cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-11 16:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: move certificate permission commands to configure method and apply them conditionally.

Browse Source
This commit is contained in:
Omid Zamani
2026-01-03 12:05:57 +01:00
parent b28105bbfa
commit 73dba02a62
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cmdeploy/src/cmdeploy/deployers.py
View File

@@ -457,6 +457,8 @@ class ChatmailVenvDeployer(Deployer):
def install(self):
_install_remote_venv_with_chatmaild()
def configure(self):
# Ensure postfix can read certificates
server.shell(
name="Add postfix to ssl-cert group and fix acme permissions",
@@ -464,14 +466,14 @@ class ChatmailVenvDeployer(Deployer):
"groupadd -f ssl-cert",
"usermod -a -G ssl-cert postfix",
"usermod -a -G ssl-cert dovecot",
"chown -R root:ssl-cert /var/lib/acme/live",
"chmod 750 /var/lib/acme/live",
"chmod 640 /var/lib/acme/live/*/privkey",
"chmod 644 /var/lib/acme/live/*/fullchain",
"if [ -d /var/lib/acme/live ]; then "
"chown -R root:ssl-cert /var/lib/acme/live && "
"chmod 750 /var/lib/acme/live && "
"chmod 640 /var/lib/acme/live/*/privkey && "
"chmod 644 /var/lib/acme/live/*/fullchain; "
"fi",
],
)
def configure(self):
_configure_remote_venv_with_chatmaild(self.config)
configure_remote_units(self.config.mail_domain, self.units)