Browse Source

Add opendkim role

evolinux-users
Victor Laborie 2 years ago
parent
commit
a3744bbe59
6 changed files with 103 additions and 0 deletions
  1. +2
    -0
      opendkim/defaults/main.yml
  2. +18
    -0
      opendkim/files/opendkim.conf
  3. +10
    -0
      opendkim/handlers/main.yml
  4. +67
    -0
      opendkim/tasks/main.yml
  5. +1
    -0
      packmail/meta/main.yml
  6. +5
    -0
      postfix/templates/packmail_main.cf.j2

+ 2
- 0
opendkim/defaults/main.yml View File

@@ -0,0 +1,2 @@
---
opendkim_is_active: True

+ 18
- 0
opendkim/files/opendkim.conf View File

@@ -0,0 +1,18 @@
UserID opendkim
Socket inet:54321:127.0.0.1
PidFile /var/run/opendkim/opendkim.pid
OversignHeaders From
TrustAnchorFile /usr/share/dns/root.key
Selector default
Canonicalization relaxed/relaxed
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
LogResults Yes
LogWhy Yes
Mode sv
SigningTable refile:/etc/opendkim/SigningTable
Syslog Yes
SyslogSuccess Yes
TemporaryDirectory /var/tmp
UMask 007

+ 10
- 0
opendkim/handlers/main.yml View File

@@ -0,0 +1,10 @@
---
- name: reload opendkim
systemd:
name: opendkim
state: reloaded

- name: restart opendkim
systemd:
name: opendkim
state: restarted

+ 67
- 0
opendkim/tasks/main.yml View File

@@ -0,0 +1,67 @@
---
- name: install OpenDKIM
apt:
name: "{{ item }}"
state: present
with_items:
- opendkim
- opendkim-tools
tags:
- opendkim

- name: create keys directory
file:
name: "{{ item }}"
state: directory
owner: opendkim
group: opendkim
mode: "0750"
with_items:
- '/etc/opendkim'
- '/etc/opendkim/keys'
tags:
- opendkim

- name: add 127.0.0.1 to TrustedHosts
lineinfile:
dest: '/etc/opendkim/TrustedHosts'
line: '127.0.0.1'
create: True
owner: opendkim
group: opendkim
mode: "0640"
notify: reload opendkim
tags:
- opendkim

- name: create config files
file:
name: "/etc/opendkim/{{ item }}"
state: touch
owner: opendkim
group: opendkim
mode: "0640"
with_items:
- 'KeyTable'
- 'SigningTable'
changed_when: False
tags:
- opendkim

- name: copy OpenDKIM config
copy:
src: opendkim.conf
dest: /etc/opendkim.conf
mode: "0644"
force: yes
notify: restart opendkim
tags:
- opendkim

- name: ensure opendkim is started and enabled
systemd:
name: opendkim
state: started
enabled: True
tags:
- opendkim

+ 1
- 0
packmail/meta/main.yml View File

@@ -4,6 +4,7 @@ dependencies:
- { role: amavis }
- { role: spamassasin }
- { role: clamav }
- { role: opendkim }
- { role: postfix, postfix_packmail: True, postfix_force_main_cf: True }
- { role: dovecot }
- { role: apache }


+ 5
- 0
postfix/templates/packmail_main.cf.j2 View File

@@ -417,3 +417,8 @@ transport_maps = hash:$config_directory/transport
{% if amavis_is_active is defined and amavis_is_active == True %}
content_filter = smtp-amavis:[127.0.0.1]:10024
{% endif %}

{% if opendkim_is_active is defined and opendkim_is_active == True %}
smtpd_milters = inet:127.0.0.1:54321
non_smtpd_milters = inet:127.0.0.1:54321
{% endif %}

Loading…
Cancel
Save