MyChanges

defaults/main.yml

@@ -1,18 +1,18 @@
 ---
 dovecot_protocols:
-- 'lmtp'
-- 'imap'
+  - 'lmtp'
+  - 'imap'
 dovecot_mail_privileged_group: 'mail'
 dovecot_disable_plaintext_auth: 'yes'
 dovecot_auth_mechanisms:
-- 'plain'
-- 'login'
+  - 'plain'
+  - 'login'
 dovecot_force_imaps: True
 dovecot_force_pop3s: True
 dovecot_ssl: 'required'
 dovecot_listen:
-- '*'
-- '::'
+  - '*'
+  - '::'
 postfix_dovecot_mysql_password_scheme: 'SHA512-CRYPT'
 postfix_dovecot_mysql_host: '127.0.0.1'
 postfix_dovecot_mysql_db_name: 'servermail'
@@ -25,50 +25,50 @@ postfix_mysql_users_query: 'SELECT 1 FROM virtual_users WHERE email=''%s'';'
 
 postfix_inet_protocols: 'all'
 postfix_submission_smtpd_client_restrictions:
-- 'permit_sasl_authenticated'
-- 'reject'
+  - 'permit_sasl_authenticated'
+  - 'reject'
 postfix_smtpd_tls_auth_only: 'yes'
 postfix_smtpd_recipient_restrictions:
-- 'permit_sasl_authenticated'
-- 'permit_mynetworks'
-- 'check_policy_service unix:private/policyd-spf'
-- 'check_policy_service inet:127.0.0.1:10023'
-- 'check_client_access hash:/etc/postfix/rbl_override'
-- 'reject_unauth_destination'
-- 'reject_unknown_reverse_client_hostname'
-- 'permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]'
-- 'permit_dnswl_client swl.spamhaus.org'
-- 'reject_rhsbl_helo dbl.spamhaus.org'
-- 'reject_rhsbl_reverse_client dbl.spamhaus.org'
-- 'reject_rhsbl_sender dbl.spamhaus.org'
-- 'reject_rbl_client zen.spamhaus.org'
+  - 'permit_sasl_authenticated'
+  - 'permit_mynetworks'
+  - 'check_policy_service unix:private/policyd-spf'
+  - 'check_policy_service inet:127.0.0.1:10023'
+  - 'check_client_access hash:/etc/postfix/rbl_override'
+  - 'reject_unauth_destination'
+  - 'reject_unknown_reverse_client_hostname'
+  - 'permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]'
+  - 'permit_dnswl_client swl.spamhaus.org'
+  - 'reject_rhsbl_helo dbl.spamhaus.org'
+  - 'reject_rhsbl_reverse_client dbl.spamhaus.org'
+  - 'reject_rhsbl_sender dbl.spamhaus.org'
+  - 'reject_rbl_client zen.spamhaus.org'
 postfix_smtpd_relay_restrictions:
-- 'permit_mynetworks'
-- 'permit_sasl_authenticated'
-- 'defer_unauth_destination'
+  - 'permit_mynetworks'
+  - 'permit_sasl_authenticated'
+  - 'defer_unauth_destination'
 postfix_mynetworks:
-- '127.0.0.0/8'
-- '[::ffff:127.0.0.0]/104'
-- '[::1]/128'
+  - '127.0.0.0/8'
+  - '[::ffff:127.0.0.0]/104'
+  - '[::1]/128'
 postfix_mydestination:
-- 'localhost'
-- "{{ ansible_fqdn }}"
+  - 'localhost'
+  - "{{ ansible_fqdn }}"
 postfix_smtp_tls_security_level: dane
 postfix_smtp_dns_support_level: true  #dnssec
 postfix_smtpd_client_message_rate_limit: 100
 postfix_smtpd_helo_restrictions:
-- 'permit_mynetworks'
-- 'permit_sasl_authenticated'
-- 'check_helo_access hash:/etc/postfix/helo_access'
-- 'reject_invalid_helo_hostname'
-- 'reject_non_fqdn_helo_hostname'
-- 'reject_unknown_helo_hostname'
+  - 'permit_mynetworks'
+  - 'permit_sasl_authenticated'
+  - 'check_helo_access hash:/etc/postfix/helo_access'
+  - 'reject_invalid_helo_hostname'
+  - 'reject_non_fqdn_helo_hostname'
+  - 'reject_unknown_helo_hostname'
 postfix_smtpd_sender_restrictions:
-- 'permit_mynetworks'
-- 'permit_sasl_authenticated'
-- 'reject_unknown_sender_domain'
-- 'reject_unknown_reverse_client_hostname'
-- 'reject_unknown_client_hostname'
+  - 'permit_mynetworks'
+  - 'permit_sasl_authenticated'
+  - 'reject_unknown_sender_domain'
+  - 'reject_unknown_reverse_client_hostname'
+  - 'reject_unknown_client_hostname'
 
 vmail_virtual_domains:
   - id: 1
@@ -90,4 +90,4 @@ vmail_virtual_aliases:
   - id: 1
     domain_id: 1
     source: 'alias@example.com'
-    destination: 'email1@example.com'
+    destination: 'email1@example.com'

handlers/main.yml

@@ -1,15 +1,15 @@
 ---
-- name: restart dovecot
+- name: Restart dovecot
   service:
     name: dovecot
     state: restarted
 
-- name: restart postfix
+- name: Restart postfix
   service:
     name: postfix
     state: restarted
 
-- name: restart postgrey
+- name: Restart postgrey
   service:
     name: postgrey
     state: restarted

meta/main.yml

@@ -1,20 +1,20 @@
 galaxy_info:
-  author: Matt Prahl
+  author: Matt Prahl + Vitexus
   description: automates the installation and configuration of Postfix and Dovecot with SQL authentication
   license: MIT
   min_ansible_version: 2.0
+  role_name: postfix_dovecot
+  namespace: vitexus
   platforms:
-  - name: Ubuntu
-    versions:
-    - trusty
-    - xenial
-  - name: EL
-    versions:
-      - 7
-      - 8
+    - name: Ubuntu
+      versions:
+        - focal
+        - jammy
+    - name: EL
+      versions:
+        - 7
+        - 8
   galaxy_tags:
   - dovecot
   - postfix
-  - mysql
-
 dependencies: []

tasks/add_example_users.yml

@@ -17,4 +17,4 @@
   loop:
   - virtual_domains
   - virtual_users
-  - virtual_aliases
+  - virtual_aliases

tasks/dovecot.yml

@@ -1,111 +1,111 @@
 ---
 - name: DOVECOT | install packages
-  package:
+  ansible.builtin.package:
     name: "{{ pkg_dovecot }}"
     state: present
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | ensure Dovecot is started and runs at startup
-  service:
+  ansible.builtin.service:
     name: dovecot
     state: started
     enabled: yes
 
 - name: DOVECOT | create vmail group
-  group:
+  ansible.builtin.group:
     name: vmail
     gid: 5000
 
 - name: DOVECOT | create vmail user
-  user:
+  ansible.builtin.user:
     name: vmail
     group: vmail
     uid: 5000
     home: /var/mail
 
 - name: DOVECOT | set secure permissions and ownership on /etc/dovecot
-  file:
+  ansible.builtin.file:
     path: /etc/dovecot
     state: directory
     owner: vmail
     group: dovecot
     mode: o-rwx
 
 - name: DOVECOT | create /var/mail/vhosts
-  file:
+  ansible.builtin.file:
     path: /var/mail/vhosts
     state: directory
     owner: vmail
     group: vmail
 
 - name: DOVECOT | configure (dovecot.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/dovecot.conf.j2
     dest: /etc/dovecot/dovecot.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (10-mail.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/10-mail.conf.j2
     dest: /etc/dovecot/conf.d/10-mail.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (15-mailboxes.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/15-mailboxes.conf.j2
     dest: /etc/dovecot/conf.d/15-mailboxes.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (10-auth.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/10-auth.conf.j2
     dest: /etc/dovecot/conf.d/10-auth.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (dovecot-sql.conf.ext)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/dovecot-sql.conf.ext.j2
     dest: /etc/dovecot/dovecot-sql.conf.ext
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (10-master.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/10-master.conf.j2
     dest: /etc/dovecot/conf.d/10-master.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (10-ssl.conf)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/10-ssl.conf.j2
     dest: /etc/dovecot/conf.d/10-ssl.conf
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot
 
 - name: DOVECOT | configure (auth-sql.conf.ext)
-  template:
+  ansible.builtin.template:
     src: etc/dovecot/conf.d/auth-sql.conf.ext.j2
     dest: /etc/dovecot/conf.d/auth-sql.conf.ext
     owner: vmail
     group: dovecot
     mode: 0440
-  notify: restart dovecot
+  notify: Restart dovecot

tasks/main.yml

@@ -1,20 +1,33 @@
 ---
 # This is separate so that Ansible marks this step as changed instead of the
 # next one when the packages are present
-- name: START | Update apt cache (Debian/Ubuntu)
-  apt:
-    update_cache: yes
+- name: 'START | Update apt cache (Debian/Ubuntu)'
+  ansible.builtin.apt:
+    update_cache: true
   when:
     - ansible_os_family == 'Debian'
 
-- name: START | Include vars specific to each OS family
-  include_vars: "vars/{{ ansible_os_family }}.yml"
+- name: 'START | Include vars specific to each OS family'
+  ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml"
 
-- include: dovecot.yml
-- include: postfix.yml
-- include: sql.yml
-- include: postgrey.yml
-- include_tasks: add_example_users.yml
+- name: 'Include Dovecot tasks'
+  ansible.builtin.include_tasks:
+    file: "dovecot.yml"
+
+- name: 'Include Postfix tasks'
+  ansible.builtin.include_tasks:
+    file: "postfix.yml"
+
+- name: 'Include SQL tasks'
+  ansible.builtin.include_tasks:
+    file: "sql.yml"
+
+- name: 'Include Postgrey tasks'
+  ansible.builtin.include_tasks:
+    file: "postgrey.yml"
+
+- name: 'Include example users tasks'
+  ansible.builtin.include_tasks:
+    file: "add_example_users.yml"
   when:
-    - dovecot_add_example_users is defined
-    - dovecot_add_example_users|bool == true
+    - dovecot_add_example_users is defined and dovecot_add_example_users|bool