cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-19 12:28:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: Add UnboundDeployer

Browse Source
This commit is contained in:
cliffmccarthy
2025-09-07 20:24:38 -05:00
parent b43059764b
commit e3718eb4f8
1 changed files with 40 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
cmdeploy/src/cmdeploy/__init__.py
View File

@@ -294,6 +294,41 @@ class OpendkimDeployer(Deployer):
self.need_restart = False self.need_restart = False
class UnboundDeployer(Deployer):
@staticmethod
def install_impl():
# Run local DNS resolver `unbound`.
# `resolvconf` takes care of setting up /etc/resolv.conf
# to use 127.0.0.1 as the resolver.
apt.packages(
name="Install unbound",
packages=["unbound", "unbound-anchor", "dnsutils"],
)
def configure_impl(self):
server.shell(
name="Generate root keys for validating DNSSEC",
commands=[
"unbound-anchor -a /var/lib/unbound/root.key || true",
],
)
def activate_impl(self):
server.shell(
name="Generate root keys for validating DNSSEC",
commands=[
"systemctl reset-failed unbound.service",
],
)
systemd.service(
name="Start and enable unbound",
service="unbound.service",
running=True,
enabled=True,
)
def _uninstall_mta_sts_daemon() -> None: def _uninstall_mta_sts_daemon() -> None:
# Remove configuration. # Remove configuration.
files.file("/etc/mta-sts-daemon.yml", present=False) files.file("/etc/mta-sts-daemon.yml", present=False)
@@ -843,6 +878,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
line="nameserver 9.9.9.9", line="nameserver 9.9.9.9",
) )
unbound_deployer = UnboundDeployer()
opendkim_deployer = OpendkimDeployer(mail_domain=mail_domain) opendkim_deployer = OpendkimDeployer(mail_domain=mail_domain)
# Dovecot should be started before Postfix # Dovecot should be started before Postfix
@@ -854,6 +890,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
nginx_deployer = NginxDeployer(config=config) nginx_deployer = NginxDeployer(config=config)
all_deployers = [ all_deployers = [
unbound_deployer,
opendkim_deployer, opendkim_deployer,
dovecot_deployer, dovecot_deployer,
postfix_deployer, postfix_deployer,
@@ -903,10 +940,6 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
deploy_turn_server(config) deploy_turn_server(config)
# Run local DNS resolver `unbound`.
# `resolvconf` takes care of setting up /etc/resolv.conf
# to use 127.0.0.1 as the resolver.
port_services = [ port_services = [
(["master", "smtpd"], 25), (["master", "smtpd"], 25),
("unbound", 53), ("unbound", 53),
@@ -933,23 +966,9 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
) )
exit(1) exit(1)
apt.packages( unbound_deployer.install()
name="Install unbound", unbound_deployer.configure()
packages=["unbound", "unbound-anchor", "dnsutils"], unbound_deployer.activate()
)
server.shell(
name="Generate root keys for validating DNSSEC",
commands=[
"unbound-anchor -a /var/lib/unbound/root.key || true",
"systemctl reset-failed unbound.service",
],
)
systemd.service(
name="Start and enable unbound",
service="unbound.service",
running=True,
enabled=True,
)
deploy_iroh_relay(config) deploy_iroh_relay(config)