From c2de1ef5f0ffbcbf1d4d9d576661cd2603e0fec6 Mon Sep 17 00:00:00 2001 From: missytake Date: Mon, 16 Feb 2026 15:52:25 +0100 Subject: [PATCH] docs: use ssh_host = localhost in getting started docs remove mentions of the build machine / deployment server separation --- doc/source/getting_started.rst | 56 ++++++++-------------------------- 1 file changed, 12 insertions(+), 44 deletions(-) diff --git a/doc/source/getting_started.rst b/doc/source/getting_started.rst index 7baf4709..2b068b27 100644 --- a/doc/source/getting_started.rst +++ b/doc/source/getting_started.rst @@ -14,21 +14,14 @@ Minimal requirements and prerequisites You will need the following: -- A Debian 12 **deployment server** with reachable SMTP/SUBMISSIONS/IMAPS/HTTPS ports. +- Control over a domain through a DNS provider of your choice. + (there is experimental support for :ref:`IP-only relays `). + +- A Debian 12 server with reachable SMTP/SUBMISSIONS/IMAPS/HTTPS ports. IPv6 is encouraged if available. Chatmail relay servers only require 1GB RAM, one CPU, and perhaps 10GB storage for a few thousand active chatmail addresses. -- A Linux or Unix **build machine** with key-based SSH access to the root - user of the deployment server. - You must add a passphrase-protected private key to your local ssh-agent because you - can’t type in your passphrase during deployment. - (An ed25519 private key is required due to an `upstream bug in - paramiko `_) - -- Control over a domain through a DNS provider of your choice - (there is experimental support for :ref:`IP-only relays `). - .. _setup: @@ -38,7 +31,7 @@ Setup with ``scripts/cmdeploy`` We use ``chat.example.org`` as the chatmail domain in the following steps. Please substitute it with your own domain. -1. Setup the initial DNS records for your deployment server. +1. Setup the initial DNS records for your relay. The following is an example in the familiar BIND zone file format with a TTL of 1 hour (3600 seconds). Please substitute your domain and IP addresses. @@ -58,22 +51,25 @@ steps. Please substitute it with your own domain. The ``mta-sts`` CNAME and ``_mta-sts`` TXT records are not needed for such domains. -2. On your local PC, clone the repository and bootstrap the Python +2. Login to the server with SSH, clone the repository and bootstrap the Python virtualenv. :: + ssh root@chat.example.org git clone https://github.com/chatmail/relay cd relay scripts/initenv.sh -3. On your local build machine (PC), create a chatmail configuration file +3. Then, create a chatmail configuration file ``chatmail.ini``: :: scripts/cmdeploy init chat.example.org # <-- use your domain + .. note:: + To use self-signed TLS certificates instead of Let's Encrypt, use a domain name starting with ``_`` @@ -84,13 +80,7 @@ steps. Please substitute it with your own domain. See the :doc:`overview` for details on certificate provisioning. -4. Verify that SSH root login to the deployment server server works: - - :: - - ssh root@chat.example.org # <-- use your domain - -5. From your local build machine, setup and configure the remote deployment server: +4. Now run the deployment script to install the relay to the server: :: @@ -195,7 +185,7 @@ Disable automatic address creation -------------------------------------------------------- If you need to stop address creation, e.g. because some script is wildly -creating addresses, login with ssh to the deployment machine and run: +creating addresses, login with ssh to the relay and run: :: @@ -251,25 +241,3 @@ The deploy will verify that both files exist on the server. If you use such a setup, you must trigger the reload explicitly after renewal:: systemctl start tls-cert-reload.service - - -Migrating to a new build machine ----------------------------------- - -To move or add a build machine, -clone the relay repository on the new build machine, and copy the ``chatmail.ini`` file from the old build machine. -Make sure ``rsync`` is installed, then initialize the environment: - -:: - - ./scripts/initenv.sh - -Run safety checks before a new deployment: - -:: - - ./scripts/cmdeploy dns - ./scripts/cmdeploy status - -If you keep multiple build machines (ie laptop and desktop), keep ``chatmail.ini`` in sync between -them.