---

- name: create /etc/dkimkeys diretory
  ansible.builtin.file:
    path: /etc/dkimkeys
    state: directory
    owner: opendkim
    group: opendkim
    mode: 0700

- name: create dkim key
  ansible.builtin.command: >-
    /usr/sbin/opendkim-genkey
    --directory=/etc/dkimkeys
    --selector={{ opendkim_selector }}
  args:
    creates: "/etc/dkimkeys/{{ opendkim_selector }}.private"
  become: yes
  become_user: opendkim
  notify: restart opendkim

- name: create postfix spool socket directory
  ansible.builtin.file:
    path: /var/spool/postfix/opendkim
    state: directory
    owner: opendkim
    group: postfix
    mode: 0770
  notify: restart opendkim

- name: render /etc/opendkim.conf
  ansible.builtin.template:
    src: etc/opendkim.conf.j2
    dest: /etc/opendkim.conf
    owner: root
    group: root
    mode: 0644
  notify: restart opendkim

- name: start and enable opendkim
  ansible.builtin.service:
    name: opendkim
    state: started
    enabled: yes