jack/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/roles/tools/tasks/main.yml
jack a28fffa7ae
Some checks failed
CI/CD / syntax-check (push) Successful in 1m30s
Details
CI/CD / deploy (push) Has been cancelled
Details
fix: mailserver account check via host file, not docker exec 
setup email list fails with rc=1 when postfix-accounts.cf doesn't
exist yet (fresh install). Check the mounted config file on the host
instead, which correctly handles the empty/missing case.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 16:55:52 +07:00

115 lines
3.6 KiB
YAML
Raw Blame History

---
- name: Create tools root directory
ansible.builtin.file:
path: "{{ tools_root }}"
state: directory
owner: "{{ deploy_user }}"
group: "{{ deploy_group }}"
mode: "0750"
- name: Create mailserver directories
ansible.builtin.file:
path: "{{ tools_root }}/mailserver/{{ item }}"
state: directory
owner: root
group: root
mode: "0755"
loop:
- mail-data
- mail-state
- mail-logs
- config
- name: Deploy docker-compose.yml
ansible.builtin.template:
src: docker-compose.yml.j2
dest: "{{ tools_root }}/docker-compose.yml"
owner: "{{ deploy_user }}"
group: "{{ deploy_group }}"
mode: "0640"
- name: Deploy .env
ansible.builtin.template:
src: env.j2
dest: "{{ tools_root }}/.env"
owner: "{{ deploy_user }}"
group: "{{ deploy_group }}"
mode: "0600"
- name: Pull images
community.docker.docker_image:
name: "{{ item }}"
source: pull
loop:
- "{{ outline_image }}"
- "{{ outline_db_image }}"
- "{{ outline_redis_image }}"
- "{{ n8n_image }}"
- "{{ mailserver_image }}"
- name: Start tools stack
community.docker.docker_compose_v2:
project_src: "{{ tools_root }}"
state: present
pull: missing
- name: Wait for mailserver to be ready
ansible.builtin.command: docker exec mailserver postfix status
register: postfix_status
changed_when: false
retries: 12
delay: 10
until: postfix_status.rc == 0
# Check the host-side mounted config file directly (setup email list fails if file doesn't exist yet)
- name: Check if noreply mail account exists
ansible.builtin.stat:
path: "{{ tools_root }}/mailserver/config/postfix-accounts.cf"
register: postfix_accounts_file
- name: Check noreply account in postfix-accounts.cf
ansible.builtin.command: >
grep -q "noreply@{{ domain_base }}" {{ tools_root }}/mailserver/config/postfix-accounts.cf
register: mail_account_check
changed_when: false
failed_when: false
when: postfix_accounts_file.stat.exists
- name: Create noreply mail account
ansible.builtin.command: >
docker exec mailserver setup email add noreply@{{ domain_base }} {{ mailserver_noreply_password }}
when: >
not postfix_accounts_file.stat.exists or
(mail_account_check.rc is defined and mail_account_check.rc != 0)
- name: Check if DKIM key exists
ansible.builtin.stat:
path: "{{ tools_root }}/mailserver/config/rspamd/dkim/{{ domain_base }}.private"
register: dkim_key
- name: Generate DKIM key
ansible.builtin.command: >
docker exec mailserver setup config dkim domain {{ domain_base }}
when: not dkim_key.stat.exists
register: dkim_generated
- name: Show DKIM DNS record
ansible.builtin.command: >
cat {{ tools_root }}/mailserver/config/rspamd/dkim/{{ domain_base }}.txt
when: dkim_generated is changed
register: dkim_record
- name: Print DKIM DNS instructions
ansible.builtin.debug:
msg: |
══════════════════════════════════════════════════════════════════
DKIM key generated! Add this TXT record to Cloudflare DNS:
{{ dkim_record.stdout }}
Also add SPF record:
Type: TXT Name: @ Value: v=spf1 ip4:{{ ip_tools }} ~all
And DMARC record:
Type: TXT Name: _dmarc Value: v=DMARC1; p=none; rua=mailto:admin@{{ domain_base }}
══════════════════════════════════════════════════════════════════
when: dkim_generated is changed
Reference in a new issue View git blame Copy permalink