From 73dba02a627f2d7de10bee85c22a56ece1230045 Mon Sep 17 00:00:00 2001 From: Omid Zamani Date: Sat, 3 Jan 2026 12:05:57 +0100 Subject: [PATCH] refactor: move certificate permission commands to `configure` method and apply them conditionally. --- cmdeploy/src/cmdeploy/deployers.py | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/cmdeploy/src/cmdeploy/deployers.py b/cmdeploy/src/cmdeploy/deployers.py index 3aede91f..6ea66f7d 100644 --- a/cmdeploy/src/cmdeploy/deployers.py +++ b/cmdeploy/src/cmdeploy/deployers.py @@ -457,6 +457,8 @@ class ChatmailVenvDeployer(Deployer): def install(self): _install_remote_venv_with_chatmaild() + + def configure(self): # Ensure postfix can read certificates server.shell( name="Add postfix to ssl-cert group and fix acme permissions", @@ -464,14 +466,14 @@ class ChatmailVenvDeployer(Deployer): "groupadd -f ssl-cert", "usermod -a -G ssl-cert postfix", "usermod -a -G ssl-cert dovecot", - "chown -R root:ssl-cert /var/lib/acme/live", - "chmod 750 /var/lib/acme/live", - "chmod 640 /var/lib/acme/live/*/privkey", - "chmod 644 /var/lib/acme/live/*/fullchain", + "if [ -d /var/lib/acme/live ]; then " + "chown -R root:ssl-cert /var/lib/acme/live && " + "chmod 750 /var/lib/acme/live && " + "chmod 640 /var/lib/acme/live/*/privkey && " + "chmod 644 /var/lib/acme/live/*/fullchain; " + "fi", ], ) - - def configure(self): _configure_remote_venv_with_chatmaild(self.config) configure_remote_units(self.config.mail_domain, self.units)