Basic Mailu mail server configuration.

3 years ago · 5b966789f7
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 site.retry
--- a/group_vars/vault.yml
+++ b/group_vars/vault.yml
@ -1,39 +1,42 @@
 $ANSIBLE_VAULT;1.1;AES256
 38386533303731643564366434373066323562643961323036663431666263356134376261366236
 3235353765353862623962353834356330633432376139610a636263313364313139303930346136
 36316630326435623564356364333532303136333031303833396331363438623031393730313036
 3037666466366434390a336231626561363166633032313339623839353266323538646166323137
 32363734373062383161366364616239316539643031653332363366303532656465646136396239
 61323736313532643036393539363466386164313138623434653634373563636332306131306561
 36363936613162313663353234356335646131306236666239316533613833353163623861386663
 65316161313961653235653564633933383366356231373535623362613134356262333565666331
 30313531663032613832643661303236643866323137373364313639613435336636356330653235
 34666165393637356463616462343634346436633635633239393830656361326232613265356565
 61303335646335353265313637653932383133343961373232613432663536633639323861396135
 63663930663537666165313731656265383632613065343362313662663563396433316634626134
 37306465633938636364396566373631326563396535366435323338653937613535363536643330
 30326533363431383830313435323632613762343936323938366236326665373532393636323438
 39396531656336343264663835653732623830306435646461316538336332343234376138633537
 31393362376130663832316132643338343636336461656665653039393730346532613239616430
 65303333623338636334656330396633356333616566383031373762626165366139373030656564
 35343061386265346464303237646530663438306531333834313466343933363363336564316261
 39613839366365376161616162636538333865623761306231366232666665336534613636303430
 33613361633637666136306563396538323761323333643764623466616163643135636238613566
 38666335366165316133313331623436366564316532393961313035356464616166363164356138
 38643762303138343264303664646538336661316439666662616232333738396531306165633166
 37376663383365396536303634393334373837353135386231303265636563346465396533326139
 34343465616663323935373861343461383630663230386164343337303932623134383361316561
 31613132313364663637656133393465666239666362663965623233366165393839343938376539
 31303330346365666339383334323937373231643861633637333638353630656566663334393936
 32313737636266323233313635396430326330393466343437313031306562656165616439333130
 35376636306133633030663137393364396636663338313630653366616237643061393166616330
 37646530363164616137363032323634393732326365646361313639653236383164373831326361
 37383038666365653562386531346134393638373165323563363464353834613066623837633061
 63356630313838323031646435333062396138613661643837613162653931626264653139656235
 30353830303838623837646131383138353333626264313262383366336532323934343539306231
 36623834623139386233653038623366613330386163626539376431613864656461323364373935
 33303839613462386433343163643461626535336461303765616536626539393239383634386532
 39633362653166393761623935613239306133346635623330393734656436376535333538366663
 66333132633965626434363033336432363034353438643439313362613339613134626134333236
 34363662386265303962316266613533373666613737663532356536383930636632323038393631
 6465393563633134363863333532343162303036663339326566
 30343263353163636636376538376330383038353737313137346436373536356539303237343532
 6137346636383666656161663166333532393931363535380a616131393636643336363061623736
 30303030653033653438316334313032386636653033343830313132613430326566636439366537
 6334363330363965310a623734666137373164316532333739633461366562303134373831353931
 63396432653461376136633530316663363763613466313563303334303465613734366537636231
 38633165613864363862616233323462316665386263376537636164316132356335303963306664
 65353230636139343638343633643763366131373536623939663532613631323137663865346465
 31613633333335663732303762383530373931656661306239313863316565366566343838616533
 62633936336531613039323231663933373863353035393461396463636330346237666136636331
 62643030376137656261356661316530343965646430313764323334623431303737663338326335
 37626134633163336234636337386463396238306639333166323338643732653338313662373431
 62323261663938396661656566353735663137636565383865613439656138633433623930383265
 39653133373534386364393034666637306466313865306637643063393130333837336566653266
 32333839313365373064373133336334393431623033636633306165396263656663376635366132
 33386134353365323434343231643032636536303832383738636466316663326536303430313630
 61613834306662366236326432333961633233663762616631363330333638363965643963333235
 63346134363334323139323031383030633939646537643562633066656162626131653764303632
 31316164346662623462663966656636376130633066313763613861613630383564613738363330
 35393839643235383038323737303338383939613734656436656664323235653661623832326661
 62376564363131393233623464343636323065643138333638623531666663613633346336626237
 39313134326165616231656533346536343037393462373336323733666165623962666136643963
 36313434356266396163343164333966633930633665333166623562366535663439336563663137
 39343236326165666539633739326432393163346633326433396161346262623132336530393666
 64623464653363343261306635646561373766653263663033326661363136613162333833356534
 62323065366433326364653735366532626337303838313338663363356461373530363831343464
 64333536313031653939356639313666333261336163336362633263383662326434363534383733
 63396338303938376633623137346630656131653130373637376464343835663837666165643934
 64306134666338393335616332326337363933316433333034613161636433613133353830376636
 36303536306163336637633733356662303263633636646232626536653162396462306434653836
 36643363623866313137363033396531373436303330633133633738653864633063323132313066
 39343933626464623564363661323939643732663266323235376438393966656533383339656535
 30643432663764653662303831373962653436306666656461386565346534366566306363373531
 39633963326564386534353338336239326336383031393830373534396362336364386464666532
 38616464306137356438306232333031306263333363373638656132353534626631313138373930
 30356238656234663261323363366664386631656266653132323035656134356436313965613837
 30616238636461636237326639613736316339626237386333653738393530613330386137633530
 38613462613831366133613262366466303736336435366438373136363062383637326331666161
 65353265643365383931356164336564303838326464353765636265306563353965343432303733
 37333536316562636366393034353164326633333831623533393730376532303930613030613262
 62303238303766663135666363653834313435636234613738616238336238653233363031633331
 6266
--- a/roles/mail_server_docker/meta/main.yml
+++ b/roles/mail_server_docker/meta/main.yml
@ -0,0 +1,3 @@
 dependencies:
  - role: docker_compose
  - role: web_server
--- a/roles/mail_server_docker/tasks/main.yml
+++ b/roles/mail_server_docker/tasks/main.yml
@ -0,0 +1,76 @@
 - name: create configuration file directoroy
  file: path=/etc/mailu state=directory
  tags:
    - mail_server_docker

 - name: write configuration file
  template:
    src: configuration.j2
    dest: /etc/mailu/config
    mode: 0600
  tags:
    - mail_server_docker

 - name: run mail server containers
  docker_service:
    project_name: mail_server
    pull: yes
    definition:
      version: '3'
      services:
        redis:
          image: redis:alpine
          restart: always
          volumes:
            - "/var/lib/mailu/redis:/data"
        imap:
          image: mailu/dovecot:{{ mail_server_mailu_version }}
          restart: always
          env_file: /etc/mailu/config
          volumes:
            - "/var/lib/mailu/data:/data"
            - "/var/lib/mailu/mail:/mail"
            - "/var/lib/mailu/overrides:/overrides"
        smtp:
          image: mailu/postfix:{{ mail_server_mailu_version }}
          restart: always
          env_file: /etc/mailu/config
          volumes:
            - "/var/lib/mailu/data:/data"
            - "/var/lib/mailu/overrides:/overrides"
        antispam:
          image: mailu/rspamd:{{ mail_server_mailu_version }}
          restart: always
          env_file: /etc/mailu/config
          volumes:
            - "/var/lib/mailu/filter:/var/lib/rspamd"
            - "/var/lib/mailu/dkim:/dkim"
            - "/var/lib/mailu/overrides/rspamd:/etc/rspamd/override.d"
        admin:
          image: mailu/admin:{{ mail_server_mailu_version }}
          restart: always
          env_file: /etc/mailu/config
          environment:
            VIRTUAL_HOST: "{{ mail_server_hostname }}"
            LETSENCRYPT_HOST: "{{ mail_server_hostname }}"
            LETSENCRYPT_EMAIL: "{{ admin_email }}"
          volumes:
            - "/var/lib/mailu/data:/data"
            - "/var/lib/mailu/dkim:/dkim"
            - /var/run/docker.sock:/var/run/docker.sock:ro
          expose:
            - "80"
          depends_on:
            - redis
        fetchmail:
          image: mailu/fetchmail:{{ mail_server_mailu_version }}
          restart: always
          env_file: /etc/mailu/config
          volumes:
            - "/var/lib/mailu/data:/data"
      networks:
        default:
          external:
            name: shared
  tags:
    - mail_server_docker
--- a/roles/mail_server_docker/templates/configuration.j2
+++ b/roles/mail_server_docker/templates/configuration.j2
@ -0,0 +1,115 @@
 # Mailu main configuration file
 #
 # Most configuration variables can be modified through the Web interface,
 # these few settings must however be configured before starting the mail
 # server and require a restart upon change.

 ###################################
 # Common configuration variables
 ###################################

 # Set this to the path where Mailu data and configuration is stored
 ROOT=/var/lib/mailu

 # Mailu version to run (1.0, 1.1, etc. or master)
 VERSION={{ mail_server_mailu_version }}

 # Set to a randomly generated 16 bytes string
 SECRET_KEY={{ mail_server_secret_key }}

 # Address where listening ports should bind
 BIND_ADDRESS4=127.0.0.1
 BIND_ADDRESS6=::1

 # Main mail domain
 DOMAIN={{ mail_server_hostname }}

 # Hostnames for this server, separated with comas
 HOSTNAMES={{ mail_server_public_hostnames | join(',') }}

 # Postmaster local part (will append the main mail domain)
 POSTMASTER=admin

 # Choose how secure connections will behave (value: letsencrypt, cert, notls, mail)
 TLS_FLAVOR=letencrypt

 # Authentication rate limit (per source IP address)
 AUTH_RATELIMIT=10/minute;1000/hour

 # Opt-out of statistics, replace with "True" to opt out
 DISABLE_STATISTICS=True

 ###################################
 # Optional features
 ###################################

 # Expose the admin interface (value: true, false)
 ADMIN=true

 # Choose which webmail to run if any (values: roundcube, rainloop, none)
 WEBMAIL=none

 # Dav server implementation (value: radicale, none)
 WEBDAV=none

 # Antivirus solution (value: clamav, none)
 ANTIVIRUS=none

 ###################################
 # Mail settings
 ###################################

 # Message size limit in bytes
 # Default: accept messages up to 50MB
 MESSAGE_SIZE_LIMIT=50000000

 # Networks granted relay permissions, make sure that you include your Docker
 # internal network (default to 172.17.0.0/16)
 RELAYNETS=172.16.0.0/12

 # Will relay all outgoing mails if configured
 RELAYHOST=

 # Fetchmail delay
 FETCHMAIL_DELAY=600

 # Recipient delimiter, character used to delimiter localpart from custom address part
 # e.g. localpart+custom@domain;tld
 RECIPIENT_DELIMITER=-

 # DMARC rua and ruf email
 DMARC_RUA=admin
 DMARC_RUF=admin

 # Weclome email, enable and set a topic and body if you wish to send welcome
 # emails to all users.
 WELCOME=false
 WELCOME_SUBJECT=Welcome to your new email account
 WELCOME_BODY=Welcome to your new email account. If you can read this, then it is configured properly!

 ###################################
 # Web settings
 ###################################

 # Path to the admin interface if enabled
 WEB_ADMIN=/admin

 # Path to the webmail if enabled
 WEB_WEBMAIL=/webmail

 # Website name
 SITENAME=Mail

 # Linked Website URL
 WEBSITE=https://{{ mail_server_hostname }}

 ###################################
 # Advanced settings
 ###################################

 # Docker-compose project name, this will prepended to containers names.
 COMPOSE_PROJECT_NAME=mail_server

 # Default password scheme used for newly created accounts and changed passwords
 # (value: SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
 PASSWORD_SCHEME=SHA512-CRYPT
--- a/roles/web_server/tasks/main.yml
+++ b/roles/web_server/tasks/main.yml
@ -35,6 +35,10 @@
            - /etc/nginx/vhost.d:/etc/nginx/vhost.d
            - /etc/nginx/htpasswd:/etc/nginx/htpasswd:ro
            - /usr/share/nginx/html:/usr/share/nginx/html
          networks:
            default:
              aliases:
                - front  # For mailu.
        nginx-docker-gen:
          image: jwilder/docker-gen
          restart: always
--- a/site.yml
+++ b/site.yml
@ -40,6 +40,8 @@
 - hosts: apps.torsion.org
  vars_files:
    - group_vars/vault.yml
  vars:
    admin_email: webmaster@torsion.org
  roles:
    - common
    - role: backup_docker
@ -48,18 +50,22 @@
      backup_ssh_key_file: apps-root
      backup_known_hosts_key_file: rsync-net
      backup_encryption_passphrase: "{{ backup_encryption_passphrase_apps }}"
    - role: mail_server_docker
      mail_server_hostname: mail2.torsion.org
      mail_server_secret_key: "{{ mail_server_secret_key_apps }}"
      mail_server_public_hostnames:
        - torsion.org
        - luminotes.com
        - coderific.com
      mail_server_mailu_version: 1.5.1
    - role: calendar_server
      calendar_server_hostname: calendar.torsion.org
      admin_email: webmaster@torsion.org
    - role: mediagoblin
      mediagoblin_from_email: media@torsion.org
      mediagoblin_hostname: media.torsion.org
      mediagoblin_email_host: mail.torsion.org
      mediagoblin_email_port: 465
      admin_email: webmaster@torsion.org
    - role: gitea
      gitea_hostname: projects.torsion.org
      admin_email: webmaster@torsion.org
    - role: container_dashboard
      container_dashboard_hostname: apps.torsion.org
      admin_email: webmaster@torsion.org