Install a local MTA

Allow services and users on lovelace to exchange local mail messages.
Later, we will want to expand the service to consolidate service mails
or perhaps even allow forwarding e-mails to Python Discord e-mails via
LDAP.

4 files changed, 48 insertions, 0 deletions

diff --git a/ansible/playbook.yml b/ansible/playbook.yml
index 7ad4f19..65254dc 100644
--- a/ansible/playbook.yml
+++ b/ansible/playbook.yml
@@ -15,6 +15,7 @@
     - wireguard
     - fail2ban
     - podman
+    - opensmtpd
     - unattended-upgrades
 
 - name: Deploy our monitoring stack
diff --git a/ansible/roles/opensmtpd/handlers/main.yml b/ansible/roles/opensmtpd/handlers/main.yml
new file mode 100644
index 0000000..759b87b
--- /dev/null
+++ b/ansible/roles/opensmtpd/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+- name: Restart OpenSMTPD
+  service:
+    name: opensmtpd
+    state: restarted
+  tags:
+    - role::opensmtpd
diff --git a/ansible/roles/opensmtpd/tasks/main.yml b/ansible/roles/opensmtpd/tasks/main.yml
new file mode 100644
index 0000000..ffd9415
--- /dev/null
+++ b/ansible/roles/opensmtpd/tasks/main.yml
@@ -0,0 +1,19 @@
+---
+- name: Install OpenSMTPD
+  package:
+    name: opensmtpd
+    state: present
+  tags:
+    - role::opensmtpd
+
+- name: Configure OpenSMTPD
+  template:
+    src: smtpd.conf.j2
+    dest: /etc/smtpd.conf
+    owner: root
+    group: root
+    mode: "0o444"
+  tags:
+    - role::opensmtpd
+  notify:
+    - Restart opensmtpd
diff --git a/ansible/roles/opensmtpd/templates/smtpd.conf.j2 b/ansible/roles/opensmtpd/templates/smtpd.conf.j2
new file mode 100644
index 0000000..e1ad428
--- /dev/null
+++ b/ansible/roles/opensmtpd/templates/smtpd.conf.j2
@@ -0,0 +1,21 @@
+# Ansible managed
+#
+#	$OpenBSD: smtpd.conf,v 1.10 2018/05/24 11:40:17 gilles Exp $
+
+# This is the smtpd server system-wide configuration file.
+# See smtpd.conf(5) for more information.
+
+table aliases file:/etc/aliases
+
+# To accept external mail, replace with: listen on all
+#
+listen on localhost
+
+action "local" mbox alias <aliases>
+action "relay" relay
+
+# Uncomment the following to accept external mail for domain "example.org"
+#
+# match from any for domain "example.org" action "local"
+match for local action "local"
+match from local for any action "relay"