46 lines
1.6 KiB
YAML
Executable File
46 lines
1.6 KiB
YAML
Executable File
#!/usr/bin/env ansible-playbook
|
|
# Postfix playbook
|
|
---
|
|
- hosts: sputnik.adm.crans.org, boeing.adm.crans.org, redisdead.adm.crans.org, titanic.adm.crans.org
|
|
vars:
|
|
certbot:
|
|
dns_rfc2136_name: certbot_challenge.
|
|
dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: crans.org
|
|
domains: "*.crans.org"
|
|
bind:
|
|
masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
|
|
opendkim:
|
|
private_key: "{{ vault_opendkim_private_key }}"
|
|
policyd:
|
|
mail: root@crans.org
|
|
exemptions: "{{ lookup('re2oapi', 'get_role', 'user-server')[0] }}"
|
|
mynetworks:
|
|
ipv4:
|
|
"{{ lookup('re2oapi', 'cidrs', 'serveurs',
|
|
'adherents',
|
|
'wifi-new-pub',
|
|
'fil-new-pub',
|
|
'fil-pub',
|
|
'wifi-new-serveurs',
|
|
'wifi-new-adherents',
|
|
'wifi-new-federez',
|
|
'fil-new-serveurs',
|
|
'fil-new-adherents')
|
|
| flatten }}"
|
|
ipv6:
|
|
"{{ lookup('re2oapi', 'prefixv6', 'adherents',
|
|
'fil-new-pub',
|
|
'wifi-new-pub')
|
|
| flatten }}"
|
|
roles:
|
|
- certbot
|
|
- postfix
|
|
- opendkim
|
|
- policyd
|
|
|
|
- hosts: redisdead.adm.crans.org
|
|
roles:
|
|
- sqlgrey
|