Add support for multiple relayhosts

.github/workflows/ci.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
 
       - name: Set up Python 3
         uses: actions/setup-python@v4
@@ -44,19 +44,15 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - distro: debian10
-            ansible-version: '>=9, <10'
           - distro: debian11
           - distro: debian12
-          - distro: ubuntu1804
-            ansible-version: '>=9, <10'
-          - distro: ubuntu2004
+          - distro: debian13
           - distro: ubuntu2204
           - distro: ubuntu2404
 
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
         with:
           path: "${{ github.repository }}"
 

README.md

@@ -41,9 +41,10 @@ None
  * `postfix_smtp_ipv4_bind` [optional]: Outbound network interfaces to use (IPv4) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address))
  * `postfix_smtp_ipv6_bind` [optional]: Outbound network interfaces to use (IPv6) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address6))
 
- * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to
- * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhost
- * `postfix_relayhost_port` [default: 587]: Relay port (on `postfix_relayhost`, if set)
+ * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to. **Deprecated**, use `postfix_relayhosts`.
+ * `postfix_relayhosts` [default: `[]` (no relay host)]: List of hostnames to relay all email to
+ * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhosts
+ * `postfix_relayhost_port` [default: 587]: Relay port (on all hosts in `postfix_relayhosts`, if set)
  * `postfix_relaytls` [default: `false`]: Use TLS when sending with a relay host
 
  * `postfix_smtpd_client_restrictions` [optional]: List of client restrictions ([see](http://www.postfix.org/postconf.5.html#smtpd_client_restrictions))
@@ -149,7 +150,7 @@ Provide the relay host name if you want to enable relaying:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: mail.yourdomain.org
+    postfix_relayhosts: [mail.yourdomain.org]
 ```
 
 Provide the relay domain name and use MX records if you want to enable relaying to DNS MX records of a domain:
@@ -163,7 +164,7 @@ Provide the relay domain name and use MX records if you want to enable relaying
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: yourdomain.org
+    postfix_relayhosts: [yourdomain.org]
     postfix_relayhost_mxlookup: true
 ```
 
@@ -214,7 +215,7 @@ For AWS SES support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: email-smtp.us-east-1.amazonaws.com
+    postfix_relayhost: [email-smtp.us-east-1.amazonaws.com]
     postfix_relaytls: true
     # AWS IAM SES credentials (not access key):
     postfix_sasl_user: AKIXXXXXXXXXXXXXXXXX
@@ -232,7 +233,7 @@ For MailHog support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: "{{ ansible_lo['ipv4']['address'] }}"
+    postfix_relayhost: ["{{ ansible_lo['ipv4']['address'] }}"]
     postfix_relayhost_port: 1025
     postfix_sasl_auth_enable: false
 ```
@@ -248,7 +249,7 @@ For Gmail support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: smtp.gmail.com
+    postfix_relayhost: [smtp.gmail.com]
     postfix_relaytls: true
     postfix_smtp_tls_cafile: /etc/ssl/certs/ca-certificates.crt
     postfix_sasl_user: 'foo'

defaults/main.yml

@@ -27,7 +27,7 @@ postfix_generic: "{{ postfix_smtp_generic_maps }}"
 postfix_smtp_generic_maps: []
 postfix_smtp_generic_maps_database_type: "{{ postfix_default_database_type }}"
 
-postfix_relayhost: ''
+postfix_relayhosts: []
 postfix_relayhost_mxlookup: false
 postfix_relayhost_port: 587
 postfix_relaytls: false

tasks/main.yml

@@ -8,6 +8,16 @@
     - postfix
     - postfix-facts
 
+- name: support deprecated postfix_relayhost
+  ansible.builtin.set_fact:
+    postfix_relayhosts: ["{{ postfix_relayhost }}"]
+  when:
+    - postfix_relayhosts | length == 0 and postfix_relayhost is defined
+  tags:
+    - configuration
+    - postfix
+    - postfix-facts
+
 - name: configure debconf
   ansible.builtin.debconf:
     name: "{{ item.name }}"
@@ -65,7 +75,7 @@
     group: root
     mode: '0600'
   when:
-    - postfix_relayhost | length > 0
+    - postfix_relayhosts | length > 0
     - postfix_sasl_auth_enable | bool
   no_log: "{{ not ansible_check_mode }}"
   notify:

templates/etc/postfix/main.cf.j2

@@ -100,11 +100,11 @@ inet_protocols = {{ postfix_inet_protocols }}
 inet_protocols = {{ postfix_inet_protocols | join(', ') }}
 {% endif %}
 
-{% if postfix_relayhost %}
+{% if postfix_relayhosts %}
 {% if postfix_relayhost_mxlookup %}
-relayhost = {{ postfix_relayhost }}:{{ postfix_relayhost_port }}
+relayhost = {% for host in postfix_relayhosts %}{{ host }}:{{ postfix_relayhost_port }}{{ ", " if not loop.last else "" }}{% endfor %}
 {% else %}
-relayhost = [{{ postfix_relayhost }}]:{{ postfix_relayhost_port }}
+relayhost = {% for host in postfix_relayhosts %}[{{ host }}]:{{ postfix_relayhost_port }}{{ ", " if not loop.last else "" }}{% endfor %}
 {% endif %}
 {% if postfix_sasl_auth_enable %}
 smtp_sasl_auth_enable = {{ postfix_sasl_auth_enable | bool | ternary('yes', 'no') }}