Postfix: bugfixes and add git and issues.tf.org host_vars

Previous version incorrectly used lookup when
setting up ses config.  Also added tasks to help
clean up main.cf to remove an empty relayhost line
that generated a warning and ensure myhostname is
set correctly.

Change-Id: I2dbf4b624f59346483f79392c6d1060c6ae139b8
Reviewed-on: https://review.linaro.org/24325
Reviewed-by: Kelley Spoon <kelley.spoon@linaro.org>

6 files changed, 30 insertions, 13 deletions

diff --git a/host_vars/git.trustedfirmware.org b/host_vars/git.trustedfirmware.org
new file mode 100644
index 00000000..5d315f0f
--- /dev/null
+++ b/host_vars/git.trustedfirmware.org
@@ -0,0 +1,2 @@
+postfix_ses_hostname: email-smtp.us-east-1.amazonaws.com
+postfix_destinations: ["git.trustedfirmware.org","review.trustedfirmware.org"]
diff --git a/host_vars/issues.trustedfirmware.org b/host_vars/issues.trustedfirmware.org
new file mode 100644
index 00000000..3b7654ea
--- /dev/null
+++ b/host_vars/issues.trustedfirmware.org
@@ -0,0 +1,3 @@
+postfix_hostname: issues.trustedfirmware.org
+postfix_ses_hostname: email-smtp.us-east-1.amazonaws.com
+postfix_destinations: ["phabricator.trustedfirmware.org","issues.trustedfirmware.org"]
diff --git a/postfix.yml b/postfix.yml
index 9cd2cf83..5d03c2df 100644
--- a/postfix.yml
+++ b/postfix.yml
@@ -2,6 +2,7 @@
 - name: Configure postfix on system
   hosts:
     - git.trustedfirmware.org
+    - issues.trustedfirmware.org
   gather_facts: no
   become: yes
   vars_files:
diff --git a/roles/postfix/defaults/main.yml b/roles/postfix/defaults/main.yml
index f791f202..6e1bdeec 100644
--- a/roles/postfix/defaults/main.yml
+++ b/roles/postfix/defaults/main.yml
@@ -2,6 +2,7 @@
 # if this is set, we setup SES
 # and it will require you have this defined in secrets hosts vars
 #   postfix_ses_password: AWS key for SES relay
+postfix_hostname: "{{inventory_hostname}}"
 postfix_ses_hostname:
-postfix_destinations: "{{ansible_hostname}}, localhost"
+postfix_destinations: "{{inventory_hostname}}, localhost"
 postfix_root_alias: postmaster
diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml
index 57547e45..a3351343 100644
--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@@ -3,7 +3,7 @@
   debconf:
     name: postfix
     question: postfix/mailname
-    value: "{{ansible_hostname}}"
+    value: "{{postfix_hostname}}"
     vtype: string
 
 - name: Set debconf for mailer type
@@ -16,6 +16,26 @@
 - name: Postfix installed
   apt: pkg=postfix state=installed
 
+- name: Set mydestinations
+  lineinfile:
+    path: /etc/postfix/main.cf
+    state: present
+    regexp: '^mydestination.*'
+    line: 'mydestination = {{postfix_destinations|join(",")}},localhost'
+
+- name: Set myhostname
+  lineinfile:
+    path: /etc/postfix/main.cf
+    state: present
+    regexp: '^myhostname\s+='
+    line: 'myhostname = {{postfix_hostname}}'
+
+- name: Remove empty relayhost line
+  lineinfile:
+    path: /etc/postfix/main.cf
+    state: absent
+    regexp: '^relayhost\s+=\s+$'
+
 - name: Configure SES relay
   import_tasks: ses.yml
   when: postfix_ses_hostname is defined and postfix_ses_hostname != "" and postfix_ses_hostname != None
diff --git a/roles/postfix/tasks/ses.yml b/roles/postfix/tasks/ses.yml
index 27a54a02..b25182fb 100644
--- a/roles/postfix/tasks/ses.yml
+++ b/roles/postfix/tasks/ses.yml
@@ -1,18 +1,8 @@
 ---
-  # Note: lineinfile should generally be avoided, but we can be 100%
-  #  sure postfix will always have a main.cf and that the 'include'
-  #  directive will always work.  This ensures that if the include
-  #  isn't present in the file, it gets added at the end which we
-  #  want as it will override any previous conflicting settings.
-- name: SES config is present on server
-  template:
-    src: templates/ses_relay.cf
-    dest: /etc/postfix/ses_relay.cf
-
 - name: Append SES config to main.cf
   blockinfile:
     dest: /etc/postfix/main.cf
-    block: "{{ lookup('file', '/etc/postfix/ses_relay.cf') }}"
+    block: "{{lookup('template', 'templates/ses_relay.cf')}}"
     insertafter: EOF
   notify: restart-postfix