Add dmarc-report tool

playbooks/for-ansible-lint.yml

@@ -9,6 +9,7 @@
     - authentik
     - backup
     - caddy
+    - dmarc_report
     - dokku
     - extra_services
     - forgejo

playbooks/roles/dmarc_report/defaults/main.yml

@@ -0,0 +1,56 @@
+---
+dmarc_report_db_host: "{{ postgres.host }}"
+dmarc_report_db_port: "{{ postgres.port }}"
+dmarc_report_db_type: "pgsql"
+dmarc_report_db_name: "{{ opentofu.postgresql_data.dmarc_report.database }}"
+dmarc_report_db_user: "{{ opentofu.postgresql_data.dmarc_report.user }}"
+dmarc_report_db_pass: "{{ opentofu.postgresql_data.dmarc_report.pass }}"
+
+dmarc_report_imap_user: "{{ opentofu.mailcow_data.dmarc_report.address }}"
+dmarc_report_imap_pass: "{{ opentofu.mailcow_data.dmarc_report.password }}"
+dmarc_report_imap_server: "{{ mailer.host }}"
+dmarc_report_imap_port: "993"
+dmarc_report_imap_read_folder: "Inbox"
+dmarc_report_imap_move_folder: "processed"
+dmarc_report_imap_move_folder_err: "error"
+
+dmarc_report_imap_ssl: true
+dmarc_report_imap_tls: false
+
+dmarc_report_svc:
+  domain: "{{ all_services | service_get_domain(role_name) }}"
+  port: 80
+  caddy_extra: import vpn_only
+
+dmarc_report_env:
+  REPORT_DB_HOST: "{{ dmarc_report_db_host }}"
+  REPORT_DB_TYPE: "{{ dmarc_report_db_type }}"
+  REPORT_DB_PORT: "{{ dmarc_report_db_port }}"
+  REPORT_DB_NAME: "{{ dmarc_report_db_name }}"
+  REPORT_DB_USER: "{{ dmarc_report_db_user }}"
+  REPORT_DB_PASS: "{{ dmarc_report_db_pass }}"
+  PGSSLMODE: require
+  PGSSLCERT: /tmp/postgresql.crt
+
+  PARSER_IMAP_USER: "{{ dmarc_report_imap_user }}"
+  PARSER_IMAP_PASS: "{{ dmarc_report_imap_pass }}"
+  PARSER_IMAP_SERVER: "{{ dmarc_report_imap_server }}"
+  PARSER_IMAP_PORT: "{{ dmarc_report_imap_port }}"
+  PARSER_IMAP_READ_FOLDER: "{{ dmarc_report_imap_read_folder }}"
+  PARSER_IMAP_MOVE_FOLDER: "{{ dmarc_report_imap_move_folder }}"
+  PARSER_IMAP_MOVE_FOLDER_ERR: "{{ dmarc_report_imap_move_folder_err }}"
+
+  PARSER_IMAP_SSL: "{{ 1 if dmarc_report_imap_ssl else 0 }}"
+  PARSER_IMAP_TLS: "{{ 1 if dmarc_report_imap_tls else 0 }}"
+
+  # Ignore ERROR: message_string() issue experienced with Exchange Online. Set to 1 to enable
+  PARSER_IMAP_IGNORE_ERROR: 0
+
+  # Increase the maximum size of the XML file. (default is 50000 bytes)
+  # When the size exceeds the maximum, one could experience an error Uncaught ValueError: DOMDocument::loadXML():
+  # Argument #1 ($source) must not be empty.
+  PARSER_XML_MAXSIZE: 50000
+
+dmarc_report_compose:
+  watchtower: update
+  image: "gutmensch/dmarc-report:latest"

playbooks/roles/dmarc_report/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: Restart service {{ role_name }}
+  ansible.builtin.include_tasks: tasks/restart-service.yml

playbooks/roles/dmarc_report/tasks/main.yml

@@ -0,0 +1,12 @@
+---
+- name: Set common facts
+  ansible.builtin.import_tasks: tasks/set-default-facts.yml
+
+- name: Deploy {{ role_name }}
+  vars:
+    svc: "{{ dmarc_report_svc }}"
+    env: "{{ dmarc_report_env }}"
+    compose: "{{ dmarc_report_compose }}"
+  block:
+    - name: Import tasks to deploy common service
+      ansible.builtin.import_tasks: tasks/deploy-common-service.yml

services.auto.tfvars

@@ -95,6 +95,19 @@ services = {
     database = false
   }
 
+  "dmarc_report" = {
+    host = "node001"
+    dns = [{
+      domain = "dmarc.serguzim.me"
+        vpn = true
+    }]
+    auth = false
+    database = true
+    mail = "dmarcreports"
+    mail_smtp = false
+    mail_imap = true
+  }
+
   "dokku" = {
     host = "node001"
     dns = [