Description

Just adding another tracking issue publicly so the information is easy to locate for others 👍

• We could generate the keypair with openssl.
  • Although I find the UX of step (Go-lang based) to be more friendly (and useful elsewhere within DMS like dealing with certificates since it can output JSON for querying/lookup).
  • step crypto keypair example.public example.private as mentioned here should work at generating the actual keypair.
• Unified OpenDKIM / Rspamd keypair formatting instead of separate CLI generators: docs: update DKIM/DMARC/SPF docs #3231 (comment)
• For rspamd config could be generated as JSON instead of UCL: misc: final Rspamd adjustments for v13 #3599 (comment)
  • yq example with detailed approach for improved domain + selector layout hierarchy in the filesystem that is agnostic (OpenDKIM could also share this location, check-for-changes.sh could probably support it well too if it's from the config volume and optionally copied over to internal location for either rspamd/opendkim to use).
  • KCL example as an alternative that was explored to just YAML: misc: final Rspamd adjustments for v13 #3599 (comment)

No immediate need for this. Just an improvement like using Vector for logs, low priority.

EDIT:

• For rspamd, there is a simpler way to support DKIM domains and their selectors/keys (see tracking issue)
• jaq was added as a yq alternative. It supports JSON and jq API: fix: update-check.sh should query GH Releases #3666