linux-system-roles.postfix
Postfix
This role allows you to install, set up, and start the Postfix Mail Transfer Agent (MTA).
Requirements
Collection Requirements
This role needs the firewall and selinux roles from the fedora.linux_system_roles collection if you want to manage firewall or SELinux settings.
If you are using the postfix role from the fedora.linux_system_roles collection or installed from the Fedora RPM package, this requirement is already met.
If you need to manage rpm-ostree systems, run this command to install the necessary collections:
ansible-galaxy collection install -r meta/collection-requirements.yml
Role Variables
postfix_conf
postfix_conf:
relayhost: example.com
This is a dictionary to hold Postfix configuration parameters. Unused keys will be ignored. It starts empty {}.
You can use previous: replaced in postfix_conf to clear the existing configuration and set new parameters on a clean Postfix installation.
NOTE: Using previous: replaced will reinstall Postfix and overwrite existing configuration files. Remember to back up those files.
When managing rpm-ostree systems, this role can't reinstall Postfix, so it will replace modified config files with empty ones.
For example, to reset the configuration and set relayhost to example.com, use:
postfix_conf:
previous: replaced
relayhost: example.com
postfix_files
postfix_files:
- name: sasl_passwd
content: example.com user:password
postmap: true
- name: sender_canonical_maps
content: /.+/ [email protected]
This list holds files placed in /etc/postfix, which can be turned into Postfix Lookup Tables if needed.
postfix_check
postfix_check: false
This boolean determines if postfix check is run before starting Postfix if the configuration has changed. Default is true.
postfix_backup
postfix_backup: true
This boolean decides if the role creates a single backup copy of the configuration. Default is false. If you enable it, also set postfix_backup_multiple: false.
postfix_backup_multiple
postfix_backup_multiple: false
This boolean controls whether a timestamped backup is made, keeping multiple copies of the configuration. Default is true. If you want to use postfix_backup, set this to false.
postfix_manage_firewall
This boolean flag allows configuration of the firewall to include SMTP ports (25, 465, 587). If true, the role manages the firewall. Default is false.
NOTE: This only adds ports, not removes them.
postfix_manage_selinux
This boolean flag allows configuration of SELinux for the SMTP ports. If false, the role does not manage SELinux.
NOTE: Similar to the firewall, this only adds policies, not removes them.
Limitations
You can't remove individual configuration parameters; instead, use postfix_conf's previous: replaced to start fresh and then add new configurations.
Example Playbook
Install and enable Postfix, configuring relay_domains=$mydestination and relayhost=example.com.
---
- name: Manage postfix
hosts: all
vars:
postfix_conf:
relay_domains: $mydestination
relayhost: example.com
roles:
- linux-system-roles.postfix
Install Postfix without running 'postfix check':
---
- name: Manage postfix with no check
hosts: all
vars:
postfix_check: false
roles:
- linux-system-roles.postfix
Install Postfix and create a single backup of main.cf, overwriting the previous backup:
---
- name: Manage postfix with relayhost
hosts: all
vars:
postfix_conf:
relayhost: example.com
postfix_backup: true
roles:
- linux-system-roles.postfix
Install Postfix while keeping timestamped backups of main.cf:
---
- name: Manage postfix with multiple backups
hosts: all
vars:
postfix_conf:
relayhost: example.com
postfix_backup_multiple: true
roles:
- linux-system-roles.postfix
rpm-ostree
Refer to README-ostree.md for more details.
License
Copyright (C) 2017 Jaroslav Škarvada
This program is free software: you can modify and redistribute it under the terms of the GNU General Public License, either version 3 or later.
This program is provided without any warranty. For more details, see the GNU General Public License.