linderhof/roles/mail/tasks/users.yml

# read-only docker exec always reports changed; changed_when: false suppresses spurious output
# failed_when: false — postfix-accounts.cf may not exist on first run (seeded separately)
- name: Check if mail user exists
  command: docker exec mailserver setup email list
  register: mail_user_list
  changed_when: false
  failed_when: false
  tags:
    - users

- name: Create mail users if missing
  ansible.builtin.command:
    argv:
      - docker
      - exec
      - mailserver
      - setup
      - email
      - add
      - "{{ item.address }}"
      - "{{ item.password }}"
  loop: "{{ mail_users }}"
  when: item.address not in mail_user_list.stdout
  no_log: true
  ignore_errors: yes
  tags:
    - users
initial commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-27 15:09:25 -07:00			`# read-only docker exec always reports changed; changed_when: false suppresses spurious output`
Fix fresh-deploy blockers and clean up architecture - Seed postfix-accounts.cf before mailserver start to satisfy Dovecot's requirement for at least one account on first boot - Add failed_when: false to mail user/alias list tasks (files don't exist on first run) - Add forgejo_runner_version (was undefined); default to 12 - Create /srv/forgejo/data/gitea/conf before deploying app.ini - Decouple goaccess sync from restic: new enable_goaccess_sync flag with its own goaccess_sync_* variables - Move Docker installation to bootstrap exclusively; rename docker.yml to networks.yml (runs docker_network role only) - Add radicale_password to vault template and setup.sh - Fix goaccess sync tasks gated on enable_goaccess_sync - Add upstream bug comment to authorized_key deprecation warning - Update CLAUDE.md and README.md throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-28 00:51:16 -07:00			`# failed_when: false — postfix-accounts.cf may not exist on first run (seeded separately)`
initial commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-27 15:09:25 -07:00			`- name: Check if mail user exists`
			`command: docker exec mailserver setup email list`
			`register: mail_user_list`
			`changed_when: false`
Fix fresh-deploy blockers and clean up architecture - Seed postfix-accounts.cf before mailserver start to satisfy Dovecot's requirement for at least one account on first boot - Add failed_when: false to mail user/alias list tasks (files don't exist on first run) - Add forgejo_runner_version (was undefined); default to 12 - Create /srv/forgejo/data/gitea/conf before deploying app.ini - Decouple goaccess sync from restic: new enable_goaccess_sync flag with its own goaccess_sync_* variables - Move Docker installation to bootstrap exclusively; rename docker.yml to networks.yml (runs docker_network role only) - Add radicale_password to vault template and setup.sh - Fix goaccess sync tasks gated on enable_goaccess_sync - Add upstream bug comment to authorized_key deprecation warning - Update CLAUDE.md and README.md throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-28 00:51:16 -07:00			`failed_when: false`
initial commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-02-27 15:09:25 -07:00			`tags:`
			`- users`

			`- name: Create mail users if missing`
			`ansible.builtin.command:`
			`argv:`
			`- docker`
			`- exec`
			`- mailserver`
			`- setup`
			`- email`
			`- add`
			`- "{{ item.address }}"`
			`- "{{ item.password }}"`
			`loop: "{{ mail_users }}"`
			`when: item.address not in mail_user_list.stdout`
			`no_log: true`
			`ignore_errors: yes`
			`tags:`
			`- users`