roles/postfix: Deploy Postfix MTA

The *postfix* role installs and configures the Postfix MTA. It currently
supports a number of modes, including direct transfer and relay. Relay
mode supports STARTTLS security and PLAIN authentication.

roles/postfix/tasks/main.yml

@@ -0,0 +1,58 @@
+- name: load distribution-specifc values
+  include_vars: '{{ item }}'
+  with_first_found:
+  - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
+  - '{{ ansible_distribution }}.yml'
+  - '{{ ansible_os_family }}.yml'
+  - defaults.yml
+
+- name: ensure postfix is installed
+  package:
+    name={{ postfix_required_packages|join(',') }}
+    state=present
+  tags:
+  - install
+
+- name: ensure postfix client authentication is configured
+  template:
+    src=sasl_passwd.j2
+    dest=/etc/postfix/sasl_passwd
+    mode=0600
+    owner=root
+    group=root
+    setype=postfix_etc_t
+  notify:
+  - rehash postfix sasl passwd table
+  - reload postfix
+
+- name: ensure postfix is configured
+  template:
+    src=main.cf.j2
+    dest=/etc/postfix/main.cf
+    mode=0644
+    owner=root
+    group=root
+    setype=postfix_etc_t
+  notify: restart postfix
+
+- name: ensure postfix starts at boot
+  service:
+    name=postfix
+    enabled=yes
+
+- meta: flush_handlers
+- name: ensure postfix is running
+  service:
+    name=postfix
+    state=started
+
+- name: ensure smtp is allowed in the firewall
+  firewalld:
+    service=smtp
+    state=enabled
+    permanent=no
+    immediate=yes
+  notify: save firewalld configuration
+  when: smtp_inet_interfaces != 'localhost'
+  tags:
+  - firewalld