thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
928 Commits
1 Branch
Tree: 590c316781
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '590c316781'
${ noResults }
sovereign/roles/mailserver/tasks/opendmarc.yml

opendmarc.yml 2.3KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. - name: Install OpenDMARC milter and related packages

  2.   apt: pkg={{ item }} state=installed update_cache=yes

  3.   with_items:

  4.     - mysql-server

  5.     - python-mysqldb

  6.     - opendmarc

  7. 

  8. - name: Patch opendmarc scripts (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742447)

  9.   lineinfile: dest=/usr/sbin/{{ item }} regexp='^require DBD::' line='require DBD::mysql;'

  10.   with_items:

  11.     - opendmarc-import

  12.     - opendmarc-reports

  13.     - opendmarc-params

  14. 

  15. - name: Patch opendmarc scripts part deux (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742447)

  16.   lineinfile: dest=/usr/sbin/{{ item }} regexp='^my \$dbscheme' line='my $dbscheme     = "mysql";'

  17.   with_items:

  18.     - opendmarc-reports

  19.     - opendmarc-import

  20. 

  21. - name: Copy OpenDMARC configuration file into place

  22.   template: src=etc_opendmarc.conf.j2 dest=/etc/opendmarc.conf owner=root group=root

  23.   notify: restart opendmarc

  24. 

  25. - name: Create OpenDMARC configuration directory

  26.   file: state=directory path=/etc/opendmarc

  27. 

  28. - name: Copy OpenDMARC ignore hosts file into place

  29.   template: src=etc_opendmarc_ignore.hosts.j2 dest=/etc/opendmarc/ignore.hosts owner=root group=root

  30. 

  31. - name: Copy OpenDMARC defaults file into place

  32.   copy: src=etc_default_opendmarc dest=/etc/default/opendmarc owner=root group=root

  33.   notify:

  34.     - restart opendmarc

  35.     - restart postfix

  36. 

  37. - name: Create database user for OpenDMARC reports

  38.   mysql_user: user={{ mail_db_opendmarc_username }} password={{ mail_db_opendmarc_password }} state=present priv="opendmarc.*:ALL"

  39. 

  40. - name: Create database for OpenDMARC reports

  41.   mysql_db: name={{ mail_db_opendmarc_database }} state=present

  42.   register: db_created

  43. 

  44. - name: Import opendmarc schema

  45.   mysql_db: name={{ mail_db_opendmarc_database }} state=import target=/usr/share/doc/opendmarc/schema.mysql

  46.   when: db_created.changed

  47. 

  48. - name: Copy nightly OpenDMARC report generation script into place

  49.   template: src=etc_opendmarc_report.sh.j2 dest=/etc/opendmarc/report.sh owner=root group=root mode="0755"

  50. 

  51. - name: Ensure initial report dat file exists with correct permissions

  52.   copy: content="" dest=/var/run/opendmarc/opendmarc.dat owner=opendmarc group=opendmarc

  53. 

  54. - name: Activate OpenDMARC report cronjob

  55.   cron: name="OpenDMARC report" hour="2" minute="0" job="/bin/bash /etc/opendmarc/report.sh >> /var/log/opendmarc_report.log 2>&1 || tail /var/log/opendmarc_report.log"