32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
#!/usr/bin/env ansible-playbook
|
|
# Postfix playbook
|
|
---
|
|
- hosts: postfix,!mailman
|
|
vars:
|
|
certbot:
|
|
- dns_rfc2136_server: 172.16.10.147
|
|
dns_rfc2136_name: certbot_challenge.
|
|
dns_rfc2136_secret: "{{ vault.certbot_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: crans.org
|
|
domains: "*.crans.org"
|
|
bind:
|
|
masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
|
|
opendkim: "{{ glob_opendkim | default({}) | combine(loc_opendkim | default({})) }}"
|
|
policyd:
|
|
mail: root@crans.org
|
|
exemptions: "{{ lookup('re2oapi', 'get_role', 'user-server')[0] }}"
|
|
mynetworks:
|
|
ipv4: "{{ lookup('re2oapi', 'cidrs', 'serveurs', 'adherents', 'wifi-new-pub', 'fil-new-pub', 'fil-pub', 'wifi-new-serveurs', 'wifi-new-adherents', 'wifi-new-federez',\
|
|
\ 'fil-new-serveurs', 'fil-new-adherents') | flatten }}"
|
|
ipv6: "{{ lookup('re2oapi', 'prefixv6', 'adherents', 'fil-new-pub', 'wifi-new-pub') | flatten }}"
|
|
roles:
|
|
- certbot
|
|
- postfix
|
|
- opendkim
|
|
- policyd
|
|
|
|
- hosts: redisdead.adm.crans.org
|
|
roles:
|
|
- sqlgrey
|