Add opendkim role

author: Dmitry Ilvokhin <d@ilvokhin.com> 2024-03-24 13:59:27 +0000
committer: Dmitry Ilvokhin <d@ilvokhin.com> 2024-03-24 13:59:27 +0000
commit: 9731e3032a44e1cf91ba7a12769f7c0ce88403af (patch)
tree: be11418fd423af093ddb6eaf839d0550dc7cbe1f /roles/opendkim/tasks/main.yml
parent: 4e722e18f0014aed51fb51c130fb17ceb6f15200 (diff)
download: infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.tar.gz
infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.tar.bz2
infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.zip
1 files changed, 28 insertions, 0 deletions
diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml
new file mode 100644
index 0000000..e38df64
--- /dev/null
+++ b/roles/opendkim/tasks/main.yml
@@ -0,0 +1,28 @@
+- name: Install opendkim
+  ansible.builtin.package:
+    name:
+      - opendkim
+    state: present
+
+- name: Configure opendkim
+  ansible.builtin.copy:
+    src: '{{ item }}'
+    dest: /etc/opendkim/
+    owner: opendkim
+    group: opendkim
+    # It doesn't have much sense to set a more granular permissions for each
+    # specific file here, because /etc/opendkim directory itself has pretty
+    # strict permissions and non-privilege users can't read them anyway.
+    mode: u+rw,g-rwx,o-rwx
+  loop:
+    - files/opendkim.conf
+    - files/mail.private
+    - files/mail.txt
+  notify:
+    - Restart opendkim
+
+- name: Enable opendkim systemd service
+  ansible.builtin.service:
+    name: opendkim
+    enabled: yes
+    state: started
author	Dmitry Ilvokhin <d@ilvokhin.com>	2024-03-24 13:59:27 +0000
committer	Dmitry Ilvokhin <d@ilvokhin.com>	2024-03-24 13:59:27 +0000
commit	9731e3032a44e1cf91ba7a12769f7c0ce88403af (patch)
tree	be11418fd423af093ddb6eaf839d0550dc7cbe1f /roles/opendkim/tasks/main.yml
parent	4e722e18f0014aed51fb51c130fb17ceb6f15200 (diff)
download	infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.tar.gz infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.tar.bz2 infra-9731e3032a44e1cf91ba7a12769f7c0ce88403af.zip