Add send_only_mailserver role and deploy Send-Only-Mailserver with it

Co-authored-by: yuri <yuri@nekover.se>

playbooks/roles/send_only_mail_server/templates/etc_rspamd_dkim_signing.conf.j2

@@ -0,0 +1,12 @@
+allow_username_mismatch = true;
+
+use_esld = false;
+
+domain {
+{% for mail_domain in send_only_mail_server__mail_domains %}
+    {{ mail_domain.name }} {
+        path = "/etc/mail-dkim/{{ mail_domain.name }}.key";
+        selector = "key";
+    }
+{% endfor %}
+}

playbooks/roles/send_only_mail_server/templates/etc_smtpd.conf.j2

@@ -0,0 +1,15 @@
+# Managed by Ansible.
+# This configuration enables sending emails using this server, but to not receiving any.
+
+pki {{ send_only_mail_server__mail_server_fqdn }} cert "/etc/ansible_certs/certs/{{ send_only_mail_server__mail_server_fqdn }}/fullchain.pem"
+pki {{ send_only_mail_server__mail_server_fqdn }} key "/etc/ansible_certs/certs/{{ send_only_mail_server__mail_server_fqdn }}/privkey.pem"
+
+filter "rspamd-dkim-signing" proc-exec "filter-rspamd -settings-id dkim_signing"
+
+listen on lo
+listen on eth0 smtps pki {{ send_only_mail_server__mail_server_fqdn }} auth filter "rspamd-dkim-signing"
+listen on eth0 tls-require pki {{ send_only_mail_server__mail_server_fqdn }} auth filter "rspamd-dkim-signing"
+
+action "outbound" relay helo {{ send_only_mail_server__mail_server_fqdn }}
+
+match from any auth for any action "outbound"

playbooks/roles/send_only_mail_server/templates/nsupdate_add_dkim_public_key_txt_record.j2

@@ -0,0 +1,4 @@
+debug
+zone {{ item.zone }}
+update add key._domainkey.{{ item.name }} 60 TXT v=DKIM1;k=rsa;p={{ send_only_mail_server__dkim_public_key.publickey | replace('\n', '') | replace('-----BEGIN PUBLIC KEY-----', '') | replace('-----END PUBLIC KEY-----', '') }}
+send

playbooks/roles/send_only_mail_server/templates/nsupdate_delete_dkim_public_key_txt_records.j2

@@ -0,0 +1,4 @@
+debug
+zone {{ item.zone }}
+update delete key._domainkey.{{ item.name }} TXT
+send