From 67e70e7017b3be1d780446f578eae57ef4904618 Mon Sep 17 00:00:00 2001
From: Tunui Franken <tfranken@protonmail.com>
Date: Sat, 28 Sep 2024 12:23:30 +0200
Subject: [PATCH] Add role mailserver_spf

---
 playbook_mailserver.yml             |  2 ++
 roles/mailserver_spf/tasks/main.yml | 15 +++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 roles/mailserver_spf/tasks/main.yml

diff --git a/playbook_mailserver.yml b/playbook_mailserver.yml
index cd16ac4..e645c19 100644
--- a/playbook_mailserver.yml
+++ b/playbook_mailserver.yml
@@ -22,3 +22,5 @@
       tags: rspamd
     - role: mailserver_dkim
       tags: dkim
+    - role: mailserver_spf
+      tags: spf
diff --git a/roles/mailserver_spf/tasks/main.yml b/roles/mailserver_spf/tasks/main.yml
new file mode 100644
index 0000000..eb9ed77
--- /dev/null
+++ b/roles/mailserver_spf/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+
+- name: Get local public IP
+  ansible.builtin.uri:
+    url: "https://ipinfo.io/ip"
+    return_content: true
+  register: local_public_ip
+
+- name: Set SPF TXT record
+  ansible.builtin.set_fact:
+    spf_txt_record: "{{ virtual_domain }}. IN TXT \"v=spf1 ip4:{{ local_public_ip.content }} mx a ~all\""
+
+- name: Print SPF TXT record for the DNS zone
+  ansible.builtin.debug:
+    msg: "Don't forget to add this to your DNS zone:\n{{ spf_txt_record }}"