Merge pull request #73 from Oefenweb/make-relayhost-configurable

Make relayhost configurable

README.md

@@ -16,8 +16,10 @@ None
  * `postfix_mailname` [default: `{{ ansible_fqdn }}`]: Mail name (in `/etc/mailname`), used for `myorigin`
  * `postfix_aliases` [default: `[]`]: Aliases to ensure present in `/etc/aliases`
  * `postfix_virtual_aliases` [default: `[]`]: Virtual aliases to ensure present in `/etc/postfix/virtual`
- * `postfix_sender_canonical_maps` [default: `[]`]: Sender address rewriting in `/etc/postfix/sender_canonical_maps` ([see](http://www.postfix.org/postconf.5.html#sender_canonical_maps))
- * `postfix_recipient_canonical_maps` [default: `[]`]: Recipient address rewriting in `/etc/postfix/recipient_canonical_maps` ([see](http://www.postfix.org/postconf.5.html#recipient_canonical_maps))
+ * `postfix_sender_canonical_maps` [default: `[]`]: Sender address rewriting in `/etc/postfix/sender_canonical_maps` ([see](http://www.postfix.org/postconf.5.html#transport_maps))
+ * `postfix_recipient_canonical_maps` [default: `[]`]: Recipient address rewriting in `/etc/postfix/recipient_canonical_maps` ([see](http://www.postfix.org/postconf.5.html#sender_dependent_relayhost_maps))
+ * `postfix_transport_maps` [default: `[]`]: Transport mapping based on recipient address `/etc/postfix/transport_maps` ([see](http://www.postfix.org/postconf.5.html#recipient_canonical_maps))
+ * `postfix_sender_dependent_relayhost_maps` [default: `[]`]: Transport mapping based on sender address `/etc/postfix/sender_dependent_relayhost_maps` ([see](http://www.postfix.org/postconf.5.html#recipient_canonical_maps))
  * `postfix_header_checks` [default: `[]`]: Lookup tables for content inspection of primary non-MIME message headers `/etc/postfix/header_checks` ([see](http://www.postfix.org/postconf.5.html#header_checks))
  * `postfix_generic:` [default: `[]`]: Generic table address mapping in `/etc/postfix/generic` ([see](http://www.postfix.org/generic.5.html))
  * `postfix_mydestination` [default: `["{{ postfix_hostname }}", 'localdomain', 'localhost', 'localhost.localdomain']`]: Specifies what domains this machine will deliver locally, instead of forwarding to another machine
@@ -48,9 +50,10 @@ None
 * `debconf`
 * `debconf-utils`
 
-#### Example
+#### Example(s)
 
 A simple example that doesn't use SASL relaying:
+
 ```yaml
 ---
 - hosts: all
@@ -63,6 +66,7 @@ A simple example that doesn't use SASL relaying:
 ```
 
 A simple example with virtual aliases for mail forwarding that doesn't use SASL relaying:
+
 ```yaml
 ---
 - hosts: all
@@ -83,6 +87,7 @@ A simple example with virtual aliases for mail forwarding that doesn't use SASL
 ```
 
 A simple example that rewrites the sender address:
+
 ```yaml
 ---
 - hosts: all
@@ -91,10 +96,11 @@ A simple example that rewrites the sender address:
   vars:
     postfix_sender_canonical_maps:
       - sender: root
-        rewrite: postmaster@example.com
+        rewrite: postmaster@yourdomain.org
 ```
 
 Provide the relay host name if you want to enable relaying:
+
 ```yaml
 ---
 - hosts: all
@@ -107,7 +113,30 @@ Provide the relay host name if you want to enable relaying:
     postfix_relayhost: mail.yourdomain.org
 ```
 
+Conditional relaying:
+
+```yaml
+---
+- hosts: all
+  roles:
+    - postfix
+  vars:
+    postfix_transport_maps:
+      - pattern: '[email protected]'
+        result: ':'
+      - pattern: '*'
+        result: "smtp:{{ ansible_lo['ipv4']['address'] }}:1025"
+    postfix_sender_dependent_relayhost_maps:
+      - pattern: '[email protected]'
+        result: 'DUNNO'
+      - pattern: '[email protected]'
+        result: 'DUNNO'
+      - pattern: '*'
+        result: "smtp:{{ ansible_lo['ipv4']['address'] }}:1025"
+```
+
 For AWS SES support:
+
 ```yaml
 ---
 - hosts: all
@@ -125,6 +154,7 @@ For AWS SES support:
 ```
 
 For MailHog support:
+
 ```yaml
 ---
 - hosts: all
@@ -140,6 +170,7 @@ For MailHog support:
 ```
 
 For Gmail support:
+
 ```yaml
 ---
 - hosts: all
@@ -157,11 +188,14 @@ For Gmail support:
 ```
 
 If you configure your Google account for extra security to use the 2-step verification, then
-postfix won't send out emails anymore and you might notice error messages in the /var/log/mail.log file
+postfix won't send out emails anymore and you might notice error messages in the `/var/log/mail.log` file
 
-To fix this issue, you need to visit the ([Authorizing applications & sites](http://www.google.com/accounts/IssuedAuthSubTokens?hide_authsub=1)) page under your Google Account settings. On this page enter the name of the application to be authorized (Postfix) and click on Generate button. Set the ```postfix_sasl_password``` variable with the password generated by this page.
+To fix this issue, you need to visit the ([Authorizing applications & sites](http://www.google.com/accounts/IssuedAuthSubTokens?hide_authsub=1)) 
+page under your Google Account settings. On this page enter the name of the application to be authorized (Postfix) and click on Generate button. 
+Set the `postfix_sasl_password` variable with the password generated by this page.
 
 A simple example that shows how to add some raw config:
+
 ```yaml
 ---
 - hosts: all

defaults/main.yml

@@ -12,6 +12,8 @@ postfix_aliases: []
 postfix_virtual_aliases: []
 postfix_sender_canonical_maps: []
 postfix_recipient_canonical_maps: []
+postfix_transport_maps: []
+postfix_sender_dependent_relayhost_maps: []
 postfix_header_checks: []
 postfix_generic: []
 postfix_relayhost: false

handlers/main.yml

@@ -15,6 +15,12 @@
 - name: postmap recipient_canonical_maps
   command: postmap {{ postfix_default_database_type }}:{{ postfix_recipient_canonical_maps_file }}
 
+- name: postmap transport_maps
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_transport_maps_file }}
+
+- name: postmap sender_dependent_relayhost_maps
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_sender_dependent_relayhost_maps_file }}
+
 - name: postmap generic
   command: postmap {{ postfix_default_database_type }}:{{ postfix_generic_file }}
 

tasks/main.yml

@@ -77,7 +77,7 @@
 - name: configure aliases
   lineinfile:
     dest: "{{ postfix_aliases_file }}"
-    regexp: '^{{ item.user }}:.*'
+    regexp: '^{{ item.user | regex_escape }}.*'
     line: '{{ item.user }}: {{ item.alias }}'
     owner: root
     group: root
@@ -110,7 +110,7 @@
 - name: configure virtual aliases
   lineinfile:
     dest: "{{ postfix_virtual_aliases_file }}"
-    regexp: '^{{ item.virtual }}.*'
+    regexp: '^{{ item.virtual | regex_escape }}.*'
     line: '{{ item.virtual }} {{ item.alias }}'
     owner: root
     group: root
@@ -129,7 +129,7 @@
 - name: configure sender canonical maps
   lineinfile:
     dest: "{{ postfix_sender_canonical_maps_file }}"
-    regexp: '^{{ item.sender }}.*'
+    regexp: '^{{ item.sender | regex_escape }}.*'
     line: '{{ item.sender }} {{ item.rewrite }}'
     owner: root
     group: root
@@ -148,7 +148,7 @@
 - name: configure recipient canonical maps
   lineinfile:
     dest: "{{ postfix_recipient_canonical_maps_file }}"
-    regexp: '^{{ item.recipient }}.*'
+    regexp: '^{{ item.recipient | regex_escape }}.*'
     line: '{{ item.recipient }} {{ item.rewrite }}'
     owner: root
     group: root
@@ -164,10 +164,48 @@
     - postfix
     - postfix-recipient-canonical-maps
 
+- name: configure transport maps
+  lineinfile:
+    dest: "{{ postfix_transport_maps_file }}"
+    regexp: '^{{ item.pattern | regex_escape }}.*'
+    line: '{{ item.pattern }} {{ item.result }}'
+    owner: root
+    group: root
+    mode: 0644
+    create: true
+    state: present
+  with_items: "{{ postfix_transport_maps }}"
+  notify:
+    - postmap transport_maps
+    - restart postfix
+  tags:
+    - configuration
+    - postfix
+    - postfix-transport-maps
+
+- name: configure sender dependent relayhost maps
+  lineinfile:
+    dest: "{{ postfix_sender_dependent_relayhost_maps_file }}"
+    regexp: '^{{ item.pattern | regex_escape }}.*'
+    line: '{{ item.pattern }} {{ item.result }}'
+    owner: root
+    group: root
+    mode: 0644
+    create: true
+    state: present
+  with_items: "{{ postfix_sender_dependent_relayhost_maps }}"
+  notify:
+    - postmap sender_dependent_relayhost_maps
+    - restart postfix
+  tags:
+    - configuration
+    - postfix
+    - postfix-sender-dependent-relayhost-maps
+
 - name: configure generic table
   lineinfile:
     dest: "{{ postfix_generic_file }}"
-    regexp: '^{{ item.pattern }}.*'
+    regexp: '^{{ item.pattern | regex_escape }}.*'
     line: '{{ item.pattern }} {{ item.result }}'
     owner: root
     group: root
@@ -185,8 +223,8 @@
 
 - name: configure header checks
   template:
-    src: etc/postfix/header_checks.j2
-    dest: /etc/postfix/header_checks
+    src: "{{ postfix_header_checks_file.lstrip('/') }}.j2"
+    dest: "{{ postfix_header_checks_file }}"
     owner: root
     group: root
     mode: 0644

templates/etc/postfix/main.cf.j2

@@ -5,7 +5,7 @@
 # Debian specific:  Specifying a file name will cause the first
 # line of that file to be used as the name.  The Debian default
 # is /etc/mailname.
-myorigin = /etc/mailname
+myorigin = {{ postfix_mailname_file }}
 
 smtpd_banner = {{ postfix_smtpd_banner }}
 biff = no
@@ -30,25 +30,31 @@ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 
 myhostname = {{ postfix_hostname }}
 default_database_type = {{ postfix_default_database_type }}
-alias_maps = {{ postfix_default_database_type }}:/etc/aliases
-alias_database = {{ postfix_default_database_type }}:/etc/aliases
+alias_maps = {{ postfix_default_database_type }}:{{ postfix_aliases_file }}
+alias_database = {{ postfix_default_database_type }}:{{ postfix_aliases_file }}
 {% if postfix_virtual_aliases %}
-virtual_alias_maps = {{ postfix_default_database_type }}:/etc/postfix/virtual
+virtual_alias_maps = {{ postfix_default_database_type }}:{{ postfix_virtual_aliases_file }}
 {% endif %}
 {% if postfix_sender_canonical_maps %}
-sender_canonical_maps = {{ postfix_default_database_type }}:/etc/postfix/sender_canonical_maps
+sender_canonical_maps = {{ postfix_default_database_type }}:{{ postfix_sender_canonical_maps_file }}
 {% endif %}
 {% if postfix_recipient_canonical_maps %}
-recipient_canonical_maps = {{ postfix_default_database_type }}:/etc/postfix/recipient_canonical_maps
+recipient_canonical_maps = {{ postfix_default_database_type }}:{{ postfix_recipient_canonical_maps_file }}
 {% endif %}
 {% if postfix_recipient_canonical_maps %}
 recipient_canonical_maps = hash:/etc/postfix/recipient_canonical_maps
 {% endif %}
+{% if postfix_transport_maps %}
+transport_maps = {{ postfix_default_database_type }}:{{ postfix_transport_maps_file }}
+{% endif %}
+{% if postfix_sender_dependent_relayhost_maps %}
+sender_dependent_relayhost_maps = {{ postfix_default_database_type }}:{{ postfix_sender_dependent_relayhost_maps_file }}
+{% endif %}
 {% if postfix_generic %}
-smtp_generic_maps = {{ postfix_default_database_type }}:/etc/postfix/generic
+smtp_generic_maps = {{ postfix_default_database_type }}:{{ postfix_generic_file }}
 {% endif %}
 {% if postfix_header_checks %}
-smtp_header_checks = {{ postifx_header_checks_database_type }}:/etc/postfix/header_checks
+smtp_header_checks = {{ postifx_header_checks_database_type }}:{{ postfix_header_checks_file }}
 {% endif %}
 mydestination = {{ postfix_mydestination | join(', ') }}
 mynetworks = {{ postfix_mynetworks | join(' ') }}

vars/main.yml

@@ -6,9 +6,13 @@ postfix_debconf_selections:
    value: No configuration
    vtype: select
 
+postfix_mailname_file: /etc/mailname
 postfix_aliases_file: /etc/aliases
 postfix_virtual_aliases_file: /etc/postfix/virtual
 postfix_sasl_passwd_file: /etc/postfix/sasl_passwd
 postfix_sender_canonical_maps_file: /etc/postfix/sender_canonical_maps
 postfix_recipient_canonical_maps_file: /etc/postfix/recipient_canonical_maps
+postfix_transport_maps_file: /etc/postfix/transport_maps
+postfix_sender_dependent_relayhost_maps_file: /etc/postfix/sender_dependent_relayhost_maps
 postfix_generic_file: /etc/postfix/generic
+postfix_header_checks_file: /etc/postfix/header_checks