Getting started

Default configuration

The role forwards the root mail to a set of e-mail administrator accounts defined by the debops.core Ansible role (see that role's documentation for more details). If they are not defined, the mail will be forwarded to root@<domain> for convenience.

The role creates the staff mail alias which by default is forwarded to root. If you have separate team for IT Operations and Helpdesk, you might want to consider changing this, or some other aliases to forward mail elsewhere. To do that, you can define in the inventory:

etc_aliases__recipients:

  # Forward staff mail to specific users
  - staff: [ 'example1', 'example2' ]

  - example1: 'user1@example.com'

  - example2: 'user2@example.com'

See the etc_aliases__recipients for more details about the configuration format.

Support for the RFC 2142

The RFC 2142: Mailbox Names For Common Services and Functions defines a set of mailboxes (or aliases) that are recommended to exist on any DNS domain to allow easy communication between organizations. This role defines these recommended mail aliases by default for convenience. You can disable this by setting the variable:

etc_aliases__rfc2142_compliant: False

Alternatively, you can change the default mail recipients for the created aliases using the normal configuration mechanism described above.

Example inventory

To configure debops.etc_aliases on a given remote host, it needs to be added to [debops_service_etc_aliases] Ansible inventory group:

[debops_service_etc_aliases]
hostname

Example playbook

Here's a minimal example playbook that can be used to manage the /etc/aliases file:

---

- name: Manage /etc/aliases database
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_etc_aliases' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  pre_tasks:

    - name: Prepare etc_aliases environment
      ansible.builtin.import_role:
        name: 'etc_aliases'
        tasks_from: 'main_env'
      tags: [ 'role::etc_aliases', 'role::secret' ]

  roles:

    - role: secret
      tags: [ 'role::secret', 'role::etc_aliases' ]
      secret__directories:
        - '{{ etc_aliases__secret__directories }}'

    - role: etc_aliases
      tags: [ 'role::etc_aliases', 'skip::etc_aliases' ]

The playbook is shipped with this role under docs/playbooks/etc_aliases.yml from which you can symlink it to your playbook directory.