Add tasks to template and enable DMARC inbox sieve filter

3 files changed, 39 insertions, 0 deletions

diff --git a/ansible/roles/opendmarc-inbox/handlers/main.yml b/ansible/roles/opendmarc-inbox/handlers/main.yml
new file mode 100644
index 0000000..8b2b7f6
--- /dev/null
+++ b/ansible/roles/opendmarc-inbox/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Compile DMARC Sieve script
+  become_user: "{{ opendmarc_inbox_username }}"
+  command: "sievec /var/vmail/{{ opendmarc_inbox_username }}/.dovecot.sieve"
+  changed_when: true
diff --git a/ansible/roles/opendmarc-inbox/tasks/main.yml b/ansible/roles/opendmarc-inbox/tasks/main.yml
new file mode 100644
index 0000000..6383f08
--- /dev/null
+++ b/ansible/roles/opendmarc-inbox/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+- name: Create DMARC user sieve directory
+  file:
+    state: directory
+    path: "/var/vmail/{{ opendmarc_inbox_username }}/sieve"
+    owner: "{{ opendmarc_inbox_username }}"
+    group: "{{ opendmarc_inbox_username }}"
+    mode: "0700"
+  tags:
+    - role::opendmarc-inbox
+
+- name: Template DMARC filing Sieve script
+  template:
+    src: dmarc.sieve.j2
+    dest: "/var/vmail/{{ opendmarc_inbox_username }}/sieve/dmarc.sieve"
+    owner: "{{ opendmarc_inbox_username }}"
+    group: "{{ opendmarc_inbox_username }}"
+    mode: "0400"
+  tags:
+    - role::opendmarc-inbox
+  notify:
+    - Compile DMARC Sieve script
+
+- name: Activate DMARC processing Sieve filter
+  file:
+    state: link
+    src: "/var/vmail/{{ opendmarc_inbox_username }}/sieve/dmarc.sieve"
+    path: "/var/vmail/{{ opendmarc_inbox_username }}/.dovecot.sieve"
+  tags:
+    - role::opendmarc-inbox
+  notify:
+    - Compile DMARC Sieve script
diff --git a/ansible/roles/opendmarc-inbox/vars/main.yml b/ansible/roles/opendmarc-inbox/vars/main.yml
new file mode 100644
index 0000000..f57ccc9
--- /dev/null
+++ b/ansible/roles/opendmarc-inbox/vars/main.yml
@@ -0,0 +1,2 @@
+---
+opendmarc_inbox_username: "dmarc"