#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Install Postfix for SES
  block:
    - name: Install Postfix
      apt:
        name:
          - postfix
    - name: Template out configuration
      template:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
      loop:
        - { src: "main.cf", dest: "/etc/postfix/main.cf", mode: "0644" }
      notify: restart postfix
    - name: Template out password
      template:
        src: sasl_passwd
        dest: /etc/postfix/sasl_passwd
        mode: "0640"
        owner: root
        group: postfix
      notify: restart postfix
      register: p
    - name: Look for password database
      stat:
        path: /etc/postfix/sasl_passwd.db
      register: s
    - name: Regenerate password database
      command:
        cmd: postmap /etc/postfix/sasl_passwd
      notify: restart postfix
      when: p is changed or not s.stat.exists
    - name: Tighten permissions on sasl_passwd.db
      file:
        path: /etc/postfix/sasl_passwd.db
        mode: "0640"
        owner: root
        group: postfix
    - name: Enable service
      systemd:
        name: postfix
        enabled: yes
        state: started
  become: yes