ansible-mailserver-debian/mail_system/tasks/postfix.yml

- name: Install postfix packages
  ansible.builtin.apt:
    name: postfix,postfix-pgsql,postfix-doc
    state: present
    update_cache: true
    install_recommends: false

- name: Divert /etc/postfix/main.cf
  community.general.dpkg_divert:
    path: /etc/postfix/main.cf
    divert: /etc/postfix/main.cf.orig
    rename: true

- name: Divert /etc/postfix/master.cf
  community.general.dpkg_divert:
    path: /etc/postfix/master.cf
    divert: /etc/postfix/master.cf.orig
    rename: true

- name: Group 'mailstore'
  ansible.builtin.group:
    name: mailstore
    state: present
    system: true
    gid: 5000

- name: User 'mailstore'
  ansible.builtin.user:
    name: mailstore
    group: mailstore
    state: present
    shell: /usr/sbin/nologin
    system: true
    uid: 5000
    create_home: false
    home: /srv/mailstore
    password: '!'
    password_lock: true
    comment: created by ansible

- name: Directories /srv/mailstore /srv/mailstore/role_specific
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: mailstore
    group: mailstore
    mode: "0755"
  loop:
    - /srv/mailstore
    - /srv/mailstore/role_specific
    - /srv/mailstore/role_specific/roles

- name: Postfix configuration files
  ansible.builtin.template:
    src: "postfix/{{ item }}"
    dest: "/etc/postfix/{{ item }}"
    owner: root
    group: root
    mode: "0644"
    force: "{{ mailserver.postfix.overwrite_config }}"
  loop:
    - main.cf
    - master.cf
    - header_checks

- name: Postfix database queries
  ansible.builtin.template:
    src: "postfix/{{ item }}"
    dest: "/etc/postfix/{{ item }}"
    owner: root
    group: root
    mode: "0600"
    force: true
  loop:
    - domains.cf
    - mailboxes.cf
    - aliases.cf
    - email_existence_check.cf
    - relay_domains.cf
    - relay_recipient_maps.cf
    - transport_maps.cf
    - sender_canonical_maps.cf
    - recipient_canonical_maps.cf

- name: Restart postfix
  ansible.builtin.systemd:
    name: postfix
    state: restarted