ansible-mailserver-debian/mail_system/tasks/postfix.yml

- name: Install postfix packages
  ansible.builtin.apt:
    name: postfix,postfix-pgsql,postfix-doc
    state: present
    update_cache: true
    install_recommends: false

- name: Divert /etc/postfix/main.cf
  community.general.dpkg_divert:
    path: /etc/postfix/main.cf
    divert: /etc/postfix/main.cf.orig
    rename: true

- name: Divert /etc/postfix/master.cf
  community.general.dpkg_divert:
    path: /etc/postfix/master.cf
    divert: /etc/postfix/master.cf.orig
    rename: true

- name: Group 'mailstore'
  ansible.builtin.group:
    name: mailstore
    state: present
    system: true
    gid: 5000

- name: User 'mailstore'
  ansible.builtin.user:
    name: mailstore
    group: mailstore
    state: present
    shell: /usr/sbin/nologin
    system: true
    uid: 5000
    create_home: false
    home: /srv/mailstore
    password: '!'
    password_lock: true
    comment: created by ansible

- name: Directories /srv/mailstore /srv/mailstore/role_specific
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: mailstore
    group: mailstore
    mode: "0755"
  loop:
    - /srv/mailstore
    - /srv/mailstore/role_specific
    - /srv/mailstore/role_specific/roles

- name: Postfix configuration files
  ansible.builtin.template:
    src: "postfix/{{ item }}"
    dest: "/etc/postfix/{{ item }}"
    owner: root
    group: root
    mode: "0644"
    force: "{{ mailserver.postfix.overwrite_config }}"
  loop:
    - main.cf
    - master.cf
    - header_checks

- name: Postfix database queries
  ansible.builtin.template:
    src: "postfix/{{ item }}"
    dest: "/etc/postfix/{{ item }}"
    owner: root
    group: root
    mode: "0600"
    force: true
  loop:
    - domains.cf
    - mailboxes.cf
    - aliases.cf
    - email_existence_check.cf
    - relay_domains.cf
    - relay_recipient_maps.cf
    - transport_maps.cf
    - sender_canonical_maps.cf
    - recipient_canonical_maps.cf

- name: Restart postfix
  ansible.builtin.systemd:
    name: postfix
    state: restarted
Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Install postfix packages`
			`ansible.builtin.apt:`
clone from private repo 2019-09-19 10:43:17 +02:00			`name: postfix,postfix-pgsql,postfix-doc`
			`state: present`
Update to trixie 2026-03-22 13:09:26 +01:00			`update_cache: true`
			`install_recommends: false`
clone from private repo 2019-09-19 10:43:17 +02:00
Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Divert /etc/postfix/main.cf`
			`community.general.dpkg_divert:`
			`path: /etc/postfix/main.cf`
			`divert: /etc/postfix/main.cf.orig`
			`rename: true`
clone from private repo 2019-09-19 10:43:17 +02:00
Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Divert /etc/postfix/master.cf`
			`community.general.dpkg_divert:`
			`path: /etc/postfix/master.cf`
			`divert: /etc/postfix/master.cf.orig`
			`rename: true`
clone from private repo 2019-09-19 10:43:17 +02:00
Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Group 'mailstore'`
			`ansible.builtin.group:`
clone from private repo 2019-09-19 10:43:17 +02:00			`name: mailstore`
			`state: present`
Update to trixie 2026-03-22 13:09:26 +01:00			`system: true`
clone from private repo 2019-09-19 10:43:17 +02:00			`gid: 5000`

Update to trixie 2026-03-22 13:09:26 +01:00			`- name: User 'mailstore'`
			`ansible.builtin.user:`
clone from private repo 2019-09-19 10:43:17 +02:00			`name: mailstore`
			`group: mailstore`
			`state: present`
mailserver: Don't allow shell usage for user mailstore. 2020-09-17 10:25:27 +02:00			`shell: /usr/sbin/nologin`
Update to trixie 2026-03-22 13:09:26 +01:00			`system: true`
clone from private repo 2019-09-19 10:43:17 +02:00			`uid: 5000`
Update to trixie 2026-03-22 13:09:26 +01:00			`create_home: false`
clone from private repo 2019-09-19 10:43:17 +02:00			`home: /srv/mailstore`
			`password: '!'`
Update to trixie 2026-03-22 13:09:26 +01:00			`password_lock: true`
clone from private repo 2019-09-19 10:43:17 +02:00			`comment: created by ansible`

Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Directories /srv/mailstore /srv/mailstore/role_specific`
			`ansible.builtin.file:`
clone from private repo 2019-09-19 10:43:17 +02:00			`path: "{{ item }}"`
			`state: directory`
			`owner: mailstore`
			`group: mailstore`
Update to trixie 2026-03-22 13:09:26 +01:00			`mode: "0755"`
clone from private repo 2019-09-19 10:43:17 +02:00			`loop:`
			`- /srv/mailstore`
			`- /srv/mailstore/role_specific`
			`- /srv/mailstore/role_specific/roles`

Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Postfix configuration files`
			`ansible.builtin.template:`
clone from private repo 2019-09-19 10:43:17 +02:00			`src: "postfix/{{ item }}"`
			`dest: "/etc/postfix/{{ item }}"`
			`owner: root`
			`group: root`
Update to trixie 2026-03-22 13:09:26 +01:00			`mode: "0644"`
clone from private repo 2019-09-19 10:43:17 +02:00			`force: "{{ mailserver.postfix.overwrite_config }}"`
			`loop:`
			`- main.cf`
			`- master.cf`
			`- header_checks`

Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Postfix database queries`
			`ansible.builtin.template:`
clone from private repo 2019-09-19 10:43:17 +02:00			`src: "postfix/{{ item }}"`
			`dest: "/etc/postfix/{{ item }}"`
			`owner: root`
			`group: root`
Update to trixie 2026-03-22 13:09:26 +01:00			`mode: "0600"`
			`force: true`
clone from private repo 2019-09-19 10:43:17 +02:00			`loop:`
			`- domains.cf`
			`- mailboxes.cf`
			`- aliases.cf`
			`- email_existence_check.cf`
			`- relay_domains.cf`
			`- relay_recipient_maps.cf`
			`- transport_maps.cf`
mailserver: add VERP marking of outgoing an unmarking of incoming mails 2019-10-11 18:14:38 +02:00			`- sender_canonical_maps.cf`
			`- recipient_canonical_maps.cf`
clone from private repo 2019-09-19 10:43:17 +02:00
Update to trixie 2026-03-22 13:09:26 +01:00			`- name: Restart postfix`
			`ansible.builtin.systemd:`
clone from private repo 2019-09-19 10:43:17 +02:00			`name: postfix`
			`state: restarted`