Ansible playbook to configure the @espinoza.dev mail server. This must be applied to the machine generated by fdns/terraform-mail (Generic aws spot instance)
As the server has a very low usage, it can be hosted on a small machine (~512mb RAM), and messages should be retreived and deleted from an external service.
All variables are defined in the default folder of their respective role, and are encrypted using ansible-vault.
This playbook contains the following roles:
- docker: Setup docker and docker-compose in the machine
- ssh-keys: Add personal ssh keys to access the server
- mail: Configure a docker instance with a postfix instance
The most complex role is mail, which does the following:
- Copy files and keys
- DKDIM
- Accounts + password
- Virtual Hosts
- Generate a certificate for the service, by using Let's Encrypt and a nginx server.
- Start the Postfix container