no-secrets-athq-ansible/roles/mail/tasks/main.yaml

- name: Install Mail stuff
  apt:
    pkg:
      - postfix
      - dovecot-core
      - dovecot-imapd
      - spamassassin
      - nginx
      - postfix-policyd-spf-python
      - opendkim
      - opendkim-tools
    state: present

- name: Deploy Postfix config
  copy:
    src: "{{ item }}"
    dest: "/etc/postfix/{{ item }}"
  with_items:
    - dynamicmaps.cf
    - enabled_senders
    - main.cf
    - master.cf
    - relocated
    - sender_blacklist
    - tls_policy
    - transport
    - virtual
    - header_checks
  notify: restart postfix

- name: Deploy dmark/opendkim config (main)
  copy:
    src: "opendkim/opendkim.conf"
    dest: "/etc/opendkim.conf"
  notify: restart opendkim

- name: Deploy dmark/opendkim config (config dir)
  copy:
    src: "opendkim/{{ item }}"
    dest: "/etc/opendkim/"
  with_items:
    - key.table
    - signing.table
    - trusted.hosts
  notify: restart opendkim

- name: Deploy policy spf config
  copy:
    src: "policy-spf/policyd-spf.conf"
    dest: "/etc/postfix-policyd-spf-python/"
  notify: restart postfix

- name: Deploy dmark/opendkim config (config dir)
  copy:
    src: "opendkim/{{ item }}"
    dest: "/etc/opendkim/"
  with_items:
    - key.table
    - signing.table
  notify: restart postfix

- name: Deploy Dovecot config
  copy:
    src: "{{ item }}"
    dest: "/etc/dovecot/{{ item }}"
  with_items:
    - dovecot.conf
  notify: restart dovecot

- name: Deploy nginx-config
  copy:
    src: nginx.conf
    dest: /etc/nginx/nginx.conf
  notify: restart nginx

- name: Deploy nginx-config (page)
  copy:
    src: nginx_default.conf
    dest: /etc/nginx/sites-available/default
  notify: restart nginx

- name: Deploy user passwd config
  copy:
    src: dovecot_passwd
    dest: /var/dovecot/auth/passwd
    owner: dovecot
    group: dovecot
  notify: restart dovecot