DKIM key generation: Adjust ownership.

As of bullseye amavis needs the private key material to be reabled by
the 'amavis' user.

1 files changed, 1 insertions, 1 deletions

diff --git a/roles/amavis/tasks/main.yml b/roles/amavis/tasks/main.yml
index 79c973c..7fc44c7 100644
--- a/roles/amavis/tasks/main.yml
+++ b/roles/amavis/tasks/main.yml
@@ -33,41 +33,41 @@
   lineinfile: dest=/etc/aliases create=yes
               regexp="^amavis{{':'}} "
               line="amavis{{':'}} root"
 
 - name: Compile the static local Postfix database
   postmap: cmd=postalias src=/etc/aliases db=lmdb
            owner=root group=root
            mode=0644
 
 - name: Create directory /etc/amavis/dkim
   file: path=/etc/amavis/dkim
         state=directory
         owner=root group=root
         mode=0755
   when: "'out' in group_names"
   tags:
     - genkey
     - dkim
 
 - name: Generate a private key for DKIM signing
-  command: genkeypair.sh dkim --privkey="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" -t rsa -b 2048
+  command: genkeypair.sh dkim --owner=amavis --group=root --privkey="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" -t rsa -b 2048
   with_items: "{{ (dkim_keys[inventory_hostname_short] | default({})).values() | list }}"
   register: dkim
   changed_when: dkim.rc == 0
   failed_when: dkim.rc > 1
   when: "'out' in group_names"
   tags:
     - genkey
     - dkim
 
 - name: Fetch DKIM keys
   fetch_cmd: cmd="openssl pkey -pubout -outform PEM"
              stdin="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem"
              dest="certs/dkim/{{ item.s }}:{{ item.d }}.pub"
   with_items: "{{ (dkim_keys[inventory_hostname_short] | default({})).values() | list }}"
   tags:
     - genkey
     - dkim
 
 - name: Configure Amavis
   template: src=etc/amavis/conf.d/50-user.j2