# vim: ft=yaml.ansible
---
- name: create mailu volume folders
  file:
    name: "{{ services.mailu.volume_folder }}/{{ volume }}"
    state: directory
  loop:
    - redis
    - certs
    - data
    - dkim
    - mail
    - mailqueue
    - filter
    - postgres
    - webmail
    - overrides
    - overrides/nginx
    - overrides/dovecot
    - overrides/postfix
    - overrides/rspamd
    - overrides/rainloop
  loop_control:
    loop_var: volume

- name: upload mailu.env file
  template:
    src: mailu.env.j2
    dest: "{{ services.mailu.volume_folder}}/mailu.env"

- name: hard link to Let's Encrypt TLS certificate
  file:
    src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/fullchain.pem"
    dest: "{{ services.mailu.volume_folder }}/certs/cert.pem"
    state: hard
    force: yes
  when: letsencrypt_enabled

- name: hard link to Let's Encrypt TLS key
  file:
    src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/key.pem"
    dest: "{{ services.mailu.volume_folder }}/certs/key.pem"
    state: hard
    force: yes
  when: letsencrypt_enabled

- name: run mail server containers
  docker_compose:
    project_name: mail_server
    pull: yes
    definition:
      version: '3.6'
      services:
        postgres:
          image: postgres:14-alpine
          restart: always
          environment:
            POSTGRES_DB: mailu
            POSTGRES_USER: mailu
            POSTGRES_PASSWORD: "{{ postgres_passwords.mailu }}"
          volumes:
            - "{{ services.mailu.volume_folder }}/postgres:/var/lib/postgresql/data"
          dns:
            - "{{ services.mailu.dns }}"

        redis:
          image: redis:alpine
          restart: always
          volumes:
            - "{{ services.mailu.volume_folder }}/redis:/data"
          depends_on:
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        front:
          image: mailu/nginx:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          environment:
            VIRTUAL_HOST: "{{ services.mailu.domain }}"
            LETSENCRYPT_HOST: "{{ services.mailu.domain }}"
            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
          volumes:
            - "{{ services.mailu.volume_folder }}/certs:/certs"
            - "{{ services.mailu.volume_folder }}/overrides/nginx:/overrides:ro"
          expose:
            - "80"
          ports:
            - "993:993"
            - "25:25"
            - "587:587"
            - "465:465"
          networks:
            - default
            - external_services

        resolver:
          image: mailu/unbound:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          networks:
            default:
              ipv4_address: "{{ services.mailu.dns }}"

        admin:
          image: mailu/admin:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/data:/data"
            - "{{ services.mailu.volume_folder }}/dkim:/dkim"
          depends_on:
            - redis
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        imap:
          image: mailu/dovecot:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/mail:/mail"
            - "{{ services.mailu.volume_folder }}/overrides/dovecot:/overrides:ro"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        smtp:
          image: mailu/postfix:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/mailqueue:/queue"
            - "{{ services.mailu.volume_folder }}/overrides/postfix:/overrides:ro"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        antispam:
          image: mailu/rspamd:{{ services.mailu.version }}
          hostname: antispam
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/filter:/var/lib/rspamd"
            - "{{ services.mailu.volume_folder }}/overrides/rspamd:/etc/rspamd/override.d:ro"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        webmail:
          image: mailu/rainloop:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/webmail:/data"
            - "{{ services.mailu.volume_folder }}/overrides/rainloop:/overrides:ro"
          depends_on:
            - imap
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

      networks:
        default:
          driver: bridge
          ipam:
            driver: default
            config:
              - subnet: "{{ services.mailu.subnet }}"
        external_services:
          external:
            name: external_services