From fcc307aafeb8438de12f339af0f5c83ab647c8a9 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Thu, 10 Jul 2014 03:45:25 +0200
Subject: Hash certs using a lookup in the template instead of add a new task.

---
 roles/IMAP/templates/etc/postfix/relay_clientcerts.j2 | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
 mode change 120000 => 100644 roles/IMAP/templates/etc/postfix/relay_clientcerts.j2

(limited to 'roles/IMAP/templates')

diff --git a/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2 b/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2
deleted file mode 120000
index b375aa0..0000000
--- a/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2
+++ /dev/null
@@ -1 +0,0 @@
-../../../../out/templates/etc/postfix/relay_clientcerts.j2
\ No newline at end of file
diff --git a/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2 b/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2
new file mode 100644
index 0000000..42a83b5
--- /dev/null
+++ b/roles/IMAP/templates/etc/postfix/relay_clientcerts.j2
@@ -0,0 +1,6 @@
+# {{ ansible_managed }}
+# /!\ WARNING: smtp_tls_fingerprint_digest MUST be sha256!
+
+{% for h in groups.MX | difference([inventory_hostname]) | sort %}
+{{ lookup('pipe', 'openssl x509 -in certs/postfix/'+h+'.pem -noout -fingerprint -sha256 | cut -d= -f2') }} {{ h }}
+{% endfor %}
-- 
cgit v1.2.3