generalize sendmail role, move variables up to playbook

2024-01-30 12:00:55 +01:00 · 2024-01-30 12:00:55 +01:00 · 57e2569679
parent 770a6a22b6
commit 57e2569679
4 changed files with 45 additions and 15 deletions
--- a/playbook-vagrant.yml
+++ b/playbook-vagrant.yml
@ -1,17 +1,24 @@
 ---
 - hosts: vagrant
  vars:
-    mta_user: "{{ vault_mta_user }}" 
-    mta_user_pw: "{{ vault_mta_user_pw }}"
+    hostname: vagrant
+    sendmail_mta_user: "{{ vault_mta_user }}" 
+    sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
+    sendmail_mailhub: "box.nilsnh.no:465"
+    sendmail_rewrite_domain: "nilsnh.no"
+    sendmail_revaliases:
+      root: "{{ machine_from_email }}"
+      jake: "{{ machine_from_email }}"
+      git: "{{ machine_from_email }}"
    machine_from_email: "noreply+jake@nilsnh.no"
    machine_notifications_receiver: "mail@nilsnh.no" 
    forgejo_load_backup: "/vagrant/backup-restore/forgejo"
    forgejo_domain: "code.on.nilsnh.no"
    forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
  roles:
+    - sendmail
    # - backup
    # - base
-    # - sendmail
-    - forgejo
+    # - forgejo

 # Tip! Use Valet proxy to setup local proxies.
--- a/playbook.yml
+++ b/playbook.yml
@ -2,12 +2,19 @@
 - hosts: jake
  handlers:
  vars:
+    hostname: jake.box.nilsnh.no
    restic_repo_pw: "{{ vault_restic_pw_jake }}"
    restic_repo_url: "{{ vault_restic_url_jake }}"
-    mta_user: "{{ vault_mta_user }}" 
-    mta_user_pw: "{{ vault_mta_user_pw }}"
+    sendmail_mta_user: "{{ vault_mta_user }}" 
+    sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
+    sendmail_mailhub: "box.nilsnh.no:465"
+    sendmail_rewrite_domain: "nilsnh.no"
+    sendmail_revaliases:
+      root: "{{ machine_from_email }}"
+      jake: "{{ machine_from_email }}"
+      git: "{{ machine_from_email }}"
    machine_from_email: "noreply+jake@nilsnh.no"
-    machine_notifications_receiver: "mail@nilsnh.no" 
+    machine_notifications_receiver: "mail@nilsnh.no"
    forgejo_domain: "code.on.nilsnh.no"
    forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
  roles:
@ -15,3 +22,16 @@
    - sendmail
    - forgejo
    - caddy
+
+# - hosts: mr-mittens
+#   handlers:
+#   vars:
+#     restic_repo_pw: "{{ vault_restic_pw_mr-mittens }}"
+#     restic_repo_url: "{{ vault_restic_url_mr-mittens }}"
+#     mta_user: "{{ vault_mta_user }}" 
+#     mta_user_pw: "{{ vault_mta_user_pw }}"
+#     machine_from_email: "noreply+mr-mittens@nilsnh.no"
+#     machine_notifications_receiver: "mail@nilsnh.no" 
+#   roles:
+#     - sendmail
+#     - backup
--- a/roles/sendmail/tasks/main.yml
+++ b/roles/sendmail/tasks/main.yml
@ -14,8 +14,9 @@
  
 - name: configure ssmtp revaliases
  ansible.builtin.blockinfile:
+    state: present
    path: /etc/ssmtp/revaliases
    block: |
-      jake:{{ machine_from_email }}
-      root:{{ machine_from_email }}
-      git:{{ machine_from_email }}
+      {{ item.key }}:{{ item.value }}
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.key }}"
+  loop: "{{ sendmail_revaliases | dict2items }}"
--- a/roles/sendmail/templates/ssmtp.conf.j2
+++ b/roles/sendmail/templates/ssmtp.conf.j2
@ -7,16 +7,18 @@ root={{ machine_notifications_receiver }}

 # The place where the mail goes. The actual machine name is required no 
 # MX records are consulted. Commonly mailhosts are named mail.domain.com
-mailhub=box.nilsnh.no:465
+mailhub={{ sendmail_mailhub }}
+
+# Credentials for accessing mailhub
+AuthUser={{ sendmail_mta_user }}
+AuthPass={{ sendmail_mta_user_pw }}

 # Where will the mail seem to come from?
-rewriteDomain=nilsnh.no
+rewriteDomain={{ sendmail_rewrite_domain }}

 # The full hostname
-hostname=jake.box.nilsnh.no
+hostname={{ hostname  }}

-AuthUser={{ mta_user }}
-AuthPass={{ mta_user_pw }}
 UseTLS=YES

 # Are users allowed to set their own From: address?