diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index 2aea330..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,3 +0,0 @@ ---- -skip_list: - - fqcn-builtins diff --git a/handlers/main.yml b/handlers/main.yml index f36097a..c4b21c9 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,39 +1,38 @@ --- - name: Restart opendkim - service: + ansible.builtin.service: name: opendkim state: restarted - name: Restart dovecot - service: + ansible.builtin.service: name: dovecot state: restarted - name: Reload dovecot - service: + ansible.builtin.service: name: dovecot state: reloaded - name: Restart rbldnsd - service: + ansible.builtin.service: name: rbldnsd state: restarted -- name: Rehash transport # noqa no-changed-when - command: /usr/sbin/postmap /etc/postfix/transport +- name: Rehash transport # noqa no-changed-when + ansible.builtin.command: /usr/sbin/postmap /etc/postfix/transport -- name: Rehash tor transport map # noqa no-changed-when - command: /usr/sbin/postmap /etc/postfix/tor_transport +- name: Rehash tor transport map # noqa no-changed-when + ansible.builtin.command: /usr/sbin/postmap /etc/postfix/tor_transport -- name: Rehash dnsbl reply map # noqa no-changed-when - command: /usr/sbin/postmap /etc/postfix/dnsbl-reply-map +- name: Rehash dnsbl reply map # noqa no-changed-when + ansible.builtin.command: /usr/sbin/postmap /etc/postfix/dnsbl-reply-map - name: Reload systemd - systemd: + ansible.builtin.systemd: daemon_reload: true - become: true - name: Compile sieve-before scripts # noqa no-changed-when - command: /usr/bin/sievec /etc/dovecot/sieve-before + ansible.builtin.command: /usr/bin/sievec /etc/dovecot/sieve-before notify: - Restart dovecot diff --git a/meta/main.yml b/meta/main.yml index f4064d5..1ac4703 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -14,7 +14,6 @@ galaxy_info: platforms: - name: Debian versions: - - buster - bullseye - bookworm dependencies: [] diff --git a/tasks/dovecot_backup_follower.yml b/tasks/dovecot_backup_follower.yml index 42f024e..e221f69 100644 --- a/tasks/dovecot_backup_follower.yml +++ b/tasks/dovecot_backup_follower.yml @@ -1,5 +1,4 @@ --- - - name: Ensure ssh directory is present ansible.builtin.file: path: "/var/vmail/.ssh" diff --git a/tasks/dovecot_backup_lead.yml b/tasks/dovecot_backup_lead.yml index 1d4c4c7..41901b6 100644 --- a/tasks/dovecot_backup_lead.yml +++ b/tasks/dovecot_backup_lead.yml @@ -1,28 +1,30 @@ --- - - name: Ensure ssh private key for dovecot backups are present - copy: + ansible.builtin.copy: content: "{{ item.key }}" dest: /root/.ssh/{{ item.name }} owner: root group: root mode: 0600 - with_items: - - {name: dovecot_backup_ed25519, key: "{{ dovecot_backup_ed25519 }}"} - - {name: dovecot_backup_ed25519.pub, key: "{{ dovecot_backup_ed25519_pub }}"} + loop: + - { name: dovecot_backup_ed25519, key: "{{ dovecot_backup_ed25519 }}" } + - { + name: dovecot_backup_ed25519.pub, + key: "{{ dovecot_backup_ed25519_pub }}", + } - name: Ensure backup script is present - template: + ansible.builtin.template: src: "{{ item }}" dest: "{{ dovecot_backup_script_path }}" owner: root group: root mode: 0755 - with_items: + loop: - dovecot/backup_script.sh.j2 - name: Ensure backup cronjob is present - cron: + ansible.builtin.cron: name: "Enabled mail backup" minute: "0" hour: "*/3" diff --git a/tasks/main.yml b/tasks/main.yml index 5b039b1..b542020 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: Install role dependencies - apt: + ansible.builtin.apt: pkg: "{{ dovecot_dependencies }}" cache_valid_time: 600 - name: Ensure mail user is present - user: + ansible.builtin.user: name: vmail home: "{{ dovecot_vmail_path }}" shell: /bin/false @@ -14,7 +14,7 @@ when: not dovecot_backup_follower - name: Ensure mail user is present - user: + ansible.builtin.user: name: vmail home: "{{ dovecot_vmail_path }}" shell: /bin/bash @@ -23,7 +23,7 @@ when: dovecot_backup_follower - name: Ensure mail home is present - file: + ansible.builtin.file: path: "{{ dovecot_vmail_path }}" state: directory owner: vmail @@ -31,28 +31,28 @@ mode: "u+rw,g+rw,o-rwx" - name: Ensure dovecot is installed - apt: + ansible.builtin.apt: pkg: "{{ dovecot_apt_packages }}" state: present - name: Import systemd tasks - import_tasks: systemd.yml + ansible.builtin.import_tasks: systemd.yml - name: Ensure dovecot is in group of userli - user: + ansible.builtin.user: name: dovecot append: true groups: "{{ dovecot_userli_user }}" - name: Set instance_name - lineinfile: + ansible.builtin.lineinfile: path: /etc/dovecot/dovecot.conf line: "instance_name = {{ ansible_fqdn }}" regexp: "instance_name =" notify: Restart dovecot - name: Set login greeting - lineinfile: + ansible.builtin.lineinfile: path: /etc/dovecot/dovecot.conf line: "login_greeting = {{ ansible_fqdn }} ready." regexp: "login_greeting =" @@ -62,7 +62,7 @@ when: dovecot_ssl_key is not defined block: - name: Adjust ssl config - template: + ansible.builtin.template: src: dovecot-openssl.cnf.j2 dest: /etc/dovecot/dovecot-openssl.cnf owner: root @@ -70,7 +70,7 @@ mode: 0644 - name: Ensure ssl folder is present - file: + ansible.builtin.file: path: /etc/dovecot/ssl state: directory owner: root @@ -78,13 +78,13 @@ mode: 0640 - name: Create cert - command: /usr/share/dovecot/mkcert.sh + ansible.builtin.command: /usr/share/dovecot/mkcert.sh args: creates: /etc/dovecot/ssl/dovecot.pem chdir: /etc/dovecot - name: Create DH param - command: "openssl dhparam -out /etc/dovecot/dh.pem 4096" + ansible.builtin.command: "openssl dhparam -out /etc/dovecot/dh.pem 4096" args: creates: /etc/dovecot/dh.pem when: not __testing|d() @@ -92,10 +92,10 @@ - molecule-notest - name: Import sieve-before tasks - import_tasks: sieve-before.yml + ansible.builtin.import_tasks: sieve-before.yml - name: Configure dovecot - template: + ansible.builtin.template: src: "{{ item }}.j2" dest: /etc/dovecot/conf.d/{{ item }} owner: root @@ -116,7 +116,7 @@ notify: Restart dovecot - name: Configure mail_crypt - copy: + ansible.builtin.copy: src: 90-mail-crypt.conf dest: /etc/dovecot/conf.d/ owner: root @@ -134,19 +134,19 @@ sysctl_set: true - name: Import openmetrics tasks - import_tasks: openmetrics.yml + ansible.builtin.import_tasks: openmetrics.yml when: dovecot_openmetrics_enabled tags: openmetrics - name: Import backup leader tasks - import_tasks: dovecot_backup_lead.yml + ansible.builtin.import_tasks: dovecot_backup_lead.yml when: dovecot_backup_lead tags: - dovecot_backup - dovecot_backup_lead - name: Import backup follower tasks - import_tasks: dovecot_backup_follower.yml + ansible.builtin.import_tasks: dovecot_backup_follower.yml when: dovecot_backup_follower tags: - dovecot_backup diff --git a/tasks/sieve-before.yml b/tasks/sieve-before.yml index bcded36..22ba683 100644 --- a/tasks/sieve-before.yml +++ b/tasks/sieve-before.yml @@ -1,7 +1,6 @@ --- - - name: Ensure sieve-before dir is present - file: + ansible.builtin.file: path: /etc/dovecot/sieve-before owner: root group: root @@ -9,7 +8,7 @@ state: directory - name: Copy sieve-before script - copy: + ansible.builtin.copy: src: sieve-before/spam-to-junk.sieve dest: /etc/dovecot/sieve-before/spam-to-junk.sieve owner: root diff --git a/tasks/systemd.yml b/tasks/systemd.yml index 6f1f387..e506aaf 100644 --- a/tasks/systemd.yml +++ b/tasks/systemd.yml @@ -1,6 +1,6 @@ --- - name: Create systemd drop in directory - file: + ansible.builtin.file: path: /etc/systemd/system/dovecot.service.d/ owner: root group: root @@ -8,7 +8,7 @@ state: directory - name: Copy systemd limits drop in - copy: + ansible.builtin.copy: src: systemd/system/dovecot.service.d/limits.conf dest: /etc/systemd/system/dovecot.service.d/limits.conf owner: root @@ -19,7 +19,7 @@ - Restart dovecot - name: Copy environment file - copy: + ansible.builtin.copy: content: "{{ dovecot_systemd_environment }}" dest: /etc/default/dovecot owner: root @@ -30,7 +30,7 @@ - Restart dovecot - name: Copy systemd environment drop in - copy: + ansible.builtin.copy: src: systemd/system/dovecot.service.d/environment.conf dest: /etc/systemd/system/dovecot.service.d/environment.conf owner: root