Jeff Moe
51e428be6d
|
7 years ago | |
---|---|---|
.. | ||
group_vars | 7 years ago | |
roles | 7 years ago | |
.gitignore | 7 years ago | |
LICENSE.AGPLv3 | 7 years ago | |
LICENSE.GPLv3 | 7 years ago | |
README.md | 7 years ago | |
ansible.cfg | 7 years ago | |
inventory.yml | 7 years ago | |
site.yml | 7 years ago |
README.md
Forksand Bootstrap Postfix
This Ansible playbook was written to set up a mail server on Debian systems.
Table of contents
Requirements
The following applications are required to utilize this playbook. Ansible can be installed using Python PIP.
- Ansible 2.4.x+
- Python 2.7.9+
Quick Start
The follow steps will help quickly set up and execute this playbook.
Project Configuration
The following files need to be edited and configured before executing this playbook.
File | Description |
---|---|
groups_vars/all.yml | Server credential information and domain variables |
inventory.yml | List of server IPs to connect to |
Playbook Execution
After having configured the server credentials and added the server IP to the inventory, use the following command to execute the playbook.
ansible-playbook -i inventory.yml site.yml
Project Structure
The following tree depicts the high level structure of this Ansible project.
├── ansible.cfg
├── group_vars
│ └── all.yml
├── inventory.yml
├── LICENSE.AGPLv3
├── LICENSE.GPLv3
├── README.md
├── roles
│ ├── dkim_configuration
│ ├── dovecot_configuration
│ ├── fail2ban_configuration
│ ├── letsencrypt_configuration
│ ├── mikegleasonjr.firewall
│ ├── outputs
│ ├── postfix_configuration
│ ├── server_tasks
│ ├── spamassassin_configuration
│ └── sqlgrey_configuration
├── playbook_execution.log
└── site.yml
File and Directory Descriptions
The following table consists of a description of what each file and directory stands for.
Name | Description |
---|---|
site.yml | Master playbook. Executes all roles in sequential order |
inventory.yml | Inventory file containing server IP addresses |
ansible.cfg | Ansible configuration file for various Ansible options. |
group_vars/ | Group_vars directory contains variable files for the entire group. The files are named according to the group name. 'all.yml' = group 'all' |
group_vars/all.yml | Group variables for the 'all' group. Contains server connection information along with domain variables |
roles/ | Directory containing all roles needed by this project |
Role descriptions
The following table consists of descriptions of each role and their purpose. The roles listed below are listed in the required order of execution to ensure successful completion of the playbook.
Role Name | Role Description | Depends on |
---|---|---|
server_tasks | This roles performs all server tasks. Updating server, configuring SSH, disable IPv6, etc. Depends on the mikegleasonjr.firewall role. | mikebleasonjr.firewall |
mikegleasonjr.firewall | This role set up iptables rules. It is called and ran by the server_tasks roles. | None |
letsencrypt_configuration | This role installs and executes let's encrypt | None |
postfix_configuration | This roles installs postfix, configures postfix using postconf, and sets up virtual file, master.cf file, and aliases file | letsencrypt_configuration |
dkim_configuration | This roles installs OpenDKIM, OpenDMARC and configures them. | None |
dovecot_configuration | This role installs and configures dovecot | letsencrypt_configuration |
spamassassin_configuration | This role installs spamassassin. | None |
sqlgrey_configuration | This role installs sqlgrey. | None |
fail2ban_configuration | This role installs fail2ban. | None |
outputs | This role gathers DNS information for the SPF, DMARC, and DKIM records and outputs them to the screen. | None |
Ansible Logging
Ansible playbook executions are automatically logged to a file called playbook-execution.log
in the root directory of the project. The path to this log file can be changed by editing ansible.cfg
in the project root directory and specifying a different path.
Troubleshooting
Ansible has a built in debug output. Simple run Ansible with a -v
. There are 5 levels of debug output and they are denoted by the number of v's listed. Each level up provide more debug output than the level before it.
Level 1: -v
Level 2: -vv
Level 3: -vvv
Level 4: -vvvv
Level 5: -vvvvv
Example execution with level 3 debug output: ansible-playbook -i inventory.yml site.yml -vvv