From 08b83d5142f093a60ea2dfaeb9014a5831a1480b Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Wed, 19 Jun 2024 03:01:09 -0400
Subject: opendkim: Generate keys / TXT record

Keys are generated using the config from the previous commit and stored
in the dkim data volume.  The key length is set to 1024 bits for
compatibility with nameservers.  See this quote from the opendkim
readme:

    BIND servers have a 256 byte limit on serving TXT records, so a 1024
    bit RSA key is recommended if using BIND as your primary DNS server.

Signed-off-by: Malfurious <m@lfurio.us>
---
 Dockerfile | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index aa35a8f..aa7c1ca 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -46,6 +46,18 @@ RUN apt update \
     sudo \
  && apt clean
 
+# Generate OpenDKIM keypair
+# Do this here so we can print the pubkey/dns record to logs during build
+# process.  After initial run, a volume should preserve the keys for later
+# runs.
+RUN mkdir -p /opendkim \
+ && chown opendkim:opendkim /opendkim \
+ && opendkim-genkey \
+    --bits=1024 \
+    --directory=/opendkim \
+    --selector=default \
+ && cat /opendkim/default.txt
+
 # Install files
 COPY dovecot /etc/dovecot/
 COPY opendkim /etc/
-- 
cgit v1.2.3