Initial commit

roles/base-v2/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - role: update_cache
+

roles/base-v2/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: Install common tools
+  package:
+    name: "{{ item }}"
+  with_items:
+    - curl
+    - gnupg
+    - vim
+    - ca-certificates
+
+- name: Set the timezone to Stockholm
+  timezone:
+    name: Europe/Stockholm
+

roles/base/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: Install common tools
+  package:
+    name: "{{ item }}"
+  with_items:
+    - curl
+    - gnupg
+    - vim
+    - ca-certificates
+
+- name: Set the timezone to Stockholm
+  timezone:
+    name: Europe/Stockholm
+

roles/my_role/defaults/main.yml

@@ -0,0 +1 @@
+my_number: 10

roles/my_role/library/dummy.py

@@ -0,0 +1,35 @@
+#!/usr/bin/python
+from ansible.module_utils.basic import AnsibleModule
+
+def run_module():
+    # definiera argument till modulen
+    module_args = dict(
+        number=dict(type='int', required=True),
+        )
+
+    # skapa en dict för resultatet
+    result = dict(
+        changed=False,
+        number=0,
+        )
+
+    # inställningar för modulen
+    module = AnsibleModule(
+        argument_spec=module_args,
+        supports_check_mode=False
+        )
+
+    # logiken för modulen
+    result['number'] = module.params['number']
+    if result['number'] > 50:
+        result['changed']=True
+
+    # returnera resultatet som json
+    module.exit_json(**result)
+
+def main():
+    run_module()
+
+if __name__ == '__main__':
+    main()
+

roles/my_role/tasks/main.yml

@@ -0,0 +1,4 @@
+- name: Testa vår egna modul
+  dummy:
+    number: "{{ my_number }}"
+

roles/postfix-v2/defaults/main.yml

@@ -0,0 +1,7 @@
+mail_hostname: vm.nixnet.jke
+canonical_name: vm.nixnet.example.tld
+relay_host: email-smtp.eu-west-1.amazonaws.com
+relay_port: 465
+relay_user: 
+relay_password: 
+

roles/postfix-v2/files/aliases

@@ -0,0 +1,14 @@
+postmaster: root
+nobody: root
+hostmaster: root
+usenet: root
+news: root
+webmaster: root
+www: root
+ftp: root
+abuse: root
+noc: root
+security: root
+root: jake
+jake: vm-mail@cyberinfo.se
+

roles/postfix-v2/handlers/main.yml

@@ -0,0 +1,18 @@
+- name: Activate and restart Postfix
+  service:
+    name: postfix
+    enabled: yes
+    state: restarted
+
+- name: Generate SASL
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd
+
+- name: Generate aliases
+  command:
+    cmd: /usr/sbin/postalias /etc/aliases
+
+- name: Generate sender_canonical
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sender_canonical
+

roles/postfix-v2/tasks/main.yml

@@ -0,0 +1,43 @@
+- name: Check that a username and password is supplied
+  assert:
+    that:
+      - (relay_user is defined) and (relay_user is not none)
+      - (relay_password is defined) and 
+          (relay_password is not none)
+    fail_msg: "'relay_user' and 'relay_password' must be set"
+    success_msg: "username and password for relay is set"
+
+- name: Install Postfix and s-nail
+  package:
+    state: present
+    name: "{{ item }}"
+  with_items:
+    - postfix
+    - s-nail
+  notify: Activate and restart Postfix
+
+- name: Configure Postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main cf
+  notify: Activate and restart Postfix
+
+- name: Copy Postfix authentication
+  template:
+    src: sasl_passwd.j2
+    dest: /etc/postfix/sasl_passwd
+    mode: 0600
+  notify: Generate SASL
+
+- name: Copy alisases
+  copy:
+    src: aliases
+    dest: /etc/aliases
+  notify: Generate aliases
+
+- name: Copy sender_canonical
+  template:
+    src: sender_canonical.j2
+    dest: /etc/postfix/sender_canonical
+  notify: Generate sender_canonical
+

roles/postfix-v2/templates/main.cf.j2

@@ -0,0 +1,29 @@
+biff = no
+append_dot_mydomain = no
+compatibility_level = 2
+myhostname = {{ mail_hostname }}
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = {{ mail_hostname }}
+mydestination = $myhostname, {{ mail_hostname }}, localhost
+relayhost = [{{ relay_host }}]:{{ relay_port }}
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = localhost
+inet_protocols = all
+
+# enable SASL authentication
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_security_options = noanonymous
+smtp_sasl_tls_security_options = noanonymous
+
+# Enable STARTTLS encryption
+smtp_use_tls = yes
+smtp_tls_wrappermode = yes
+smtp_tls_security_level = encrypt
+
+# Setup sender canonical mapping
+sender_canonical_maps = hash:/etc/postfix/sender_canonical
+

roles/postfix-v2/templates/sasl_passwd.j2

@@ -0,0 +1,2 @@
+[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }}
+

roles/postfix-v2/templates/sender_canonical.j2

@@ -0,0 +1,3 @@
+root    root@{{ canonical_name }}
+jake    jake@{{ canonical_name }}
+

roles/postfix-v3/defaults/main.yml

@@ -0,0 +1,7 @@
+mail_hostname: vm.nixnet.jke
+canonical_name: vm.nixnet.example.tld
+relay_host: email-smtp.eu-west-1.amazonaws.com
+relay_port: 465
+relay_user: 
+relay_password: 
+

roles/postfix-v3/files/aliases

@@ -0,0 +1,14 @@
+postmaster: root
+nobody: root
+hostmaster: root
+usenet: root
+news: root
+webmaster: root
+www: root
+ftp: root
+abuse: root
+noc: root
+security: root
+root: jake
+jake: vm-mail@cyberinfo.se
+

roles/postfix-v3/handlers/main.yml

@@ -0,0 +1,18 @@
+- name: Activate and restart Postfix
+  service:
+    name: postfix
+    enabled: yes
+    state: restarted
+
+- name: Generate SASL
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd
+
+- name: Generate aliases
+  command:
+    cmd: /usr/sbin/postalias /etc/aliases
+
+- name: Generate sender_canonical
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sender_canonical
+

roles/postfix-v3/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - role: update_cache
+

roles/postfix-v3/tasks/main.yml

@@ -0,0 +1,43 @@
+- name: Check that a username and password is supplied
+  assert:
+    that:
+      - (relay_user is defined) and (relay_user is not none)
+      - (relay_password is defined) and 
+          (relay_password is not none)
+    fail_msg: "'relay_user' and 'relay_password' must be set"
+    success_msg: "username and password for relay is set"
+
+- name: Install Postfix and s-nail
+  package:
+    state: present
+    name: "{{ item }}"
+  with_items:
+    - postfix
+    - s-nail
+  notify: Activate and restart Postfix
+
+- name: Configure Postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main cf
+  notify: Activate and restart Postfix
+
+- name: Copy Postfix authentication
+  template:
+    src: sasl_passwd.j2
+    dest: /etc/postfix/sasl_passwd
+    mode: 0600
+  notify: Generate SASL
+
+- name: Copy alisases
+  copy:
+    src: aliases
+    dest: /etc/aliases
+  notify: Generate aliases
+
+- name: Copy sender_canonical
+  template:
+    src: sender_canonical.j2
+    dest: /etc/postfix/sender_canonical
+  notify: Generate sender_canonical
+

roles/postfix-v3/templates/main.cf.j2

@@ -0,0 +1,29 @@
+biff = no
+append_dot_mydomain = no
+compatibility_level = 2
+myhostname = {{ mail_hostname }}
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = {{ mail_hostname }}
+mydestination = $myhostname, {{ mail_hostname }}, localhost
+relayhost = [{{ relay_host }}]:{{ relay_port }}
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = localhost
+inet_protocols = all
+
+# enable SASL authentication
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_security_options = noanonymous
+smtp_sasl_tls_security_options = noanonymous
+
+# Enable STARTTLS encryption
+smtp_use_tls = yes
+smtp_tls_wrappermode = yes
+smtp_tls_security_level = encrypt
+
+# Setup sender canonical mapping
+sender_canonical_maps = hash:/etc/postfix/sender_canonical
+

roles/postfix-v3/templates/sasl_passwd.j2

@@ -0,0 +1,2 @@
+[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }}
+

roles/postfix-v3/templates/sender_canonical.j2

@@ -0,0 +1,3 @@
+root    root@{{ canonical_name }}
+jake    jake@{{ canonical_name }}
+

roles/postfix-v4/defaults/main.yml

@@ -0,0 +1,7 @@
+mail_hostname: vm.nixnet.jke
+canonical_name: vm.nixnet.example.tld
+relay_host: email-smtp.eu-west-1.amazonaws.com
+relay_port: 465
+relay_user: 
+relay_password: 
+

roles/postfix-v4/files/aliases

@@ -0,0 +1,14 @@
+postmaster: root
+nobody: root
+hostmaster: root
+usenet: root
+news: root
+webmaster: root
+www: root
+ftp: root
+abuse: root
+noc: root
+security: root
+root: jake
+jake: vm-mail@cyberinfo.se
+

roles/postfix-v4/handlers/main.yml

@@ -0,0 +1,18 @@
+- name: Activate and restart Postfix
+  service:
+    name: postfix
+    enabled: yes
+    state: restarted
+
+- name: Generate SASL
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd
+
+- name: Generate aliases
+  command:
+    cmd: /usr/sbin/postalias /etc/aliases
+
+- name: Generate sender_canonical
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sender_canonical
+

roles/postfix-v4/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - role: update_cache
+

roles/postfix-v4/tasks/configure-postfix.yml

@@ -0,0 +1,6 @@
+- name: Configure Postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main.cf
+  notify: Activate and restart Postfix
+

roles/postfix-v4/tasks/copy-aliases.yml

@@ -0,0 +1,6 @@
+- name: Copy alisases
+  copy:
+    src: aliases
+    dest: /etc/aliases
+  notify: Generate aliases
+

roles/postfix-v4/tasks/copy-postfix-auth.yml

@@ -0,0 +1,7 @@
+- name: Copy Postfix authentication
+  template:
+    src: sasl_passwd.j2
+    dest: /etc/postfix/sasl_passwd
+    mode: 0600
+  notify: Generate SASL
+

roles/postfix-v4/tasks/copy-sender-canonical.yml

@@ -0,0 +1,6 @@
+- name: Copy sender_canonical
+  template:
+    src: sender_canonical.j2
+    dest: /etc/postfix/sender_canonical
+  notify: Generate sender_canonical
+

roles/postfix-v4/tasks/install-postfix.yml

@@ -0,0 +1,9 @@
+- name: Install Postfix and s-nail
+  package:
+    state: present
+    name: "{{ item }}"
+  with_items:
+    - postfix
+    - s-nail
+  notify: Activate and restart Postfix
+

roles/postfix-v4/tasks/main.yml

@@ -0,0 +1,15 @@
+- name: Check that a username and password is supplied
+  assert:
+    that:
+      - (relay_user is defined) and (relay_user is not none)
+      - (relay_password is defined) and
+          (relay_password is not none)
+    fail_msg: "'relay_user' and 'relay_password' must be set"
+    success_msg: "username and password for relay is set"
+
+- import_tasks: install-postfix.yml
+- import_tasks: configure-postfix.yml
+- import_tasks: copy-postfix-auth.yml
+- import_tasks: copy-aliases.yml
+- import_tasks: copy-sender-canonical.yml
+

roles/postfix-v4/templates/main.cf.j2

@@ -0,0 +1,29 @@
+biff = no
+append_dot_mydomain = no
+compatibility_level = 2
+myhostname = {{ mail_hostname }}
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = {{ mail_hostname }}
+mydestination = $myhostname, {{ mail_hostname }}, localhost
+relayhost = [{{ relay_host }}]:{{ relay_port }}
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = localhost
+inet_protocols = all
+
+# enable SASL authentication
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_security_options = noanonymous
+smtp_sasl_tls_security_options = noanonymous
+
+# Enable STARTTLS encryption
+smtp_use_tls = yes
+smtp_tls_wrappermode = yes
+smtp_tls_security_level = encrypt
+
+# Setup sender canonical mapping
+sender_canonical_maps = hash:/etc/postfix/sender_canonical
+

roles/postfix-v4/templates/sasl_passwd.j2

@@ -0,0 +1,2 @@
+[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }}
+

roles/postfix-v4/templates/sender_canonical.j2

@@ -0,0 +1,3 @@
+root    root@{{ canonical_name }}
+jake    jake@{{ canonical_name }}
+

roles/postfix/defaults/main.yml

@@ -0,0 +1,14 @@
+$ANSIBLE_VAULT;1.1;AES256
+38326433663334316231393964323861326634316138663137343462303639383539613232633865
+6462656338656163373330366635373431366638353365610a646133313831346534393736323737
+38616533373133383766303538643635326535303232633837653737616362323432313964653837
+6136306639613862340a316165623962356265646434383833303136656633656334343335633032
+33346234633833363936383937623835313130373133626231326361666566636161353361616361
+35323032383266643561636536616533333264613730623064663838346431353030393330336565
+31653864396466303338626535343063633139383731326430356436626530373766353033366237
+32343930373739306139643263306266333235383764656137326165646531646330383663306166
+31376366366465663862383834343233363163383839663263393637353762346333663136633563
+62393730363237666232353439623832623162363330616165653230653866663065613533393833
+62343261356164653835383866343139303136316235323530356136663730613234383563653562
+37346236366538366638633462326161333337316630333239643263303737663531373965386631
+3834

roles/postfix/files/aliases

@@ -0,0 +1,14 @@
+postmaster: root
+nobody: root
+hostmaster: root
+usenet: root
+news: root
+webmaster: root
+www: root
+ftp: root
+abuse: root
+noc: root
+security: root
+root: jake
+jake: vm-mail@cyberinfo.se
+

roles/postfix/handlers/main.yml

@@ -0,0 +1,18 @@
+- name: Activate and restart Postfix
+  service:
+    name: postfix
+    enabled: yes
+    state: restarted
+
+- name: Generate SASL
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sasl_passwd
+
+- name: Generate aliases
+  command:
+    cmd: /usr/sbin/postalias /etc/aliases
+
+- name: Generate sender_canonical
+  command:
+    cmd: /usr/sbin/postmap /etc/postfix/sender_canonical
+

roles/postfix/tasks/main.yml

@@ -0,0 +1,34 @@
+- name: Install Postfix and s-nail
+  package:
+    state: present
+    name: "{{ item }}"
+  with_items:
+    - postfix
+    - s-nail
+  notify: Activate and restart Postfix
+
+- name: Configure Postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main.cf
+  notify: Activate and restart Postfix
+
+- name: Copy Postfix authentication
+  template:
+    src: sasl_passwd.j2
+    dest: /etc/postfix/sasl_passwd
+    mode: 0600
+  notify: Generate SASL
+
+- name: Copy alisases
+  copy:
+    src: aliases
+    dest: /etc/aliases
+  notify: Generate aliases
+
+- name: Copy sender_canonical
+  template:
+    src: sender_canonical.j2
+    dest: /etc/postfix/sender_canonical
+  notify: Generate sender_canonical
+

roles/postfix/templates/main.cf.j2

@@ -0,0 +1,29 @@
+biff = no
+append_dot_mydomain = no
+compatibility_level = 2
+myhostname = {{ mail_hostname }}
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = {{ mail_hostname }}
+mydestination = $myhostname, {{ mail_hostname }}, localhost
+relayhost = [{{ relay_host }}]:{{ relay_port }}
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = localhost
+inet_protocols = all
+
+# enable SASL authentication
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_security_options = noanonymous
+smtp_sasl_tls_security_options = noanonymous
+
+# Enable STARTTLS encryption
+smtp_use_tls = yes
+smtp_tls_wrappermode = yes
+smtp_tls_security_level = encrypt
+
+# Setup sender canonical mapping
+sender_canonical_maps = hash:/etc/postfix/sender_canonical
+

roles/postfix/templates/sasl_passwd.j2

@@ -0,0 +1,2 @@
+[{{ relay_host }}]:{{ relay_port }} {{ relay_user }}:{{ relay_password }}
+

roles/postfix/templates/sender_canonical.j2

@@ -0,0 +1,3 @@
+root    root@{{ canonical_name }}
+jake    jake@{{ canonical_name }}
+

roles/update_cache/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Update cache on Debian/Ubuntu
+  apt:
+    update_cache: yes
+  when: ansible_os_family == 'Debian'
+- name: Update cache on RedHat/CentOS/Fedora
+  dnf:
+    update_cache: yes
+  when: ansible_os_family == 'RedHat'
+

roles/update_windows/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: Update Windows
+  ansible.windows.win_updates:
+    category_names: "*"
+    reboot: yes
+