Send email using a Postfix Relay in Azure Virtual Machine Through Gmail Using Ansible Playbook
I got a requirement to setup Ansible playbook which installs postfix and related software on a CentOS server and to send mail using Gmail smtp services
The requirement is to take config file and password file from GIT repo and work in a pipeline. The CI/CD pipeline is to be established using Jenkins or other similar tools. Following are the contents of this blog
- Create an ansible playbook which installs postfix cyrus-sasl-plain and mailx in CentOS server
- Copy the main.cf file and sasl_passwd using your CI/CD pipeline
- Rerun the step 1 to restart the postfix with the new config file and apply the password file
- Create an ansible playbook which send email using your Gmail smtp
Ansible Playbook 1 – Install postfix cyrus-sasl-plain and mailx add localhost in your host file
Notes:
- Add localhost in host file
- If you have Python version 3.x is running as default version, you may need to apply a fix in your playbook to run the python 2 also
- create mailsetup.yml with the following contents
---
- name: configuring postfix mail server
hosts: localhost
become: true
vars:
pkg:
- postfix
- cyrus-sasl-plain
- mailx
svc: postfix
tasks:
- name: installing {{ pkg }} packages
yum:
name: "{{ pkg }}"
state: present
vars:
ansible_python_interpreter: /usr/bin/python2
- name: enabling and starting {{ svc }} service
service:
name: "{{ svc }}"
state: started
enabled: true
- name:
command: postmap /etc/postfix/sasl_passwd
- name: enabling and starting {{ svc }} service
service:
name: "{{ svc }}"
state: restarted
CI/CD Pipeline: Copy the config file and password files under /etc/postfix
main.cf file – Copy the original file and append the following lines at the end of the file
myhostname = localhost
relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
sasl_passwd file – Enable two step authentication and create an app password as explained here: Google documentation. Once ready substitute the values in following line and create the sasl_passwd file
[smtp.gmail.com]:587 your gmail user id:app password
Restart services and apply the new password settings – Easy way to achieve this step is to re-run the Playbook 1 again
Ansible Playbook 2 – Create mailsend.yml Send email using the Gmail smtp services
---
- name: Sending mail using ansible playbook
hosts: localhost
become: true
tasks:
- name: sending email to any address
mail:
host: smtp.gmail.com
port: 587
username: your gmail account
password: your app password
to: any email address
subject: Ansible-Postfix testWhile running the above file, you will have the email received in your address specified !!!
No responses yet