X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/f76b2b698d708dbef33a5135762b51a9c9d1d031..5e2e9470de3933fd6560eba8ee7a4fff9568ff7c:/roles/postfix/templates/main.cf

diff --git a/roles/postfix/templates/main.cf b/roles/postfix/templates/main.cf
index dc56a85..fa2082c 100644
--- a/roles/postfix/templates/main.cf
+++ b/roles/postfix/templates/main.cf
@@ -13,7 +13,7 @@ smtpd_tls_key_file=/etc/ssl/private/letsencrypt/live.key
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtpd_tls_security_level = may
 smtpd_tls_loglevel = 1
-smtpd_tls_dh1024_param_file = /etc/ssl/dh2048.pem
+smtpd_tls_dh1024_param_file = {{ postfix.paths.dh2048 }}
 smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
 smtpd_tls_ciphers = low
 smtpd_tls_mandatory_ciphers = high
@@ -110,9 +110,10 @@ transport_maps = hash:/etc/postfix/transport_map
 mailman_destination_recipient_limit = 1
 {% endif %}
 
-{% if postfix.opendkim | default(False) %}
+{% if postfix.opendkim is defined %}
 # DKIM & Milter
 milter_default_action = accept
+# Path must match opendkim.env
 smtpd_milters = unix:opendkim/sock
 non_smtpd_milters = $smtpd_milters
 {% endif %}