- name: Install amavis and its decoders apt: pkg={{ packages }} vars: packages: - amavisd-new - libnet-ldap-perl # Mail::DKIM - libmail-dkim-perl - gzip - bzip2 - xz-utils - lzop - rpm2cpio - pax - binutils - p7zip-full - unrar-free - arj - nomarch - cabextract - unar - tnef notify: - Restart Amavis - name: Add 'clamav' to the group 'amavis' user: name=clamav groups=amavis append=yes notify: - Restart ClamAV - Restart Amavis - name: Add an 'amavis' alias lineinfile: dest=/etc/aliases create=yes regexp="^amavis{{':'}} " line="amavis{{':'}} root" - name: Compile the static local Postfix database postmap: cmd=postalias src=/etc/aliases db=lmdb owner=root group=root mode=0644 - name: Create directory /etc/amavis/dkim file: path=/etc/amavis/dkim state=directory owner=root group=root mode=0755 when: "'out' in group_names" tags: - genkey - dkim - name: Generate a private key for DKIM signing command: genkeypair.sh dkim --privkey="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" -t rsa -b 2048 with_items: "{{ (dkim_keys[inventory_hostname_short] | default({})).values() | list }}" register: dkim changed_when: dkim.rc == 0 failed_when: dkim.rc > 1 when: "'out' in group_names" notify: - Restart Amavis tags: - genkey - dkim - name: Fetch DKIM keys fetch_cmd: cmd="openssl pkey -pubout -outform PEM" stdin="/etc/amavis/dkim/{{ item.s }}:{{ item.d }}.pem" dest="certs/dkim/{{ item.s }}:{{ item.d }}.pub" with_items: "{{ (dkim_keys[inventory_hostname_short] | default({})).values() | list }}" tags: - genkey - dkim - name: Configure Amavis template: src=etc/amavis/conf.d/50-user.j2 dest=/etc/amavis/conf.d/50-user owner=root group=root mode=0644 register: r3 notify: - Restart Amavis - meta: flush_handlers - name: Start Amavis service: name=amavis state=started - name: Install 'amavis' Munin plugin file: src=/usr/share/munin/plugins/amavis dest=/etc/munin/plugins/amavis owner=root group=root state=link force=yes tags: - munin - munin-node notify: - Restart munin-node