Add opendkim role
This commit is contained in:
parent
206e2e8a0a
commit
a3744bbe59
6 changed files with 103 additions and 0 deletions
2
opendkim/defaults/main.yml
Normal file
2
opendkim/defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
opendkim_is_active: True
|
18
opendkim/files/opendkim.conf
Normal file
18
opendkim/files/opendkim.conf
Normal file
|
@ -0,0 +1,18 @@
|
|||
UserID opendkim
|
||||
Socket inet:54321:127.0.0.1
|
||||
PidFile /var/run/opendkim/opendkim.pid
|
||||
OversignHeaders From
|
||||
TrustAnchorFile /usr/share/dns/root.key
|
||||
Selector default
|
||||
Canonicalization relaxed/relaxed
|
||||
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
|
||||
InternalHosts refile:/etc/opendkim/TrustedHosts
|
||||
KeyTable refile:/etc/opendkim/KeyTable
|
||||
LogResults Yes
|
||||
LogWhy Yes
|
||||
Mode sv
|
||||
SigningTable refile:/etc/opendkim/SigningTable
|
||||
Syslog Yes
|
||||
SyslogSuccess Yes
|
||||
TemporaryDirectory /var/tmp
|
||||
UMask 007
|
10
opendkim/handlers/main.yml
Normal file
10
opendkim/handlers/main.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: reload opendkim
|
||||
systemd:
|
||||
name: opendkim
|
||||
state: reloaded
|
||||
|
||||
- name: restart opendkim
|
||||
systemd:
|
||||
name: opendkim
|
||||
state: restarted
|
67
opendkim/tasks/main.yml
Normal file
67
opendkim/tasks/main.yml
Normal file
|
@ -0,0 +1,67 @@
|
|||
---
|
||||
- name: install OpenDKIM
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- opendkim
|
||||
- opendkim-tools
|
||||
tags:
|
||||
- opendkim
|
||||
|
||||
- name: create keys directory
|
||||
file:
|
||||
name: "{{ item }}"
|
||||
state: directory
|
||||
owner: opendkim
|
||||
group: opendkim
|
||||
mode: "0750"
|
||||
with_items:
|
||||
- '/etc/opendkim'
|
||||
- '/etc/opendkim/keys'
|
||||
tags:
|
||||
- opendkim
|
||||
|
||||
- name: add 127.0.0.1 to TrustedHosts
|
||||
lineinfile:
|
||||
dest: '/etc/opendkim/TrustedHosts'
|
||||
line: '127.0.0.1'
|
||||
create: True
|
||||
owner: opendkim
|
||||
group: opendkim
|
||||
mode: "0640"
|
||||
notify: reload opendkim
|
||||
tags:
|
||||
- opendkim
|
||||
|
||||
- name: create config files
|
||||
file:
|
||||
name: "/etc/opendkim/{{ item }}"
|
||||
state: touch
|
||||
owner: opendkim
|
||||
group: opendkim
|
||||
mode: "0640"
|
||||
with_items:
|
||||
- 'KeyTable'
|
||||
- 'SigningTable'
|
||||
changed_when: False
|
||||
tags:
|
||||
- opendkim
|
||||
|
||||
- name: copy OpenDKIM config
|
||||
copy:
|
||||
src: opendkim.conf
|
||||
dest: /etc/opendkim.conf
|
||||
mode: "0644"
|
||||
force: yes
|
||||
notify: restart opendkim
|
||||
tags:
|
||||
- opendkim
|
||||
|
||||
- name: ensure opendkim is started and enabled
|
||||
systemd:
|
||||
name: opendkim
|
||||
state: started
|
||||
enabled: True
|
||||
tags:
|
||||
- opendkim
|
|
@ -4,6 +4,7 @@ dependencies:
|
|||
- { role: amavis }
|
||||
- { role: spamassasin }
|
||||
- { role: clamav }
|
||||
- { role: opendkim }
|
||||
- { role: postfix, postfix_packmail: True, postfix_force_main_cf: True }
|
||||
- { role: dovecot }
|
||||
- { role: apache }
|
||||
|
|
|
@ -417,3 +417,8 @@ transport_maps = hash:$config_directory/transport
|
|||
{% if amavis_is_active is defined and amavis_is_active == True %}
|
||||
content_filter = smtp-amavis:[127.0.0.1]:10024
|
||||
{% endif %}
|
||||
|
||||
{% if opendkim_is_active is defined and opendkim_is_active == True %}
|
||||
smtpd_milters = inet:127.0.0.1:54321
|
||||
non_smtpd_milters = inet:127.0.0.1:54321
|
||||
{% endif %}
|
||||
|
|
Loading…
Reference in a new issue