ansible-roles/roles/zimbra/tasks/mailbox.yml

---

- name: Install needed tools
  yum:
    name:
      - git
  tags: zcs

- name: Configure MySQL bind IP
  ini_file:
    section: mysqld
    option: bind-address
    value: 0.0.0.0
    path: /opt/zimbra/conf/my.cnf
    mode: 0640
    owner: zimbra
    group: zimbra
  notify: restart zimbra
  tags: zcs

- name: Get MySQL root password
  shell: /opt/zimbra/bin/zmlocalconfig -s mysql_root_password | awk '{ print $3 }'
  become_user: zimbra
  register: zcs_mysql_root_password
  changed_when: False
  tags: zcs

- name: Create sqladmin user account
  mysql_user:
    name: sqladmin
    password: '{{ mysql_admin_pass }}'
    host: '%'
    priv: '*.*:ALL,GRANT'
    state: present
    login_user: root
    login_password: "{{ zcs_mysql_root_password.stdout }}"
    login_unix_socket: /opt/zimbra/data/tmp/mysql/mysql.sock
  when: mysql_admin_pass is defined
  tags: zcs

- name: Handle Zimbra store ports
  iptables_raw:
    name: zcs_store_ports
    state: "{{ (zcs_cluster_ip | length > 0) | ternary('present','absent') }}"
    rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports 143,993,7143,7993 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n
            -A INPUT -m state --state NEW -p tcp -m multiport --dports 110,995,7110,7995 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n
            -A INPUT -m state --state NEW -p tcp -m multiport --dports 8080,8443,7071,7072,7073 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n
            -A INPUT -m state --state NEW -p tcp -m multiport --dports 7025,7026 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT\n
            -A INPUT -m state --state NEW -p tcp -m multiport --dports 8735,8736 -s {{ zcs_cluster_ip | join(',') }} -j ACCEPT"
  when: iptables_manage | default(True)
  tags: zcs

- name: Handle Zimbra MySQL ports
  iptables_raw:
    name: zcs_mysql_ports
    state: "{{ (zcs_mysql_src_ip | length > 0) | ternary('present','absent') }}"
    rules: "-A INPUT -m state --state NEW -p tcp --dport 7306 -s {{ zcs_mysql_src_ip | join(',') }} -j ACCEPT"
  when: iptables_manage | default(True)
  tags: zcs

  #- name: Create ShareToolki cache dir
  #  file: path=/opt/zimbra/addon_cache/sharetoolkit state=directory
  #  tags: zcs
  #
  #- name: Clone ShareToolkit repo
  #  git:
  #    repo: https://github.com/Zimbra-Community/shared-mailbox-toolkit.git
  #    dest: /opt/zimbra/addon_cache/sharetoolkit
  #    force: True
  #  register: zcs_sharetoolkit_repo
  #  notify: restart zmmailboxd
  #  tags: zcs
  #
  #- name: Remove previous ShareToolkit client zimlet
  #  file: path=/opt/zimbra/zimlets-deployed/_dev/tk_barrydegraaff_sharetoolkit_client state=absent
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Create ShareToolkit client Zimlet directory
  #  file: path=/opt/zimbra/zimlets-deployed/_dev/ state=directory
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Deploy ShareToolkit client zimlet
  #  copy: src=/opt/zimbra/addon_cache/sharetoolkit/tk_barrydegraaff_sharetoolkit_client dest=/opt/zimbra/zimlets-deployed/_dev/ remote_src=True
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Undeploy previous ShareToolkit Zimlet
  #  command: /opt/zimbra/bin/zmzimletctl undeploy tk_barrydegraaff_sharetoolkit_admin
  #  become_user: zimbra
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Create a ZIP archive for ShareToolkit admin zimlet
  #  archive:
  #    path: /opt/zimbra/addon_cache/sharetoolkit/tk_barrydegraaff_sharetoolkit_admin/*
  #    dest: /tmp/tk_barrydegraaff_sharetoolkit_admin.zip
  #    format: zip
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Deploy new ShareToolkit admin zimlet
  #  command: /opt/zimbra/bin/zmzimletctl deploy /tmp/tk_barrydegraaff_sharetoolkit_admin.zip
  #  become_user: zimbra
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Remove previous Java server extension
  #  file: path=/opt/zimbra/lib/ext/ShareToolkit state=absent
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Create ShareToolkit Java server extension dir
  #  file: path=/opt/zimbra/lib/ext/ShareToolkit state=directory
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Deploy new Java server extension
  #  copy: src=/opt/zimbra/addon_cache/sharetoolkit/extension/ShareToolkit/out/artifacts/ShareToolkit/ShareToolkit.jar dest=/opt/zimbra/lib/ext/ShareToolkit/ remote_src=True
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Enable the X-Authenticated-User header
  #  command: /opt/zimbra/bin/zmprov modifyConfig {{ inner_item.attr }} {{ inner_item.value }}
  #  become_user: zimbra
  #  loop:
  #    - attr: zimbraSmtpSendAddAuthenticatedUser
  #      value: 'TRUE'
  #    - attr: zimbraMtaSmtpdSaslAuthenticatedHeader
  #      value: 'yes'
  #  loop_control:
  #    loop_var: inner_item
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Deploy ShareToolkit CLI tools
  #  synchronize:
  #    src: /opt/zimbra/addon_cache/sharetoolkit/bin/
  #    dest: /usr/local/sbin/
  #    rsync_opts:
  #      - "--chmod=F755"
  #  delegate_to: "{{ inventory_hostname }}"
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs
  #
  #- name: Flush Zimbra cache
  #  command: /opt/zimbra/bin/zmprov flushCache all
  #  become_user: zimbra
  #  when: zcs_sharetoolkit_repo.changed
  #  tags: zcs

- name: Remove ADPassword listener (not working with JDK 13)
  file: path=/opt/zimbra/lib/ext/adpassword state=absent
  tags: zcs

- include_tasks: cas.yml
  tags: zcs

- name: Remove daily report cron task
  lineinfile:
    path: /var/spool/cron/zimbra
    regexp: '.*/opt/zimbra/libexec/zmdailyreport.*'
    line: '#30 23 * * * /opt/zimbra/libexec/zmdailyreport -m'
  notify: reload crond
  tags: zcs

# https://forums.zimbra.org/viewtopic.php?t=72204
- name: Remove hostedlogin
  file: path={{ item }} state=absent
  loop:
    - /opt/zimbra/jetty_base/webapps/zimbra/public/hostedlogin.jsp
    - /opt/zimbra/jetty_base/work/zimbra/jsp/org/apache/jsp/public_/hostedlogin_jsp.class
    - /opt/zimbra/jetty_base/work/zimbra/jsp/org/apache/jsp/public_/hostedlogin_jsp.java
  notify: restart zimbra
  tags: zcs