foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible/roles/opendkim/tasks/main.yml

85 lines
2 KiB
YAML
Raw Blame History

---
- name: Install packages
ansible.builtin.package:
name: opendkim
state: installed
- name: Fix SELinux contexts from keystore
community.general.sefcontext:
path: "/export/dkim(/.*)?"
setype: etc_t
- name: Create keystore
ansible.builtin.file:
path: /export/dkim
state: directory
mode: "0710"
owner: root
group: opendkim
setype: _default
- name: Link keystore
ansible.builtin.file:
dest: /srv/dkim
src: /export/dkim
state: link
owner: root
group: "{{ ansible_wheel }}"
follow: false
- name: Add keystore Makefile
ansible.builtin.copy:
dest: /srv/dkim/Makefile
src: keystore.Makefile
mode: "0600"
owner: root
group: "{{ ansible_wheel }}"
setype: _default
- name: Set selector
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?Selector\s'
line: "Selector\t{{ opendkim_selector }}"
notify: Restart opendkim
- name: Set key file path
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?KeyFile\s'
line: "KeyFile\t/srv/dkim/{{ opendkim_selector }}.key"
notify: Restart opendkim
- name: Enable signing and verifying messages
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?Mode\s'
line: "Mode\tsv"
notify: Restart opendkim
- name: Configure signing domains
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?Domain\s'
line: "Domain\t{{ mail_domain }}"
notify: Restart opendkim
- name: Configure report address
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?ReportAddress\s'
line: "ReportAddress\tpostmaster@{{ mail_domain }}"
notify: Restart opendkim
- name: Don't add DKIM-Filter header
ansible.builtin.lineinfile:
path: /etc/opendkim.conf
regexp: '^(# )?SoftwareHeader\s'
line: "SoftwareHeader\tno"
notify: Restart opendkim
- name: Enable service
ansible.builtin.service:
name: opendkim
state: started
enabled: true
Reference in a new issue View git blame Copy permalink