- name: install opendkim
  apt: name=opendkim,opendkim-tools state=latest
- name: enable opendkim
  service: name=opendkim enabled=yes
# env
- name: install opendkim env
  register: opendkim_env
  template:
    dest: /etc/default/opendkim
    src: templates/opendkim.env
- name: regenerate opendkim service
  when: opendkim_env.changed
  shell: /lib/opendkim/opendkim.service.generate && systemctl daemon-reload && systemd-tmpfiles /etc/tmpfiles.d/opendkim.conf --create
  notify: opendkim
# tables
- name: create opendkim dir
  file: name=/etc/opendkim state=directory owner=opendkim
- name: generate opendkim keys
  shell: mkdir /etc/opendkim/{{ item }}/ && opendkim-genkey --bits=2048 -s mail -d {{ item }} -D /etc/opendkim/{{ item }}/
  become_user: opendkim
  args:
    creates: /etc/opendkim/{{ item }}/mail.private
    warn: False
  loop: "{{ postfix.opendkim.private_keys }}"
- name: generate opendkim tables
  template:
    dest: /etc/opendkim/{{ item }}
    src: templates/{{ item }}
  loop:
  - KeyTable
  - SigningTable
  notify: opendkim
# config
- name: install opendkim config
  template:
    dest: /etc/opendkim.conf
    src: templates/opendkim.conf
  notify: opendkim