- name: Issue Certificate for Postfix and Dovecot
  k8s:
    wait: true
    state: present
    definition:
      apiVersion: cert-manager.io/v1
      kind: Certificate
      metadata:
        name: "{{ mail_short_name }}.{{ domain }}-crt"
        namespace: "{{ mail_namespace | default(namespace) }}"
      spec:
        secretName: "{{ mail_short_name }}.{{ domain }}-secret"
        dnsNames:
        - "{{ mail_short_name }}.{{ domain }}"
        issuerRef:
          name: letsencrypt-prod
          # We can reference ClusterIssuers by changing the kind here.
          # The default value is Issuer (i.e. a locally namespaced Issuer)
          kind: ClusterIssuer
          group: cert-manager.io

- name: Create MailBox PV
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: mailboxes
        namespace: "{{ mail_namespace | default(namespace) }}"
      spec:
        accessModes:
        - "{{ mailbox_storage_mode | default('ReadWriteMany') }}"
        resources:
          requests:
            storage: "{{ mailbox_size | default('50Gi') }}"
        storageClassName: "{{ mailbox_storage | default('nfs-hdd') }}"

- name: Deploy Postfix
  vars:
    postfix_oidc: "{{ mail_oidc }}"
  import_role: 
    name: postfix
  tags: postfix

- name: Deploy Dovecot
  vars:
    dovecot_oidc: "{{ mail_oidc }}"
  import_role: 
    name: dovecot
  tags: dovecot

- name: Deploy Rspamd
  import_role: 
    name: rspamd
  when: rspamd_enabled | default(true)
  tags: rspamd

- name: Deploy Roundcube
  import_role: 
    name: roundcube
  when: roundcube_enabled | default(true)
  tags: roundcube