60 lines
1.4 KiB
YAML
60 lines
1.4 KiB
YAML
- name: "(Re)Create {{ project_dir }} project directory"
|
|
file:
|
|
path: "{{ project_dir }}"
|
|
state: "{{ item }}"
|
|
loop:
|
|
- absent
|
|
- directory
|
|
|
|
- name: Template docker-compose.yaml to project directory
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ project_dir }}/{{ item }}"
|
|
owner: "{{ host_uid }}"
|
|
group: "{{ host_uid }}"
|
|
mode: '660'
|
|
loop:
|
|
- docker-compose.yaml
|
|
become: true
|
|
|
|
- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
|
|
file:
|
|
path: "{{ volumes['mailserver_datadir'] }}"
|
|
state: directory
|
|
owner: "{{ users['mailserver'] + uid_shift }}"
|
|
group: "{{ users['mailserver'] + uid_shift }}"
|
|
mode: '700'
|
|
become: true
|
|
|
|
- name: Set limited permissions on certificate directories
|
|
file:
|
|
path: "/etc/{{ item }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '751'
|
|
become: true
|
|
loop:
|
|
- letsencrypt
|
|
- letsencrypt/live
|
|
- letsencrypt/archive
|
|
|
|
- name: Set limited permissions on certificate directories
|
|
file:
|
|
path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
|
|
state: directory
|
|
owner: root
|
|
group: "{{ host_uid }}"
|
|
mode: '550'
|
|
become: true
|
|
loop:
|
|
- live
|
|
- archive
|
|
|
|
- name: Set limited permissions on certificate key file
|
|
file:
|
|
path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
|
|
owner: root
|
|
group: "{{ users['mailserver'] + uid_shift }}"
|
|
mode: '640'
|
|
become: true
|