opendkim: deploy script for add DKIM domain

2017-10-27 16:04:59 +02:00 · 2017-10-27 16:04:59 +02:00 · 91d2cce7d4
parent 79e6c55265
commit 91d2cce7d4
2 changed files with 74 additions and 0 deletions
--- a/opendkim/files/opendkim-add.sh
+++ b/opendkim/files/opendkim-add.sh
@ -0,0 +1,46 @@
+#!/bin/sh
+
+if [ "$#" -ne 1 ]; then
+    echo "Usage : $0 example.com" >&2
+    exit 1
+fi
+
+domain="$(echo "$1"|xargs)"
+
+mkdir -pm 0750 "/etc/opendkim/keys/${domain}"
+chown opendkim:opendkim "/etc/opendkim/keys/${domain}"
+
+if [ ! -f "/etc/opendkim/keys/${domain}/default.private" ]; then
+    cd "/etc/opendkim/keys/${domain}"
+    echo "Generate DKIM keys ..."
+    sudo -u opendkim opendkim-genkey -r -d "${domain}"
+    chmod 640 /etc/opendkim/keys/${domain}/*
+fi
+
+grep -q "${domain}" /etc/opendkim/TrustedHosts
+if [ "$?" -ne 0 ]; then
+    echo "Add ${domain} to TrustedHosts ..."
+    echo "${domain}" >> /etc/opendkim/TrustedHosts
+fi
+
+grep -q "${domain}" /etc/opendkim/KeyTable
+if [ "$?" -ne 0 ]; then
+    echo "Add ${domain} to KeyTable ..."
+    echo "default._domainkey.${domain} ${domain}:default:/etc/opendkim/keys/${domain}/default.private" >> /etc/opendkim/KeyTable
+fi
+
+grep -q "${domain}" /etc/opendkim/SigningTable
+if [ "$?" -ne 0 ]; then
+    echo "Add ${domain} to SigningTable ..."
+    echo "*@${domain} default._domainkey.${domain}" >> /etc/opendkim/SigningTable
+fi
+
+systemctl reload opendkim
+if [ "$?" -eq 0 ]; then
+    echo "OpenDKIM successfully reloaded"
+    echo "Public key is in : /etc/opendkim/keys/${domain}/default.txt"
+    exit 0
+else
+    echo "An error has occurred while opendkim reload, please FIX configuration !" >&2
+    exit 1
+fi
--- a/opendkim/tasks/main.yml
+++ b/opendkim/tasks/main.yml
@ -65,3 +65,31 @@
    enabled: True 
  tags:
  - opendkim
+
+- name: check if /usr is a partition
+  shell: "mount | grep 'on /usr type'"
+  args:
+    warn: no
+  changed_when: False
+  failed_when: False
+  register: usr_partition
+  check_mode: no
+  tags:
+  - opendkim
+
+- name: mount /usr in rw
+  command: mount -o remount,rw /usr
+  args:
+    warn: no
+  changed_when: False
+  when: usr_partition.rc == 0
+  tags:
+  - opendkim
+
+- name: deploy opendkim-add.sh script
+  copy:
+    src: opendkim-add.sh
+    dest: /usr/share/scripts/opendkim-add.sh
+    mode: "0750"
+  tags:
+  - opendkim