This repo contains automation and tooling to manage my own mail/matrix server.
Automated SSL generation/renewal is included with Let'sencrypt CA via cerbot and Cloudflare DNS.
All secrets are stored in a private Hashicorp Vault instance and fetched with ansible lookups at runtime.
The ansible inventory itself is generated at runtime using the add_host
trick.
This keeps the code clean, also allows me to make this repo public without security concerns.
Vault Authetication must be set via ENV variables before running the playbook, either by using a token or approle.
Single Step
ansible-playbook -i inventory.yml configure.yml --tags matrix
Configure Everything
ansible-playbook -i inventory.yml configure.yml
https://www.ansible.com/
https://www.vaultproject.io/
https://github.com/element-hq/synapse
https://github.com/docker-mailserver/docker-mailserver