---
# Installs and configures the Rspamd spam filtering system.

- name: Ensure repository key for Rspamd is in place
  apt_key:
    url=https://rspamd.com/apt-stable/gpg.key
    state=present
  tags:
    - dependencies

- name: Add Rspamd repository
  apt_repository:
    repo="deb https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main"
  tags:
    - dependencies

- name: Install Rspamd and Redis
  apt:
    name: "{{ packages }}"
    state: present
  vars:
    packages:
    - rspamd
    - redis-server
  tags:
    - dependencies

- name: Copy DMARC configuration into place
  template:
    src=etc_rspamd_local.d_dmarc.conf.j2
    dest=/etc/rspamd/local.d/dmarc.conf
    owner=root
    group=root
    mode="0644"
  notify: restart rspamd

- name: Configure Rspamd to use Redis
  copy:
    src=etc_rspamd_local.d_redis.conf
    dest=/etc/rspamd/local.d/redis.conf
    owner=root
    group=root
    mode="0644"
  notify: restart rspamd

- name: Copy DKIM configuration into place
  copy:
    src=etc_rspamd_override.d_dkim_signing.conf
    dest=/etc/rspamd/override.d/dkim_signing.conf
    owner=root
    group=root
    mode="0644"
  notify: restart rspamd

- name: Create dkim key directory
  file:
    path=/var/lib/rspamd/dkim
    state=directory
    owner=_rspamd
    group=_rspamd

- name: Generate DKIM keys
  shell: rspamadm dkim_keygen -b 1024 -s mail -d {{ item.name }} -k {{ item.name }}.mail.key > {{ item.name }}.mail.txt
  args:
    creates: /var/lib/rspamd/dkim/{{ item.name }}.mail.key
    chdir: /var/lib/rspamd/dkim/
  with_items: "{{ virtual_domains }}"
  notify: restart rspamd

- name: Start redis
  service:
    name=redis-server
    state=started