From 724d877995dfcc10c462a18dcb4ea6c8b60c2d03 Mon Sep 17 00:00:00 2001 From: Sam Chudnick Date: Sun, 2 Jul 2023 19:04:30 -0400 Subject: initial commit --- roles/opendmarc/defaults/main.yml | 0 roles/opendmarc/files/opendmarc.conf | 11 ++++++++++ roles/opendmarc/handlers/main.yml | 0 roles/opendmarc/tasks/main.yml | 39 ++++++++++++++++++++++++++++++++++++ 4 files changed, 50 insertions(+) create mode 100644 roles/opendmarc/defaults/main.yml create mode 100644 roles/opendmarc/files/opendmarc.conf create mode 100644 roles/opendmarc/handlers/main.yml create mode 100644 roles/opendmarc/tasks/main.yml (limited to 'roles/opendmarc') diff --git a/roles/opendmarc/defaults/main.yml b/roles/opendmarc/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/opendmarc/files/opendmarc.conf b/roles/opendmarc/files/opendmarc.conf new file mode 100644 index 0000000..85a05c2 --- /dev/null +++ b/roles/opendmarc/files/opendmarc.conf @@ -0,0 +1,11 @@ +# OpenDMARC Configuration +PidFile /run/opendmarc/opendmarc.pid +PublicSuffixList /usr/share/publicsuffix/public_suffix_list.dat +RejectFailures True +Socket local:/var/spool/postfix/opendmarc/opendmarc.sock +Syslog True +SyslogFacility mail +UMask 002 +UserID opendmarc +SPFIgnoreResults True +SPFSelfValidate True diff --git a/roles/opendmarc/handlers/main.yml b/roles/opendmarc/handlers/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/opendmarc/tasks/main.yml b/roles/opendmarc/tasks/main.yml new file mode 100644 index 0000000..6c2fb8b --- /dev/null +++ b/roles/opendmarc/tasks/main.yml @@ -0,0 +1,39 @@ +- name: install packages + package: + name: + - opendmarc + - dbconfig-no-thanks + state: latest + +- name: make directory for socket inside postfix chroot + file: + path: /var/spool/postfix/opendmarc + owner: opendmarc + group: opendmarc + mode: '770' + state: directory + +- name: add postfix user to opendmarc group + user: + name: postfix + groups: opendmarc + append: yes + +- name: deploy configuration + copy: + src: opendmarc.conf + dest: /etc/opendmarc.conf + owner: root + group: root + mode: '0644' + +- name: enable opendmarc + systemd: + enabled: yes + masked: no + name: opendmarc + +- name: restart opendmarc + service: + name: opendmarc + state: restarted -- cgit v1.2.3