docker: fix DKIM key permission denied on bind-mounted volumes

chown the entire /etc/acmekeys directory

docker/docker-compose.override.yaml.example

@@ -15,7 +15,9 @@ services:
       # - ./data/chatmail-dkimkeys:/etc/dkimkeys
       # - ./data/chatmail-acme:/var/lib/acme
 
-      ## Or mount data from an existing bare-metal install:
+      ## Or mount data from an existing bare-metal install.
+      ## Note: DKIM key ownership is fixed automatically on startup
+      ## (the host's opendkim UID may differ from the container's).
       # - /home/vmail:/home/vmail
       # - /etc/dkimkeys:/etc/dkimkeys
       # - /var/lib/acme:/var/lib/acme

docker/files/setup_chatmail_docker.sh

@@ -15,8 +15,8 @@ fi
 if [ ! -f /etc/dkimkeys/opendkim.private ]; then
     /usr/sbin/opendkim-genkey -D /etc/dkimkeys -d "$MAIL_DOMAIN" -s opendkim
 fi
-chown opendkim:opendkim /etc/dkimkeys/opendkim.private
-chown opendkim:opendkim /etc/dkimkeys/opendkim.txt
+# Fix ownership for bind-mounted keys (host opendkim UID may differ from container)
+chown -R opendkim:opendkim /etc/dkimkeys
 
 # Create chatmail.ini (skips if file already exists, e.g. volume-mounted)
 mkdir -p "$(dirname "$CHATMAIL_INI")"