opendkim: Add note about adding the key to DNS

Signed-off-by: Florian Pritz <bluewind@xinu.at>

opendkim: Add note about adding the key to DNS
49d7193f · Florian Pritz · 3553d5e3 · 49d7193f · 49d7193f
Verified Commit 49d7193f authored 8 years ago by Florian Pritz
--- a/README.md
+++ b/README.md
@@ -19,6 +19,12 @@ it is necessary to run the following once:

 certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w /var/lib/letsencrypt/ -d <domain-name>

+##### Note about opendkim
+
+The opendkim DNS data has to be added to DNS manually. The roles verifies that the DNS is correct before starting opendkim.
+
+The file that has to be added to the zone is `/etc/opendkim/private/$selector.txt`.
+
 ## Servers

 ### vostok

--- a/roles/opendkim/tasks/main.yml
+++ b/roles/opendkim/tasks/main.yml
@@ -23,6 +23,7 @@
    creates: /etc/opendkim/private/{{dkim_selector}}.private
    chdir: /etc/opendkim/private

+# see README.md for instruction on how to add the key to DNS. This will fail unless the key in DNS is correct!
 - name: verify key in dns
  command: opendkim-testkey  -d archlinux.org -s {{dkim_selector}} -k /etc/opendkim/private/{{dkim_selector}}.private -vvv
  tags: