X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/0aacb9f875a40b18dfbbc01b705b5337bf872368..a0ef97a3169e9da8b4618116075d54c49b4292b4:/roles/email/tasks/opendkim.yml

diff --git a/roles/email/tasks/opendkim.yml b/roles/email/tasks/opendkim.yml
new file mode 100644
index 0000000..1ac9e5a
--- /dev/null
+++ b/roles/email/tasks/opendkim.yml
@@ -0,0 +1,35 @@
+- name: install opendkim
+  apt: name=opendkim,opendkim-tools state=latest
+- name: enable opendkim
+  service: name=opendkim enabled=yes
+# env
+- name: install opendkim env
+  register: opendkim_env
+  template:
+    dest: /etc/default/opendkim
+    src: templates/opendkim.env
+- name: regenerate opendkim service
+  when: opendkim_env.changed
+  shell: /lib/opendkim/opendkim.service.generate && systemctl daemon-reload
+  notify: opendkim
+# tables
+- name: generate opendkim keys
+  shell: mkdir /etc/opendkim/{{ item }}/ && opendkim-genkey --bits=2048 -s mail -d {{ item }} -D /etc/opendkim/{{ item }}/
+  args:
+    creates: /etc/opendkim/{{ item }}/mail.private
+    warn: False
+  loop: "{{ postfix.opendkim.private_keys }}"
+- name: generate opendkim tables
+  template:
+    dest: /etc/opendkim/{{ item }}
+    src: templates/{{ item }}
+  loop:
+  - KeyTable
+  - SigningTable
+  notify: opendkim
+# config
+- name: install opendkim config
+  template:
+    dest: /etc/opendkim.conf
+    src: templates/opendkim.conf
+  notify: opendkim