ansible-roles/opendkim/tasks/main.yml

98 lines
1.8 KiB
YAML

---
- name: install OpenDKIM
ansible.builtin.apt:
name:
- opendkim
- opendkim-tools
- ssl-cert
- dns-root-data
state: present
update_cache: yes
tags:
- opendkim
- name: Add user opendkim in ssl-cert group
ansible.builtin.user:
name: opendkim
groups: ssl-cert
state: present
append: yes
tags:
- opendkim
- name: add 127.0.0.1 to TrustedHosts
ansible.builtin.lineinfile:
dest: '/etc/opendkim/TrustedHosts'
line: '127.0.0.1'
create: True
owner: opendkim
group: opendkim
mode: "0640"
notify: reload opendkim
tags:
- opendkim
- name: create config files
ansible.builtin.file:
name: "/etc/opendkim/{{ item }}"
state: touch
owner: opendkim
group: opendkim
mode: "0640"
loop:
- 'KeyTable'
- 'SigningTable'
changed_when: False
tags:
- opendkim
- name: Add Include in opendkim.conf
ansible.builtin.lineinfile:
dest: /etc/opendkim.conf
line: 'Include /etc/opendkim-evolix.conf'
state: present
create: no
mode: "0644"
tags:
- opendkim
- name: copy OpenDKIM config
ansible.builtin.copy:
src: opendkim-evolix.conf
dest: /etc/opendkim-evolix.conf
mode: "0644"
force: true
notify: restart opendkim
tags:
- opendkim
- name: Set folder permissions to 0750
ansible.builtin.file:
path: "/etc/opendkim/"
owner: opendkim
group: opendkim
mode: "0750"
force: true
tags:
- opendkim
- name: ensure opendkim is started and enabled
ansible.builtin.systemd:
name: opendkim
state: started
enabled: True
tags:
- opendkim
- ansible.builtin.include_role:
name: evolix/remount-usr
- name: deploy opendkim-add.sh script
ansible.builtin.copy:
src: opendkim-add.sh
dest: /usr/share/scripts/opendkim-add.sh
mode: "0750"
tags:
- opendkim