- name: Check if DKIM private key file exists in the antispam container
  command: >
    docker compose exec -T antispam
    test -f {{mailu_dkim_key_path}}
  register: dkim_key_file_stat
  failed_when:  false
  changed_when: false
  args:
    chdir: "{{ docker_compose.directories.instance }}"

- name: Generate DKIM key
  command: >
    docker compose exec -T antispam
    rspamadm dkim_keygen -s dkim -d {{ applications[application_id].domain }} -k {{ mailu_dkim_key_path }}
  register: dkim_keygen_output
  when: dkim_key_file_stat.rc != 0
  args:
    chdir: "{{ docker_compose.directories.instance }}"

- name: Fetch DKIM private key from antispam container
  shell: >
    docker compose exec -T antispam
    cat {{ mailu_dkim_key_path }}
  args:
    chdir: "{{ docker_compose.directories.instance }}"
  register: dkim_priv_content
  failed_when: dkim_priv_content.rc != 0
  changed_when: false

- name: Generate DKIM public key on the host
  command: openssl rsa -pubout
  args:
    stdin: "{{ dkim_priv_content.stdout }}"
  register: dkim_pub_raw
  changed_when: false

- name: Normalize and build Mailu DKIM TXT record
  set_fact:
    mailu_dkim_public_key: >-
      v=DKIM1; k=rsa; p={{
        dkim_pub_raw.stdout
        | regex_replace('-----BEGIN PUBLIC KEY-----', '')
        | regex_replace('-----END PUBLIC KEY-----', '')
        | regex_replace('\s+', '')
      }}

- name: Debug Mailu DKIM public key
  debug:
    msg: "Mailu DKIM public key: {{ mailu_dkim_public_key }}"