Obtain opendkim keys.

author Jakub Czajka <jakub@ekhem.eu.org>

Sun, 15 Oct 2023 16:05:02 +0000 (18:05 +0200)

committer Jakub Czajka <jczajka@google.com>

Sun, 24 Dec 2023 18:46:45 +0000 (19:46 +0100)
author Jakub Czajka <jakub@ekhem.eu.org>
Sun, 15 Oct 2023 16:05:02 +0000 (18:05 +0200)
committer Jakub Czajka <jczajka@google.com>
Sun, 24 Dec 2023 18:46:45 +0000 (19:46 +0100)
diff --git a/server/opendkim.yaml b/server/opendkim.yaml

index f4ee1d699c3c3de97f8985fa703e46e3ae5c526c..f70e8ebe6a7a8c8db28329d953eb7d30ff301f62 100644 (file)
--- a/server/opendkim.yaml
+++ b/server/opendkim.yaml
@@ -25,6 +25,20 @@
      dest: "/etc/default"
      remote_src: true
    become: true
+- name: Ensure correct permissions for opendkim files
+  file:
+    path: "/etc/opendkim/keys/{{ item.domain }}/{{ item.name }}"
+    mode: "0500"
+  become: true
+  with_items:
+    - domain: "dobity.eu.org"
+      name: "dobity.private"
+    - domain: "dobity.eu.org"
+      name: "dobity.txt"
+    - domain: "ekhem.eu.org"
+      name: "ekhem.txt"
+    - domain: "ekhem.eu.org"
+      name: "ekhem.txt"
  - name: Restart opendkim
    service:
      name: opendkim
diff --git a/sources.yaml b/sources.yaml

index 938a950d5e76dbc8502b1844af49f5f61ec3c7c4..f4a530ea738717e1457c844f266b67075506bb52 100644 (file)
--- a/sources.yaml
+++ b/sources.yaml
@@ -44,6 +44,11 @@ files:
      dest: "/srv/git"
      owner: "git"
      group: "www-data"
+  - name: "opendkim"
+    uid: "1Pwq9RLCr_P53H3c6_ZzxOwRZk1925sfR"
+    dest: "/etc"
+    owner: "opendkim"
+    group: "opendkim"
    - name: "password_store.git"
      uid: "1ZWu643FJBuMF3ypj5VUsLin8rF7WWhmp"
      dest: "/srv/git"
author	Jakub Czajka <jakub@ekhem.eu.org>
	Sun, 15 Oct 2023 16:05:02 +0000 (18:05 +0200)
committer	Jakub Czajka <jczajka@google.com>
	Sun, 24 Dec 2023 18:46:45 +0000 (19:46 +0100)
server/opendkim.yaml		patch \| blob \| history
sources.yaml		patch \| blob \| history