forksand
/
forksand-it-manual
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '252a2ccad4'
${ noResults }
forksand-it-manual/source/resources/apps/ansible-debian-mail/README.md

108 lines
4.8 KiB
Raw Blame History

# Forksand Bootstrap Postfix
This Ansible playbook was written to set up a mail server on Debian systems.
## Table of contents
1. [Requirements](#requirements)
2. [Quick Start](#quick-start)
* [Project Configuration](#project-configuration)
* [Playbook Execution](#playbook-execution)
3. [Project Structure](#project-structure)
* [File and Directory Descriptions](#file-and-directory-descriptions)
* [Role Descriptions](#role-descriptions)
4. [Ansible Logging](#ansible-logging)
5. [Troubleshooting](#troubleshooting)
## Requirements
The following applications are required to utilize this playbook. Ansible can be installed using Python PIP.
* Ansible 2.4.x+
* Python 2.7.9+
## Quick Start
The follow steps will help quickly set up and execute this playbook.
### Project Configuration
The following files need to be edited and configured before executing this playbook.
| File | Description |
| -- | -- |
| groups_vars/all.yml | Server credential information and domain variables |
| inventory.yml | List of server IPs to connect to |
### Playbook Execution
After having configured the server credentials and added the server IP to the inventory, use the following command to execute the playbook.
`ansible-playbook -i inventory.yml site.yml`
## Project Structure
The following tree depicts the high level structure of this Ansible project.
```bash
├── ansible.cfg
├── group_vars
│   └── all.yml
├── inventory.yml
├── LICENSE.AGPLv3
├── LICENSE.GPLv3
├── README.md
├── roles
│   ├── dkim_configuration
│   ├── dovecot_configuration
│   ├── fail2ban_configuration
│   ├── letsencrypt_configuration
│   ├── mikegleasonjr.firewall
│   ├── outputs
│   ├── postfix_configuration
│   ├── server_tasks
│   ├── spamassassin_configuration
│   └── sqlgrey_configuration
├── playbook_execution.log
└── site.yml
```
### File and Directory Descriptions
The following table consists of a description of what each file and directory stands for.
| Name | Description |
| -- | -- |
| site.yml | Master playbook. Executes all roles in sequential order |
| inventory.yml | Inventory file containing server IP addresses |
| ansible.cfg | Ansible configuration file for various Ansible options. |
| group_vars/ | Group_vars directory contains variable files for the entire group. The files are named according to the group name. 'all.yml' = group 'all' |
| group_vars/all.yml | Group variables for the 'all' group. Contains server connection information along with domain variables |
| roles/ | Directory containing all roles needed by this project |
### Role descriptions
The following table consists of descriptions of each role and their purpose. The roles listed below are listed in the required order of execution to ensure successful completion of the playbook.
| Role Name | Role Description | Depends on |
| -- | -- | --|
| server_tasks | This roles performs all server tasks. Updating server, configuring SSH, disable IPv6, etc. Depends on the mikegleasonjr.firewall role. | mikebleasonjr.firewall |
| mikegleasonjr.firewall | This role set up iptables rules. It is called and ran by the server_tasks roles. | None |
| letsencrypt_configuration | This role installs and executes let's encrypt | None |
| postfix_configuration | This roles installs postfix, configures postfix using postconf, and sets up virtual file, master.cf file, and aliases file | letsencrypt_configuration |
| dkim_configuration | This roles installs OpenDKIM, OpenDMARC and configures them. | None |
| dovecot_configuration | This role installs and configures dovecot | letsencrypt_configuration |
| spamassassin_configuration | This role installs spamassassin. | None |
| sqlgrey_configuration| This role installs sqlgrey. | None |
| fail2ban_configuration | This role installs fail2ban. | None |
| outputs | This role gathers DNS information for the SPF, DMARC, and DKIM records and outputs them to the screen. | None |
## Ansible Logging
Ansible playbook executions are automatically logged to a file called `playbook-execution.log` in the root directory of the project. The path to this log file can be changed by editing `ansible.cfg` in the project root directory and specifying a different path.
## Troubleshooting
Ansible has a built in debug output. Simple run Ansible with a `-v`. There are 5 levels of debug output and they are denoted by the number of v's listed. Each level up provide more debug output than the level before it.
Level 1: `-v`
Level 2: `-vv`
Level 3: `-vvv`
Level 4: `-vvvv`
Level 5: `-vvvvv`
Example execution with level 3 debug output: `ansible-playbook -i inventory.yml site.yml -vvv`
Reference in new issue View Git Blame Copy Permalink