cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-19 12:28:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: move certificate permission commands to configure method and apply them conditionally.

Browse Source
This commit is contained in:
Omid Zamani
2026-01-03 12:05:57 +01:00
parent b28105bbfa
commit 73dba02a62
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cmdeploy/src/cmdeploy/deployers.py
View File

@@ -457,6 +457,8 @@ class ChatmailVenvDeployer(Deployer):
def install(self): def install(self):
_install_remote_venv_with_chatmaild() _install_remote_venv_with_chatmaild()
def configure(self):
# Ensure postfix can read certificates # Ensure postfix can read certificates
server.shell( server.shell(
name="Add postfix to ssl-cert group and fix acme permissions", name="Add postfix to ssl-cert group and fix acme permissions",
@@ -464,14 +466,14 @@ class ChatmailVenvDeployer(Deployer):
"groupadd -f ssl-cert", "groupadd -f ssl-cert",
"usermod -a -G ssl-cert postfix", "usermod -a -G ssl-cert postfix",
"usermod -a -G ssl-cert dovecot", "usermod -a -G ssl-cert dovecot",
"chown -R root:ssl-cert /var/lib/acme/live", "if [ -d /var/lib/acme/live ]; then "
"chmod 750 /var/lib/acme/live", "chown -R root:ssl-cert /var/lib/acme/live && "
"chmod 640 /var/lib/acme/live/*/privkey", "chmod 750 /var/lib/acme/live && "
"chmod 644 /var/lib/acme/live/*/fullchain", "chmod 640 /var/lib/acme/live/*/privkey && "
"chmod 644 /var/lib/acme/live/*/fullchain; "
"fi",
], ],
) )
def configure(self):
_configure_remote_venv_with_chatmaild(self.config) _configure_remote_venv_with_chatmaild(self.config)
configure_remote_units(self.config.mail_domain, self.units) configure_remote_units(self.config.mail_domain, self.units)