file_attributes = { 'owner': 'opendkim', 'group': 'opendkim', 'mode': '700', 'triggers': [ 'svc_systemd:opendkim:restart', ], } users['opendkim'] = {} directories = { '/etc/opendkim': { **file_attributes, 'purge' : True, }, '/etc/opendkim/keys': { **file_attributes, 'purge' : True, }, } files = { '/etc/opendkim.conf': { **file_attributes, }, '/etc/defaults/opendkim': { # https://metadata.ftp-master.debian.org/changelogs//main/o/opendkim/testing_opendkim.NEWS 'delete': True, }, '/etc/opendkim/key_table': { 'content_type': 'mako', 'context': { 'domains': node.metadata.get('mailserver/domains'), }, **file_attributes, }, '/etc/opendkim/signing_table': { 'content_type': 'mako', 'context': { 'domains': node.metadata.get('mailserver/domains'), }, **file_attributes, }, } for domain in node.metadata.get('mailserver/domains'): directories[f'/etc/opendkim/keys/{domain}'] = { **file_attributes, 'purge': True, } files[f'/etc/opendkim/keys/{domain}/mail.private'] = { **file_attributes, 'content': node.metadata.get(f'opendkim/keys/{domain}/private'), } # files[f'/etc/opendkim/keys/{domain}/mail.txt'] = { # **file_attributes, # 'content_type': 'any', # } # actions[f'generate_{domain}_dkim_key'] = { # 'command': ( # f'sudo --user opendkim' # f' opendkim-genkey' # f' --selector=mail' # f' --directory=/etc/opendkim/keys/{domain}' # f' --domain={domain}' # ), # 'unless': f'test -f /etc/opendkim/keys/{domain}/mail.private', # 'needs': [ # 'svc_systemd:opendkim', # f'directory:/etc/opendkim/keys/{domain}', # ], # 'triggers': [ # 'svc_systemd:opendkim:restart', # ], # } svc_systemd['opendkim'] = { 'needs': [ 'pkg_apt:opendkim', 'file:/etc/opendkim.conf', 'file:/etc/opendkim/key_table', 'file:/etc/opendkim/signing_table', ], }