diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-04-30 23:07:35 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-04-30 23:07:35 -0700 |
| commit | d357056752382ffe4ae866304d3573c361dbe21a (patch) | |
| tree | 04f1a5f5024d8d7be9e82d990dd2aee6575190dc /playbooks/roles/mail | |
| parent | 3ddb82656d6d0c34f47962db25d37adf6ebb15e1 (diff) | |
| download | infra-d357056752382ffe4ae866304d3573c361dbe21a.tar.gz infra-d357056752382ffe4ae866304d3573c361dbe21a.zip | |
move to new outbound server on linode. Fix a lot of deployment time issue things, including HIGH AVAILABILITY EMAIL OWOOWOJIJODOFKJSDF
Diffstat (limited to 'playbooks/roles/mail')
| -rw-r--r-- | playbooks/roles/mail/tasks/main.yml | 10 | ||||
| -rw-r--r-- | playbooks/roles/mail/templates/stacks/docker-compose.yml | 18 |
2 files changed, 14 insertions, 14 deletions
diff --git a/playbooks/roles/mail/tasks/main.yml b/playbooks/roles/mail/tasks/main.yml index b2a7ea8..dbda130 100644 --- a/playbooks/roles/mail/tasks/main.yml +++ b/playbooks/roles/mail/tasks/main.yml @@ -1,9 +1,17 @@ --- +- name: Set non-lazily-evaluated mail deployment time + ansible.builtin.set_fact: + deployment_time: "{{ now(utc=true,fmt='%s') }}" + +- name: Ensure mail state for deployment "{{ deployment_time }}" exists + ansible.builtin.file: + path: "{{ mail_base }}/volumes/data/dms/mail-state/{{ deployment_time }}" + state: directory + - name: Deploy mail ansible.builtin.import_tasks: manage-docker-swarm-service.yml vars: service_name: mail template_render_dir: "../templates" service_destination_dir: "{{ mail_base }}" - diff --git a/playbooks/roles/mail/templates/stacks/docker-compose.yml b/playbooks/roles/mail/templates/stacks/docker-compose.yml index b1c3982..debaac1 100644 --- a/playbooks/roles/mail/templates/stacks/docker-compose.yml +++ b/playbooks/roles/mail/templates/stacks/docker-compose.yml @@ -6,7 +6,7 @@ services: - {{ mail_base }}/volumes/data/roundcube/db:/var/roundcube/db - {{ mail_base }}/volumes/data/roundcube/config:/var/roundcube/config/ environment: - - DEPLOYMENT_TIME={{ now() }} + - DEPLOYMENT_TIME={{ deployment_time }} - ROUNDCUBEMAIL_DB_TYPE=sqlite - ROUNDCUBEMAIL_SKIN={{ roundcube_skin | default('elastic') }} - ROUNDCUBEMAIL_PLUGINS={{ roundcube_plugins }} @@ -66,26 +66,18 @@ services: update_config: parallelism: 1 failure_action: rollback - # order: start-first - # We need to stop the old container first because it holds a lock on the - # Postfix mail queue. I don't believe there is a feasible way to solve - # this without either a tiny bit of downtime waiting for the lock to clear, - # or lost mail since we'd have to ignore the lock and thus two competing mailservers - # are accepting mail. - # One of these is more acceptable than the other haha. - # See stuff in scripts/ for the last attempt if interested. - order: stop-first + order: start-first volumes: - {{ mail_base }}/volumes/scripts/:/scripts/ - {{ mail_base }}/volumes/data/dms/vmail/:/var/mail/ - - {{ mail_base }}/volumes/data/dms/mail-state/:/var/mail-state/ + - {{ mail_base }}/volumes/data/dms/mail-state/{{ deployment_time }}/:/var/mail-state/ - {{ mail_base }}/volumes/data/dms/mail-logs/:/var/log/mail/ - {{ mail_base }}/volumes/data/dms/config/:/tmp/docker-mailserver/ - {{ mail_base }}/volumes/data/dms/config/dovecot-ldap.conf:/etc/dovecot/dovecot-ldap.conf.ext - {{ letsencrypt_certs }}:/certs/:ro - /etc/localtime:/etc/localtime:ro environment: - - DEPLOYMENT_TIME={{ now() }} + - DEPLOYMENT_TIME={{ deployment_time }} - SSL_TYPE=manual - SSL_CERT_PATH=/certs/{{ mail_domain }}.pem - SSL_KEY_PATH=/certs/{{ mail_domain }}.key @@ -93,7 +85,7 @@ services: - ENABLE_AMAVIS=0 - ENABLE_SASLAUTHD=1 - ENABLE_MANAGESIEVE=1 - - ENABLE_POSTGREY=1 + - ENABLE_POSTGREY=0 - ENABLE_FAIL2BAN=1 - SPOOF_PROTECTION=1 |