Added ansible playbook for secondary MX server

ansible/templates/acme-client.conf

@@ -3,7 +3,7 @@ authority letsencrypt {
     account key "/etc/acme/letsencrypt-privkey.pem"
 }
 
-{% for domain in mx1_domains %}
+{% for domain in lookup('vars', inventory_hostname + '_domains') %}
 domain "{{ domain }}" {
     domain key "/etc/ssl/private/{{ domain }}.key"
     domain full chain certificate "/etc/ssl/{{ domain }}.fullchain.pem"

ansible/templates/httpd.conf

@@ -9,7 +9,7 @@ server "{{ inventory_hostname }}" {
     }
 }
 
-{% for vhost in mx1_domains %}
+{% for vhost in lookup('vars', inventory_hostname + '_domains') %}
 server "{{ vhost }}" {
     listen on * tls port 443
     tls {

ansible/templates/secondary-smtpd.conf

@@ -0,0 +1,16 @@
+{% set _mx_domain = lookup('vars', inventory_hostname + '_mail_domain') %}
+pki {{ _mx_domain }} cert "/etc/ssl/{{ _mx_domain }}.fullchain.pem"
+pki {{ _mx_domain }} key "/etc/ssl/private/{{ _mx_domain }}.key"
+
+listen on all tls pki {{ _mx_domain }}
+
+table aliases file:/etc/mail/aliases
+
+action "local" mbox alias <aliases>
+action "relay" relay host {{ mx1_mail_domain }}
+
+{% for domain in mail_domains %}
+match from any for domain {{ domain }} action "relay"
+{% endfor %}
+match from local for local action "local"
+match from local for any action "relay"

ansible/templates/smtpd.conf

@@ -21,3 +21,4 @@ match from any for domain {{ domain }} action "local_mail"
 {% endfor %}
 match from local for local action "local_mail"
 match from local for any action "outbound"
+match auth from any for any action "outbound"