vps/roles/mailserver/tasks/update.yml

- name: "Create {{ project_dir }} project directory"
  file:
    path: "{{ project_dir }}"
    state: directory

- name: Template configuration files to project directory
  template:
    src: "{{ item.src }}"
    dest: "{{ project_dir }}/{{ item.path }}"
    owner: "{{ host_uid }}"
    group: "{{ users['mailserver'] + uid_shift }}"
    mode: '640'
  with_filetree: ../templates/
  when: item.state == 'file'
  become: true

- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
  file:
    path: "{{ volumes['mailserver_datadir'] }}"
    state: directory
    owner: "{{ users['mailserver'] + uid_shift }}"
    group: "{{ users['mailserver'] + uid_shift }}"
    mode: '700'
  become: true

- name: Set limited permissions on certificate directories
  file:
    path: "/etc/{{ item }}"
    state: directory
    owner: root
    group: root
    mode: '751'
  become: true
  loop:
    - letsencrypt
    - letsencrypt/live
    - letsencrypt/archive

- name: Set limited permissions on certificate directories
  file:
    path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
    state: directory
    owner: root
    group: "{{ host_uid }}"
    mode: '550'
  become: true
  loop:
    - live
    - archive

- name: Set limited permissions on certificate key file
  file:
    path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
    owner: root
    group: "{{ host_uid }}"
    mode: '640'
  become: true

- name: Pull project services
  community.docker.docker_compose:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
    debug: true
  when: docker_pull_images | bool
  register: mailserver_docker_compose_pull_result

- name: Display pulled image(s) name
  set_fact:
    mailserver_pulled_images: "{{ mailserver_pulled_images | default([]) + [item.pulled_image.name] }}"
  loop: "{{ mailserver_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

- name: Include backup tasks
  include_tasks:
    file: backup.yml
  # Make a backup if we didn't already make one and we pulled a new image
  when: not run_backup and mailserver_pulled_images is defined

- name: Create/Restart project services
  community.docker.docker_compose:
    project_src: "{{ project_dir }}"
    restarted: true
Replace docker_projects_dir by project_dir variable. 2024-03-30 11:58:59 +01:00			`- name: "Create {{ project_dir }} project directory"`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`file:`
Replace docker_projects_dir by project_dir variable. 2024-03-30 11:58:59 +01:00			`path: "{{ project_dir }}"`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`state: directory`

Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`- name: Template configuration files to project directory`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`template:`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`src: "{{ item.src }}"`
			`dest: "{{ project_dir }}/{{ item.path }}"`
Replace occurences of ansible_env['USER'] by host_uid. 2024-03-16 18:52:25 +01:00			`owner: "{{ host_uid }}"`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`group: "{{ users['mailserver'] + uid_shift }}"`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`mode: '640'`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`with_filetree: ../templates/`
			`when: item.state == 'file'`
			`become: true`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`file:`
			`path: "{{ volumes['mailserver_datadir'] }}"`
			`state: directory`
			`owner: "{{ users['mailserver'] + uid_shift }}"`
			`group: "{{ users['mailserver'] + uid_shift }}"`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`mode: '700'`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`become: true`

			`- name: Set limited permissions on certificate directories`
			`file:`
			`path: "/etc/{{ item }}"`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: '751'`
			`become: true`
			`loop:`
			`- letsencrypt`
			`- letsencrypt/live`
			`- letsencrypt/archive`

			`- name: Set limited permissions on certificate directories`
			`file:`
			`path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"`
			`state: directory`
			`owner: root`
			`group: "{{ host_uid }}"`
			`mode: '550'`
			`become: true`
			`loop:`
			`- live`
			`- archive`

			`- name: Set limited permissions on certificate key file`
			`file:`
			`path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"`
			`owner: root`
			`group: "{{ host_uid }}"`
			`mode: '640'`
			`become: true`

			`- name: Pull project services`
			`community.docker.docker_compose:`
Replace docker_projects_dir by project_dir variable. 2024-03-30 11:58:59 +01:00			`project_src: "{{ project_dir }}"`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`recreate: never`
			`pull: true`
			`debug: true`
			`when: docker_pull_images \| bool`
			`register: mailserver_docker_compose_pull_result`

			`- name: Display pulled image(s) name`
			`set_fact:`
			`mailserver_pulled_images: "{{ mailserver_pulled_images \| default([]) + [item.pulled_image.name] }}"`
			`loop: "{{ mailserver_docker_compose_pull_result['actions'] \| default([]) \| selectattr('pulled_image', 'defined') }}"`

			`- name: Include backup tasks`
			`include_tasks:`
			`file: backup.yml`
			`# Make a backup if we didn't already make one and we pulled a new image`
			`when: not run_backup and mailserver_pulled_images is defined`

			`- name: Create/Restart project services`
			`community.docker.docker_compose:`
Replace docker_projects_dir by project_dir variable. 2024-03-30 11:58:59 +01:00			`project_src: "{{ project_dir }}"`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`restarted: true`