linderhof/roles/mail/tasks/aliases.yml

# read-only docker exec always reports changed; changed_when: false suppresses spurious output
# failed_when: false — postfix-virtual.cf may not exist on first run
- name: List existing mail aliases
  command: docker exec mailserver setup alias list
  register: mail_alias_list
  changed_when: false
  failed_when: false
  tags:
    - users

- name: Create mail aliases if missing
  command: >
    docker exec mailserver
    setup alias add {{ item.from }}
    {{ item.to if item.to is string else item.to | join(',') }}
  loop: "{{ mail_aliases }}"
  when: item.from not in mail_alias_list.stdout
  tags:
    - users