From 79c0fb2b2cfaa1671ba069e0235de1c87f59cb61 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 8 Sep 2024 02:26:58 +0200
Subject: DKIM key generation: Adjust ownership.

As of bullseye amavis needs the private key material to be reabled by
the 'amavis' user.
---
 roles/amavis/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/amavis')

diff --git a/roles/amavis/tasks/main.yml b/roles/amavis/tasks/main.yml
index 79c973c..7fc44c7 100644
--- a/roles/amavis/tasks/main.yml
+++ b/roles/amavis/tasks/main.yml
@@ -50,7 +50,7 @@
     - dkim
 
 - name: Generate a private key for DKIM signing
-  command: genkeypair.sh dkim --privkey="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" -t rsa -b 2048
+  command: genkeypair.sh dkim --owner=amavis --group=root --privkey="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" -t rsa -b 2048
   with_items: "{{ (dkim_keys[inventory_hostname_short] | default({})).values() | list }}"
   register: dkim
   changed_when: dkim.rc == 0
-- 
cgit v1.2.3