engineering/ansible_role_mail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'feat: added molecule tests' (#6) from 5-create-molecule-tests into main
All checks were successful
Molecule Tests / molecule-tests (push) Successful in 6m16s
Details

Browse Source 
Reviewed-on: #6
Fix #5
This commit was merged in pull request #6.
This commit is contained in:
Luciano Giacchetta
2026-03-11 15:48:23 +00:00
parent c853c75f04 d61a4ddcef
commit 059c600229
13 changed files with 239 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
.gitea/workflows/molecule-tests.yml Normal file
View File

@@ -0,0 +1,43 @@
#SPDX-License-Identifier: GPL-3.0-only
---
name: Molecule Tests
on:
schedule:
- cron: '0 7 * * 1' # Every Monday at 07:00 UTC
workflow_dispatch:
pull_request:
branches:
- main
jobs:
molecule-tests:
runs-on: fedora-latest
steps:
- name: Add ~/.local/bin to PATH
run: echo "$HOME/.local/bin" >> "$GITEA_PATH"
- name: Checkout
uses: actions/checkout@v6
with:
path: ansible_role_mail
- name: Install Molecule
run: pip install ansible molecule molecule-plugins[podman]
- name: Install Ansible collections
run: ansible-galaxy collection install containers.podman
- name: Run Molecule tests
working-directory: ansible_role_mail
run: molecule test
- name: Tag latest
if: github.ref == 'refs/heads/main'
working-directory: ansible_role_mail
run: |
git config user.name "giabot"
git config user.email "bot@mail.gianet.us"
git remote set-url origin "https://giabot:${{ secrets.GITEA_TOKEN }}@gianet.us/engineering/ansible_role_mail.git"
git tag -f latest
git push -f origin latest

1
meta/main.yml
View File

@@ -1,5 +1,6 @@
galaxy_info: galaxy_info:
role_name: "mailserver" role_name: "mailserver"
namespace: "gianet"
author: "Luciano Giacchetta" author: "Luciano Giacchetta"
description: "Complete Mail Server Role" description: "Complete Mail Server Role"
company: "Giacchetta Networks LLC" company: "Giacchetta Networks LLC"

14
molecule/default/Dockerfile Normal file
View File

@@ -0,0 +1,14 @@
ARG MOLECULE_DISTRO=docker.io/library/debian:stable
FROM ${MOLECULE_DISTRO}
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
systemd \
systemd-sysv \
dbus \
ca-certificates && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
CMD ["/usr/sbin/init"]

11
molecule/default/converge.yml Normal file
View File

@@ -0,0 +1,11 @@
#SPDX-License-Identifier: GPL-3.0-only
---
- name: Converge
hosts: all
vars:
postfix_mail_domain: "test.local"
dovecot_users:
- name: "testuser"
pass: "testpass"
roles:
- role: ansible_role_mail

72
molecule/default/molecule.yml Normal file
View File

@@ -0,0 +1,72 @@
#SPDX-License-Identifier: GPL-3.0-only
---
dependency:
name: galaxy
options:
requirements-file: molecule/default/requirements.yml
driver:
name: podman
platforms:
- name: debian-stable
image: docker.io/library/debian:stable
pre_build_image: false
dockerfile: Dockerfile
buildargs:
MOLECULE_DISTRO: docker.io/library/debian:stable
privileged: true
systemd: always
command: /usr/sbin/init
- name: debian-oldstable
image: docker.io/library/debian:oldstable
pre_build_image: false
dockerfile: Dockerfile
buildargs:
MOLECULE_DISTRO: docker.io/library/debian:oldstable
privileged: true
systemd: always
command: /usr/sbin/init
- name: ubuntu-latest
image: docker.io/library/ubuntu:latest
pre_build_image: false
dockerfile: Dockerfile
buildargs:
MOLECULE_DISTRO: docker.io/library/ubuntu:latest
privileged: true
systemd: always
command: /usr/sbin/init
- name: ubuntu-jammy
image: docker.io/library/ubuntu:jammy
pre_build_image: false
dockerfile: Dockerfile
buildargs:
MOLECULE_DISTRO: docker.io/library/ubuntu:jammy
privileged: true
systemd: always
command: /usr/sbin/init
provisioner:
name: ansible
env:
ANSIBLE_ROLES_PATH: "${MOLECULE_PROJECT_DIRECTORY}/.."
playbooks:
converge: converge.yml
verify: verify.yml
scenario:
test_sequence:
- dependency
- destroy
- syntax
- create
- converge
- idempotence
- verify
- destroy
verifier:
name: ansible

4
molecule/default/requirements.yml Normal file
View File

@@ -0,0 +1,4 @@
#SPDX-License-Identifier: GPL-3.0-only
---
collections:
- name: containers.podman

37
molecule/default/verify.yml Normal file
View File

@@ -0,0 +1,37 @@
#SPDX-License-Identifier: GPL-3.0-only
---
- name: Verify
hosts: all
tasks:
- name: Gather service facts
ansible.builtin.service_facts:
- name: Assert postfix service is present
ansible.builtin.assert:
that:
- "'postfix.service' in ansible_facts.services"
- name: Assert dovecot service is present
ansible.builtin.assert:
that:
- "'dovecot.service' in ansible_facts.services"
- name: Check postfix main.cf exists
ansible.builtin.stat:
path: /etc/postfix/main.cf
register: postfix_main_cf
- name: Assert postfix main.cf exists
ansible.builtin.assert:
that:
- postfix_main_cf.stat.exists
- name: Check dovecot.conf exists
ansible.builtin.stat:
path: /etc/dovecot/dovecot.conf
register: dovecot_conf
- name: Assert dovecot.conf exists
ansible.builtin.assert:
that:
- dovecot_conf.stat.exists

21
tasks/main.yml
View File

@@ -62,13 +62,16 @@
owner: root owner: root
group: root group: root
mode: '0644' mode: '0644'
register: virtual_mailbox_maps_template
notify: Restart Postfix notify: Restart Postfix
tags: tags:
- postfix_config - postfix_config
- dovecot_config - dovecot_config
- name: "POSTFIX | Create hash map for virtual mailbox maps" - name: "POSTFIX | Create hash map for virtual mailbox maps"
when: dovecot_enabled | default(false) and dovecot_postfix_lmtp_enable | default(false) when:
- dovecot_enabled | default(false) and dovecot_postfix_lmtp_enable | default(false)
- virtual_mailbox_maps_template.changed
ansible.builtin.command: ansible.builtin.command:
cmd: postmap hash:/etc/postfix/virtual_mailbox_maps cmd: postmap hash:/etc/postfix/virtual_mailbox_maps
changed_when: true changed_when: true
@@ -168,6 +171,22 @@
tags: tags:
- dovecot_config - dovecot_config
- name: "DOVECOT | Detect Dovecot version"
when: dovecot_enabled | default(false)
ansible.builtin.shell:
cmd: "dovecot --version | awk '{print $1}' | cut -d'(' -f1"
register: dovecot_version_raw
changed_when: false
tags:
- dovecot_config
- name: "DOVECOT | Set Dovecot major version fact"
when: dovecot_enabled | default(false)
ansible.builtin.set_fact:
dovecot_major_version: "{{ dovecot_version_raw.stdout.split('.')[0] | int }}.{{ dovecot_version_raw.stdout.split('.')[1] | int }}"
tags:
- dovecot_config
- name: "DOVECOT | Configure dovecot.conf" - name: "DOVECOT | Configure dovecot.conf"
when: dovecot_enabled | default(false) when: dovecot_enabled | default(false)
ansible.builtin.template: ansible.builtin.template:

4
templates/10-auth.conf.j2
View File

@@ -1,7 +1,11 @@
# Dovecot authentication configuration # Dovecot authentication configuration
# Ansible managed: {{ ansible_managed }} # Ansible managed: {{ ansible_managed }}
{% if dovecot_major_version is defined and dovecot_major_version is version('2.4', '>=') %}
auth_allow_cleartext = {{ 'no' if dovecot_ssl == 'required' else 'yes' }}
{% else %}
disable_plaintext_auth = {{ 'yes' if dovecot_ssl == 'required' else 'no' }} disable_plaintext_auth = {{ 'yes' if dovecot_ssl == 'required' else 'no' }}
{% endif %}
auth_mechanisms = {{ dovecot_auth_mechanisms }} auth_mechanisms = {{ dovecot_auth_mechanisms }}
!include auth-dovecot-users.conf.ext !include auth-dovecot-users.conf.ext

8
templates/10-mail.conf.j2
View File

@@ -1,7 +1,13 @@
# Dovecot mail location configuration # Dovecot mail location configuration
# Ansible managed: {{ ansible_managed }} # Ansible managed: {{ ansible_managed }}
{% if dovecot_major_version is defined and dovecot_major_version is version('2.4', '>=') %}
{% set _driver = dovecot_mail_location.split(':')[0] %}
{% set _path = dovecot_mail_location.split(':')[1] %}
mail_driver = {{ _driver }}
mail_path = {{ _path }}
{% else %}
mail_location = {{ dovecot_mail_location }} mail_location = {{ dovecot_mail_location }}
{% endif %}
namespace inbox { namespace inbox {
inbox = yes inbox = yes

5
templates/10-ssl.conf.j2
View File

@@ -2,5 +2,10 @@
# Ansible managed: {{ ansible_managed }} # Ansible managed: {{ ansible_managed }}
ssl = {{ dovecot_ssl }} ssl = {{ dovecot_ssl }}
{% if dovecot_major_version is defined and dovecot_major_version is version('2.4', '>=') %}
ssl_server_cert_file = {{ mail_ssl_cert }}
ssl_server_key_file = {{ mail_ssl_key }}
{% else %}
ssl_cert = <{{ mail_ssl_cert }} ssl_cert = <{{ mail_ssl_cert }}
ssl_key = <{{ mail_ssl_key }} ssl_key = <{{ mail_ssl_key }}
{% endif %}

17
templates/auth-dovecot-users.conf.ext.j2
View File

@@ -1,5 +1,21 @@
# Dovecot local users authentication # Dovecot local users authentication
# Ansible managed: {{ ansible_managed }} # Ansible managed: {{ ansible_managed }}
{% if dovecot_major_version is defined and dovecot_major_version is version('2.4', '>=') %}
passdb passwd-file {
default_password_scheme = SHA512-CRYPT
auth_username_format = %{user|username}
passwd_file_path = /etc/dovecot/users
}
userdb static {
fields {
uid = vmail
gid = vmail
home = /var/vmail/%{user|username}
}
}
{% else %}
passdb { passdb {
driver = passwd-file driver = passwd-file
@@ -10,3 +26,4 @@ userdb {
driver = static driver = static
args = uid=vmail gid=vmail home=/var/vmail/%n args = uid=vmail gid=vmail home=/var/vmail/%n
} }
{% endif %}

4
templates/dovecot.conf.j2
View File

@@ -1,5 +1,9 @@
# Dovecot configuration file # Dovecot configuration file
# Ansible managed: {{ ansible_managed }} # Ansible managed: {{ ansible_managed }}
{% if dovecot_major_version is defined and dovecot_major_version is version('2.4', '>=') %}
dovecot_config_version = 2.4.0
dovecot_storage_version = 2.4.0
{% endif %}
protocols = {{ dovecot_protocols }} protocols = {{ dovecot_protocols }}
{% if dovecot_imap_capability | default('') | length > 0 %} {% if dovecot_imap_capability | default('') | length > 0 %}