From 3a6ae4ab3c3877b2785ec89f77e0ecfbe5174a5e Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Mon, 23 Dec 2024 00:03:56 +0000
Subject: [PATCH] fix: move email addresses to var file

---
 group_vars/mail.yaml                          | 25 +++++++++++
 roles/mail/files/enabled_senders              | 10 -----
 roles/mail/files/virtual                      | 42 -------------------
 roles/mail/handlers/main.yml                  |  1 -
 roles/mail/tasks/main.yaml                    |  3 +-
 .../mail/{files => templates}/dynamicmaps.cf  |  0
 roles/mail/templates/enabled_senders          |  6 +++
 roles/mail/{files => templates}/header_checks |  0
 roles/mail/{files => templates}/main.cf       |  0
 roles/mail/{files => templates}/master.cf     |  0
 roles/mail/{files => templates}/relocated     |  0
 roles/mail/{files => templates}/sender_access |  0
 .../{files => templates}/sender_blacklist     |  0
 roles/mail/{files => templates}/tls_policy    |  0
 roles/mail/{files => templates}/transport     |  0
 roles/mail/templates/virtual                  | 17 ++++++++
 16 files changed, 49 insertions(+), 55 deletions(-)
 delete mode 100644 roles/mail/files/enabled_senders
 delete mode 100644 roles/mail/files/virtual
 rename roles/mail/{files => templates}/dynamicmaps.cf (100%)
 create mode 100644 roles/mail/templates/enabled_senders
 rename roles/mail/{files => templates}/header_checks (100%)
 rename roles/mail/{files => templates}/main.cf (100%)
 rename roles/mail/{files => templates}/master.cf (100%)
 rename roles/mail/{files => templates}/relocated (100%)
 rename roles/mail/{files => templates}/sender_access (100%)
 rename roles/mail/{files => templates}/sender_blacklist (100%)
 rename roles/mail/{files => templates}/tls_policy (100%)
 rename roles/mail/{files => templates}/transport (100%)
 create mode 100644 roles/mail/templates/virtual

diff --git a/group_vars/mail.yaml b/group_vars/mail.yaml
index 70e1bf2..492b47a 100644
--- a/group_vars/mail.yaml
+++ b/group_vars/mail.yaml
@@ -1,3 +1,28 @@
 ---
 checks :
     - { user : nobody, name : mail_queue, cmd : "/usr/lib/nagios/plugins/check_mailq -w 10 -c 20"}
+
+mail_virtual_transport:
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET,kat.maurer@fau.de
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+
+mail_enabled_senders:
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    HISTORY_PURGED_SECRET: HISTORY_PURGED_SECRET
+    noreply@atlantishq.de: noreply@atlantishq.de
diff --git a/roles/mail/files/enabled_senders b/roles/mail/files/enabled_senders
deleted file mode 100644
index 2c82862..0000000
--- a/roles/mail/files/enabled_senders
+++ /dev/null
@@ -1,10 +0,0 @@
-# Sender adress       the               user          may use :)
-HISTORY_PURGED_SECRET                    HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET                   HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET         HISTORY_PURGED_SECRET
-#joerg@darknet-fashion.de                joerg@darknet-fashion.de
-HISTORY_PURGED_SECRET               HISTORY_PURGED_SECRET
-noreply@atlantishq.de                   noreply@atlantishq.de
-#@darknet-fashion.de                     joerg
-#@darknet-fashion.com                    joerg
-@atlantishq.de                          sheppy
diff --git a/roles/mail/files/virtual b/roles/mail/files/virtual
deleted file mode 100644
index 1108845..0000000
--- a/roles/mail/files/virtual
+++ /dev/null
@@ -1,42 +0,0 @@
-# you can also so this: test-second-account@atlantishq.de test@atlantishq.de
-# which will give all incoming mails of test-second-account to test (sorta obvious)
-
-# IMPORTANT >> IT IS _NOT_ NESSESARY TO DO THE FOLLOWING << IMPORTANT
-# user@atlantishq.de user@esports-erlangen.de
-# every user will get emails from both domains
-
-# If a user also wants to _SEND_ mails, he also have to have an
-# entry in the /etc/postfix/enabled-senders
-
-# CHANGES IN THIS FILE MUST BE MAPPED BEFORE RESTART (!)
-# postmap FILENAME
-# CHANGES IN THIS FILE WILL ONLY BE APPLIED ON POSTFIX RESTART, NOT RELOAD (!)
-
-# sheppy
-HISTORY_PURGED_SECRET    HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET        HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET           HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET         HISTORY_PURGED_SECRET
-#HISTORY_PURGED_SECRET   HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET           HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET	    	    HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET	        HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET          HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET  HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET         HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET HISTORY_PURGED_SECRET
-HISTORY_PURGED_SECRET HISTORY_PURGED_SECRET
-
-# gpt
-HISTORY_PURGED_SECRET HISTORY_PURGED_SECRET,kat.maurer@fau.de
-
-# michy
-HISTORY_PURGED_SECRET        HISTORY_PURGED_SECRET
-
-# catchall
-#@atlantishq.de       HISTORY_PURGED_SECRET
-#@esports-erlangen.de HISTORY_PURGED_SECRET
-@darknet-fashion.com        joerg@darknet-fashion.de
-@darknet-fashion.de         joerg@darknet-fashion.de
diff --git a/roles/mail/handlers/main.yml b/roles/mail/handlers/main.yml
index 1e8624a..f53d5bb 100644
--- a/roles/mail/handlers/main.yml
+++ b/roles/mail/handlers/main.yml
@@ -5,7 +5,6 @@
   with_items:
     - sender_access
     - enabled_senders
-    - relocated
     - sender_blacklist
     - tls_policy
     - transport
diff --git a/roles/mail/tasks/main.yaml b/roles/mail/tasks/main.yaml
index f6f6341..8ec4100 100644
--- a/roles/mail/tasks/main.yaml
+++ b/roles/mail/tasks/main.yaml
@@ -12,7 +12,7 @@
     state: present
 
 - name: Deploy Postfix config
-  copy:
+  template:
     src: "{{ item }}"
     dest: "/etc/postfix/{{ item }}"
   with_items:
@@ -20,7 +20,6 @@
     - enabled_senders
     - main.cf
     - master.cf
-    - relocated
     - sender_blacklist
     - tls_policy
     - transport
diff --git a/roles/mail/files/dynamicmaps.cf b/roles/mail/templates/dynamicmaps.cf
similarity index 100%
rename from roles/mail/files/dynamicmaps.cf
rename to roles/mail/templates/dynamicmaps.cf
diff --git a/roles/mail/templates/enabled_senders b/roles/mail/templates/enabled_senders
new file mode 100644
index 0000000..771cafd
--- /dev/null
+++ b/roles/mail/templates/enabled_senders
@@ -0,0 +1,6 @@
+# Sender adress       the               user          may use :)
+{% for key, value in mail_enabled_senders %}
+{{ key }} {{ value }}
+{% endfor %}
+
+@atlantishq.de sheppy
diff --git a/roles/mail/files/header_checks b/roles/mail/templates/header_checks
similarity index 100%
rename from roles/mail/files/header_checks
rename to roles/mail/templates/header_checks
diff --git a/roles/mail/files/main.cf b/roles/mail/templates/main.cf
similarity index 100%
rename from roles/mail/files/main.cf
rename to roles/mail/templates/main.cf
diff --git a/roles/mail/files/master.cf b/roles/mail/templates/master.cf
similarity index 100%
rename from roles/mail/files/master.cf
rename to roles/mail/templates/master.cf
diff --git a/roles/mail/files/relocated b/roles/mail/templates/relocated
similarity index 100%
rename from roles/mail/files/relocated
rename to roles/mail/templates/relocated
diff --git a/roles/mail/files/sender_access b/roles/mail/templates/sender_access
similarity index 100%
rename from roles/mail/files/sender_access
rename to roles/mail/templates/sender_access
diff --git a/roles/mail/files/sender_blacklist b/roles/mail/templates/sender_blacklist
similarity index 100%
rename from roles/mail/files/sender_blacklist
rename to roles/mail/templates/sender_blacklist
diff --git a/roles/mail/files/tls_policy b/roles/mail/templates/tls_policy
similarity index 100%
rename from roles/mail/files/tls_policy
rename to roles/mail/templates/tls_policy
diff --git a/roles/mail/files/transport b/roles/mail/templates/transport
similarity index 100%
rename from roles/mail/files/transport
rename to roles/mail/templates/transport
diff --git a/roles/mail/templates/virtual b/roles/mail/templates/virtual
new file mode 100644
index 0000000..f7c6215
--- /dev/null
+++ b/roles/mail/templates/virtual
@@ -0,0 +1,17 @@
+# you can also so this: test-second-account@atlantishq.de test@atlantishq.de
+# which will give all incoming mails of test-second-account to test (sorta obvious)
+
+# IMPORTANT >> IT IS _NOT_ NESSESARY TO DO THE FOLLOWING << IMPORTANT
+# user@atlantishq.de user@esports-erlangen.de
+# every user will get emails from both domains
+
+# If a user also wants to _SEND_ mails, he also have to have an
+# entry in the /etc/postfix/enabled-senders
+
+# CHANGES IN THIS FILE MUST BE MAPPED BEFORE RESTART (!)
+# postmap FILENAME
+# CHANGES IN THIS FILE WILL ONLY BE APPLIED ON POSTFIX RESTART, NOT RELOAD (!)
+
+{% for ingress_mail, target in mail_virtual_transport.items() %}
+{{ ingress_mail }} {{ target }}
+{% endfor %}