cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-18 01:28:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

dns: require www. subdomain and request TLS certificate for it

Browse Source
This commit is contained in:
link2xt
2024-01-06 18:21:25 +00:00
parent c39a79e26a
commit 57764d0cf5
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cmdeploy/src/cmdeploy/__init__.py
View File

@@ -424,7 +424,10 @@ def deploy_chatmail(config_path: Path) -> None:
) )
# Deploy acmetool to have TLS certificates. # Deploy acmetool to have TLS certificates.
deploy_acmetool(nginx_hook=True, domains=[mail_domain, f"mta-sts.{mail_domain}"]) deploy_acmetool(
nginx_hook=True,
domains=[mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"],
)
apt.packages( apt.packages(
name="Install Postfix", name="Install Postfix",

3
cmdeploy/src/cmdeploy/dns.py
View File

@@ -183,11 +183,14 @@ def check_necessary_dns(out, mail_domain):
ipv4 = dns.get("A", mail_domain) ipv4 = dns.get("A", mail_domain)
ipv6 = dns.get("AAAA", mail_domain) ipv6 = dns.get("AAAA", mail_domain)
mta_entry = dns.get("CNAME", "mta-sts." + mail_domain) mta_entry = dns.get("CNAME", "mta-sts." + mail_domain)
www_entry = dns.get("CNAME", "www." + mail_domain)
to_print = [] to_print = []
if not (ipv4 or ipv6): if not (ipv4 or ipv6):
to_print.append(f"\t{mail_domain}.\t\t\tA<your server's IPv4 address>") to_print.append(f"\t{mail_domain}.\t\t\tA<your server's IPv4 address>")
if mta_entry != mail_domain + ".": if mta_entry != mail_domain + ".":
to_print.append(f"\tmta-sts.{mail_domain}.\tCNAME\t{mail_domain}.") to_print.append(f"\tmta-sts.{mail_domain}.\tCNAME\t{mail_domain}.")
if www_entry != mail_domain + ".":
to_print.append(f"\twww.{mail_domain}.\tCNAME\t{mail_domain}.")
if to_print: if to_print:
to_print.insert( to_print.insert(
0, 0,