Convert to RHEL support

defaults/main.yml

@@ -29,6 +29,9 @@ msmtp_accounts:
 msmtp_default_account: yandex
 msmtp_domain:          yandex.com
 
+## Enable or disable automatic envelope-from addresses
+msmtp_auto_from: 'off'
+
 ## Logging (Select A) "syslog" or B) "file" logging or C) "no" log
 msmtp_log:       file
 msmtp_logfile:   ~/.msmtp.log
@@ -44,3 +47,5 @@ msmtp_test_mail_recipient: tester@example.org
 
 ## This will remove most other mail transfer agents such as postfix, exim,...!
 msmtp_remove_mtas: no
+
+msmtp_listen_interface: 127.0.0.1

files/msmtpd.service

@@ -0,0 +1,28 @@
+[Unit]
+Description=msmtp daemon
+Documentation=man:msmtpd(1)
+
+[Service]
+DynamicUser=true
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
+# NoNewPrivileges prevents the setgid mechanism from working
+# so since msmtp is setgid in order to read /etc/msmtprc, the
+# msmtp group need to be added in a different way
+SupplementaryGroups=msmtp
+
+Environment=INTERFACE=127.0.0.1 PORT=25
+EnvironmentFile=-/etc/sysconfig/msmtpd
+
+Type=simple
+ExecStart=/usr/bin/msmtpd --interface=${INTERFACE} --port=${PORT}
+
+Restart=always
+RestartSec=60
+
+ProtectHome=true
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target

handlers/main.yml

@@ -6,3 +6,10 @@
   when: msmtp_send_test_mail
   async: 30
   poll: 5
+
+- name: restart msmtpd
+  ansible.builtin.systemd:
+    state: restarted
+    daemon_reload: yes
+    name: msmtpd
+  when: ansible_os_family == "RedHat"

meta/main.yml

@@ -1,26 +0,0 @@
-galaxy_info:
-  author: Adham Helal, Christian Wagner
-  description: "Deploy msmtp mailer on Debian and Ubuntu"
-  min_ansible_version: 2.4
-  license: Apache
-  platforms:
-  - name: Debian
-    versions:
-    - jessie
-    - stretch
-    - buster
-  - name: Ubuntu
-    versions:
-    - trusty
-    - xenial
-    - bionic
-  - name: ArchLinux
-    versions:
-    - any
-  - name: Alpine
-    versions:
-    - any
-  tags:
-  - mail
-  - system
-  - networking

tasks/main.yml

@@ -5,88 +5,71 @@
 # Fix: Check if mailserver is ready, as Test mail will only work,
 # if msmtp is setup after the mailserver is already configured
 
-- name: Update apt cache.
+- name: Copy RPM file to server
-  apt:
+  copy:
-    update_cache: yes
+    src: msmtp-1.8.14-1.el8.x86_64.rpm
-    upgrade: "no"
+    dest: /tmp/msmtp-1.8.14-1.el8.x86_64.rpm
-    cache_valid_time: 14400 # 4 hours
+  when: ansible_os_family == "RedHat"
-  tags: mail
-  when: ansible_os_family == "Debian"
 
-- name: Remove other MTAs.
+- name: Copy systemd unit file to server
-  apt:
+  copy:
-    name: "{{ packages }}"
+    src: msmtpd.service
-    state: absent
+    dest: /etc/systemd/system/msmtpd.service
-    autoremove: yes
+  when: ansible_os_family == "RedHat"
-    purge: yes
-  vars:
-    packages:
-    - exim4*
-    - postfix*
-    - sendmail*
-  tags:
-    - mail
-  when:
-    - msmtp_remove_mtas
-    - ansible_os_family == "Debian"
 
-- name: Install msmtp and mailx on Debian.
+- name: enable daemon
-  apt:
+  ansible.builtin.systemd:
-    name: "{{ packages }}"
+    name: msmtpd
+    enabled: yes
+    masked: no
+    daemon_reload: yes
+  when: ansible_os_family == "RedHat"
+
+- name: Install msmtp
+  yum:
+    name:
+      - /tmp/msmtp-1.8.14-1.el8.x86_64.rpm
+      - mailx
     state: present
-  vars:
+    disable_gpg_check: yes
-    packages:
+  when: ansible_os_family == "RedHat"
-    - msmtp-mta
-    - bsd-mailx
-  tags: mail
-  notify: test mail
-  when: ansible_os_family == "Debian"
 
-- name: Install msmtp and s-nail on Archlinux.
+- name: Ensure group "msmtp" exists
-  pacman:
+  group:
-    name: "{{ packages }}"
+    name: msmtp
     state: present
-  vars:
+  when: ansible_os_family == "RedHat"
-    packages:
-    - msmtp
-    - msmtp-mta
-    - s-nail
-  when: ansible_os_family == "Archlinux"
-
-- name: Install msmtp and mailx on Alpine.
-  apk:
-    name: "{{ packages }}"
-    state: present
-    update_cache: no
-  vars:
-    packages:
-    - msmtp
-    - mailx
-  when: ansible_os_family == "Alpine"
-
-- name: Overwrite busybox sendmail link to point to mSMTP.
-  file:
-    src: /usr/bin/msmtp
-    dest: /usr/sbin/sendmail
-    state: link
-  when: ansible_os_family == "Alpine"
 
 - name: Copy mstprc conf file.
   template:
      src: msmtprc.j2
      dest: /etc/msmtprc
      owner: root
-     group: root
+     group: msmtp
-     mode: 0644
+     mode: 0640
   tags: mail
-  notify: test mail
+  notify:
+    - test mail
+    - restart msmtpd
 
 - name: Copy aliases conf file.
   template:
-    src: aliases.j2
+    src: aliases-rhel.j2
     dest: /etc/aliases
     owner: root
     group: root
     mode: 0644
   tags: mail
-  notify: test mail
+  notify:
+    - test mail
+    - restart msmtpd
+  when: ansible_os_family == "RedHat"
+
+- name: Copy sysconfig file.
+  template:
+    src: sysconfig.j2
+    dest: /etc/sysconfig/msmtpd
+  notify:
+    - test mail
+    - restart msmtpd
+  when: ansible_os_family == "RedHat"

templates/aliases-rhel.j2

@@ -0,0 +1,98 @@
+# {{ ansible_managed }}
+#
+#  Aliases in this file will NOT be expanded in the header from
+#  Mail, but WILL be visible over networks or from /bin/mail.
+#
+#       >>>>>>>>>>      The program "newaliases" must be run after
+#       >> NOTE >>      this file is updated for any changes to
+#       >>>>>>>>>>      show through to sendmail.
+#
+
+# Basic system aliases -- these MUST be present.
+mailer-daemon:  postmaster
+postmaster:     root
+
+# General redirections for pseudo accounts.
+bin:            root
+daemon:         root
+adm:            root
+lp:             root
+sync:           root
+shutdown:       root
+halt:           root
+mail:           root
+news:           root
+uucp:           root
+operator:       root
+games:          root
+gopher:         root
+ftp:            root
+nobody:         root
+radiusd:        root
+nut:            root
+dbus:           root
+vcsa:           root
+canna:          root
+wnn:            root
+rpm:            root
+nscd:           root
+pcap:           root
+apache:         root
+webalizer:      root
+dovecot:        root
+fax:            root
+quagga:         root
+radvd:          root
+pvm:            root
+amandabackup:           root
+privoxy:        root
+ident:          root
+named:          root
+xfs:            root
+gdm:            root
+mailnull:       root
+postgres:       root
+sshd:           root
+smmsp:          root
+postfix:        root
+netdump:        root
+ldap:           root
+squid:          root
+ntp:            root
+mysql:          root
+desktop:        root
+rpcuser:        root
+rpc:            root
+nfsnobody:      root
+pcp:            root
+
+ingres:         root
+system:         root
+toor:           root
+manager:        root
+dumper:         root
+abuse:          root
+
+newsadm:        news
+newsadmin:      news
+usenet:         news
+ftpadm:         ftp
+ftpadmin:       ftp
+ftp-adm:        ftp
+ftp-admin:      ftp
+www:            webmaster
+webmaster:      root
+noc:            root
+security:       root
+hostmaster:     root
+info:           postmaster
+marketing:      postmaster
+sales:          postmaster
+support:        postmaster
+
+
+# trap decode to catch security attacks
+decode:         root
+
+# Person who should get root's mail
+root: {{ msmtp_alias_root if msmtp_alias_root is defined else msmtp_alias_default }}

templates/aliases.j2

@@ -1,10 +0,0 @@
-# {{ ansible_managed }}
-#### /etc/aliases
-#root mail
-root:  {{ msmtp_alias_root if msmtp_alias_root is defined else msmtp_alias_default }}
-
-#cron mail
-cron: {{ msmtp_alias_cron if msmtp_alias_cron is defined else msmtp_alias_default }}
-
-#default all other mails
-default: {{msmtp_alias_default}}

templates/msmtprc.j2

@@ -23,7 +23,9 @@ logfile  {{msmtp_logfile}}
 # default is localhost. Use domain part of your email address or FQDN of host.
 domain {{msmtp_domain}}
 # default is off. When on, an envelope-from address of the form user@domain will be generated.
-auto_from off
+auto_from {{msmtp_auto_from}}
+# Set a domain part for the generation of an envelope-from address (auto_from)
+maildomain {{msmtp_domain}}
 # The default is to remove BCC headers.
 # remove_bcc_headers  on|off
 

templates/sysconfig.j2

@@ -0,0 +1,2 @@
+# {{ ansible_managed }}
+INTERFACE={{msmtp_listen_interface}}