From b43059764b33df4cf6c7048de63c19e6491c1ac6 Mon Sep 17 00:00:00 2001 From: cliffmccarthy <16453869+cliffmccarthy@users.noreply.github.com> Date: Sun, 7 Sep 2025 20:16:08 -0500 Subject: [PATCH] refactor: Add OpendkimDeployer - Note that this moves the installation of the opendkim package earlier in the deployment sequence. Previously, it was installed during the _configure_opendkim() routine. --- cmdeploy/src/cmdeploy/__init__.py | 61 ++++++++++++++++++++----------- 1 file changed, 39 insertions(+), 22 deletions(-) diff --git a/cmdeploy/src/cmdeploy/__init__.py b/cmdeploy/src/cmdeploy/__init__.py index fa6d799a..e7a54998 100644 --- a/cmdeploy/src/cmdeploy/__init__.py +++ b/cmdeploy/src/cmdeploy/__init__.py @@ -241,11 +241,6 @@ def _configure_opendkim(domain: str, dkim_selector: str = "dkim") -> bool: present=True, ) - apt.packages( - name="apt install opendkim opendkim-tools", - packages=["opendkim", "opendkim-tools"], - ) - if not host.get_fact(File, f"/etc/dkimkeys/{dkim_selector}.private"): server.shell( name="Generate OpenDKIM domain keys", @@ -266,6 +261,39 @@ def _configure_opendkim(domain: str, dkim_selector: str = "dkim") -> bool: return need_restart +class OpendkimDeployer(Deployer): + def __init__(self, *, mail_domain, **kwargs): + super().__init__(**kwargs) + self.mail_domain = mail_domain + + @staticmethod + def required_users(): + return [ + ("opendkim", None, ["opendkim"]), + ] + + @staticmethod + def install_impl(): + apt.packages( + name="apt install opendkim opendkim-tools", + packages=["opendkim", "opendkim-tools"], + ) + + def configure_impl(self): + self.need_restart = _configure_opendkim(self.mail_domain, "opendkim") + + def activate_impl(self): + systemd.service( + name="Start and enable OpenDKIM", + service="opendkim.service", + running=True, + enabled=True, + daemon_reload=self.need_restart, + restarted=self.need_restart, + ) + self.need_restart = False + + def _uninstall_mta_sts_daemon() -> None: # Remove configuration. files.file("/etc/mta-sts-daemon.yml", present=False) @@ -815,6 +843,8 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: line="nameserver 9.9.9.9", ) + opendkim_deployer = OpendkimDeployer(mail_domain=mail_domain) + # Dovecot should be started before Postfix # because it creates authentication socket # required by Postfix. @@ -824,6 +854,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: nginx_deployer = NginxDeployer(config=config) all_deployers = [ + opendkim_deployer, dovecot_deployer, postfix_deployer, nginx_deployer, @@ -841,13 +872,6 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: server.group(name="Create vmail group", group="vmail", system=True) server.user(name="Create vmail user", user="vmail", group="vmail", system=True) - server.group(name="Create opendkim group", group="opendkim", system=True) - server.user( - name="Create opendkim user", - user="opendkim", - groups=["opendkim"], - system=True, - ) server.user(name="Create echobot user", user="echobot", system=True) server.user(name="Create iroh user", user="iroh", system=True) @@ -942,6 +966,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: packages="acl", ) + opendkim_deployer.install() postfix_deployer.install() dovecot_deployer.install() nginx_deployer.install() @@ -971,16 +996,8 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: _uninstall_mta_sts_daemon() _remove_rspamd() - opendkim_need_restart = _configure_opendkim(mail_domain, "opendkim") - - systemd.service( - name="Start and enable OpenDKIM", - service="opendkim.service", - running=True, - enabled=True, - daemon_reload=opendkim_need_restart, - restarted=opendkim_need_restart, - ) + opendkim_deployer.configure() + opendkim_deployer.activate() dovecot_deployer.activate() postfix_deployer.activate()