From c41dfc09ac0316b39c3034de5a9534ed8adf8c1b Mon Sep 17 00:00:00 2001
From: "don.sizemore" <don.sizemore@github.com>
Date: Mon, 7 Dec 2020 13:44:02 -0500
Subject: [PATCH] #103 use main.cf template for rhel/centos8 for idempotence's
 sake

---
 tasks/postfix.yml    | 29 +++++++++++------------------
 templates/main.cf.j2 | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 18 deletions(-)
 create mode 100644 templates/main.cf.j2

diff --git a/tasks/postfix.yml b/tasks/postfix.yml
index 4b6d555..35991dc 100644
--- a/tasks/postfix.yml
+++ b/tasks/postfix.yml
@@ -1,27 +1,20 @@
 ---
 
 - name: install postfix
-  yum:
+  package:
     name: postfix
     state: latest
 
-- name: set public hostname
-  lineinfile:
-    path: /etc/postfix/main.cf
-    line: 'myhostname = {{ public_hostname }}'
-    insertbefore: '^#myhostname'
-
-- name: set mydomain
-  lineinfile:
-    path: /etc/postfix/main.cf
-    line: 'mydomain = {{ public_hostname }}'
-    insertbefore: '^#mydomain'
-
-- name: set origin hostname
-  lineinfile:
-    path: /etc/postfix/main.cf
-    line: 'myorigin = {{ public_hostname }}'
-    insertbefore: '^#myorigin'
+- name: place main.cf template
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main.cf
+    owner: root
+    group: root
+    mode: '0644'
+  when:
+  - ansible_os_family == "RedHat"
+  - ansible_distribution_major_version == "8"
 
 - name: enable and start postfix
   systemd:
diff --git a/templates/main.cf.j2 b/templates/main.cf.j2
new file mode 100644
index 0000000..162003e
--- /dev/null
+++ b/templates/main.cf.j2
@@ -0,0 +1,34 @@
+compatibility_level = 2
+queue_directory = /var/spool/postfix
+command_directory = /usr/sbin
+daemon_directory = /usr/libexec/postfix
+data_directory = /var/lib/postfix
+mail_owner = postfix
+myhostname = {{ ansible_fqdn }}
+myorigin = $myhostname
+inet_interfaces = localhost
+inet_protocols = all
+mydestination = $myhostname, localhost.$mydomain, localhost
+unknown_local_recipient_reject_code = 550
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+debug_peer_level = 2
+debugger_command =
+	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+	 ddd $daemon_directory/$process_name $process_id & sleep 5
+sendmail_path = /usr/sbin/sendmail.postfix
+newaliases_path = /usr/bin/newaliases.postfix
+mailq_path = /usr/bin/mailq.postfix
+setgid_group = postdrop
+html_directory = no
+manpage_directory = /usr/share/man
+sample_directory = /usr/share/doc/postfix/samples
+readme_directory = /usr/share/doc/postfix/README_FILES
+smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
+smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
+smtpd_tls_security_level = may
+smtp_tls_CApath = /etc/pki/tls/certs
+smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
+smtp_tls_security_level = may
+meta_directory = /etc/postfix
+shlib_directory = /usr/lib64/postfix