{"id":21129601,"url":"https://github.com/pimvh/postfix","last_synced_at":"2025-03-14T12:13:01.417Z","repository":{"id":63825745,"uuid":"568870893","full_name":"pimvh/postfix","owner":"pimvh","description":"Ansible role to setup Postfix","archived":false,"fork":false,"pushed_at":"2024-05-20T18:51:34.000Z","size":118,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-21T06:09:51.370Z","etag":null,"topics":["ansible","dkim","dmarc","email","molecule-tested","postfix","role","spf"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pimvh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-21T15:32:33.000Z","updated_at":"2024-05-20T18:51:37.000Z","dependencies_parsed_at":"2024-03-02T15:26:01.943Z","dependency_job_id":"5fc81a3d-c465-4b17-ac01-fb462906a582","html_url":"https://github.com/pimvh/postfix","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pimvh%2Fpostfix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pimvh%2Fpostfix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pimvh%2Fpostfix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pimvh%2Fpostfix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pimvh","download_url":"https://codeload.github.com/pimvh/postfix/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243573493,"owners_count":20312883,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","dkim","dmarc","email","molecule-tested","postfix","role","spf"],"created_at":"2024-11-20T05:26:02.678Z","updated_at":"2025-03-14T12:13:01.398Z","avatar_url":"https://github.com/pimvh.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Molecule test](https://github.com/pimvh/postfix/actions/workflows/test.yaml/badge.svg)\n\n# Requirements\n\n1. Ansible installed:\n\n```\nsudo apt install python3\npython3 -m ensurepip --upgrade\npip3 install ansible\n```\n\n2. This role installed:\n\n```\nansible-galaxy install pimvh.postfix\n```\n\n## Required variables\n\nReview the variables as shown in defaults. A description of what the variables entail is given in the argument spec, in meta/main.yaml. The variables passed to this role are validated by the argument spec at runtime.\n\n# Example playbook\n\nA simple way to run this role on a host, is the following:\n\n```\n- hosts:\n  - foo\n\n  vars:\n    postfix_ipv4: \u003c\u003c Pass the IPv4 address of the postfix mail server here \u003e\u003e\n    postfix_ipv6: \u003c\u003c Pass the IPv6 address of the Postfix mail server here \u003e\u003e\n    postfix_myhostname: \"\u003c\u003c Pass the postfix domain name here \u003e\u003e\"\n    postfix_mydomain: \"\u003c\u003c Pass the postfix domain here, defaults to myhostname \u003e\u003e\"\n    postfix_mynetworks:\n      - 127.0.0.0/8\n      - \"::1/128\" # You do not have to bracket IPv6 addresses, this is taken care of by filters\n    # Add additional networks when required\n    postfix_virtual_alias_domains: [] # Add virtual aliases domains when required (see meta/main.yaml for structure)\n    postfix_relay_domains: [] # Add relay domains when required (see defaults/main.yaml for structure)\n    postfix_aliases: # Add user aliases when required\n      - user: root\n        alias: postmaster\n    # can be also a list of users\n    # - users:\n    #     - fred\n    #     - foo\n    #     - bar\n    #   alias: something\n\n    postfix_virtual_aliases: [] # Add virtual aliases when required (see meta/main.yaml for structure)\n\n    # You probably can skip these rest of the variables\n    # postfix_install: true\n    # postfix_dir: /etc/postfix\n\n    # postfix_dkim_enabled: true # DKIM is by default enabled\n    # postfix_dkim_keys:\n    #   default:\n    #     mail: \"*\"\n\n    # DKIM file placement the filesystem\n    # postfix_dkim_keytable: /etc/opendkim/keytable\n    # postfix_dkim_signingtable: /etc/opendkim/signingtable\n    # postfix_dkim_trustedhosts: \"/etc/opendkim/trustedhosts\"\n\n    # cert location is based on certbots default place (you can run the role pimvh.certbot to pull certs)\n    # postfix_smtpd_tls_cert_file: \"/etc/letsencrypt/live/{{ postfix_mydomain }}/fullchain.pem\"\n    # postfix_smtpd_tls_key_file: \"/etc/letsencrypt/live/{{ postfix_mydomain }}/privkey.pem\"\n\n  roles:\n    - pimvh.postfix\n\n```\n\nYou will probably save yourself some refactors if do not set variables inline, but based on hosts and/or groups. However, this depends on your specific use-case. Take a look at the Ansible recommended playbook setup for this.\n\n# TLDR - What will happen if I run this\n\n- validate whether variables are all right\n- install postfix\n- install and configure amavis\n- install and configure opendkim\n- install and configure opendmarc\n- install and configure dovecot with system-users and virtual mail directory\n- configure mailutils (installed by role this is dependant on)\n\n# What this role does not do\n\n## Firewalling\n\nThis role does not do any firewalling, due to you probably having specific requirements for that. You probably do not want to open your IMAP port to the entire internet, if you can avoid it. So take care!\n\n## Setting up a database backend\n\nI haven't gotten around to configuring the setup of a database as a back-end for postfix. If you're interested, feel free to contribute.\n\n# Troubleshooting\n\nThis role validates the passed variables. If you:\n\n- see issues with the argument spec, you probably made an error when passing variables to this role.\n- encounter problems while running this playbook, don't hesitate to describe your issue in details and open an issue.\n\n# Future Improvements\n\nThere are still a number of things which can be improved for this role. The following things are things I am considering of adding:\n\n- Add a dmarc parsing tool\n- Add a better backend to the postfix server, like a database instead of the bare filesystem.\n\nIf you have other Improvements, feel free to open an issue.\n\n# Sources\n\n- [Postfix documentation](https://www.postfix.org/documentation.html)\n- [SIDN guide on configuring Postfix](https://www.sidn.nl/en/news-and-blogs/hands-on-implementing-spf-dkim-and-dmarc-in-postfix)\n- [How to configure Dovecot](https://www.linuxbabe.com/mail-server/install-dovecot-imap-server-debian)\n- [Dovecot installation test commands](https://wiki2.dovecot.org/TestInstallation)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpimvh%2Fpostfix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpimvh%2Fpostfix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpimvh%2Fpostfix/lists"}