2024-07-26 18:47:04 +02:00
|
|
|
---
|
|
|
|
|
|
2024-11-01 16:42:54 +01:00
|
|
|
- name: Copy dkim_signing local config
|
|
|
|
|
become: true
|
|
|
|
|
ansible.builtin.template:
|
|
|
|
|
src: dkim_signing.conf.j2
|
|
|
|
|
dest: /etc/rspamd/local.d/dkim_signing.conf
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: "644"
|
|
|
|
|
notify: Reload rspamd service
|
|
|
|
|
|
2024-07-26 18:47:04 +02:00
|
|
|
- name: Create dkim directory for the key file
|
|
|
|
|
become: true
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
path: /var/lib/rspamd/dkim
|
|
|
|
|
state: directory
|
|
|
|
|
owner: _rspamd
|
|
|
|
|
group: _rspamd
|
|
|
|
|
mode: "700"
|
|
|
|
|
|
|
|
|
|
- name: Set DKIM selector
|
|
|
|
|
ansible.builtin.set_fact:
|
|
|
|
|
dkim_selector: "{{ '%Y%m%d01' | strftime }}"
|
|
|
|
|
|
|
|
|
|
- name: Create keypair
|
|
|
|
|
become: true
|
2024-11-01 16:42:54 +01:00
|
|
|
loop: "{{ virtual_domains }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
loop_var: domain
|
2024-07-26 18:47:04 +02:00
|
|
|
ansible.builtin.command:
|
|
|
|
|
chdir: /var/lib/rspamd/dkim
|
2024-11-01 16:42:54 +01:00
|
|
|
cmd: "rspamadm dkim_keygen -d {{ domain }} -s {{ dkim_selector }} -k {{ domain }}.{{ dkim_selector }}.key"
|
|
|
|
|
creates: "/var/lib/rspamd/dkim/{{ domain }}.*.key"
|
2024-07-26 18:47:04 +02:00
|
|
|
register: dkim_txt_record
|
|
|
|
|
notify:
|
2024-07-26 19:07:11 +02:00
|
|
|
- Fix DKIM key ownership
|
2024-07-26 18:47:04 +02:00
|
|
|
- Save DKIM TXT record to a file
|
2024-07-26 18:55:21 +02:00
|
|
|
- Add selector to DKIM selectors map
|
