Commit a49e49ce authored by Chris Croome's avatar Chris Croome
Browse files

Merge branch 'unbound' of git.coop:webarch/mailcow into unbound

parents 204d5682 164b2016
......@@ -32,7 +32,7 @@
- name: "docker_compose_version"
prompt: "The Docker Compose version from https://github.com/docker/compose/releases"
private: no
default: "1.13.0"
default: "1.14.0"
- name: "roundcube_install"
prompt: "Install Roundcube as well as SOGo?"
......@@ -63,7 +63,7 @@
- docker
- docker-compose
- mailcow
- letsencrypt
# - letsencrypt mailcow now provisions let's encrypt certs
- dovecot
- rspamd
# Syslog was throwing errors and there is now a web interface to view some
......@@ -71,6 +71,6 @@
# - syslog
- postfix
- theme
- bind
- resolv
- roundcube
nameserver 81.95.52.30
nameserver 81.95.52.24
acl internal_networks {
127.0.0.0/8;
192.168.0.0/16;
172.16.0.0/12;
10.0.0.0/8;
fd4d:6169:6c63:6f77::/64;
};
options {
directory "/var/bind";
allow-recursion { internal_networks; };
listen-on { any; };
listen-on-v6 { any; };
pid-file "/var/run/named/named.pid";
allow-transfer { none; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
forwarders {
{{ nameserver_1 }};
{{ nameserver_2 }};
};
};
include "/etc/bind/bind.keys";
......@@ -191,115 +191,119 @@
# Update an existing install
# https://mailcow.github.io/mailcow-dockerized-docs/install-update/
- block:
- name: Local changes stashed
command: git stash
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
register: git_stash
- debug:
msg: "The results of `git stash`: {{ git_stash.stdout }}"
- name: Mailcow checked out
git:
repo: https://github.com/andryyy/mailcow-dockerized.git
dest: /var/mailcow
force: yes
become: yes
become_user: mailcow
- name: Git stash list
command: git stash list
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
register: git_stash_list
- debug:
msg: "The results of `git stash list`: {{ git_stash_list.stdout }}"
# THIS NEEDS UPDATING, SEE https://mailcow.github.io/mailcow-dockerized-docs/install-update/#step-1
- block:
- name: Get updates/changes
command: git fetch origin master
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
register: git_fetch_origin_master
- debug:
msg: "The results of `git fetch origin master`: {{ git_fetch_origin_master.stdout }}"
- name: Local stashed changes popped
command: git stash pop
- name: Add all changed files to local clone
command: git add -A
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
register: git_stash_pop
register: git_add
- debug:
msg: "The results of `git stash pop`: {{ git_stash_pop.stdout }}"
msg: "The results of `git add -A`: {{ git_add.stdout }}"
when: git_stash_list.stdout != ""
- name: Get the date and time
command: date
register: git_commit_date
# https://github.com/mailcow/mailcow-dockerized/pull/203#issuecomment-299823762
- name: Run docker-compose down
command: docker-compose down
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Commit changes
command: git commit -m "Local config at {{ git_commit_date.stdout }}"
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
register: git_commit
- name: Run docker-compose pull
command: docker-compose pull
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Run docker-compose up -d --remove-orphans
command: docker-compose up -d --remove-orphans
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Check for unused images
shell: "docker images -f 'dangling=true' -q | xargs"
args:
chdir: /var/mailcow
executable: /bin/bash
become: yes
become_user: mailcow
register: docker_dangling_images
- block:
- name: Clean-up dangling (unused) images
shell: "docker rmi -f {{ docker_dangling_images.stdout }}"
- debug:
msg: "The results of `git commit -m`: {{ git_commit.stdout }}"
- name: Merge changes, prefere mailcow repository
command: git merge -Xtheirs -Xpatience
args:
chdir: /var/mailcow
executable: /bin/bash
become: yes
become_user: mailcow
when: docker_dangling_images.stdout != ""
- name: Check for unused volumes
command: docker volume ls -qf 'dangling=true'
become: yes
become_user: mailcow
register: docker_dangling_volumes
- block:
- name: Clean-up dangling (unused) volumes
shell: "docker volume rm {{ docker_dangling_volumes.stdout }}"
register: git_merge
- debug:
msg: "The results of `git merge -Xtheirs -Xpatience`: {{ git_merge.stdout }}"
# https://github.com/mailcow/mailcow-dockerized/pull/203#issuecomment-299823762
- name: Run docker-compose down
command: docker-compose down
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Run docker-compose pull
command: docker-compose pull
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Run docker-compose up -d --remove-orphans
command: docker-compose up -d --remove-orphans
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Check for unused images
shell: "docker images -f 'dangling=true' -q | xargs"
args:
chdir: /var/mailcow
executable: /bin/bash
become: yes
become_user: mailcow
when: docker_dangling_volumes.stdout != ""
when: mailcow_git_directory.stat.exists == True
register: docker_dangling_images
- block:
- name: Clean-up dangling (unused) images
shell: "docker rmi -f {{ docker_dangling_images.stdout }}"
args:
chdir: /var/mailcow
executable: /bin/bash
become: yes
become_user: mailcow
when: docker_dangling_images.stdout != ""
- name: Check for unused volumes
command: docker volume ls -qf 'dangling=true'
become: yes
become_user: mailcow
register: docker_dangling_volumes
- block:
- name: Clean-up dangling (unused) volumes
shell: "docker volume rm {{ docker_dangling_volumes.stdout }}"
args:
chdir: /var/mailcow
executable: /bin/bash
become: yes
become_user: mailcow
when: docker_dangling_volumes.stdout != ""
when: mailcow_git_directory.stat.exists == True
- block:
......
......@@ -45,3 +45,19 @@ SIEVE_PORT=4190
# Your timezone
TZ={{ timezone.stdout }}
# Fixed project name
COMPOSE_PROJECT_NAME=mailcow-dockerized
# Additional SAN for the certificate
ADDITIONAL_SAN=
# To never run acme-mailcow for Let's Encrypt, set this to y
SKIP_LETS_ENCRYPT=n
# Skip IPv4 check in ACME container
SKIP_IP_CHECK=n
# To never run fail2ban-mailcow
SKIP_FAIL2BAN=n
---
- name: Set the local DNS servers for the bind9 container
template:
src: templates/named.conf.j2
dest: /var/mailcow/data/conf/bind9/named.conf
owner: mailcow
group: mailcow
mode: 0644
- name: Restart the bind9 container
command: docker-compose restart bind9-mailcow
args:
chdir: /var/mailcow
become: yes
become_user: mailcow
- name: Set the nameservers for {{ hostname }}
template:
src: templates/resolv.conf.j2
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment