initial commit

author: Sam Chudnick <sam@chudnick.com> 2023-07-02 19:04:30 -0400
committer: Sam Chudnick <sam@chudnick.com> 2023-07-02 19:04:30 -0400
commit: 724d877995dfcc10c462a18dcb4ea6c8b60c2d03 (patch)
tree: 270537b8fca585717c1ffa7708e492593f7b2ed5 /roles/opendkim/tasks
1 files changed, 57 insertions, 0 deletions
diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml
new file mode 100644
index 0000000..b56081a
--- /dev/null
+++ b/roles/opendkim/tasks/main.yml
@@ -0,0 +1,57 @@
+- name: install packages
+  package:
+    name:
+      - opendkim
+      - opendkim-tools
+    state: latest
+- name: create dkimkeys directory
+  file:
+    path: /etc/dkimkeys
+    owner: opendkim
+    group: opendkim
+    mode: '700'
+    state: directory
+- name: generate opendkim key
+  command:
+    cmd: "opendkim-genkey -D /etc/dkimkeys -d {{ domain }} -s {{ dkim_selector }}"
+- name: rename dkim key file
+  command: "mv /etc/dkimkeys/{{ dkim_selector }}.private /etc/dkimkeys/{{ dkim_selector }}.pem"
+  args:
+    removes: "/etc/dkimkeys/{{ dkim_selector }}.private"
+    creates: "/etc/dkimkeys/{{ dkim_selector }}.pem"
+- name: make directory for socket inside postfix chroot
+  file:
+    path: /var/spool/postfix/opendkim
+    owner: opendkim
+    group: opendkim
+    mode: '770'
+    state: directory
+- name: add postfix user to opendkim group
+  user:
+    name: postfix
+    groups: opendkim
+    append: yes
+- name: deploy configuration
+  template:
+    src: opendkim.conf.j2
+    dest: /etc/opendkim.conf
+    owner: root
+    group: root
+    mode: '0644'
+- name: enable opendkim
+  systemd:
+    enabled: yes
+    masked: no
+    name: opendkim
+- name: restart opendkim
+  service:
+    name: opendkim
+    state: restarted
author	Sam Chudnick <sam@chudnick.com>	2023-07-02 19:04:30 -0400
committer	Sam Chudnick <sam@chudnick.com>	2023-07-02 19:04:30 -0400
commit	724d877995dfcc10c462a18dcb4ea6c8b60c2d03 (patch)
tree	270537b8fca585717c1ffa7708e492593f7b2ed5 /roles/opendkim/tasks

diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml new file mode 100644 index 0000000..b56081a --- /dev/null +++ b/roles/opendkim/tasks/main.yml
@@ -0,0 +1,57 @@
	1	- name: install packages
	2	package:
	3	name:
	4	- opendkim
	5	- opendkim-tools
	6	state: latest
	7
	8	- name: create dkimkeys directory
	9	file:
	10	path: /etc/dkimkeys
	11	owner: opendkim
	12	group: opendkim
	13	mode: '700'
	14	state: directory
	15
	16	- name: generate opendkim key
	17	command:
	18	cmd: "opendkim-genkey -D /etc/dkimkeys -d {{ domain }} -s {{ dkim_selector }}"
	19
	20	- name: rename dkim key file
	21	command: "mv /etc/dkimkeys/{{ dkim_selector }}.private /etc/dkimkeys/{{ dkim_selector }}.pem"
	22	args:
	23	removes: "/etc/dkimkeys/{{ dkim_selector }}.private"
	24	creates: "/etc/dkimkeys/{{ dkim_selector }}.pem"
	25
	26	- name: make directory for socket inside postfix chroot
	27	file:
	28	path: /var/spool/postfix/opendkim
	29	owner: opendkim
	30	group: opendkim
	31	mode: '770'
	32	state: directory
	33
	34	- name: add postfix user to opendkim group
	35	user:
	36	name: postfix
	37	groups: opendkim
	38	append: yes
	39
	40	- name: deploy configuration
	41	template:
	42	src: opendkim.conf.j2
	43	dest: /etc/opendkim.conf
	44	owner: root
	45	group: root
	46	mode: '0644'
	47
	48	- name: enable opendkim
	49	systemd:
	50	enabled: yes
	51	masked: no
	52	name: opendkim
	53
	54	- name: restart opendkim
	55	service:
	56	name: opendkim
	57	state: restarted