infra/playbooks/roles/mail/tasks/main.yml

---

- name: Ensure mail docker/compose exist
  ansible.builtin.file:
    path: /etc/docker/compose/mail
    state: directory
    owner: root
    group: root
    mode: 0700

- name: Ensure mail config volume exist
  ansible.builtin.file:
    path: /etc/docker/compose/mail/docker-data/dms/config
    state: directory
    owner: root
    group: root
    mode: 0700

- name: Ensure mail entries volume exist with correct permission
  ansible.builtin.file:
    path: /etc/docker/compose/mail/docker-data/dms/mail-data/
    state: directory
    owner: 5000
    group: 5000
    mode: 0700
    recurse: true

- name: Ensure dovecot ldap config exist
  ansible.builtin.template:
    src: user-patches.sh.j2
    dest: /etc/docker/compose/mail/docker-data/dms/config/user-patches.sh
    owner: root
    group: root
    mode: 0755

- name: Ensure config user overrides config exist
  ansible.builtin.template:
    src: dovecot-ldap.conf.j2
    dest: /etc/docker/compose/mail/docker-data/dms/config/dovecot-ldap.conf
    owner: root
    group: root
    mode: 0700

- name: Ensure roundcube config volume exist
  ansible.builtin.file:
    path: /etc/docker/compose/mail/docker-data/roundcube/config
    state: directory
    owner: root
    group: root
    mode: 0777

- name: Build roundcube oauth2 config
  ansible.builtin.template:
    src: oauth2.inc.php.j2
    dest: /etc/docker/compose/mail/docker-data/roundcube/config/oauth2.inc.php
    owner: root
    group: root
    mode: 0777

- name: Build roundcube sieve plugin config
  ansible.builtin.template:
    src: sieve.inc.php.j2
    dest: /etc/docker/compose/mail/docker-data/roundcube/config/sieve.inc.php
    owner: root
    group: root
    mode: 0777

- name: Build mail docker-compose.yml.j2
  ansible.builtin.template:
    src: docker-compose.yml.j2
    dest: /etc/docker/compose/mail/docker-compose.yml
    owner: root
    group: root
    mode: 0700

- name: Daemon-reload and enable mail
  ansible.builtin.systemd_service:
    state: restarted
    enabled: true
    name: docker-compose@mail

- name: Allow SMTP
  ansible.builtin.ufw:
    rule: allow
    port: "465"
    proto: "tcp"

- name: Allow IMAP
  ansible.builtin.ufw:
    rule: allow
    port: "993"
    proto: "tcp"
ldap + dockermailserver 2024-03-22 18:43:42 -04:00			`---`

			`- name: Ensure mail docker/compose exist`
			`ansible.builtin.file:`
			`path: /etc/docker/compose/mail`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: 0700`

			`- name: Ensure mail config volume exist`
dovecot oauth2 2024-03-23 01:57:50 -04:00			`ansible.builtin.file:`
ldap + dockermailserver 2024-03-22 18:43:42 -04:00			`path: /etc/docker/compose/mail/docker-data/dms/config`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: 0700`

			`- name: Ensure mail entries volume exist with correct permission`
dovecot oauth2 2024-03-23 01:57:50 -04:00			`ansible.builtin.file:`
ldap + dockermailserver 2024-03-22 18:43:42 -04:00			`path: /etc/docker/compose/mail/docker-data/dms/mail-data/`
			`state: directory`
dovecot oauth2 2024-03-23 01:57:50 -04:00			`owner: 5000`
			`group: 5000`
			`mode: 0700`
ldap + dockermailserver 2024-03-22 18:43:42 -04:00			`recurse: true`

			`- name: Ensure dovecot ldap config exist`
			`ansible.builtin.template:`
			`src: user-patches.sh.j2`
			`dest: /etc/docker/compose/mail/docker-data/dms/config/user-patches.sh`
			`owner: root`
			`group: root`
			`mode: 0755`

			`- name: Ensure config user overrides config exist`
			`ansible.builtin.template:`
			`src: dovecot-ldap.conf.j2`
			`dest: /etc/docker/compose/mail/docker-data/dms/config/dovecot-ldap.conf`
			`owner: root`
			`group: root`
			`mode: 0700`

dovecot oauth2 2024-03-23 01:57:50 -04:00			`- name: Ensure roundcube config volume exist`
			`ansible.builtin.file:`
			`path: /etc/docker/compose/mail/docker-data/roundcube/config`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: 0777`

			`- name: Build roundcube oauth2 config`
			`ansible.builtin.template:`
			`src: oauth2.inc.php.j2`
			`dest: /etc/docker/compose/mail/docker-data/roundcube/config/oauth2.inc.php`
			`owner: root`
			`group: root`
			`mode: 0777`

managesieve support 2024-03-26 15:24:00 -04:00			`- name: Build roundcube sieve plugin config`
			`ansible.builtin.template:`
			`src: sieve.inc.php.j2`
			`dest: /etc/docker/compose/mail/docker-data/roundcube/config/sieve.inc.php`
			`owner: root`
			`group: root`
			`mode: 0777`

ldap + dockermailserver 2024-03-22 18:43:42 -04:00			`- name: Build mail docker-compose.yml.j2`
			`ansible.builtin.template:`
			`src: docker-compose.yml.j2`
			`dest: /etc/docker/compose/mail/docker-compose.yml`
			`owner: root`
			`group: root`
			`mode: 0700`

			`- name: Daemon-reload and enable mail`
			`ansible.builtin.systemd_service:`
			`state: restarted`
			`enabled: true`
			`name: docker-compose@mail`
allow email ports 2024-07-17 05:08:39 -04:00
			`- name: Allow SMTP`
			`ansible.builtin.ufw:`
			`rule: allow`
			`port: "465"`
			`proto: "tcp"`

			`- name: Allow IMAP`
			`ansible.builtin.ufw:`
			`rule: allow`
			`port: "993"`
			`proto: "tcp"`