---

- name: '[LACRE] - Configure lacre'
  template:
    src: 'etc/gpg-mailgate.conf.j2'
    dest: '/etc/gpg-mailgate.conf'
    owner: root
    group: root
    mode: 0644
    
- name: '[LACRE] - Add lacre config to postfix'
  blockinfile:
    dest: '/etc/postfix/master.cf'
    backup: yes
    marker: '# {mark} LACRE config block (Ansible)'
    block: |
       gpg-mailgate    unix    -   n   n   -   -   pipe
         flags= user=lacre argv={{ lacre_app_dir }}/gpg-mailgate.py ${recipient}
       
       127.0.0.1:10028 inet    n   -   n   -   10  smtpd
         -o content_filter=
         -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
         -o smtpd_helo_restrictions=
         -o smtpd_client_restrictions=
         -o smtpd_sender_restrictions=
         -o smtpd_recipient_restrictions=permit_mynetworks,reject
         -o mynetworks=127.0.0.0/8
         -o smtpd_authorized_xforward_hosts=127.0.0.0/8
     
- name: '[LACRE] - Replace content_filter setting in postfix'
  replace:
    path: '/etc/postfix/main.cf'
    regexp: 'content_filter = .*'
    replace: 'content_filter = gpg-mailgate'
  when: lacre_set_content_filter == 'true'