diff options
author | Aaron LI <aly@aaronly.me> | 2018-03-06 12:07:22 +0800 |
---|---|---|
committer | Aaron LI <aly@aaronly.me> | 2018-03-14 11:35:08 +0800 |
commit | 028b2969000e4e83d21c1f75f6c29eb209c39532 (patch) | |
tree | 1dce86b3bbb65482f61536b1e74525f9fb416639 | |
parent | d3a29a6de55c8b20a9b6b7a215cbaf6ded8d0b96 (diff) | |
download | ansible-dfly-vps-028b2969000e4e83d21c1f75f6c29eb209c39532.tar.bz2 |
vars: change mail.user -> mail.vuser
-rw-r--r-- | host_vars/vultr | 8 | ||||
-rw-r--r-- | roles/mail/tasks/main.yml | 12 | ||||
-rw-r--r-- | roles/mail/templates/dovecot.conf.j2 | 20 |
3 files changed, 20 insertions, 20 deletions
diff --git a/host_vars/vultr b/host_vars/vultr index 788da56..f60d2a7 100644 --- a/host_vars/vultr +++ b/host_vars/vultr @@ -58,10 +58,10 @@ mail: domains: - liwt.net # primary - aaronly.me - # Virtual mail user for local delivery (e.g., by Dovecot)) - user: - name: vmail - id: 5000 + # Virtual user for local mail delivery (e.g., by Dovecot) + vuser: + name: vmail # user & group name + id: 5000 # uid & gid home: /home/vmail dkim: selector: default diff --git a/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml index ce063b3..c0f3d4f 100644 --- a/roles/mail/tasks/main.yml +++ b/roles/mail/tasks/main.yml @@ -10,19 +10,19 @@ - dovecot-pigeonhole - name: group - check vmail group - command: pw groupshow {{ mail.user.name }} + command: pw groupshow {{ mail.vuser.name }} register: pw_cmd ignore_errors: true changed_when: false tags: vmail - name: group - create vmail group - command: pw groupadd {{ mail.user.name }} -g {{ mail.user.id }} + command: pw groupadd {{ mail.vuser.name }} -g {{ mail.vuser.id }} when: pw_cmd.rc != 0 tags: vmail - name: user - check vmail user - command: pw usershow {{ mail.user.name }} + command: pw usershow {{ mail.vuser.name }} register: pw_cmd ignore_errors: true changed_when: false @@ -30,9 +30,9 @@ - name: user - create vmail user command: > - pw useradd {{ mail.user.name }} - -u {{ mail.user.id }} -g {{ mail.user.name }} - -m -M 0700 -d {{ mail.user.home }} + pw useradd {{ mail.vuser.name }} + -u {{ mail.vuser.id }} -g {{ mail.vuser.name }} + -m -M 0700 -d {{ mail.vuser.home }} -s /sbin/nologin -c "Virtual Mail User" when: pw_cmd.rc != 0 diff --git a/roles/mail/templates/dovecot.conf.j2 b/roles/mail/templates/dovecot.conf.j2 index b1772b5..ee13a19 100644 --- a/roles/mail/templates/dovecot.conf.j2 +++ b/roles/mail/templates/dovecot.conf.j2 @@ -146,7 +146,7 @@ login_log_format_elements = user=<%{orig_user}> method=%m rip=%r lip=%l mpid=%e # Home directories for virtual users, where Dovecot can save user-specific # files. Home directory shouldn't be the same as mail directory with mbox # or Maildir formats (but with dbox/obox it's fine). -mail_home = {{ mail.user.home }}/%d/%n +mail_home = {{ mail.vuser.home }}/%d/%n # Location for users' mailboxes. The default is empty, which means that # Dovecot tries to find the mailboxes automatically. This won't work if @@ -157,18 +157,18 @@ mail_location = maildir:~/mail:LAYOUT=fs # System user and group used to access mails. If you use multiple, # userdb can override these by returning uid or gid fields. You can # use either numbers or names. -mail_uid = {{ mail.user.name }} -mail_gid = {{ mail.user.name }} +mail_uid = {{ mail.vuser.name }} +mail_gid = {{ mail.vuser.name }} # Use the dedicated virtual mail user to restrict the temporary # privileged operations. -mail_privileged_group = {{ mail.user.name }} +mail_privileged_group = {{ mail.vuser.name }} # Only allow Dovecot use the dedicated virtual mail user. -first_valid_uid = {{ mail.user.id }} -last_valid_uid = {{ mail.user.id }} -first_valid_gid = {{ mail.user.id }} -last_valid_gid = {{ mail.user.id }} +first_valid_uid = {{ mail.vuser.id }} +last_valid_uid = {{ mail.vuser.id }} +first_valid_gid = {{ mail.vuser.id }} +last_valid_gid = {{ mail.vuser.id }} # Mailbox list indexes can be used to optimize IMAP STATUS commands. # They are also required for IMAP NOTIFY extension to be enabled. @@ -305,8 +305,8 @@ service auth { # Anything else causes a failure. unix_listener auth-userdb { mode = 0600 - user = {{ mail.user.name }} - group = {{ mail.user.name }} + user = {{ mail.vuser.name }} + group = {{ mail.vuser.name }} } # Postfix smtp-auth |