---
- name: Install opendkim
  apt:
    update_cache: true
    name:
      - opendkim
      - opendkim-tools
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Ensure opendkim directories are here
  file:
    path: "/etc/opendkim/keys/{{ opendkim.domain }}"
    state: directory
    mode: 0750
    owner: opendkim
    group: opendkim
  when: not ansible_check_mode

- name: Deploy opendkim configuration
  template:
    src: opendkim.conf.j2
    dest: /etc/opendkim.conf
    mode: 644
    owner: opendkim
    group: opendkim

- name: Deploy opendkim configuration
  template:
    src: opendkim/{{ item }}.j2
    dest: /etc/opendkim/{{ item }}
    mode: 0644
    owner: opendkim
    group: opendkim
  loop:
    - KeyTable
    - SigningTable
    - TrustedHosts

- name: Deploy opendkim key
  template:
    src: "opendkim/keys/key.{{ item }}.j2"
    dest: "/etc/opendkim/keys/{{ opendkim.domain }}/{{ opendkim.selector }}.{{ item }}"
    mode: 0600
    owner: opendkim
    group: opendkim
  loop:
    - "private"
    - "txt"