docker/ci: fix acme reuse

docker/chatmail-init.sh

@@ -83,6 +83,9 @@ else
     echo "$current_fp" > "$FINGERPRINT_FILE"
 fi
 
+# Signal success to Docker healthcheck
+touch /run/chatmail-init.done
+
 # Forward journald to console so `docker compose logs` works
 grep -q '^ForwardToConsole=yes' /etc/systemd/journald.conf \
     || echo "ForwardToConsole=yes" >> /etc/systemd/journald.conf

docker/chatmail_relay.dockerfile

@@ -88,10 +88,10 @@ RUN rm -f /etc/nginx/sites-enabled/default
 
 COPY --chmod=555 ./docker/chatmail-init.sh /chatmail-init.sh
 COPY --chmod=555 ./docker/entrypoint.sh /entrypoint.sh
+COPY --chmod=555 ./docker/healthcheck.sh /healthcheck.sh
 
-HEALTHCHECK --interval=60s --timeout=10s --retries=3 \
-  CMD systemctl is-active chatmail-metadata doveauth dovecot filtermail filtermail-incoming nginx postfix unbound || exit 1
-  # maybe add iroh-relay turnserver
+HEALTHCHECK --interval=15s --timeout=10s --retries=3 \
+  CMD /healthcheck.sh
 
 STOPSIGNAL SIGRTMIN+3
 

docker/docker-compose.ci.yaml

@@ -4,5 +4,8 @@ services:
   chatmail:
     image: ${CHATMAIL_IMAGE:-chatmail-relay:latest}
     volumes:
+      - /srv/chatmail/chatmail.ini:/etc/chatmail/chatmail.ini
       - /srv/chatmail/dkim:/etc/dkimkeys
       - /srv/chatmail/certs:/var/lib/acme
+    environment:
+      TLS_EXTERNAL_CERT_AND_KEY: /var/lib/acme/live/${MAIL_DOMAIN}/fullchain /var/lib/acme/live/${MAIL_DOMAIN}/privkey