Email server for individuals and small groups. Works on RHEL/CentOS 7.
See also defaults/main.yml
.
You need to set a couple of database credentials first.
mailserver_db_username: mailuser
mailserver_db_password: CHANGE_ME #required
mailserver_db_database: mailserver
mailserver_opendmarc_db_username: opendmarc
mailserver_opendmarc_db_password: CHANGE_ME #required
mailserver_opendmarc_db_database: opendmarc
Server identity.
mailserver_hostname: mail.example.org #required
mailserver_domain: example.org # required
mailserver_admin_email: postmaster@example.org #required
And the domains, mailboxes and aliases (all keys required).
You can generate password hashes with doveadm pw -s SHA512-CRYPT
.
mailserver_domains:
- name: example.org
pk_id: 1
- name: example.com
pk_id: 2
mailserver_users:
- account: root
domain: example.org
password_hash: $6$6YpaGm0xB2/jIdyO$hd4a.fdwrdTi5m2y5hRFe8wymqoHdr.2Xiep1xSDOMhSGJ7fJU3g.r8zjC8jiGX0zQO1WQrEd81Ua7TdyoTGA1
domain_pk_id: 1
- account: alice
domain: example.com
password_hash: $6$KkGEeh3UDzRRNsl1$TNQJpvUyArYY1WVnMzI51cNpcEj61V1ycpXom/79pe6QY08eFlcdJDFj.q.D7lNpCOsFMvut85gGgSvllC0xK0
domain_pk_id: 2
mailserver_aliases:
- source: info@example.com
destination: alice@example.com
domain_pk_id: 2
Other variables (optional):
mailserver_friendly_networks: []
mailserver_header_privacy: true
mailserver_data_dir: /opt/mailserver
mailserver_ssl_cert: /etc/pki/tls/certs/wildcard_combined.pem
mailserver_ssl_key: /etc/pki/tls/private/wildcard_private.key
mailserver_ssl_ca: /etc/pki/tls/certs/ca-bundle.crt
/etc/postfix/import.sql
is populated with account data reflecting your Ansible configuration,
this file is then imported - it drops all tables and recreates them if configuration has changed.---
- hosts: mailserver
sudo: yes
roles:
- nestihacky.mailserver
This role is based on the Sovereign playbooks (https://github.com/sovereign/sovereign) which are under GPLv3 except files and templates based on third-party software which should be considered under their respective licenses.