- name: load architecture-specific values
  include_vars: '{{ item }}'
  with_first_found:
  - '{{ ansible_architecture }}.yml'
  - default-architecture.yml
- name: load distribution-specifc values
  include_vars: '{{ item }}'
  with_first_found:
  - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
  - '{{ ansible_distribution }}.yml'
  - '{{ ansible_os_family }}.yml'
  - defaults.yml

- name: ensure postfix is installed
  package:
    name={{ postfix_required_packages|join(',') }}
    state=present
  tags:
  - install

- name: ensure postfix client authentication is configured
  template:
    src=sasl_passwd.j2
    dest=/etc/postfix/sasl_passwd
    mode=0600
    owner=root
    group=root
    setype=postfix_etc_t
  notify:
  - rehash postfix sasl passwd table
  - reload postfix

- name: ensure postfix recipient canonical map is configured
  template:
    src: canonical_map.j2
    dest: /etc/postfix/recipient_canonical
    mode: u=rw,go=r
    owner: root
    group: root
    setype: postfix_etc_t
  vars:
    postfix_canonical: '{{ postfix_recipient_canonical_map }}'
  notify:
  - rehash postfix recipient canonical map

- name: ensure postfix is configured
  template:
    src=main.cf.j2
    dest=/etc/postfix/main.cf
    mode=0644
    owner=root
    group=root
    setype=postfix_etc_t
  notify: restart postfix

- name: ensure postfix starts at boot
  service:
    name=postfix
    enabled=yes

- meta: flush_handlers
- name: ensure postfix is running
  service:
    name=postfix
    state=started

- name: ensure smtp is allowed in the firewall
  firewalld:
    service=smtp
    state=enabled
    permanent=no
    immediate=yes
  notify: save firewalld configuration
  when: smtp_inet_interfaces != 'localhost'
  tags:
  - firewalld