---
- name: Install postfix
  ansible.builtin.package:
    name: postfix
    state: installed

- name: Set postfix as system mta
  community.general.alternatives:
    name: mta
    path: /usr/sbin/sendmail.postfix

- name: Configure myhostname
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^myhostname\s*='
    insertafter: '^#myhostname\s*='
    line: "myhostname = {{ inventory_hostname }}"
  notify: Restart postfix

- name: Configure myorigin
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^myorigin\s*='
    insertafter: '^#myorigin\s*='
    line: "myorigin = {{ mail_domain }}"
  notify: Restart postfix
  when: mail_domain is defined

- name: Configure mydestination
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^mydestination\s*='
    insertafter: '^#mydestination\s*='
    line: 'mydestination = ""'
  notify: Restart postfix
  when:
    - mail_domain is defined
    - mail_server is defined

- name: Configure relayhost
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^relayhost\s*='
    insertafter: '^#relayhost\s*='
    line: "relayhost = [{{ mail_server }}]:465"
  notify: Restart postfix
  when:
    - mail_server is defined

- name: Configure smtp_tls_security_level
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^smtp_tls_security_level\s*='
    insertafter: '^#?relayhost\s*='
    line: "smtp_tls_security_level = encrypt"
  notify: Restart postfix
  when:
    - mail_server is defined

- name: Configure smtp_tls_wrappermode
  ansible.builtin.lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^smtp_tls_wrappermode\s*='
    insertafter: '^#?relayhost\s*='
    line: "smtp_tls_wrappermode = yes"
  notify: Restart postfix
  when:
    - mail_server is defined

- name: Enable postfix service
  ansible.builtin.service:
    name: postfix
    state: started
    enabled: true