ansible-role-disposable-mail/tasks/opendkim.yml

49 lines
1.3 KiB
YAML

---
- name: Install and update OpenDKIM
ansible.builtin.package:
name:
- opendkim
- opendkim-tools
state: present
- name: Configure OpenDKIM
ansible.builtin.template:
src: opendkim.conf.j2
dest: /etc/opendkim.conf
notify: restart opendkim
- name: Ensure OpenDKIM unix socket path for postfix
ansible.builtin.file:
path: /var/spool/postfix/opendkim
state: directory
owner: postfix
group: opendkim
mode: '0770'
notify: restart opendkim
- name: Generate DKIM signing key
ansible.builtin.command:
cmd: "opendkim-genkey -r -s {{ dkim_selector }} -b 2048 -d {{ postfix_domain }} --directory /etc/dkimkeys"
creates: "/etc/dkimkeys/{{ dkim_selector }}.private"
become: true
become_user: opendkim
notify: restart opendkim
- name: Ensure postfix is in opendkim group
ansible.builtin.user:
name: postfix
groups: opendkim
append: true
notify: restart opendkim
- name: Register whether /var/spool/postfix/opendkim/opendkim.sock exists
ansible.builtin.stat:
path: /var/spool/postfix/opendkim/opendkim.sock
register: opendkim_socket
- name: (Workaround) Force opendkim to restart again if the unix socket is still missing.
ansible.builtin.systemd:
name: opendkim
state: restarted
when: not opendkim_socket.stat.exists