From aed76c843041e77291154cd642b84fe3e135897b Mon Sep 17 00:00:00 2001
From: A1EF <a1ef@hotmail.com>
Date: Tue, 12 Jul 2022 15:34:28 +0300
Subject: [PATCH 1/2] Add `watch` for `exim4` service and remove restart by
 `cmd.run`

---
 salt/exim/init.sls | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/salt/exim/init.sls b/salt/exim/init.sls
index 84e7bea..3a9e906 100644
--- a/salt/exim/init.sls
+++ b/salt/exim/init.sls
@@ -28,7 +28,8 @@ exim4_service:
   service.running:
     - name: exim4
     - enable: True
-
+    - watch:
+      - file: /etc/exim4/*
 
 create_dir_dkim:
   file.directory:
@@ -80,7 +81,3 @@ exim4_config_localmail:
     - mode: replace
     - content: 'domainlist local_domains = localhost : localhost.localdomain'
     - match: 'domainlist local_domains = MAIN_LOCAL_DOMAINS'
-
-restart_exim:
-  cmd.run:
-    - name: service exim4 restart

From 255273934e9a73f2576c1b4eb6bdcc3a791969ef Mon Sep 17 00:00:00 2001
From: A1EF <a1ef@hotmail.com>
Date: Tue, 12 Jul 2022 16:47:40 +0300
Subject: [PATCH 2/2] Run generate DKIM keys as `Debian-exim` user

---
 salt/exim/init.sls | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/salt/exim/init.sls b/salt/exim/init.sls
index 3a9e906..f44d50a 100644
--- a/salt/exim/init.sls
+++ b/salt/exim/init.sls
@@ -44,12 +44,14 @@ create_dir_dkim:
 generate_private_cert:
   cmd.run:
     - name: openssl genrsa -out {{ pillar['dkim_private_key'] }} 1024
+    - runas: Debian-exim
     - cwd: /etc/exim4/dkim/
     - creates: /etc/exim4/dkim/{{ pillar['dkim_private_key'] }}
 
 generate_public_cert:
   cmd.run:
     - name: openssl rsa -pubout -in {{ pillar['dkim_private_key'] }} -out {{ pillar['dkim_public_key'] }}
+    - runas: Debian-exim
     - cwd: /etc/exim4/dkim/
     - creates: /etc/exim4/dkim/{{ pillar['dkim_public_key'] }}