initial commit

4 files changed, 50 insertions, 0 deletions

diff --git a/roles/opendmarc/defaults/main.yml b/roles/opendmarc/defaults/main.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/roles/opendmarc/defaults/main.yml
diff --git a/roles/opendmarc/files/opendmarc.conf b/roles/opendmarc/files/opendmarc.conf
new file mode 100644
index 0000000..85a05c2
--- /dev/null
+++ b/roles/opendmarc/files/opendmarc.conf
@@ -0,0 +1,11 @@
+# OpenDMARC Configuration
+PidFile /run/opendmarc/opendmarc.pid
+PublicSuffixList  /usr/share/publicsuffix/public_suffix_list.dat
+RejectFailures  True
+Socket  local:/var/spool/postfix/opendmarc/opendmarc.sock
+Syslog  True
+SyslogFacility  mail
+UMask 002
+UserID  opendmarc
+SPFIgnoreResults  True
+SPFSelfValidate   True
diff --git a/roles/opendmarc/handlers/main.yml b/roles/opendmarc/handlers/main.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/roles/opendmarc/handlers/main.yml
diff --git a/roles/opendmarc/tasks/main.yml b/roles/opendmarc/tasks/main.yml
new file mode 100644
index 0000000..6c2fb8b
--- /dev/null
+++ b/roles/opendmarc/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: install packages
+  package:
+    name:
+      - opendmarc
+      - dbconfig-no-thanks
+    state: latest
+
+- name: make directory for socket inside postfix chroot
+  file:
+    path: /var/spool/postfix/opendmarc
+    owner: opendmarc
+    group: opendmarc
+    mode: '770'
+    state: directory
+
+- name: add postfix user to opendmarc group
+  user:
+    name: postfix
+    groups: opendmarc
+    append: yes
+
+- name: deploy configuration
+  copy:
+    src: opendmarc.conf
+    dest: /etc/opendmarc.conf
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: enable opendmarc
+  systemd:
+    enabled: yes
+    masked: no
+    name: opendmarc
+
+- name: restart opendmarc
+  service:
+    name: opendmarc
+    state: restarted