Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

roles/web-app-mailu/tasks/set-mailu-dns-records.yml

@@ -0,0 +1,87 @@
+- name: "Load Mailu DNS variables"
+  include_vars: vars/mailu-dns.yml
+
+- name: Generate DKIM public key
+  include_tasks: generate-and-read-dkim.yml
+
+- name: "Set A record for mail server"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: A
+    name: "{{ domain }}"
+    content: "{{ mailu_dns_ip }}"
+    proxied: false
+    ttl: 1
+    state: present
+
+- name: "Set CNAME record for autoconfig"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: CNAME
+    name: "autoconfig.{{ mailu_dns_zone }}"
+    value: "{{ domain }}"
+    proxied: false
+    ttl: 1
+    state: present
+
+- name: "Set MX record"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: MX
+    name: "{{ mailu_dns_zone }}"
+    value: "{{ domain }}"
+    priority: 10
+    ttl: 1
+    state: present
+
+- name: "Set SRV records"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: SRV
+    service: "_{{ item.key }}"
+    proto: "_tcp"
+    priority: "{{ item.value.priority }}"
+    weight: "{{ item.value.weight }}"
+    port: "{{ item.value.port }}"
+    value: "{{ domain }}"
+    ttl: 1
+    state: present
+  loop: "{{ mailu_dns_srv_records | dict2items }}"
+  ignore_errors: true
+  #register: srv_result
+  #failed_when: srv_result.rc != 0 and ("An identical record already exists" not in srv_result.stdout)
+  #changed_when: srv_result.rc == 0 and ("An identical record already exists" not in srv_result.stdout)
+
+- name: "Set SPF TXT record"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: TXT
+    name: "{{ mailu_dns_zone }}"
+    value: "v=spf1 mx a:{{ domain }} ~all"
+    ttl: 1
+    state: present
+
+- name: "Set DMARC TXT record"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: TXT
+    name: "_dmarc.{{ mailu_dns_zone }}"
+    value: "v=DMARC1; p=reject; ruf=mailto:{{ mailu_dmarc_ruf }}; adkim=s; aspf=s"
+    ttl: 1
+    state: present
+
+- name: "Set DKIM TXT record"
+  community.general.cloudflare_dns:
+    api_token: "{{ cloudflare_record_api_token }}"
+    zone: "{{ mailu_dns_zone }}"
+    type: TXT
+    name: "dkim._domainkey.{{ mailu_dns_zone }}"
+    value: "{{ mailu_dkim_public_key }}"
+    ttl: 1
+    state: present