r/postfix: Support rewriting recipient addresses

The *postfix* role will now generate configuration and a lookup table
for [canonical address mapping][0] of email recipients.  To configure
the mapping, the `postfix_recipient_canonical_map` must be a dictionary
of source-target addresses, e.g.:

```yaml
postfix_recipient_canonical_map:
  my.bad.email@fake.test: my.real.email@example.com
```

[0]: https://www.postfix.org/ADDRESS_REWRITING_README.html#canonical

roles/postfix/defaults/main.yml

@@ -1,3 +1,4 @@
 smtp_inet_interfaces: localhost
 smtp:
   mode: direct
+postfix_recipient_canonical_map: {}

roles/postfix/handlers/main.yml

@@ -1,5 +1,7 @@
 - name: rehash postfix sasl passwd table
   command: postmap /etc/postfix/sasl_passwd
+- name: rehash postfix recipient canonical map
+  command: postmap /etc/postfix/recipient_canonical
 - name: restart postfix
   service:
     name=postfix

roles/postfix/tasks/main.yml

@@ -30,6 +30,19 @@
   - rehash postfix sasl passwd table
   - reload postfix
 
+- name: ensure postfix recipient canonical map is configured
+  template:
+    src: canonical_map.j2
+    dest: /etc/postfix/recipient_canonical
+    mode: u=rw,go=r
+    owner: root
+    group: root
+    setype: postfix_etc_t
+  vars:
+    postfix_canonical: '{{ postfix_recipient_canonical_map }}'
+  notify:
+  - rehash postfix recipient canonical map
+
 - name: ensure postfix is configured
   template:
     src=main.cf.j2

roles/postfix/templates/canonical_map.j2

@@ -0,0 +1,3 @@
+{% for key, value in postfix_canonical.items() %}
+{{ key }} {{ value }}
+{% endfor %}

roles/postfix/templates/main.cf.j2

@@ -434,6 +434,10 @@ alias_maps = hash:/etc/aliases
 #alias_database = dbm:/etc/mail/aliases
 alias_database = hash:/etc/aliases
 #alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
+{% if postfix_recipient_canonical_map %}
+
+recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
+{% endif %}
 
 # ADDRESS EXTENSIONS (e.g., user+foo)
 #