--- # tasks file for debian-mail - name: Fetch bridge_pubkey.gpg ansible.builtin.get_url: url: https://proton.me/download/bridge/bridge_pubkey.gpg dest: /tmp/bridge_pubkey.gpg - name: Sign bridge_pubkey.gpg ansible.builtin.shell: cmd: rm -f debsig.gpg && gpg --dearmor --output debsig.gpg bridge_pubkey.gpg chdir: /tmp - name: Create keyring directory ansible.builtin.file: path: /usr/share/debsig/keyrings/E2C75D68E6234B07 state: directory recurse: true - name: Move debsig.gpg to keyring directory ansible.builtin.copy: src: /tmp/debsig.gpg dest: /usr/share/debsig/keyrings/E2C75D68E6234B07 remote_src: true - name: Create policy directory ansible.builtin.file: path: /etc/debsig/policies/E2C75D68E6234B07 state: directory recurse: true - name: Fetch and install the policy file ansible.builtin.get_url: url: https://proton.me/download/bridge/bridge.pol dest: /etc/debsig/policies/E2C75D68E6234B07//bridge.pol - name: Fetch protonmail-bridge DEB package ansible.builtin.get_url: url: https://proton.me/download/bridge/protonmail-bridge_3.2.0-1_amd64.deb dest: /tmp/protonmail-bridge_3.2.0-1_amd64.deb - name: Verify the signature on the protonmail-bridge package file ansible.builtin.shell: cmd: debsig-verify protonmail-bridge_3.2.0-1_amd64.deb chdir: /tmp register: debsig_output failed_when: '"Verified package" not in debsig_output.stdout or debsig_output.rc != 0' - name: Install protonmail-bridge_3.2.0-1_amd64.deb ansible.builtin.apt: deb: /tmp/protonmail-bridge_3.2.0-1_amd64.deb - name: Copy systemd unit files for offlineimap ansible.builtin.copy: src: /usr/share/doc/offlineimap3/examples/systemd/offlineimap-oneshot.service dest: /etc/systemd/system/offlineimap-oneshot.service remote_src: true - name: Change running user and group to debian for offlineimap-oneshot.service ansible.builtin.blockinfile: path: /etc/systemd/system/offlineimap-oneshot.service insertafter: "Type=oneshot" block: | User=debian Group=debian - name: Create offlineimap-oneshot.timer ansible.builtin.blockinfile: path: /etc/systemd/system/offlineimap-oneshot.timer create: true block: | [Unit] Description=Offlineimap Query Timer [Timer] OnCalendar=daily [Install] WantedBy=default.target - name: Create pm-bridge-tty.service ansible.builtin.blockinfile: path: /etc/systemd/system/pm-bridge-tty.service create: true block: | [Unit] Description=faketty service for protonmail-bridge [Service] Type=simple User=debian Group=debian ExecStart=/usr/local/bin/pm-bridge-tty [Install] WantedBy=multi-user.target - name: Copy offlineimaprc for debian ansible.builtin.copy: src: files/offlineimaprc dest: /home/debian/.offlineimaprc owner: debian group: debian - name: Copy protonmail-bridge faketty script ansible.builtin.copy: src: files/pm-bridge-tty dest: /usr/local/bin/pm-bridge-tty owner: root group: root mode: u=rwx,g=rx,o=rx - name: Enable offlineimap systemd timer ansible.builtin.systemd: name: offlineimap-oneshot.timer enabled: true - name: Message to Ansible user ansible.builtin.debug: msg: - "Run 'pm-bridge-tty init' to initialize the bridge." - "Login to Proton Mail with your user credentials." - "Wait for the sync to finish." - "Copy SMTP password and add it to /home/debian/.offlineimaprc" - "Run 'notmuch setup'" - "Run 'sudo systemctl enable --now pm-bridge-tty.service'" - "Run 'sudo systemctl start offlineimap-oneshot.service'" - "Run 'sudo systemctl enable offlineimap-oneshot.timer'"