Ansible role for postfix with sender depended relay and sasl authentication
Requirements
None
Role Variables
postfix_relay_configs_template
: List of configuration template.
Role Variables
Variable | Description | Default |
---|---|---|
postfix_relay_configs |
Extra configs of main.cf | {} |
postfix_relay_maps |
Maps of {sender, relayhost, username, password, enable_password_conversion_for_ses} |
[] |
postfix_relay_maps[].sender |
sender | |
postfix_relay_maps[].relayhost |
relayhost | |
postfix_relay_maps[].username |
sasl username | |
postfix_relay_maps[].password |
sasl password | |
postfix_relay_maps[].enable_password_conversion_for_ses |
If this is yes , then your normal aws credentials will be converted to ses smtp credentioals. For details, see here |
no |
postfix_relay_sender_dependent_relayhost_maps |
Maps of relayhost for each sender | {} |
postfix_relay_smtp_sasl_password_maps |
Maps of USERNAME:PASSWORD for each relayhost or sender |
{} |
Dependencies
Postfix
Example Playbook
AmazonSES (credentials is normal aws credentials, not smtp credentials)
This is simple playbook for AmazonSES.
- hosts: servers
roles:
- role: kawaz.postfix-relay
postfix_relay_maps:
- sender: '@example.com'
relayhost: '[email-smtp.us-east-1.amazonaws.com]:587'
username: 'AKIAIOSFODNN7EXAMPLE'
password: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
enable_password_conversion_for_ses: yes
If your credentials is created by management console, you don't need enable_password_conversion_for_ses: yes
.
Multiple identities
This is example for combined multiple identities of AmazonSES and gmail account.
- hosts: servers
roles:
- role: kawaz.postfix-relay
postfix_relay_sender_dependent_relayhost_maps:
'@example.com': '[email-smtp.us-east-1.amazonaws.com]:587'
'@example.org': '[email-smtp.us-east-1.amazonaws.com]:587'
'@example.net': '[email-smtp.us-east-1.amazonaws.com]:587'
'@example.info': '[email-smtp.us-east-1.amazonaws.com]:587'
'user@google.com': '[smtp-relay.gmail.com]:587'
'@intra.local': '[10.0.0.25]:25'
postfix_relay_smtp_sasl_password_maps:
'@example.com': 'AWS_ACCESS_KEY1:AWS_ACCESS_SECRET1'
'@example.org': 'AWS_ACCESS_KEY2:AWS_ACCESS_SECRET2'
'[email-smtp.us-east-1.amazonaws.com]:587': 'AWS_ACCESS_KEY3:AWS_ACCESS_SECRET3'
'user@google.com': 'user@google.com:PASSWORD'
postfix_relay_maps:
- sender: '@example.jp'
relayhost: '[smtp-relay.gmail.com]:587'
- sender: 'foo@example.jp'
username: 'foo@example.jp'
password: 'FOOPASSWORD'
- sender: 'bar@example.jp'
username: 'bar@example.jp'
password: 'BARPASSWORD'
License
MIT
Author Information
Yoshiaki Kawazu