#!/bin/bash

# setup opendkim configuration and domains
mkdir -p /etc/dkimkeys
truncate -s0 /etc/dkimkeys/{keytable,signingtable,trustedhosts}

cat - <<EOF > /etc/opendkim.conf
KeyTable        file:/etc/dkimkeys/keytable
SigningTable    refile:/etc/dkimkeys/signingtable 
InternalHosts   refile:/etc/dkimkeys/trustedhosts
Socket          inet:8891@0.0.0.0
OversignHeaders	From
TrustAnchorFile /usr/share/dns/root.key
UserID          opendkim
EOF

cat - <<EOF > /etc/dkimkeys/trustedhosts
0.0.0.0/0
*
EOF

{% for domain in lsdir("/dkimkey") %}

mkdir -p /etc/dkimkeys/{{ domain }}

{% for selector in ls(printf ("/dkimkey/%s", domain)) %}

echo '{{ selector }}._domainkey.{{ domain }} {{ domain }}:{{ selector }}:/etc/dkimkeys/{{ domain }}/{{ selector }}.private' >> /etc/dkimkeys/keytable
echo '*@{{ domain }} {{ selector }}._domainkey.{{ domain }}' >> /etc/dkimkeys/signingtable
cat - <<EOKEY > /etc/dkimkeys/{{ domain }}/{{ selector }}.private
{{ getv (printf("/dkimkey/%s/%s", domain, selector)) }}

EOKEY

{% endfor %}

chown -R opendkim:opendkim /etc/dkimkeys/{{ domain }}
chmod -R u+rw,go-rw /etc/dkimkeys/{{ domain }}

{% endfor %}