- name: 'Install opendkim packages'
  apt:
    pkg:
      - 'opendkim'
    install_recommends: 'no'
    state: 'present'
  tags:
    - 'dkim'

- name: 'Install opendkim main configuration'
  template:
    src: 'opendkim/opendkim.conf.j2'
    dest: '/etc/opendkim.conf'
    owner: 'root'
    group: 'opendkim'
    mode: '0640'
  notify:
    - 'Restart opendkim'
  tags:
    - 'dkim'

- name: 'Create opendkim config directory'
  file:
    path: '/etc/opendkim'
    state: 'directory'
    owner: 'root'
    group: 'opendkim'
    mode: '0750'
  tags:
    - 'dkim'

- name: 'Install opendkim KeyTable'
  template:
    src: 'opendkim/KeyTable.j2'
    dest: '/etc/opendkim/KeyTable'
    owner: 'root'
    group: 'opendkim'
    mode: '0640'
  notify:
    - 'Restart opendkim'
  tags:
    - 'dkim'

- name: 'Install opendkim SigningTable'
  template:
    src: 'opendkim/SigningTable.j2'
    dest: '/etc/opendkim/SigningTable'
    owner: 'root'
    group: 'opendkim'
    mode: '0640'
  notify:
    - 'Restart opendkim'
  tags:
    - 'dkim'

- name: 'Install opendkim InternalHosts'
  template:
    src: 'opendkim/InternalHosts.j2'
    dest: '/etc/opendkim/InternalHosts'
    owner: 'root'
    group: 'opendkim'
    mode: '0640'
  notify:
    - 'Restart opendkim'
  tags:
    - 'dkim'

- name: 'Install DKIM private keys'
  copy:
    content: "{{ lookup('file', 'data/dkim/' + item + '.pem') }}"
    dest: '/etc/opendkim/{{ item }}_{{ dkim_selector }}.pem'
    owner: 'root'
    group: 'opendkim'
    mode: '0640'
  with_items: '{{ dkim_domains }}'
  when: dkim_domains|length > 0
  tags:
    - 'dkim'

- name: 'Install opendkim systemd service override'
  template:
    src: 'opendkim/opendkim.service.j2'
    dest: '/etc/systemd/system/opendkim.service'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Restart opendkim'
  tags:
    - 'dkim'

# vim: ft=yaml.ansible