AFPy/infra
AFPy
/
infra
9
0
Fork 2
Code Issues 5 Pull Requests Projects Releases Wiki Activity
infra/roles/exim4/tasks/configure.yml

87 lines
2.2 KiB
YAML
Raw Blame History

---
- name: Configure exim4
notify: restart exim4
template:
src: 'update-exim4.conf.conf'
dest: /etc/exim4/update-exim4.conf.conf
- name: Update mailname
notify: restart exim4
copy:
content: '{{ exim4_sendonly_fqdn }}'
dest: '/etc/mailname'
- name: Define email aliases
notify: restart exim4
lineinfile:
dest: /etc/aliases
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items: '{{ exim4_sendonly_email_aliases }}'
when: exim4_sendonly_email_aliases|length
- name: Define email addresses
notify: restart exim4
template:
src: 'email-addresses.j2'
dest: '/etc/email-addresses'
when: exim4_sendonly_email_addresses|length
- name: Set auth for relay host
notify: restart exim4
template:
src: 'passwd.client'
dest: '/etc/exim4/passwd.client'
- name: Enable TLS
notify: restart exim4
template:
src: 'exim4.conf.localmacros'
dest: '/etc/exim4/exim4.conf.localmacros'
when: exim4_sendonly_enable_tls
- name: Create /etc/exim4/dkim/ directory
file:
path: /etc/exim4/dkim/
state: directory
mode: 0750
owner: Debian-exim
group: Debian-exim
- name: Choose a DKIM selector
set_fact:
dkim_selector: "{{ inventory_hostname | replace('.', '-') }}"
- name: Generate a private key for DKIM
command: openssl genrsa -out /etc/exim4/dkim/{{ dkim_selector }}-private.key 1024
args:
creates: /etc/exim4/dkim/{{ dkim_selector }}-private.key
- name: Allow exim to read the DKIM private key
file:
path: /etc/exim4/dkim/{{ dkim_selector }}-private.key
owner: root
group: Debian-exim
mode: 0640
- name: Derive the public key for DKIM
command: openssl rsa -in {{ dkim_selector }}-private.key -out {{ dkim_selector }}.pem -pubout -outform PEM
args:
chdir: /etc/exim4/dkim/
creates: /etc/exim4/dkim/{{ dkim_selector }}.pem
- name: Configure exim to use our DKIM key
copy:
dest: /etc/exim4/conf.d/main/00_local_macros
content: |
DKIM_CANON = relaxed
DKIM_SELECTOR = {{ dkim_selector }}
DKIM_DOMAIN = {{ inventory_hostname }}
DKIM_PRIVATE_KEY = /etc/exim4/dkim/{{ dkim_selector }}-private.key
owner: root
group: root
mode: 0644
notify: reload exim4
register: config_exim
Reference in New Issue View Git Blame Copy Permalink