fix multidomain config

2024-04-03 23:58:26 +03:00 · 2024-04-03 23:58:26 +03:00 · 05541ff0bb
commit 05541ff0bb
parent 8e11f67af4
3 changed files with 41 additions and 25 deletions
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -57,29 +57,45 @@
    backup: true
  notify: Restart OpenDKIM service

-# - name: Configure OpenDKIM domains
-#   lineinfile:
-#     path: /etc/opendkim.conf
-#     regexp: '^Domain '
-#     line: "Domain                  {{ mail_domains|join(',') }}"
-#     backup: true
-#   notify: Restart OpenDKIM service
+- name: Configure OpenDKIM key table
+  lineinfile:
+    path: /etc/opendkim.conf
+    regexp: '^KeyTable '
+    line: "KeyTable                /etc/opendkim/keytable"
+    backup: true
+  notify: Restart OpenDKIM service

-# - name: Configure OpenDKIM key file
-#   lineinfile:
-#     path: /etc/opendkim.conf
-#     regexp: '^KeyFile '
-#     line: "KeyFile                  /etc/dkimkeys/{{ mail_domains[0] }}.private"
-#     backup: true
-#   notify: Restart OpenDKIM service
+- name: Configure OpenDKIM signing table
+  lineinfile:
+    path: /etc/opendkim.conf
+    regexp: '^SigningTable '
+    line: "SigningTable            /etc/opendkim/signingtable"
+    backup: true
+  notify: Restart OpenDKIM service

-# - name: Configure OpenDKIM selector
-#   lineinfile:
-#     path: /etc/opendkim.conf
-#     regexp: '^Selector '
-#     line: 'Selector                  ""'
-#     backup: true
-#   notify: Restart OpenDKIM service
+- name: Configure OpenDKIM InternalHosts
+  lineinfile:
+    path: /etc/opendkim.conf
+    regexp: '^InternalHosts '
+    line: 'InternalHosts           /etc/opendkim/TrustedHosts'
+    backup: true
+  notify: Restart OpenDKIM service
+
+- name: Configure OpenDKIM ExternalIgnoreList
+  lineinfile:
+    path: /etc/opendkim.conf
+    regexp: '^ExternalIgnoreList '
+    line: 'ExternalIgnoreList      /etc/opendkim/TrustedHosts'
+    backup: true
+  notify: Restart OpenDKIM service
+
+- name: Configure OpenDKIM SubDomains
+  lineinfile:
+    path: /etc/opendkim.conf
+    regexp: '^SubDomains '
+    line: 'SubDomains              yes'
+    backup: true
+  notify: Restart OpenDKIM service

 - name: Ensure opendkim folder exists
  file:
@ -123,7 +139,7 @@
  lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^milter_default_action '
-    line: 'milter_default_action  = accept'
+    line: 'milter_default_action = accept'
    backup: yes
  notify:
    - Reload postfix
@ -132,7 +148,7 @@
  lineinfile:
    path: /etc/postfix/main.cf
    regexp: '^milter_protocol '
-    line: 'milter_protocol   = 2'
+    line: 'milter_protocol = 6'
    backup: yes
  notify:
    - Reload postfix
--- a/templates/keytable.j2
+++ b/templates/keytable.j2
@ -1,3 +1,3 @@
 {% for domain in mail_domains %}
-  {{ dkim_selector }}._domainkey.{{ domain }} {{ domain }}:selector:/etc/opendkim/{{ domain }}.private
+{{ dkim_selector }}._domainkey.{{ domain }} {{ domain }}:default:/etc/opendkim/{{ domain }}.private
 {% endfor %}
--- a/templates/signingtable.j2
+++ b/templates/signingtable.j2
@ -1,3 +1,3 @@
 {% for domain in mail_domains %}
-  *@{{ domain }} {{ dkim_selector }}._domainkey.{{ domain }}
+*@{{ domain }} {{ dkim_selector }}._domainkey.{{ domain }}
 {% endfor %}