Add opendkim role

This commit is contained in:
Victor LABORIE 2017-10-27 11:41:31 +02:00
parent 206e2e8a0a
commit a3744bbe59
6 changed files with 103 additions and 0 deletions

View file

@ -0,0 +1,2 @@
---
opendkim_is_active: True

View file

@ -0,0 +1,18 @@
UserID opendkim
Socket inet:54321:127.0.0.1
PidFile /var/run/opendkim/opendkim.pid
OversignHeaders From
TrustAnchorFile /usr/share/dns/root.key
Selector default
Canonicalization relaxed/relaxed
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
LogResults Yes
LogWhy Yes
Mode sv
SigningTable refile:/etc/opendkim/SigningTable
Syslog Yes
SyslogSuccess Yes
TemporaryDirectory /var/tmp
UMask 007

View file

@ -0,0 +1,10 @@
---
- name: reload opendkim
systemd:
name: opendkim
state: reloaded
- name: restart opendkim
systemd:
name: opendkim
state: restarted

67
opendkim/tasks/main.yml Normal file
View file

@ -0,0 +1,67 @@
---
- name: install OpenDKIM
apt:
name: "{{ item }}"
state: present
with_items:
- opendkim
- opendkim-tools
tags:
- opendkim
- name: create keys directory
file:
name: "{{ item }}"
state: directory
owner: opendkim
group: opendkim
mode: "0750"
with_items:
- '/etc/opendkim'
- '/etc/opendkim/keys'
tags:
- opendkim
- name: add 127.0.0.1 to TrustedHosts
lineinfile:
dest: '/etc/opendkim/TrustedHosts'
line: '127.0.0.1'
create: True
owner: opendkim
group: opendkim
mode: "0640"
notify: reload opendkim
tags:
- opendkim
- name: create config files
file:
name: "/etc/opendkim/{{ item }}"
state: touch
owner: opendkim
group: opendkim
mode: "0640"
with_items:
- 'KeyTable'
- 'SigningTable'
changed_when: False
tags:
- opendkim
- name: copy OpenDKIM config
copy:
src: opendkim.conf
dest: /etc/opendkim.conf
mode: "0644"
force: yes
notify: restart opendkim
tags:
- opendkim
- name: ensure opendkim is started and enabled
systemd:
name: opendkim
state: started
enabled: True
tags:
- opendkim

View file

@ -4,6 +4,7 @@ dependencies:
- { role: amavis }
- { role: spamassasin }
- { role: clamav }
- { role: opendkim }
- { role: postfix, postfix_packmail: True, postfix_force_main_cf: True }
- { role: dovecot }
- { role: apache }

View file

@ -417,3 +417,8 @@ transport_maps = hash:$config_directory/transport
{% if amavis_is_active is defined and amavis_is_active == True %}
content_filter = smtp-amavis:[127.0.0.1]:10024
{% endif %}
{% if opendkim_is_active is defined and opendkim_is_active == True %}
smtpd_milters = inet:127.0.0.1:54321
non_smtpd_milters = inet:127.0.0.1:54321
{% endif %}