From 856fb138224c992722f28b740d765dc6d5cd2975 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Thu, 11 Mar 2021 06:18:47 +0000
Subject: [PATCH] Install keytab from dovecot role and not from playbook

---
 playbooks/mail.yml           | 4 ----
 roles/dovecot/tasks/main.yml | 8 ++++++++
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/playbooks/mail.yml b/playbooks/mail.yml
index dd3cfd0..5d1cd93 100644
--- a/playbooks/mail.yml
+++ b/playbooks/mail.yml
@@ -15,10 +15,6 @@
       principals:
         - "host/{{ inventory_hostname }}@{{ kerberos_realm }}"
         - "smtp/{{ mail_server }}@{{ kerberos_realm }}"
-    - role: kerberos/keytab
-      keytab: /etc/dovecot/dovecot.keytab
-      principals:
-        - "imap/{{ mail_server }}@{{ kerberos_realm }}"
     - nfs-client
     - sssd
     - autofs
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 56aece0..1332dc6 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -5,6 +5,14 @@
     name: dovecot
     state: installed
 
+- name: create kerberos keytab
+  include_role:
+    name: kerberos/keytab
+  vars:
+    keytab: /etc/dovecot/dovecot.keytab
+    principals:
+      - "imap/{{ mail_server }}@{{ kerberos_realm }}"
+
 - name: install privatekey
   copy:
     dest: "{{ tls_private }}/{{ mail_server }}.key"