├── .gitignore ├── README.md ├── group_vars └── all ├── hosts ├── playbooks ├── zimbra-dns.yml ├── zimbra-ldap.yml ├── zimbra-mailbox.yml └── zimbra-mta.yml └── roles ├── base ├── files │ └── .keep ├── tasks │ └── main.yml ├── templates │ ├── hosts.j2 │ └── resolv.j2 └── vars │ └── main.yml ├── zimbra-dns ├── tasks │ └── main.yml ├── templates │ ├── example.zone.j2 │ └── named.conf.j2 └── vars │ └── main.yml ├── zimbra-ldap ├── tasks │ └── main.yml ├── templates │ └── ldap.j2 └── vars │ └── main.yml ├── zimbra-mailbox ├── tasks │ └── main.yml ├── templates │ └── mailbox.j2 └── vars │ └── main.yml └── zimbra-mta ├── tasks └── main.yml ├── templates └── mta.j2 └── vars └── main.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | *.tgz 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Module to install Zimbra multiserver from Ansible 2 | 3 | Requirements 4 | ------------ 5 | 6 | * CentOS/RHEL 6, 7 7 | * Correctly configure fqdn on virtual machine 8 | * You have download Zimbra tgz and copy into `role/base/files` 9 | 10 | 11 | Roles description 12 | ----------------- 13 | 14 | 1. `base`: Install the minimal packages, disable service, copy zimbra tgz, etc. 15 | 2. `zimbra-dns`: Install and configure the DNS service with information from global var (domain default, ip servers). 16 | 3. `zimbra-ldap`: Install and configure the Zimbra Ldap server 17 | 3. `zimbra-mailbox`: Install and configure the Zimbra Mailbox server 18 | 3. `zimbra-mta`: Install and configure the Zimbra MTA server 19 | 20 | Variables 21 | --------- 22 | 23 | Configure global variables into `grop_vars/main.yml` file 24 | * `default_domain`: Default domain 25 | * `zimbra_mailbox_fqdn`: FQDN to mailbox server 26 | * `zimbra_ldap_fqdn`: FQDN to ldap server 27 | * `zimbra_mta_fqdn`: FQDN to mta server 28 | * `zimbra_password`: Password to ldap users (amavis, ladp replica, nginx, etc) . For more information you can see the `roles/zimbra-ldap/templates/ldap.j2`. 29 | * `zimbra_tgz_name`: Zimbra tgz name 30 | * `zimbra_folder_name`: Zimbra folder uncompressed 31 | * `zimbra_path`: Zimbra path 32 | * `zimbra_ldap_ip`: Ldap server ip 33 | * `zimbra_mailbox_ip`: Mailbox server ip 34 | * `zimbra_mta_ip`: Mta server ip 35 | 36 | The private variables into: 37 | * From Zimbra Ldap: `roles/zimbra-ldap/vars/main.yml` 38 | * From Zimbra Mailbox: `roles/zimbra-mailbox/vars/main.yml` 39 | * From Zimbra MTA: `roles/zimbra-mta/vars/main.yml` 40 | 41 | Instalation 42 | ----------- 43 | Role instalation is: 44 | 45 | 1. Zimbra DNS 46 | 1. Zimbra Ldap 47 | 2. Zimbra Mailbox 48 | 3. Zimbra MTA 49 | 50 | Execute Playbook 51 | ---------------- 52 | 1. Install Zimbra Ldap Role 53 | ```yml 54 | ansible-playbook -i hosts playbooks/zimbra-ldap.yml 55 | ``` 56 | 57 | 2. Install Zimbra Mailbox Role 58 | ```yml 59 | ansible-playbook -i hosts playbooks/zimbra-mailbox.yml 60 | ``` 61 | 62 | 3. Install Zimbra MTA Role 63 | ```yml 64 | ansible-playbook -i hosts playbooks/zimbra-mta.yml 65 | ``` 66 | -------------------------------------------------------------------------------- /group_vars/all: -------------------------------------------------------------------------------- 1 | #comentar atom: cmd + alt + / 2 | 3 | #Global var 4 | default_domain: example.com 5 | zimbra_mailbox_fqdn: mailbox.example.com 6 | zimbra_ldap_fqdn: ldap.example.com 7 | zimbra_mta_fqdn: mta.example.com 8 | zimbra_password: zimbra.lab 9 | zimbra_tgz_name: zcs-8.6.0_GA_1153.RHEL6_64.20141215151155.tgz 10 | zimbra_folder_name: zcs-8.6.0_GA_1153.RHEL6_64.20141215151155 11 | zimbra_path: /opt/zimbra 12 | zmprov: /opt/zimbra/bin/zmprov 13 | 14 | #Zimbra server 15 | zimbra_ldap_ip: 10.10.0.71 16 | zimbra_mailbox_ip: 10.10.0.73 17 | zimbra_mta_ip: 10.10.0.72 18 | 19 | #Zimbra kickstart 20 | zimbra_ldap_config_file: zimbra_ldap.conf 21 | zimbra_mailbox_config_file: zimbra_mailbox.conf 22 | zimbra_mta_config_file: zimbra_mta.conf 23 | 24 | #Zimbra command 25 | zmsetup: /opt/zimbra/libexec/zmsetup.pl 26 | 27 | #Zimbra RPM 28 | zimbra_core_rpm: zimbra-core-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 29 | zimbra_ldap_rpm: zimbra-ldap-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 30 | zimbra_logger_rpm: zimbra-logger-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 31 | zimbra_snmp_rpm: zimbra-snmp-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 32 | zimbra_store_rpm: zimbra-store-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 33 | zimbra_apache_rpm: zimbra-apache-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 34 | zimbra_spell_rpm: zimbra-spell-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 35 | zimbra_mta_rpm: zimbra-mta-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 36 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | # This is the default ansible 'hosts' file. 2 | # 3 | # It should live in /etc/ansible/hosts 4 | # 5 | # - Comments begin with the '#' character 6 | # - Blank lines are ignored 7 | # - Groups of hosts are delimited by [header] elements 8 | # - You can enter hostnames or ip addresses 9 | # - A hostname/ip can be a member of multiple groups 10 | 11 | # Ex 1: Ungrouped hosts, specify before any group headers. 12 | 13 | ## green.example.com 14 | ## blue.example.com 15 | ## 192.168.100.1 16 | ## 192.168.100.10 17 | 18 | # Ex 2: A collection of hosts belonging to the 'webservers' group 19 | 20 | [ldap] 21 | 10.10.0.71 22 | 23 | [mailbox] 24 | 10.10.0.73 25 | 26 | [mta] 27 | 10.10.0.72 28 | -------------------------------------------------------------------------------- /playbooks/zimbra-dns.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: ldap 3 | remote_user: root 4 | roles: 5 | - ../roles/zimbra-dns 6 | -------------------------------------------------------------------------------- /playbooks/zimbra-ldap.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: ldap 3 | remote_user: root 4 | roles: 5 | - ../roles/zimbra-dns 6 | - ../roles/base 7 | - ../roles/zimbra-ldap 8 | -------------------------------------------------------------------------------- /playbooks/zimbra-mailbox.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: mailbox 3 | remote_user: root 4 | roles: 5 | - ../roles/base 6 | - ../roles/zimbra-mailbox 7 | -------------------------------------------------------------------------------- /playbooks/zimbra-mta.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: mta 3 | remote_user: root 4 | roles: 5 | - ../roles/base 6 | - ../roles/zimbra-mta 7 | -------------------------------------------------------------------------------- /roles/base/files/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mcoam/ansible_zimbra_multiserver/e2f9c34df927abd673948f419c7ec2d017bc5c53/roles/base/files/.keep -------------------------------------------------------------------------------- /roles/base/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Copy SSH Keys" 4 | authorized_key: user=root key="{{ lookup('file', '/Users/Miguel/.ssh/id_dsa.pub') }}" 5 | 6 | - name: "Copy hosts" 7 | template: src=hosts.j2 dest=/etc/hosts 8 | 9 | - name: "Install epel" 10 | yum: name=epel-release state=present 11 | 12 | - name: "Copy resolv file" 13 | template: src=resolv.j2 dest=/etc/resolv.conf mode=0644 14 | 15 | - name: "Install packages" 16 | yum: name={{ item }} state=present 17 | with_items: 18 | - "{{ system_packages }}" 19 | #- "{{ groups_packages }}" 20 | - "{{ zimbra_packages }}" 21 | tags: packages 22 | 23 | - name: "Disabling service" 24 | service: name={{ item }} enabled=no 25 | with_items: 26 | - "{{ disabling_service }}" 27 | tags: disabling 28 | ignore_errors: yes 29 | 30 | - name: "Copy Zimbra TGZ" 31 | copy: src={{ zimbra_tgz_name }} dest=/root/ 32 | tags: zimbra_tgz 33 | 34 | - name: "Check Zimbra TGZ file exists" 35 | stat: path=/root/{{ zimbra_tgz_name }} 36 | register: file_tgz 37 | 38 | #da error si el archvo no fue copiado 39 | - fail: msg="File isn't copy" 40 | when: file_tgz.stat.exists == False 41 | 42 | - name: "Uncompress Zimbra TGZ" 43 | unarchive: src=/root/{{ zimbra_tgz_name }} dest=/root/ copy=no 44 | tags: uncompress 45 | -------------------------------------------------------------------------------- /roles/base/templates/hosts.j2: -------------------------------------------------------------------------------- 1 | 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 2 | ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 3 | 4 | 5 | {{ zimbra_ldap_ip }} {{ zimbra_ldap_fqdn }} ldap 6 | {{ zimbra_mailbox_ip }} {{ zimbra_mailbox_fqdn }} mailbox 7 | {{ zimbra_mta_ip }} {{ zimbra_mta_fqdn }} mta 8 | -------------------------------------------------------------------------------- /roles/base/templates/resolv.j2: -------------------------------------------------------------------------------- 1 | search {{ default_domain }} 2 | nameserver 127.0.0.1 3 | nameserver 8.8.8.8 4 | -------------------------------------------------------------------------------- /roles/base/vars/main.yml: -------------------------------------------------------------------------------- 1 | #--- 2 | system_packages: 3 | - tar 4 | - wget 5 | - curl 6 | - sysstat 7 | - wget 8 | - links 9 | - ntp 10 | - ntpdate 11 | - strace 12 | - telnet 13 | - nmap 14 | - traceroute 15 | - bind-utils 16 | - tcpdump 17 | - tzdata 18 | - vim 19 | - dos2unix 20 | - libselinux-python 21 | - python-pycurl 22 | - parted 23 | - cronie 24 | - lsof 25 | - at 26 | - irqbalance 27 | - rsync 28 | - openssh-clients 29 | - libaio 30 | - net-tools 31 | 32 | # groups_packages: 33 | # - "@Development tools" 34 | # - "@Development libraries" 35 | 36 | zimbra_packages: 37 | - nc 38 | - sudo 39 | - libidn 40 | - gmp 41 | - libaio 42 | - libstdc++ 43 | - unzip 44 | - perl-5.10.1 45 | - sysstat 46 | - sqlite 47 | - libreoffice 48 | - libreoffice-headless 49 | 50 | disabling_service: 51 | - portmap 52 | - postfix 53 | - nfslock 54 | - rpcgssd 55 | - rpcidmapd 56 | - autofs 57 | - iptables 58 | -------------------------------------------------------------------------------- /roles/zimbra-dns/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Install named" 4 | yum: name={{ item }} state=present 5 | with_items: 6 | - bind 7 | - bind-utils 8 | - bind-libs 9 | 10 | - name: "Copy DNS config file" 11 | template: src=named.conf.j2 dest=/etc/named.conf mode=0644 12 | tags: named 13 | 14 | - name: "Copy DNS zone file" 15 | template: src=example.zone.j2 dest=/var/named/example.com.zone owner=named group=named mode=0644 16 | tags: zone 17 | 18 | - name: "Start DNS service" 19 | service: name=named state=started enabled=yes 20 | 21 | - name: "Change resolver" 22 | lineinfile: dest=/etc/resolv.conf regexp=^nameserver line="nameserver 127.0.0.1" 23 | -------------------------------------------------------------------------------- /roles/zimbra-dns/templates/example.zone.j2: -------------------------------------------------------------------------------- 1 | $TTL 3600 2 | @ IN SOA ns.{{ default_domain }}. root ( 3 | 2016030901 ; serial (d. adams) 4 | 3H ; refresh 5 | 15M ; retry 6 | 1W ; expiry 7 | 1D ) ; minimum 8 | 9 | IN NS ns.{{ default_domain }}. 10 | IN A {{ ansible_default_ipv4.address }} 11 | IN MX 5 mta.{{ default_domain }}. 12 | ns IN A {{ ansible_default_ipv4.address }} 13 | ldap IN A {{ ansible_default_ipv4.address }} 14 | mta IN A {{ zimbra_mta_ip }} 15 | mailbox IN A {{ zimbra_mailbox_ip }} 16 | -------------------------------------------------------------------------------- /roles/zimbra-dns/templates/named.conf.j2: -------------------------------------------------------------------------------- 1 | options { 2 | listen-on port 53 { any; }; 3 | // listen-on-v6 port 53 { ::1; }; 4 | directory "/var/named"; 5 | dump-file "/var/named/data/cache_dump.db"; 6 | statistics-file "/var/named/data/named_stats.txt"; 7 | memstatistics-file "/var/named/data/named_mem_stats.txt"; 8 | allow-query { any; }; 9 | recursion yes; 10 | 11 | /* Path to ISC DLV key */ 12 | bindkeys-file "/etc/named.iscdlv.key"; 13 | 14 | managed-keys-directory "/var/named/dynamic"; 15 | }; 16 | 17 | logging { 18 | channel default_debug { 19 | file "data/named.run"; 20 | severity dynamic; 21 | }; 22 | }; 23 | 24 | zone "." IN { 25 | type hint; 26 | file "named.ca"; 27 | }; 28 | 29 | zone "{{ ansible_domain }}" IN { 30 | type master; 31 | file "{{ ansible_domain }}.zone"; 32 | }; 33 | 34 | 35 | include "/etc/named.rfc1912.zones"; 36 | include "/etc/named.root.key"; 37 | -------------------------------------------------------------------------------- /roles/zimbra-dns/vars/main.yml: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /roles/zimbra-ldap/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Copy Ldap config file" 4 | template: src=ldap.j2 dest=/root/{{ zimbra_ldap_config_file }} 5 | 6 | - name: "Start DNS service" 7 | service: name=named state=started enabled=yes 8 | 9 | - name: "Check Zimbra Path exists" 10 | stat: path=/root/{{ zimbra_folder_name }} 11 | register: zimbra_folder 12 | # 13 | # - debug: var=zimbra_folder 14 | # 15 | # #da error si el /root/zcs-8.6.0_GA_1153... no existe y se cae 16 | - name: "Zimbra Path exists result" 17 | fail: msg="Zimbra folder not exits" 18 | when: zimbra_folder.stat.exists == False 19 | 20 | - name: "Install Ldap RPM" 21 | yum: name=/root/{{ zimbra_folder_name }}/packages/{{ item }} state=present 22 | with_items: 23 | - "{{ zimbra_core_rpm }}" 24 | - "{{ zimbra_ldap_rpm }}" 25 | tags: ldap_rpm 26 | run_once: true 27 | 28 | - name: "Install the Zimbra from 'zimbra_ldap.conf' file" 29 | shell: /opt/zimbra/libexec/zmsetup.pl -c {{ zimbra_ldap_config_file }} chdir=/root/ 30 | #shell: /opt/zimbra/libexec/zmsetup.pl -c zimbra_ldap.conf chdir=/root/ 31 | args: 32 | creates: /opt/zimbra/ssl/zimbra 33 | tags: zmsetup 34 | -------------------------------------------------------------------------------- /roles/zimbra-ldap/templates/ldap.j2: -------------------------------------------------------------------------------- 1 | ldap_nginx_password="{{ zimbra_password }}" 2 | CREATEADMINPASS="{{ zimbra_password }}" 3 | LDAPAMAVISPASS="{{ zimbra_password }}" 4 | LDAPPOSTPASS="{{ zimbra_password }}" 5 | LDAPROOTPASS="{{ zimbra_password }}" 6 | LDAPADMINPASS="{{ zimbra_password }}" 7 | LDAPREPPASS="{{ zimbra_password }}" 8 | ldap_nginx_password="{{ zimbra_password }}" 9 | ldap_bes_searcher_password="{{ zimbra_password }}" 10 | AVDOMAIN="" 11 | AVUSER="admin@{{ default_domain }}" 12 | CREATEADMIN="admin@{{ default_domain }}" 13 | CREATEDOMAIN="{{ default_domain }}" 14 | DOCREATEADMIN="no" 15 | DOCREATEDOMAIN="yes" 16 | EXPANDMENU="yes" 17 | HOSTNAME="ldap.{{ default_domain }}" 18 | HTTPPORT="80" 19 | HTTPPROXY="FALSE" 20 | HTTPPROXYPORT="8080" 21 | HTTPSPORT="443" 22 | HTTPSPROXYPORT="8443" 23 | IMAPPORT="143" 24 | IMAPPROXYPORT="7143" 25 | IMAPSSLPORT="993" 26 | IMAPSSLPROXYPORT="7993" 27 | INSTALL_WEBAPPS="zimlet" 28 | JAVAHOME="/opt/zimbra/java" 29 | LDAPBESSEARCHSET="set" 30 | LDAPHOST="ldap.{{ default_domain }}" 31 | LDAPPORT="389" 32 | LDAPREPLICATIONTYPE="master" 33 | LDAPSERVERID="2" 34 | MAILBOXDMEMORY="256" 35 | MAILPROXY="FALSE" 36 | MODE="https" 37 | MYSQLMEMORYPERCENT="30" 38 | POPPORT="110" 39 | POPPROXYPORT="7110" 40 | POPSSLPORT="995" 41 | POPSSLPROXYPORT="7995" 42 | PROXYMODE="https" 43 | REMOVE="no" 44 | RUNVMHA="no" 45 | SMTPDEST="admin@{{ default_domain }}" 46 | SMTPHOST="" 47 | SMTPNOTIFY="yes" 48 | SMTPSOURCE="admin@{{ default_domain }}" 49 | SNMPNOTIFY="yes" 50 | SNMPTRAPHOST="ldap.{{ default_domain }}" 51 | SPELLURL="" 52 | STARTSERVERS="yes" 53 | SYSTEMMEMORY="1.0" 54 | UPGRADE="yes" 55 | USESPELL="no" 56 | ZIMBRA_REQ_SECURITY="yes" 57 | ldap_dit_base_dn_config="cn=zimbra" 58 | mailboxd_directory="/opt/zimbra/mailboxd" 59 | mailboxd_keystore="/opt/zimbra/conf/keystore" 60 | mailboxd_keystore_password="TxjhyU9D" 61 | mailboxd_truststore="/opt/zimbra/java/jre/lib/security/cacerts" 62 | mailboxd_truststore_password="changeit" 63 | ssl_default_digest="sha256" 64 | zimbraIPMode="ipv4" 65 | zimbraPrefTimeZoneId="America/Santiago" 66 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 67 | zimbra_require_interprocess_security="1" 68 | INSTALL_PACKAGES="zimbra-core zimbra-ldap " 69 | -------------------------------------------------------------------------------- /roles/zimbra-ldap/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mcoam/ansible_zimbra_multiserver/e2f9c34df927abd673948f419c7ec2d017bc5c53/roles/zimbra-ldap/vars/main.yml -------------------------------------------------------------------------------- /roles/zimbra-mailbox/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "Change DNS resolv" 3 | lineinfile: dest=/etc/resolv.conf regexp=^nameserver line=nameserver=10.10.0.71 4 | 5 | - name: "Copy Mailbox config file" 6 | template: src=mailbox.j2 dest=/root/{{ zimbra_mailbox_config_file }} 7 | 8 | - name: "Check Zimbra Path exists" 9 | stat: path=/root/{{ zimbra_folder_name }} 10 | register: zimbra_folder 11 | # 12 | # - debug: var=zimbra_folder 13 | # 14 | # #da error si el /root/zcs-8.6.0_GA_1153... no existe y se cae 15 | - name: "Zimbra Path exists result" 16 | fail: msg="Zimbra folder not exits" 17 | when: zimbra_folder.stat.exists == False 18 | 19 | - name: "Install Mailbox RPM" 20 | yum: name=/root/{{ zimbra_folder_name }}/packages/{{ item }} state=present 21 | with_items: 22 | - "{{ zimbra_core_rpm }}" 23 | - "{{ zimbra_logger_rpm }}" 24 | - "{{ zimbra_snmp_rpm }}" 25 | - "{{ zimbra_store_rpm }}" 26 | - "{{ zimbra_apache_rpm }}" 27 | - "{{ zimbra_spell_rpm }}" 28 | tags: mailbox_rpm 29 | run_once: true 30 | 31 | - name: "Install the Zimbra from 'zimbra_mailbox.conf' file" 32 | shell: /opt/zimbra/libexec/zmsetup.pl -c {{ zimbra_mailbox_config_file }} chdir=/root/ 33 | #shell: /opt/zimbra/libexec/zmsetup.pl -c zimbra_mailbox.conf chdir=/root/ 34 | args: 35 | creates: /opt/zimbra/ssl/zimbra 36 | tags: zmsetup 37 | -------------------------------------------------------------------------------- /roles/zimbra-mailbox/templates/mailbox.j2: -------------------------------------------------------------------------------- 1 | ldap_nginx_password="{{ zimbra_password }}" 2 | CREATEADMINPASS="{{ zimbra_password }}" 3 | LDAPAMAVISPASS="{{ zimbra_password }}" 4 | LDAPPOSTPASS="{{ zimbra_password }}" 5 | LDAPROOTPASS="{{ zimbra_password }}" 6 | LDAPADMINPASS="{{ zimbra_password }}" 7 | LDAPREPPASS="{{ zimbra_password }}" 8 | ldap_nginx_password="{{ zimbra_password }}" 9 | ldap_bes_searcher_password="{{ zimbra_password }}" 10 | AVDOMAIN="mailbox.{{ default_domain }}" 11 | AVUSER="admin@mailbox.{{ default_domain }}" 12 | CREATEADMIN="admin@{{ default_domain }}" 13 | CREATEDOMAIN="{{ default_domain }}" 14 | DOCREATEADMIN="yes" 15 | DOCREATEDOMAIN="no" 16 | DOTRAINSA="yes" 17 | ENABLEGALSYNCACCOUNTS="" 18 | EXPANDMENU="yes" 19 | HOSTNAME="mailbox.{{ default_domain }}" 20 | HTTPPORT="80" 21 | HTTPPROXY="FALSE" 22 | HTTPPROXYPORT="8080" 23 | HTTPSPORT="443" 24 | HTTPSPROXYPORT="8443" 25 | IMAPPORT="143" 26 | IMAPPROXYPORT="7143" 27 | IMAPSSLPORT="993" 28 | IMAPSSLPROXYPORT="7993" 29 | INSTALL_WEBAPPS="service zimlet zimbra zimbraAdmin" 30 | JAVAHOME="/opt/zimbra/java" 31 | LDAPDEFAULTSLOADED="1" 32 | LDAPHOST="ldap.{{ default_domain }}" 33 | LDAPPORT="389" 34 | MAILBOXDMEMORY="460" 35 | MAILPROXY="FALSE" 36 | MODE="both" 37 | MYSQLMEMORYPERCENT="30" 38 | POPPORT="110" 39 | POPPROXYPORT="7110" 40 | POPSSLPORT="995" 41 | POPSSLPROXYPORT="7995" 42 | PROXYMODE="https" 43 | REMOVE="no" 44 | RUNVMHA="no" 45 | SERVICEWEBAPP="yes" 46 | SMTPDEST="admin@{{ default_domain }}" 47 | SMTPHOST="mta.{{ default_domain }}" 48 | SMTPNOTIFY="yes" 49 | SMTPSOURCE="admin@{{ default_domain }}" 50 | SNMPNOTIFY="yes" 51 | SNMPTRAPHOST="mailbox.{{ default_domain }}" 52 | SPELLURL="http://mailbox.{{ default_domain }}:7780/aspell.php" 53 | STARTSERVERS="yes" 54 | SYSTEMMEMORY="1.8" 55 | TRAINSAHAM="nospam@{{ default_domain }}" 56 | TRAINSASPAM="spam@{{ default_domain }}" 57 | UIWEBAPPS="yes" 58 | UPGRADE="yes" 59 | USEKBSHORTCUTS="TRUE" 60 | USESPELL="yes" 61 | VERSIONUPDATECHECKS="TRUE" 62 | VIRUSQUARANTINE="virus@{{ default_domain }}" 63 | ZIMBRA_REQ_SECURITY="yes" 64 | ldap_dit_base_dn_config="cn=zimbra" 65 | mailboxd_directory="/opt/zimbra/mailboxd" 66 | mailboxd_keystore="/opt/zimbra/mailboxd/etc/keystore" 67 | mailboxd_keystore_password="2a9XM9ms" 68 | mailboxd_server="jetty" 69 | mailboxd_truststore="/opt/zimbra/java/jre/lib/security/cacerts" 70 | mailboxd_truststore_password="changeit" 71 | ssl_default_digest="sha256" 72 | zimbraDefaultDomainName="{{ default_domain }}" 73 | zimbraFeatureBriefcasesEnabled="Enabled" 74 | zimbraFeatureTasksEnabled="Enabled" 75 | zimbraIPMode="ipv4" 76 | zimbraMailProxy="FALSE" 77 | zimbraPrefTimeZoneId="America/Santiago" 78 | zimbraReverseProxyLookupTarget="TRUE" 79 | zimbraVersionCheckInterval="1d" 80 | zimbraVersionCheckNotificationEmail="admin@{{ default_domain }}" 81 | zimbraVersionCheckNotificationEmailFrom="admin@{{ default_domain }}" 82 | zimbraVersionCheckSendNotifications="TRUE" 83 | zimbraVersionCheckServer="" 84 | zimbraWebProxy="FALSE" 85 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 86 | zimbra_require_interprocess_security="1" 87 | INSTALL_PACKAGES="zimbra-core zimbra-logger zimbra-snmp zimbra-store zimbra-apache zimbra-spell " 88 | -------------------------------------------------------------------------------- /roles/zimbra-mailbox/vars/main.yml: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /roles/zimbra-mta/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "Change DNS resolv" 3 | lineinfile: dest=/etc/resolv.conf regexp=^nameserver line=nameserver=10.10.0.71 4 | 5 | - name: "Copy mta config file" 6 | template: src=mta.j2 dest=/root/{{ zimbra_mta_config_file }} 7 | 8 | - name: "Check Zimbra Path exists" 9 | stat: path=/root/{{ zimbra_folder_name }} 10 | register: zimbra_folder 11 | # 12 | # - debug: var=zimbra_folder 13 | # 14 | # #da error si el /root/zcs-8.6.0_GA_1153... no existe y se cae 15 | - name: "Zimbra Path exists result" 16 | fail: msg="Zimbra folder not exits" 17 | when: zimbra_folder.stat.exists == False 18 | 19 | - name: "Install mta RPM" 20 | yum: name=/root/{{ zimbra_folder_name }}/packages/{{ item }} state=present 21 | with_items: 22 | - "{{ zimbra_core_rpm }}" 23 | - "{{ zimbra_mta_rpm }}" 24 | tags: mta_rpm 25 | run_once: true 26 | 27 | - name: "Install the Zimbra from 'zimbra_mta.conf' file" 28 | shell: /opt/zimbra/libexec/zmsetup.pl -c {{ zimbra_mta_config_file }} chdir=/root/ 29 | #shell: /opt/zimbra/libexec/zmsetup.pl -c zimbra_mta.conf chdir=/root/ 30 | args: 31 | creates: /opt/zimbra/ssl/zimbra 32 | tags: zmsetup 33 | -------------------------------------------------------------------------------- /roles/zimbra-mta/templates/mta.j2: -------------------------------------------------------------------------------- 1 | ldap_nginx_password="{{ zimbra_password }}" 2 | CREATEADMINPASS="{{ zimbra_password }}" 3 | LDAPAMAVISPASS="{{ zimbra_password }}" 4 | LDAPPOSTPASS="{{ zimbra_password }}" 5 | LDAPROOTPASS="{{ zimbra_password }}" 6 | LDAPADMINPASS="{{ zimbra_password }}" 7 | LDAPREPPASS="{{ zimbra_password }}" 8 | ldap_nginx_password="{{ zimbra_password }}" 9 | ldap_bes_searcher_password="{{ zimbra_password }}" 10 | AVDOMAIN="" 11 | AVUSER="admin@{{ default_domain }}" 12 | CREATEADMIN="admin@{{ default_domain }}" 13 | CREATEDOMAIN="{{ default_domain }}" 14 | DOCREATEADMIN="no" 15 | DOCREATEDOMAIN="no" 16 | ENABLEGALSYNCACCOUNTS="" 17 | EXPANDMENU="no" 18 | HOSTNAME="mta.{{ default_domain }}" 19 | HTTPPORT="80" 20 | HTTPPROXY="FALSE" 21 | HTTPPROXYPORT="8080" 22 | HTTPSPORT="443" 23 | HTTPSPROXYPORT="8443" 24 | IMAPPORT="143" 25 | IMAPPROXYPORT="7143" 26 | IMAPSSLPORT="993" 27 | IMAPSSLPROXYPORT="7993" 28 | INSTALL_WEBAPPS="zimlet" 29 | JAVAHOME="/opt/zimbra/java" 30 | LDAPDEFAULTSLOADED="1" 31 | LDAPHOST="ldap.{{ default_domain }}" 32 | LDAPPORT="389" 33 | MAILBOXDMEMORY="460" 34 | MAILPROXY="FALSE" 35 | MODE="https" 36 | MYSQLMEMORYPERCENT="30" 37 | POPPORT="110" 38 | POPPROXYPORT="7110" 39 | POPSSLPORT="995" 40 | POPSSLPROXYPORT="7995" 41 | PROXYMODE="https" 42 | REMOVE="no" 43 | RUNARCHIVING="no" 44 | RUNAV="yes" 45 | RUNCBPOLICYD="no" 46 | RUNDKIM="yes" 47 | RUNSA="yes" 48 | RUNVMHA="no" 49 | SMTPDEST="admin@mta.{{ default_domain }}" 50 | SMTPHOST="mta.{{ default_domain }}" 51 | SMTPNOTIFY="yes" 52 | SMTPSOURCE="admin@mta.{{ default_domain }}" 53 | SNMPNOTIFY="yes" 54 | SNMPTRAPHOST="mta.{{ default_domain }}" 55 | SPELLURL="" 56 | STARTSERVERS="yes" 57 | SYSTEMMEMORY="1.8" 58 | TRAINSAHAM="nospam@{{ default_domain }}" 59 | TRAINSASPAM="spam@{{ default_domain }}" 60 | UPGRADE="yes" 61 | USEKBSHORTCUTS="TRUE" 62 | USESPELL="no" 63 | VERSIONUPDATECHECKS="TRUE" 64 | VIRUSQUARANTINE="virus@{{ default_domain }}" 65 | ZIMBRA_REQ_SECURITY="yes" 66 | ldap_dit_base_dn_config="cn=zimbra" 67 | mailboxd_directory="/opt/zimbra/mailboxd" 68 | mailboxd_keystore="/opt/zimbra/conf/keystore" 69 | mailboxd_keystore_password="T2uiX9vd3R" 70 | mailboxd_truststore="/opt/zimbra/java/jre/lib/security/cacerts" 71 | mailboxd_truststore_password="changeit" 72 | postfix_mail_owner="postfix" 73 | postfix_setgid_group="postdrop" 74 | ssl_default_digest="sha256" 75 | zimbraDefaultDomainName="{{ default_domain }}" 76 | zimbraFeatureBriefcasesEnabled="Enabled" 77 | zimbraFeatureTasksEnabled="Enabled" 78 | zimbraIPMode="ipv4" 79 | zimbraMtaMyNetworks="127.0.0.0/8 10.10.0.0/24 [::1]/128 [fe80::]/64" 80 | zimbraPrefTimeZoneId="America/Santiago" 81 | zimbraVersionCheckInterval="1d" 82 | zimbraVersionCheckNotificationEmail="admin@{{ default_domain }}" 83 | zimbraVersionCheckNotificationEmailFrom="admin@{{ default_domain }}" 84 | zimbraVersionCheckSendNotifications="TRUE" 85 | zimbraVersionCheckServer="020becfe-f69b-4f8d-9242-44266eb89579" 86 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 87 | zimbra_require_interprocess_security="1" 88 | INSTALL_PACKAGES="zimbra-core zimbra-mta " 89 | -------------------------------------------------------------------------------- /roles/zimbra-mta/vars/main.yml: -------------------------------------------------------------------------------- 1 | 2 | zimbra_core_rpm: zimbra-core-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 3 | zimbra_mta_rpm: zimbra-mta-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm 4 | 5 | zmsetup: /opt/zimbra/libexec/zmsetup.pl 6 | zimbra_mta_config_file: zimbra_mta.conf 7 | --------------------------------------------------------------------------------