DevOps/ansible-role-eom
1
0
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects Releases Wiki Activity

Updated hostname for mailserver

Browse Source
This commit is contained in:
Eric Meehan 2024-12-19 17:04:06 -05:00
parent 50bcece808
commit 03b79105bc
3 changed files with 35 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
tasks/postfix.yaml → tasks/mail.yaml
View File

@ -1,25 +1,25 @@
---
# tasks file for postfix
- name: Create Postfix namespace
# tasks file for mail
- name: Create DMS namespace
k8s:
state: present
definition:
apiVersion: v1
kind: Namespace
metadata:
name: postfix
name: mail
- name: Request a certificate for postfix
- name: Request a certificate for DMS
k8s:
state: present
definition:
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: postfix
namespace: postfix
name: mail
namespace: mail
spec:
secretName: postfix
secretName: mail
privateKey:
algorithm: RSA
encoding: PKCS1
@ -33,10 +33,10 @@
subject:
organizations:
- EOM
commonName: postfix.eom.dev
commonName: mail.eom.dev
dnsNames:
- postfix.eom.dev
- dovecot.eom.dev
- mail.eom.dev
- eom.dev
issuerRef:
name: ca-issuer
kind: ClusterIssuer
@ -48,8 +48,8 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postfix
namespace: postfix
name: mail
namespace: mail
spec:
accessModes:
- ReadWriteOnce
@ -63,25 +63,25 @@
apiVersion: v1
kind: Deployment
metadata:
name: postfix
namespace: postfix
name: mail
namespace: mail
spec:
replicas: 1
selector:
matchLabels:
app: postfix
app: mail
template:
metadata:
labels:
app: postfix
app: mail
spec:
containers:
- name: postfix
- name: mail
image: mailserver/docker-mailserver
volumeMounts:
- name: ssl
mountPath: /etc/letsencrypt
- name: postfix
- name: mail
mountPath: /var/mail
ports:
- containerPort: 25
@ -90,9 +90,9 @@
- containerPort: 993
env:
- name: OVERRIDE_HOSTNAME
value: "postfix.eom.dev"
value: "mail.eom.dev"
- name: POSTMASTER_ADDRESS
value: "postfix@postfix.eom.dev"
value: "postmaster@eom.dev"
- name: ACCOUNT_PROVISIONER
value: "LDAP"
- name: LDAP_SERVER_HOST
@ -106,7 +106,7 @@
- name: LDAP_QUERY_FILTER_DOMAIN
value: "(mail=*@%s)"
- name: LDAP_QUERY_FILTER_USER
value: "(&(mail=%s)(memberOf=cn=Postfix Users,ou=Postfix,ou=Services,dc=eom,dc=dev))"
value: "(&(mail=%s)(memberOf=cn=Mail Users,ou=Mail,ou=Services,dc=eom,dc=dev))"
- name: LDAP_QUERY_FILTER_ALIAS
value: "(&(objectClass=posixAccount)(mailAlias=%s))"
- name: LDAP_QUERY_FILTER_GROUP
@ -120,7 +120,7 @@
- name: DOVECOT_DEFAULT_PASS_SCHEME
value: "MD5-CRYPT"
- name: DOVECOT_USER_FILTER
value: "(&(objectClass=posixAccount)(uid=%n)(memberOf=cn=Dovecot Users,ou=Dovecot,ou=Services,dc=eom,dc=dev))"
value: "(&(objectClass=posixAccount)(uid=%n)(memberOf=cn=Mail Users,ou=Mail,ou=Services,dc=eom,dc=dev))"
- name: DOVECOT_PASS_ATTRS
value: "uid=user,userPassword=password"
- name: DOVECOT_USER_ATTRS
@ -130,7 +130,7 @@
- name: SASLAUTHD_MECHANISMS
value: "ldap"
- name: SASLAUTHD_LDAP_FILTER
value: "(mail=%U@postfix.eom.dev)"
value: "(mail=%U@eom.dev)"
- name: SSL_TYPE
value: "manual"
- name: SSL_CERT_PATH
@ -140,10 +140,10 @@
volumes:
- name: ssl
secret:
secretName: postfix
- name: postfix
secretName: mail
- name: mail
persistentVolumeClaim:
claimName: postfix
claimName: mail
- name: Expose deployment as a service
k8s:
@ -151,11 +151,11 @@
apiVersion: v1
kind: Service
metadata:
name: postfix
namespace: postfix
name: mail
namespace: mail
spec:
selector:
app: postfix
app: mail
ports:
- port: 25
name: smtp-a

2
tasks/main.yaml
View File

@ -3,4 +3,4 @@
- name: Deploy
include_tasks: "{{ item }}"
loop:
- collabora.yaml
- mail.yaml

5
templates/ldap.toml.j2
View File

@ -62,3 +62,8 @@ org_role = "Viewer"
group_dn = "cn=DevOps Owners,ou=DevOps,ou=Organizations,dc=eom,dc=dev"
org_id = 2
org_role = "Admin"
[[servers.group_mappings]]
group_dn = "cn=Finance Owners,ou=Finance,ou=Organizations,dc=eom,dc=dev"
org_id = 3
org_role = "Admin"