Add support for multiple relayhosts

.github/workflows/ci.yml

@@ -15,12 +15,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
 
       - name: Set up Python 3
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v6
         with:
-          python-version: '3.x'
+          python-version: '3 - 3.13'
 
       - name: Install test dependencies
         run: |
@@ -44,30 +44,30 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - distro: debian10
-            ansible-version: '>=9, <10'
           - distro: debian11
           - distro: debian12
           - distro: ubuntu1804
             ansible-version: '>=9, <10'
           - distro: ubuntu2004
+            ansible-version: '>=12, <13'
           - distro: ubuntu2204
           - distro: ubuntu2404
 
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
         with:
           path: "${{ github.repository }}"
 
       - name: Set up Python 3
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v6
         with:
-          python-version: '3.x'
+          python-version: '3 - 3.13'
 
       - name: Install test dependencies
         run: |
           pip install 'ansible${{ matrix.ansible-version }}' molecule-plugins[docker] docker
+
       - name: Run Molecule tests
         run: |
           molecule test

.github/workflows/release.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
 
       - name: Publish to Galaxy
         uses: robertdebock/[email protected]

README.md

@@ -41,9 +41,10 @@ None
  * `postfix_smtp_ipv4_bind` [optional]: Outbound network interfaces to use (IPv4) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address))
  * `postfix_smtp_ipv6_bind` [optional]: Outbound network interfaces to use (IPv6) ([see](http://www.postfix.org/postconf.5.html#smtp_bind_address6))
 
- * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to
- * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhost
- * `postfix_relayhost_port` [default: 587]: Relay port (on `postfix_relayhost`, if set)
+ * `postfix_relayhost` [default: `''` (no relay host)]: Hostname to relay all email to. **Deprecated**, use `postfix_relayhosts`.
+ * `postfix_relayhosts` [default: `[]` (no relay host)]: List of hostnames to relay all email to (setting multiple hosts only works in **postfix 3.5 and later**)
+ * `postfix_relayhost_mxlookup` [default: `false` (not using mx lookup)]: Lookup for MX record instead of A record for relayhosts
+ * `postfix_relayhost_port` [default: `587`]: Relay port (on all hosts in `postfix_relayhosts`)
  * `postfix_relaytls` [default: `false`]: Use TLS when sending with a relay host
 
  * `postfix_smtpd_client_restrictions` [optional]: List of client restrictions ([see](http://www.postfix.org/postconf.5.html#smtpd_client_restrictions))
@@ -149,7 +150,7 @@ Provide the relay host name if you want to enable relaying:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: mail.yourdomain.org
+    postfix_relayhosts: [mail.yourdomain.org]
 ```
 
 Provide the relay domain name and use MX records if you want to enable relaying to DNS MX records of a domain:
@@ -163,7 +164,7 @@ Provide the relay domain name and use MX records if you want to enable relaying
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: yourdomain.org
+    postfix_relayhosts: [yourdomain.org]
     postfix_relayhost_mxlookup: true
 ```
 
@@ -214,7 +215,7 @@ For AWS SES support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: email-smtp.us-east-1.amazonaws.com
+    postfix_relayhost: [email-smtp.us-east-1.amazonaws.com]
     postfix_relaytls: true
     # AWS IAM SES credentials (not access key):
     postfix_sasl_user: AKIXXXXXXXXXXXXXXXXX
@@ -232,7 +233,7 @@ For MailHog support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: "{{ ansible_lo['ipv4']['address'] }}"
+    postfix_relayhost: ["{{ ansible_lo['ipv4']['address'] }}"]
     postfix_relayhost_port: 1025
     postfix_sasl_auth_enable: false
 ```
@@ -248,7 +249,7 @@ For Gmail support:
     postfix_aliases:
       - user: root
         alias: [email protected]
-    postfix_relayhost: smtp.gmail.com
+    postfix_relayhost: [smtp.gmail.com]
     postfix_relaytls: true
     postfix_smtp_tls_cafile: /etc/ssl/certs/ca-certificates.crt
     postfix_sasl_user: 'foo'

Vagrantfile

@@ -32,13 +32,6 @@ boxes = [
     :cpu => "50",
     :ram => "512"
   },
-  {
-    :name => "debian-10",
-    :box => "bento/debian-10",
-    :ip => '10.0.0.18',
-    :cpu => "50",
-    :ram => "256"
-  },
   {
     :name => "debian-11",
     :box => "bento/debian-11",

defaults/main.yml

@@ -27,7 +27,7 @@ postfix_generic: "{{ postfix_smtp_generic_maps }}"
 postfix_smtp_generic_maps: []
 postfix_smtp_generic_maps_database_type: "{{ postfix_default_database_type }}"
 
-postfix_relayhost: ''
+postfix_relayhosts: []
 postfix_relayhost_mxlookup: false
 postfix_relayhost_port: 587
 postfix_relaytls: false

meta/main.yml

@@ -16,7 +16,6 @@ galaxy_info:
         - noble
     - name: Debian
       versions:
-        - buster
         - bullseye
         - bookworm
   galaxy_tags:

tasks/main.yml

@@ -1,12 +1,21 @@
 # tasks file
 ---
 - name: facts | set
-  ansible.builtin.set_fact:
-    is_docker_guest: "{{ ansible_virtualization_role | default('host') == 'guest' and ansible_virtualization_type | default('none') == 'docker' }}"
   tags:
     - configuration
     - postfix
     - postfix-facts
+  block:
+    - name: facts | set | is_docker_guest
+      ansible.builtin.set_fact:
+        is_docker_guest: "{{ ansible_virtualization_role | default('host') == 'guest' and ansible_virtualization_type | default('none') == 'docker' }}"
+
+    - name: facts | set | postfix_relayhosts
+      ansible.builtin.set_fact:
+        postfix_relayhosts: ["{{ postfix_relayhost }}"]
+      when:
+        - postfix_relayhosts | length == 0
+        - postfix_relayhost is defined
 
 - name: configure debconf
   ansible.builtin.debconf:
@@ -65,7 +74,7 @@
     group: root
     mode: '0600'
   when:
-    - postfix_relayhost | length > 0
+    - postfix_relayhosts | length > 0
     - postfix_sasl_auth_enable | bool
   no_log: "{{ not ansible_check_mode }}"
   notify:

templates/etc/postfix/main.cf.j2

@@ -100,11 +100,11 @@ inet_protocols = {{ postfix_inet_protocols }}
 inet_protocols = {{ postfix_inet_protocols | join(', ') }}
 {% endif %}
 
-{% if postfix_relayhost %}
+{% if postfix_relayhosts %}
 {% if postfix_relayhost_mxlookup %}
-relayhost = {{ postfix_relayhost }}:{{ postfix_relayhost_port }}
+relayhost = {% for host in postfix_relayhosts %}{{ host }}:{{ postfix_relayhost_port }}{{ ', ' if not loop.last else '' }}{% endfor %}
 {% else %}
-relayhost = [{{ postfix_relayhost }}]:{{ postfix_relayhost_port }}
+relayhost = {% for host in postfix_relayhosts %}[{{ host }}]:{{ postfix_relayhost_port }}{{ ', ' if not loop.last else '' }}{% endfor %}
 {% endif %}
 {% if postfix_sasl_auth_enable %}
 smtp_sasl_auth_enable = {{ postfix_sasl_auth_enable | bool | ternary('yes', 'no') }}