aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorAaron LI <aly@aaronly.me>2018-03-17 14:05:12 +0800
committerAaron LI <aly@aaronly.me>2018-03-17 14:05:12 +0800
commitfc7c935f0cd2dfb3245393afdc56d45ec7030300 (patch)
tree66f858565178ce617897565652b004d925debe94 /roles
parente4367653d0f5d2a2b94b1f4e68f8dacd25086f76 (diff)
downloadansible-dfly-vps-fc7c935f0cd2dfb3245393afdc56d45ec7030300.tar.bz2
mail/dovecot: store pass in ansible vault and hash from there
Diffstat (limited to 'roles')
-rw-r--r--roles/mail/tasks/main.yml4
-rw-r--r--roles/mail/templates/dovecot/passdb.j224
2 files changed, 13 insertions, 15 deletions
diff --git a/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml
index c243a36..72debac 100644
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@@ -92,10 +92,6 @@
-exec sievec '{}' ';'
tags: dovecot
-- name: dovecot - include passdb vars file
- include_vars: "{{ playbook_dir }}/private/dovecot/passdb.yml"
- tags: dovecot
-
- name: dovecot - generate passdb and userdb
template:
src: dovecot/{{ item }}.j2
diff --git a/roles/mail/templates/dovecot/passdb.j2 b/roles/mail/templates/dovecot/passdb.j2
index a8c4ab7..e6c65c9 100644
--- a/roles/mail/templates/dovecot/passdb.j2
+++ b/roles/mail/templates/dovecot/passdb.j2
@@ -21,23 +21,25 @@
{% for domain in mail.domains %}
# [domain: {{ domain }}]
{% for user in mail.userdb %}
-{% set name = user.name %}
-{% set email = name + "@" + domain %}
-{% set pass = passdb[name].pass %}
-# (user: {{ name }})
-{{ email }}:{{ pass }}::::::user={{ email }}
+{% set username = user.name %}
+{% set email = username + "@" + domain %}
+{% set pass = user.pass %}
+# (user: {{ username }})
+{{ email }}:{{ pass | dovecot_makepass }}::::::user={{ email }}
{% for dev in user.devices|default([]) %}
-{% set pass = passdb[name].devices[dev] %}
-{{ email }}@{{ dev }}:{{ pass }}::::::user={{ email }}
+{% set devname = dev.name %}
+{% set pass = dev.pass %}
+{{ email }}@{{ devname }}:{{ pass | dovecot_makepass }}::::::user={{ email }}
{% endfor %}{# devices #}
-{% if name != "root" and user.aliases is defined %}
+{% if username != "root" and user.aliases is defined %}
# aliases
{% for alias in user.aliases|default([]) %}
{% set email = alias + "@" + domain %}
-{{ email }}:{{ pass }}::::::user={{ email }}
+{{ email }}:{{ pass | dovecot_makepass }}::::::user={{ email }}
{% for dev in user.devices|default([]) %}
-{% set pass = passdb[name].devices[dev] %}
-{{ email }}@{{ dev }}:{{ pass }}::::::user={{ email }}
+{% set devname = dev.name %}
+{% set pass = dev.pass %}
+{{ email }}@{{ devname }}:{{ pass | dovecot_makepass }}::::::user={{ email }}
{% endfor %}{# devices #}
{% endfor %}{# alias #}
{% endif %}{# aliases #}