aboutsummaryrefslogtreecommitdiffstats
path: root/roles/mail1
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2019-10-08 20:33:44 +0200
committerEmil Renner Berthing <esmil@labitat.dk>2019-10-08 20:34:31 +0200
commit8ebf2d6db3067650191ab96f9d1d2b9c1599d580 (patch)
treedfb1e76b66a08ff94d02e7e15f516336d426f084 /roles/mail1
parent32b8d0e6b71f47ad763db5b71e160337a05939b2 (diff)
downloadlabitat-ansible-8ebf2d6db3067650191ab96f9d1d2b9c1599d580.tar.gz
labitat-ansible-8ebf2d6db3067650191ab96f9d1d2b9c1599d580.tar.xz
labitat-ansible-8ebf2d6db3067650191ab96f9d1d2b9c1599d580.zip
mail1: add role to set up new mailserver
This is just the base OS for now. Let's hope someone who knows more about mail wants to continue..
Diffstat (limited to 'roles/mail1')
-rw-r--r--roles/mail1/files/ens3.network10
-rw-r--r--roles/mail1/meta/main.yml6
-rw-r--r--roles/mail1/tasks/haveged.yml12
-rw-r--r--roles/mail1/tasks/main.yml24
-rw-r--r--roles/mail1/vars/main.yml32
5 files changed, 84 insertions, 0 deletions
diff --git a/roles/mail1/files/ens3.network b/roles/mail1/files/ens3.network
new file mode 100644
index 0000000..e4c3f7b
--- /dev/null
+++ b/roles/mail1/files/ens3.network
@@ -0,0 +1,10 @@
+[Match]
+Name=ens3
+
+[Network]
+DHCP=no
+IPv6AcceptRA=yes
+Address=10.72.40.20/24
+Gateway=10.72.40.1
+DNS=10.72.40.1
+Domains=labitat.dk
diff --git a/roles/mail1/meta/main.yml b/roles/mail1/meta/main.yml
new file mode 100644
index 0000000..1e8f40f
--- /dev/null
+++ b/roles/mail1/meta/main.yml
@@ -0,0 +1,6 @@
+---
+dependencies:
+- role: debian
+- role: users
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/tasks/haveged.yml b/roles/mail1/tasks/haveged.yml
new file mode 100644
index 0000000..2b2cb65
--- /dev/null
+++ b/roles/mail1/tasks/haveged.yml
@@ -0,0 +1,12 @@
+---
+- name: Enable haveged service
+ systemd:
+ name: 'haveged.service'
+ enabled: yes
+ masked: no
+ state: started
+ when: not chroot
+- name: '- when in chroot'
+ command: 'systemctl enable haveged.service'
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/tasks/main.yml b/roles/mail1/tasks/main.yml
new file mode 100644
index 0000000..c66a6f8
--- /dev/null
+++ b/roles/mail1/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: Install network configuration
+ copy:
+ dest: '/etc/systemd/network/10-ens3.network'
+ src: ens3.network
+ owner: root
+ group: root
+ mode: 0644
+ tags:
+ - networkd-config
+
+- name: Disable unused services
+ systemd:
+ name: '{{ item }}'
+ enabled: no
+ with_items:
+ - remote-fs.target
+ tags:
+ - systemd
+
+- import_tasks: haveged.yml
+ tags: haveged
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/vars/main.yml b/roles/mail1/vars/main.yml
new file mode 100644
index 0000000..7bda909
--- /dev/null
+++ b/roles/mail1/vars/main.yml
@@ -0,0 +1,32 @@
+---
+hostname: 'mail1'
+
+apt_sources:
+ base:
+ components:
+ - main
+ - contrib
+ - non-free
+ security:
+ components:
+ - main
+ - contrib
+ - non-free
+ updates:
+ components:
+ - main
+ - contrib
+ - non-free
+
+apt_packages:
+ 'haveged': present
+
+journald_conf:
+ 'Journal.Storage': 'persistent'
+
+users:
+ 'esmil': sudo
+ 'ast': sudo
+ 'flummer': sudo
+
+# vim: set ts=2 sw=2 et: