--- - name: Install postfix ansible.builtin.package: name: postfix state: installed - name: Set postfix as system mta community.general.alternatives: name: mta path: /usr/sbin/sendmail.postfix - name: Configure myhostname ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^myhostname\s*=' insertafter: '^#myhostname\s*=' line: "myhostname = {{ inventory_hostname }}" notify: Restart postfix - name: Configure myorigin ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^myorigin\s*=' insertafter: '^#myorigin\s*=' line: "myorigin = {{ mail_domain }}" notify: Restart postfix when: mail_domain is defined - name: Configure mydestination ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^mydestination\s*=' insertafter: '^#mydestination\s*=' line: 'mydestination = ""' notify: Restart postfix when: - mail_domain is defined - mail_server is defined - name: Install stunnel ansible.builtin.package: name: stunnel state: installed when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Create group smtps ansible.builtin.group: name: smtps system: true when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Create user smtps ansible.builtin.user: name: smtps comment: Service Stunnel-SMTPS createhome: false group: smtps home: /var/empty shell: /sbin/nologin system: true when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Create stunnel config ansible.builtin.template: src: stunnel.conf.j2 dest: /etc/stunnel/smtps.conf mode: 0644 owner: root group: "{{ ansible_wheel }}" notify: Restart stunnel-smtps when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Create stunnel systemd service ansible.builtin.copy: src: stunnel-smtps.service dest: /etc/systemd/system/stunnel-smtps.service mode: 0644 owner: root group: "{{ ansible_wheel }}" notify: Restart stunnel-smtps when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Enable stunnel service ansible.builtin.service: name: stunnel-smtps state: started enabled: true when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Configure relayhost ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^relayhost\s*=' insertafter: '^#relayhost\s*=' line: "relayhost = [localhost]:2525" notify: Restart postfix when: - ansible_distribution_major_version|int <= 7 - mail_server is defined - name: Configure relayhost ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^relayhost\s*=' insertafter: '^#relayhost\s*=' line: "relayhost = [{{ mail_server }}]:465" notify: Restart postfix when: - ansible_distribution_major_version|int >= 8 - mail_server is defined - name: Configure smtp_tls_security_level ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^smtp_tls_security_level\s*=' insertafter: '^#?relayhost\s*=' line: "smtp_tls_security_level = encrypt" notify: Restart postfix when: - ansible_distribution_major_version|int >= 8 - mail_server is defined - name: Configure smtp_tls_wrappermode ansible.builtin.lineinfile: path: /etc/postfix/main.cf regexp: '^smtp_tls_wrappermode\s*=' insertafter: '^#?relayhost\s*=' line: "smtp_tls_wrappermode = yes" notify: Restart postfix when: - ansible_distribution_major_version|int >= 8 - mail_server is defined - name: Enable postfix service ansible.builtin.service: name: postfix state: started enabled: true