @@ -4,3 +4,11 @@ # My offlineimap config requires the gnomekeyring Python module. - apt: name=python-gnomekeyring + +# A mail client needs to send mail. I prefer to send via a local MTA, +# which routes things out via a smarthost. + +- apt: name=postfix +- template: + src: main.cf + dest: /etc/postfix/main.cf diff --git a/ansible/roles/mail-client/templates/main.cf b/ansible/roles/mail-client/templates/main.cf new file mode 100644 index 0000000..2c026ad --- /dev/null +++ b/ansible/roles/mail-client/templates/main.cf @@ -0,0 +1,46 @@ +# See /usr/share/postfix/main.cf.dist for a commented, more complete version + + +# Debian specific: Specifying a file name will cause the first +# line of that file to be used as the name. The Debian default +# is /etc/mailname. +#myorigin = /etc/mailname + +smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) +biff = no + +# appending .domain is the MUA's job. +append_dot_mydomain = no + +# Uncomment the next line to generate "delayed mail" warnings +#delay_warning_time = 4h + +readme_directory = no + +# TLS parameters +smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem +smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key +smtpd_use_tls=yes +smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache +smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache + +# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for +# information on enabling SSL in the smtp client. + +smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination +myhostname = {{ mailname }} +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +myorigin = /etc/mailname +mydestination = {{ mailname }}, {{ hostname }}, localhost.localdomain, localhost +relayhost = {{ relayhost }} +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_command = procmail -a "$EXTENSION" +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = 127.0.0.1 +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_sasl_security_options = noanonymous +smtp_use_tls = yes +smtp_tls_note_starttls_offer = yes |