From d3a2b0ac28841a0f24e3bb571f1081cd7103669a Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Tue, 18 Jun 2019 10:46:05 +0200
Subject: [PATCH] add new drone config; fix small design issues

---
 .drone.jsonnet                            | 69 +++++++++++++++++
 .drone.yml                                | 92 ++++++++++++++++++-----
 defaults/main.yml                         |  4 +
 tasks/install.yml                         | 15 ++--
 templates/etc/postfix/sasl_passwd.j2      |  1 +
 templates/etc/postfix/sender_canonical.j2 |  5 +-
 vars/main.yml                             |  5 ++
 7 files changed, 162 insertions(+), 29 deletions(-)
 create mode 100644 .drone.jsonnet
 create mode 100644 vars/main.yml

diff --git a/.drone.jsonnet b/.drone.jsonnet
new file mode 100644
index 0000000..fcf5597
--- /dev/null
+++ b/.drone.jsonnet
@@ -0,0 +1,69 @@
+local AnsibleVersions(version="latest", package="ansible") = {
+    name: "ansible-" + version,
+    image: "python:3.7",
+    pull: "always",
+    environment: {
+      PY_COLORS: 1
+    },
+    commands: [
+      "pip install " + package + " ansible-later~=0.2.0 -qq",
+      "git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
+      "ansible-later -c ~/policy/config.yml"
+    ],
+    depends_on: [
+      "clone",
+    ],
+};
+
+local PipelineLinting = {
+  kind: "pipeline",
+  name: "linting",
+  platform: {
+    os: "linux",
+    arch: "amd64",
+  },
+  steps: [
+    AnsibleVersions(version="latest", package="ansible"),
+    AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
+  ],
+  trigger: {
+    ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
+  },
+};
+
+local PipelineNotifications = {
+  kind: "pipeline",
+  name: "notifications",
+  platform: {
+    os: "linux",
+    arch: "amd64",
+  },
+  clone: {
+    disable: true,
+  },
+  steps: [
+    {
+      name: "matrix",
+      image: "plugins/matrix",
+      settings: {
+        homeserver: "https://matrix.rknet.org",
+        roomid: "MtidqQXWWAtQcByBhH:rknet.org",
+        template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}",
+        username: { "from_secret": "matrix_username" },
+        password: { "from_secret": "matrix_password" },
+      },
+    },
+  ],
+  depends_on: [
+    "linting",
+  ],
+  trigger: {
+    status: [ "success", "failure" ],
+    ref: ["refs/heads/master", "refs/tags/**"],
+  },
+};
+
+[
+  PipelineLinting,
+  PipelineNotifications,
+]
diff --git a/.drone.yml b/.drone.yml
index 289d224..3be4bb2 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,22 +1,78 @@
 ---
 kind: pipeline
-name: default
+name: linting
+
+platform:
+  os: linux
+  arch: amd64
 
 steps:
-  - name: ansible-latest
-    image: python:2.7
-    pull: always
-    commands:
-      - pip install ansible ansible-later -q
-      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
-      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
-
-  - name: ansible-master
-    image: python:2.7
-    pull: always
-    commands:
-      - pip install ansible ansible-later -q
-      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
-      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+- name: ansible-latest
+  pull: always
+  image: python:3.7
+  commands:
+  - pip install ansible ansible-later~=0.2.0 -qq
+  - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+  - ansible-later -c ~/policy/config.yml
+  environment:
+    PY_COLORS: 1
+  depends_on:
+  - clone
+
+- name: ansible-master
+  pull: always
+  image: python:3.7
+  commands:
+  - "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
+  - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+  - ansible-later -c ~/policy/config.yml
+  environment:
+    PY_COLORS: 1
+  depends_on:
+  - clone
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  - "refs/pull/**"
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+  os: linux
+  arch: amd64
+
+clone:
+  disable: true
+
+steps:
+- name: matrix
+  image: plugins/matrix
+  settings:
+    homeserver: https://matrix.rknet.org
+    password:
+      from_secret: matrix_password
+    roomid: MtidqQXWWAtQcByBhH:rknet.org
+    template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
+    username:
+      from_secret: matrix_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  status:
+  - success
+  - failure
+
+depends_on:
+- linting
+
+---
+kind: signature
+hmac: 687734cdf50961bf62d00f2fef97c004cd6b0f3dd6452da8ce4c9a08680992b5
+
+...
diff --git a/defaults/main.yml b/defaults/main.yml
index 2677036..b1ace2b 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,3 +10,7 @@ postfix_relay_sasl_passwd: secure
 postfix_relay_smtpd_banner:
   - ESMTP
   - $mail_name
+
+postfix_relay_senders:
+  - user: root
+    address: "{{ ansible_hostname }}@{{ postfix_relay_sasl_domain }}"
diff --git a/tasks/install.yml b/tasks/install.yml
index e07c483..cb19ea2 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -1,13 +1,8 @@
 ---
-- name: Install postfix mta
-  block:
-    - name: Install required packages
-      package:
-        name: "{{ item }}"
-        state: present
-      with_items:
-        - postfix
-        - cyrus-sasl-plain
-        - mailx
+- name: Install required postfix packages
+  package:
+    name: "{{ item }}"
+    state: present
+  loop: "{{ __postfix_relay_packages }}"
   become: True
   become_user: root
diff --git a/templates/etc/postfix/sasl_passwd.j2 b/templates/etc/postfix/sasl_passwd.j2
index 4346b14..497b809 100644
--- a/templates/etc/postfix/sasl_passwd.j2
+++ b/templates/etc/postfix/sasl_passwd.j2
@@ -1,3 +1,4 @@
+#jinja2: lstrip_blocks: True
 # {{ ansible_managed }}
 
 [{{ postfix_relay_sasl_host }}]:{{ postfix_relay_sasl_port }} {{ postfix_relay_sasl_user }}@{{ postfix_relay_sasl_domain }}:{{ postfix_relay_sasl_passwd }}
diff --git a/templates/etc/postfix/sender_canonical.j2 b/templates/etc/postfix/sender_canonical.j2
index 6205fff..25047b4 100644
--- a/templates/etc/postfix/sender_canonical.j2
+++ b/templates/etc/postfix/sender_canonical.j2
@@ -1,3 +1,6 @@
+#jinja2: lstrip_blocks: True
 # {{ ansible_managed }}
 
-root {{ ansible_hostname }}@{{ postfix_relay_sasl_domain }}
+{% for sender in postfix_relay_senders %}
+{{ sender.name }} {{ sender.address }}
+{% endfor %}
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..9a65829
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,5 @@
+---
+__postfix_relay_packages:
+  - postfix
+  - cyrus-sasl-plain
+  - mailx