ansible/roles/mail/tasks/main.yaml

- name: Issue Certificate for Postfix and Dovecot
  k8s:
    wait: true
    state: present
    definition:
      apiVersion: cert-manager.io/v1
      kind: Certificate
      metadata:
        name: "mail.{{ domain }}-crt"
        namespace: "{{ mail_namespace | default(namespace) }}"
      spec:
        secretName: "mail.{{ domain }}-secret"
        dnsNames:
        - "mail.{{ domain }}"
        issuerRef:
          name: letsencrypt-prod
          # We can reference ClusterIssuers by changing the kind here.
          # The default value is Issuer (i.e. a locally namespaced Issuer)
          kind: ClusterIssuer
          group: cert-manager.io

- name: Create MailBox PV
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: mailboxes
        namespace: "{{ mail_namespace | default(namespace) }}"
      spec:
        accessModes:
        - "{{ mailbox_storage_mode | default('ReadWriteMany') }}"
        resources:
          requests:
            storage: "{{ mailbox_size | default('50Gi') }}"
        storageClassName: "{{ mailbox_storage | default('nfs-hdd') }}"

- name: Deploy Postfix
  import_role: 
    name: postfix
  tags: postfix

- name: Deploy Dovecot
  import_role: 
    name: dovecot
  tags: dovecot

- name: Deploy OpenDKIM
  import_role: 
    name: opendkim
  tags: opendkim

- name: Deploy OpenDMARC
  import_role: 
    name: opendmarc
  tags: opendmarc

- name: Deploy Rspamd
  import_role: 
    name: rspamd
  when: rspamd_enabled | default(false)
  tags: rspamd

- name: Deploy Roundcube
  import_role: 
    name: roundcube
  when: roundcube_enabled | default(true)
  tags: roundcube
GHP publish 2021-01-09 17:54:42 +00:00			`- name: Issue Certificate for Postfix and Dovecot`
			`k8s:`
			`wait: true`
			`state: present`
			`definition:`
			`apiVersion: cert-manager.io/v1`
			`kind: Certificate`
			`metadata:`
			`name: "mail.{{ domain }}-crt"`
			`namespace: "{{ mail_namespace \| default(namespace) }}"`
			`spec:`
			`secretName: "mail.{{ domain }}-secret"`
			`dnsNames:`
			`- "mail.{{ domain }}"`
			`issuerRef:`
			`name: letsencrypt-prod`
			`# We can reference ClusterIssuers by changing the kind here.`
			`# The default value is Issuer (i.e. a locally namespaced Issuer)`
			`kind: ClusterIssuer`
			`group: cert-manager.io`

			`- name: Create MailBox PV`
			`k8s:`
			`state: present`
			`definition:`
			`apiVersion: v1`
			`kind: PersistentVolumeClaim`
			`metadata:`
			`name: mailboxes`
			`namespace: "{{ mail_namespace \| default(namespace) }}"`
			`spec:`
			`accessModes:`
			`- "{{ mailbox_storage_mode \| default('ReadWriteMany') }}"`
			`resources:`
			`requests:`
			`storage: "{{ mailbox_size \| default('50Gi') }}"`
			`storageClassName: "{{ mailbox_storage \| default('nfs-hdd') }}"`

			`- name: Deploy Postfix`
			`import_role:`
			`name: postfix`
			`tags: postfix`

			`- name: Deploy Dovecot`
			`import_role:`
			`name: dovecot`
			`tags: dovecot`

			`- name: Deploy OpenDKIM`
			`import_role:`
			`name: opendkim`
			`tags: opendkim`

			`- name: Deploy OpenDMARC`
			`import_role:`
			`name: opendmarc`
			`tags: opendmarc`

			`- name: Deploy Rspamd`
			`import_role:`
			`name: rspamd`
			`when: rspamd_enabled \| default(false)`
			`tags: rspamd`

			`- name: Deploy Roundcube`
			`import_role:`
			`name: roundcube`
			`when: roundcube_enabled \| default(true)`
			`tags: roundcube`