diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d204d7b..e678130 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the codebase - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Set up Python 3 uses: actions/setup-python@v4 @@ -44,19 +44,15 @@ jobs: fail-fast: false matrix: include: - - distro: debian10 - ansible-version: '>=9, <10' - distro: debian11 - distro: debian12 - - distro: ubuntu1804 - ansible-version: '>=9, <10' - - distro: ubuntu2004 + - distro: debian13 - distro: ubuntu2204 - distro: ubuntu2404 steps: - name: Check out the codebase - uses: actions/checkout@v3 + uses: actions/checkout@v5 with: path: "${{ github.repository }}" diff --git a/README.md b/README.md index 23857c3..5ccce28 100644 --- a/README.md +++ b/README.md @@ -41,9 +41,10 @@ None * `postfix_smtp_ipv4_bind` [optional]: Outbound network interfaces to use (IPv4) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address)) * `postfix_smtp_ipv6_bind` [optional]: Outbound network interfaces to use (IPv6) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address6)) - * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to - * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhost - * `postfix_relayhost_port` [default: 587]: Relay port (on `postfix_relayhost`, if set) + * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to. **Deprecated**, use `postfix_relayhosts`. + * `postfix_relayhosts` [default: `[]` (no relay host)]: List of hostnames to relay all email to + * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhosts + * `postfix_relayhost_port` [default: 587]: Relay port (on all hosts in `postfix_relayhosts`, if set) * `postfix_relaytls` [default: `false`]: Use TLS when sending with a relay host * `postfix_smtpd_client_restrictions` [optional]: List of client restrictions ([see](http://www.postfix.org/postconf.5.html#smtpd_client_restrictions)) @@ -149,7 +150,7 @@ Provide the relay host name if you want to enable relaying: postfix_aliases: - user: root alias: you@yourdomain.org - postfix_relayhost: mail.yourdomain.org + postfix_relayhosts: [mail.yourdomain.org] ``` Provide the relay domain name and use MX records if you want to enable relaying to DNS MX records of a domain: @@ -163,7 +164,7 @@ Provide the relay domain name and use MX records if you want to enable relaying postfix_aliases: - user: root alias: you@yourdomain.org - postfix_relayhost: yourdomain.org + postfix_relayhosts: [yourdomain.org] postfix_relayhost_mxlookup: true ``` @@ -214,7 +215,7 @@ For AWS SES support: postfix_aliases: - user: root alias: sesverified@yourdomain.org - postfix_relayhost: email-smtp.us-east-1.amazonaws.com + postfix_relayhost: [email-smtp.us-east-1.amazonaws.com] postfix_relaytls: true # AWS IAM SES credentials (not access key): postfix_sasl_user: AKIXXXXXXXXXXXXXXXXX @@ -232,7 +233,7 @@ For MailHog support: postfix_aliases: - user: root alias: you@yourdomain.org - postfix_relayhost: "{{ ansible_lo['ipv4']['address'] }}" + postfix_relayhost: ["{{ ansible_lo['ipv4']['address'] }}"] postfix_relayhost_port: 1025 postfix_sasl_auth_enable: false ``` @@ -248,7 +249,7 @@ For Gmail support: postfix_aliases: - user: root alias: you@yourdomain.org - postfix_relayhost: smtp.gmail.com + postfix_relayhost: [smtp.gmail.com] postfix_relaytls: true postfix_smtp_tls_cafile: /etc/ssl/certs/ca-certificates.crt postfix_sasl_user: 'foo' diff --git a/defaults/main.yml b/defaults/main.yml index 7ff626f..ea69103 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -27,7 +27,7 @@ postfix_generic: "{{ postfix_smtp_generic_maps }}" postfix_smtp_generic_maps: [] postfix_smtp_generic_maps_database_type: "{{ postfix_default_database_type }}" -postfix_relayhost: '' +postfix_relayhosts: [] postfix_relayhost_mxlookup: false postfix_relayhost_port: 587 postfix_relaytls: false diff --git a/tasks/main.yml b/tasks/main.yml index a3885e9..99555f4 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -8,6 +8,16 @@ - postfix - postfix-facts +- name: support deprecated postfix_relayhost + ansible.builtin.set_fact: + postfix_relayhosts: ["{{ postfix_relayhost }}"] + when: + - postfix_relayhosts | length == 0 and postfix_relayhost is defined + tags: + - configuration + - postfix + - postfix-facts + - name: configure debconf ansible.builtin.debconf: name: "{{ item.name }}" @@ -65,7 +75,7 @@ group: root mode: '0600' when: - - postfix_relayhost | length > 0 + - postfix_relayhosts | length > 0 - postfix_sasl_auth_enable | bool no_log: "{{ not ansible_check_mode }}" notify: diff --git a/templates/etc/postfix/main.cf.j2 b/templates/etc/postfix/main.cf.j2 index d000fae..b40c77d 100644 --- a/templates/etc/postfix/main.cf.j2 +++ b/templates/etc/postfix/main.cf.j2 @@ -100,11 +100,11 @@ inet_protocols = {{ postfix_inet_protocols }} inet_protocols = {{ postfix_inet_protocols | join(', ') }} {% endif %} -{% if postfix_relayhost %} +{% if postfix_relayhosts %} {% if postfix_relayhost_mxlookup %} -relayhost = {{ postfix_relayhost }}:{{ postfix_relayhost_port }} +relayhost = {% for host in postfix_relayhosts %}{{ host }}:{{ postfix_relayhost_port }}{{ ", " if not loop.last else "" }}{% endfor %} {% else %} -relayhost = [{{ postfix_relayhost }}]:{{ postfix_relayhost_port }} +relayhost = {% for host in postfix_relayhosts %}[{{ host }}]:{{ postfix_relayhost_port }}{{ ", " if not loop.last else "" }}{% endfor %} {% endif %} {% if postfix_sasl_auth_enable %} smtp_sasl_auth_enable = {{ postfix_sasl_auth_enable | bool | ternary('yes', 'no') }}