Getting started
Default configuration
The Postwhite script will be installed on its own UNIX system account and executed as an unprivileged user. By default the script will be executed daily by a wrapper to update the SPF whitelists; list of Yahoo! SMTP clients will be updated weekly.
On the first run of the role, the Postwhite whitelist will be updated in the background, since it takes ~5 minutes to do so. The wrapper script configured by the role will automatically reload Postfix when the new whitelist is generated.
Example inventory
To install and configure Postwhite on a host, it needs to be present in the
[debops_service_postwhite]
Ansible inventory group. The Postfix server
should also be configured beforehand, with Postscreen enabled.
[debops_service_postfix]
hostname
[debops_service_postscreen]
hostname
[debops_service_postwhite]
hostname
Example playbook
If you are using this role without DebOps, here's an example Ansible playbook
that uses the debops.postwhite
role:
---
- name: Manage Postwhite service
collections: [ 'debops.debops', 'debops.roles01',
'debops.roles02', 'debops.roles03' ]
hosts: [ 'debops_service_postwhite' ]
become: True
environment: '{{ inventory__environment | d({})
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
pre_tasks:
- name: Prepare postfix environment
ansible.builtin.import_role:
name: 'postfix'
tasks_from: 'main_env'
vars:
postfix__dependent_maincf:
- role: 'postwhite'
config: '{{ postwhite__postfix__dependent_maincf }}'
when: (ansible_local | d() and ansible_local.postfix | d() and
(ansible_local.postfix.installed | d()) | bool)
tags: [ 'role::postfix', 'role::secret' ]
roles:
- role: secret
tags: [ 'role::secret', 'role::postfix' ]
secret__directories:
- '{{ postfix__secret__directories }}'
when: (ansible_local | d() and ansible_local.postfix | d() and
(ansible_local.postfix.installed | d()) | bool)
- role: postfix
tags: [ 'role::postfix', 'skip::postfix' ]
postfix__dependent_maincf:
- role: 'postwhite'
config: '{{ postwhite__postfix__dependent_maincf }}'
when: (ansible_local | d() and ansible_local.postfix | d() and
(ansible_local.postfix.installed | d()) | bool)
- role: postwhite
tags: [ 'role::postwhite', 'skip::postwhite' ]