From 37d43af971ac58512210a2b430d5bfaa75e36028 Mon Sep 17 00:00:00 2001
From: Bombar Maxime <bombar@crans.org>
Date: Sun, 17 May 2020 13:46:26 +0200
Subject: [PATCH] Merge certbot_mx and postfix playbooks

---
 certbot.yml                     | 34 ---------------------------------
 host_vars/titanic.adm.crans.org |  7 +++++++
 postfix.yml                     | 12 +++++++++++-
 3 files changed, 18 insertions(+), 35 deletions(-)
 delete mode 100755 certbot.yml
 create mode 100644 host_vars/titanic.adm.crans.org

diff --git a/certbot.yml b/certbot.yml
deleted file mode 100755
index 80f49ebc..00000000
--- a/certbot.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-# Temporary
-# Wildcard certificate for MX servers
-- hosts: titanic.adm.crans.org, redisdead.adm.crans.org
-  vars:
-    certbot:
-      dns_rfc2136_name: certbot_challenge.
-      dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
-      mail: root@crans.org
-      certname: crans.org
-      domains: "*.crans.org"
-    bind:
-      masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
-  roles:
-    - certbot
-  tasks:
-    - name: Symlink smtp certificate
-      file:
-        src: /etc/letsencrypt/live/crans.org/fullchain.pem
-        dest: /etc/ssl/certs/smtp.pem
-        state: link
-        force: true
-    - name: Symlink smtp private key
-      file:
-        src: /etc/letsencrypt/live/crans.org/privkey.pem
-        dest: /etc/ssl/private/smtp.pem
-        state: link
-        force: true
-    - name: reload postfix
-      systemd:
-        enabled: yes
-        state: restarted
-        name: postfix
diff --git a/host_vars/titanic.adm.crans.org b/host_vars/titanic.adm.crans.org
new file mode 100644
index 00000000..33b8f80c
--- /dev/null
+++ b/host_vars/titanic.adm.crans.org
@@ -0,0 +1,7 @@
+postfix:
+  primary: false
+  secondary: true
+  public: true
+  dkim: true
+  mailman: false
+  titanic: true
diff --git a/postfix.yml b/postfix.yml
index 3eab868d..10ddf47a 100755
--- a/postfix.yml
+++ b/postfix.yml
@@ -1,6 +1,16 @@
 #!/usr/bin/env ansible-playbook
 # Postfix playbook
 ---
-- hosts: sputnik.adm.crans.org, boeing.adm.crans.org, redisdead.adm.crans.org
+- hosts: sputnik.adm.crans.org, boeing.adm.crans.org, redisdead.adm.crans.org, titanic.adm.crans.org
+  vars:
+    certbot:
+      dns_rfc2136_name: certbot_challenge.
+      dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
+      mail: root@crans.org
+      certname: crans.org
+      domains: "*.crans.org"
+    bind:
+      masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
   roles:
+    - certbot
     - postfix