role shell

handlers/main.yml

@@ -1,2 +1,27 @@
 ---
 # handlers file for ensure_dovecot
+- name: 'ensure_dovecot.package_facts'
+  ansible.builtin.package_facts:
+- name: 'ensure_dovecot.service_facts'
+  ansible.builtin.service_facts:
+- name: 'ensure_dovecot.service_reload'
+  when:
+    - ansible_system == 'Linux'
+    - ansible_service_mgr == 'systemd'
+    - ensure_dovecot is defined
+  ansible.builtin.systemd:
+    daemon_reload: 'yes'
+- name: 'ensure_dovecot.services'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.service_list is defined
+    - ensure_dovecot.service_list is iterable
+    - item.state == 'started'
+  ansible.builtin.service:
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: 'restarted'
+  loop: '{{ ensure_dovecot.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be restarted'

tasks/main.yml

@@ -1,2 +1,149 @@
 ---
 # tasks file for ensure_dovecot
+- name: 'include variables'
+  when:
+    - ansible_system == 'Linux'
+  include_vars:
+    file: '{{ lookup("first_found", findme ) }}'
+    name: 'ensure_dovecot'
+  vars:
+    findme:
+      files:
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_distribution }}-default.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_os_family }}-default.yml'
+        - 'default.yml'
+      paths:
+        - '../vars/'
+      errors: 'ignore'
+- name: 'package discovery'
+  when:
+    - ansible_system == 'Linux'
+    - packages is not defined
+  ansible.builtin.package_facts:
+- name: 'service discovery'
+  when:
+    - ansible_system == 'Linux'
+    - services is not defined
+  ansible.builtin.service_facts:
+- name: 'ensure sysctl'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.sysctl_list is defined
+    - ensure_dovecot.sysctl_list is iterable
+  ansible.posix.sysctl:
+    name: '{{ item.name }}'
+    reload: '{{ item.reload | default(omit) }}'
+    state: '{{ item.state }}'
+    sysctl_file: '{{ item.sysctl_file | default(omit) }}'
+    sysctl_set: '{{ item.sysctl_set | default(omit) }}'
+    value: '{{ item.value | default(omit) }}'
+  loop: '{{ ensure_dovecot.sysctl_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.value }}'
+- name: 'ensure packages'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.package_list is defined
+    - ensure_dovecot.package_list is iterable
+    - packages[item.name] is not defined
+  ansible.builtin.package:
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_dovecot.package_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_dovecot.package_facts'
+    - 'ensure_dovecot.service_facts'
+- name: 'ensure seboolean'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.seboolean_list is defined
+    - ensure_dovecot.seboolean_list is iterable
+  ansible.posix.seboolean:
+    name: '{{ item.name }}'
+    persistent: '{{ item.persistent }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_dovecot.seboolean_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+- name: 'find certificates'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.template_list is defined
+    - ensure_dovecot.template_list is iterable
+  ansible.builtin.find:
+    file_type: 'file'
+    paths:
+      - '/etc/httpd/md/domains/'
+    patterns:
+      - 'pubcert.pem'
+      - 'privkey.pem'
+    recurse: 'yes'
+  register: 'certificates'
+- name: 'ensure configurations'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.template_list is defined
+    - ensure_dovecot.template_list is iterable
+  ansible.builtin.template:
+    backup: 'no'
+    dest: '{{ item.dest }}'
+    group: '{{ item.group | default(omit) }}'
+    mode: '{{ item.mode | default(omit) }}'
+    owner: '{{ item.owner | default(omit) }}'
+    selevel: '{{ iteml.selevel | default(omit) }}'
+    serole: '{{ item.serole | default(omit) }}'
+    setype: '{{ item.setype | default(omit) }}'
+    seuser: '{{ item.seuser | default(omit) }}'
+    src: '{{ item.src }}'
+  loop: '{{ ensure_dovecot.template_list }}'
+  loop_control:
+    label: '{{ item.dest }} will be ensured'
+  notify:
+    - 'ensure_dovecot.package_facts'
+    - 'ensure_dovecot.service_facts'
+    - 'ensure_dovecot.service_reload'
+    - 'ensure_dovecot.services'
+- name: 'ensure firewall'
+  when:
+    - ansible_system == 'Linux'
+    - packages["firewalld"] is defined
+    - packages["python3-firewall"] is defined
+    - ensure_dovecot is defined
+    - ensure_dovecot.firewall_list is defined
+    - ensure_dovecot.firewall_list is iterable
+  ansible.posix.firewalld:
+    permanent: '{{ item.permanent }}'
+    service: '{{ item.service }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_dovecot.firewall_list }}'
+  loop_control:
+    label: '{{ item.service }} will be {{ item.state }}'
+- name: 'ensure services'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_dovecot is defined
+    - ensure_dovecot.service_list is defined
+    - ensure_dovecot.service_list is iterable
+  ansible.builtin.service:
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_dovecot.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_dovecot.package_facts'
+    - 'ensure_dovecot.service_facts'
+- name: 'flush handlers'
+  meta: 'flush_handlers'