diff options
Diffstat (limited to 'roles/mail/opendkim/tasks/dkim-key.yml')
-rw-r--r-- | roles/mail/opendkim/tasks/dkim-key.yml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/roles/mail/opendkim/tasks/dkim-key.yml b/roles/mail/opendkim/tasks/dkim-key.yml new file mode 100644 index 00000000..02ac34db --- /dev/null +++ b/roles/mail/opendkim/tasks/dkim-key.yml @@ -0,0 +1,37 @@ +--- +- name: create sub directory for keys + file: + path: "/etc/opendkim/keys/{{ opendkim_domain.key }}" + state: directory + mode: 0700 + owner: opendkim + group: opendkim + +- name: install precomputed keys + loop: "{{ opendkim_domain.value['keys'] | dict2items | selectattr('value.content', 'defined') }}" + loop_control: + label: "{{ item.key }}@{{ opendkim_domain.key }}" + copy: + dest: "/etc/opendkim/keys/{{ opendkim_domain.key }}/{{ item.key }}.private" + content: "{{ item.value.content }}" + mode: 0600 + owner: opendkim + group: opendkim + +- name: generate DKIM keys + loop: "{{ opendkim_domain.value['keys'] | dict2items | rejectattr('value.content', 'defined') }}" + loop_control: + label: "{{ item.key }}@{{ opendkim_domain.key }}" + command: "opendkim-genkey -b {{ item.value.keylength }} -s {{ item.key }} -d {{ opendkim_domain.key }} -D '/etc/opendkim/keys/{{ opendkim_domain.key }}'" + args: + creates: "/etc/opendkim/keys/{{ opendkim_domain.key }}/{{ item.key }}.private" + +- name: fix permission for generated DKIM keys + loop: "{{ opendkim_domain.value['keys'] | dict2items | rejectattr('value.content', 'defined') }}" + loop_control: + label: "{{ item.key }}@{{ opendkim_domain.key }}" + file: + path: "/etc/opendkim/keys/{{ opendkim_domain.key }}/{{ item.key }}.private" + mode: 0600 + owner: opendkim + group: opendkim |