--- - name: Configure exim4 notify: restart exim4 template: src: 'update-exim4.conf.conf' dest: /etc/exim4/update-exim4.conf.conf - name: Update mailname notify: restart exim4 copy: content: '{{ exim4_sendonly_fqdn }}' dest: '/etc/mailname' - name: Define email aliases notify: restart exim4 lineinfile: dest: /etc/aliases regexp: "{{ item.regexp }}" line: "{{ item.line }}" with_items: '{{ exim4_sendonly_email_aliases }}' when: exim4_sendonly_email_aliases|length - name: Define email addresses notify: restart exim4 template: src: 'email-addresses.j2' dest: '/etc/email-addresses' when: exim4_sendonly_email_addresses|length - name: Set auth for relay host notify: restart exim4 template: src: 'passwd.client' dest: '/etc/exim4/passwd.client' - name: Define local macros notify: restart exim4 template: src: 'exim4.conf.localmacros' dest: '/etc/exim4/exim4.conf.localmacros' - name: Create /etc/exim4/dkim/ directory file: path: /etc/exim4/dkim/ state: directory mode: 0750 owner: Debian-exim group: Debian-exim - name: Choose a DKIM selector set_fact: dkim_selector: "{{ inventory_hostname | replace('.', '-') }}" - name: Generate a private key for DKIM command: openssl genrsa -out /etc/exim4/dkim/{{ dkim_selector }}-private.key 1024 args: creates: /etc/exim4/dkim/{{ dkim_selector }}-private.key - name: Allow exim to read the DKIM private key file: path: /etc/exim4/dkim/{{ dkim_selector }}-private.key owner: root group: Debian-exim mode: 0640 - name: Derive the public key for DKIM command: openssl rsa -in {{ dkim_selector }}-private.key -out {{ dkim_selector }}.pem -pubout -outform PEM args: chdir: /etc/exim4/dkim/ creates: /etc/exim4/dkim/{{ dkim_selector }}.pem - name: Configure exim to use our DKIM key copy: dest: /etc/exim4/conf.d/main/00_local_macros content: | DKIM_CANON = relaxed DKIM_SELECTOR = {{ dkim_selector }} DKIM_DOMAIN = {{ inventory_hostname }} DKIM_PRIVATE_KEY = /etc/exim4/dkim/{{ dkim_selector }}-private.key owner: root group: root mode: 0644 notify: reload exim4 register: config_exim