cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-14 01:44:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,224 Commits 217 Branches 12 Tags
hetzner-pool-ci
Commit Graph

100 Commits

Author SHA1 Message Date
missytake
c78cddab7a Revert "expanding ~ doesn't work with -i" 
This reverts commit 4c62714fbb.
 2026-03-11 21:04:07 +01:00
missytake
4c62714fbb expanding ~ doesn't work with -i 2026-03-11 20:45:06 +01:00
missytake
7918984888 ci: use proper SSH key 2026-03-11 19:22:52 +01:00
missytake
3116da879f fix CHATMAIL_DOMAIN2 address 2026-03-10 14:21:02 +01:00
missytake
195142acc6 CI: fix SSH key path 2026-03-10 14:04:21 +01:00
missytake
8a5bb18a2b supply Hetzner API token 2026-03-10 14:00:56 +01:00
missytake
79eebe2762 use with syntax properly 2026-03-10 13:54:02 +01:00
missytake
d9de25e4fd checkout hetzner-relay repo properly 2026-03-10 13:53:02 +01:00
missytake
3eaadfbbee chatmail.ini is generated in hetzner-relay 2026-03-10 13:50:11 +01:00
missytake
d321f01d20 cmdeploy offline tests already run in ci.yml 2026-03-10 13:46:19 +01:00
missytake
94a645e441 don't upload hpk's key 2026-03-10 13:45:05 +01:00
missytake
3931dde099 CI: try to run hetzner-relay without importing reusable actions 2026-03-10 13:42:43 +01:00
missytake
8d08b98eda test example workflow 2026-03-10 13:34:29 +01:00
missytake
65b6eebdce retrigger workflow 2026-03-10 13:23:23 +01:00
missytake
1d0f4a4de4 fix repo URL 2026-03-10 13:20:29 +01:00
missytake
b2900cbc8c CI: use hetzner-relay github actions 2026-03-10 13:18:25 +01:00
missytake
2e38c61ca2 opendkim: chown opendkim: private key 2026-03-05 11:24:06 +01:00
Jagoda Ślązak
4481a12369 chore(deps): upgrade to filtermail v0.5.2 
Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
 2026-03-04 15:53:50 +01:00
Jagoda Estera Ślązak
dbd5cd16f5 feat: replace DKIM verification with filtermail v0.5 (#831) 
Upgrade to filtermail v0.5, which has a built-in DKIM verifier
and disable OpenDKIM on reinject_incoming.

Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
 2026-02-25 12:39:33 +01:00
missytake
38cc1c7cd6 fix(cmdeploy): make tests work with --ssh-host localhost (#856) 
* tests: fix test_remote[imap]
* cmdeploy: call LocalExec directly, not .logged()
* tests: fix TestSSHExecutor.test_logged
* tests: fix test_status_cmd with --ssh-host @local
* tests: fix test_logged with --ssh-host localhost
* tests: fix TestSSHExecutor::test_exception with --ssh-host localhost
* ci: deploy with --ssh-host localhost on staging-ipv4
* metadata: lower RestartSec
 2026-02-19 21:34:39 +01:00
holger krekel
cf96be2cbb feat: support self-signed chatmail relays (#855) 
feat: support self-signed TLS via underscore domain convention
Domains starting with "_" (e.g. _chat.example.org) automatically use
self-signed TLS certificates instead of ACME/Let's Encrypt. The TLS
mode is derived from the domain name — no separate config option needed.

Internally, when config.tls_cert_mode is "self" (underscore domain):
- Generate self-signed certificates via openssl
- Set Postfix smtp_tls_security_level to "encrypt" (opportunistic TLS)
- Add smtp_tls_policy_map entry for underscore domains
- Skip ACME, MTA-STS and www CNAME checks in `cmdeploy dns`
- Serve /new via GET (not redirect to dcaccount:) with rate-limiting
  (nginx limit_req, 2r/s burst=5)
- Return dclogin: URLs with ic=3 (AcceptInvalidCertificates) from /new
- Render QR codes client-side via JavaScript and qrcode-svg
- Use config.tls_cert_path/tls_key_path in Postfix, Dovecot and nginx
  templates instead of hardcoded ACME paths
 2026-02-19 10:27:41 +01:00
Jagoda Estera Ślązak
91df11015e chore(deps): upgrade to filtermail v0.3 (#850) 
## 0.3.0 - 2026-02-14

### Features

- Support legacy, pre-OpenPGP packet format

### Miscellaneous Tasks

- *(dist)* Switch to musl targets

### Refactor

- Remove unnecessary Arc
- Use a custom, minimal SMTP client instead of lettre

Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
 2026-02-14 18:02:05 +01:00
Jagoda Ślązak
e42139e97b chore(deps): upgrade to filtermail v0.2 
Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
 2026-01-28 20:46:02 +00:00
Jagoda Estera Ślązak
ab3492d9a1 feat(filtermail): Replace filtermail with rust reimplementation (#808) 
Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
 2026-01-23 16:31:45 +01:00
missytake
f9aaeb0f42 ci: enable mtail for CI 
github deployments: be lenient on the whitespace in sed replace of
mtail_address
 2026-01-21 16:33:38 +01:00
link2xt
77a6f49c9b ci: remove jsok/serialize-workflow-action dependency 
Deployments to test servers will not be cancelled anymore,
but it is not clear if we even want it.
This setup is much simpler because it only depends
on GitHub Actions features and does not allocate
a runner just to sleep there and wait in the queue.
 2025-12-27 14:36:39 +00:00
link2xt
1ae4c8451a ci: run tests against ci-chatmail.testrun.org instead of nine.testrun.org 2025-12-18 23:06:05 +00:00
link2xt
51d16b6bb8 Add hpk42 SSH key to staging server for debugging 2025-12-07 20:13:38 +01:00
link2xt
2beba8c455 ci: add deployment environments for all deployment workflows 
Code posting the link to comments is removed
as deployment URLs are directly visible in the UI.
 2025-12-07 15:21:44 +01:00
holger krekel
50b986a265 Split README into sphinx doc structured sections (#711) 
refactor README.rst and architecture file into sphinx doc project, automatically deploying on main merges and PRs.

* add FAQs from https://chatmail.at/relays landing page

* fix links, and streamline postfix/dovecot mentioning

* add linkcheck to CI, fix several links and streamlihne DKIM section while at it

* some streamlining, rename to "overview"

* ci: upload documentation to chatmail.at/doc/relay

* ci: main should be uploaded when docs.yaml changes

* ci: fix typo

* Update .github/workflows/docs-preview.yaml

Co-authored-by: missytake <missytake@systemli.org>
 2025-11-11 14:49:25 +01:00
link2xt
a0ebb2bdbc ci: pin jsok/serialize-workflow-action 2025-11-08 21:03:48 +00:00
missytake
00f199816d unpublish mutual help group invite link 2025-10-28 16:12:07 +01:00
missytake
a6f7ff3652 ci: skip DNS checks during cmdeploy run 2025-10-08 13:07:24 +02:00
missytake
05ec64bf4a fix link to Mutual Help group 2025-09-23 13:42:47 +02:00
missytake
5410c1bebc CI: remove lint checks from test deployments 2025-08-27 08:34:26 +02:00
missytake
915bd39dd5 CI: fail on lint issues 2025-08-27 08:34:26 +02:00
link2xt
6bc751213f Checkout non-merge commit in CI 2025-06-04 20:12:22 +00:00
missytake
30b6df20a9 cmdeploy: upload chatmail/relay version to /etc 2025-05-25 09:12:59 +02:00
missytake
04ae0b86fb added invite link to mutual help group 2025-04-08 10:39:57 +02:00
missytake
b0434dc927 chore: add blank issues + the mutual help chat group 2025-04-08 10:38:17 +02:00
missytake
7578c5f1d3 chore: add issue template 2025-04-08 10:38:17 +02:00
missytake
2780f53d3b CI: accept ns.testrun.org host key (#499) 2025-02-19 21:24:23 +01:00
missytake
f4e371676b chatmaild: fix umask for doveauth + metadata (#494) 
* chatmaild: fix umask for doveauth + metadata

fix #453
 2025-02-17 19:10:26 +01:00
missytake
f4fc1a3f93 CI: stop nested acme directories on staging-ipv4 2025-02-17 01:17:11 +01:00
link2xt
b2995551a2 ci: remove iroh relay from zonefiles 
iroh subdomain is not needed
since 95f8c4b269
 2025-01-26 19:22:45 +00:00
missytake
6a32192e50 Revert rest of #462 
This reverts commit 88a8dc905b.
 2024-12-21 00:04:40 +01:00
missytake
08c88caa46 CI: test all DNS records 2024-12-20 10:46:42 +01:00
missytake
3098afb342 CI: fix accepting ns.testrun.org SSH Host Key 2024-10-30 13:30:44 +01:00
missytake
dfc1042a3f CI: fix #422 nested acme&dkimkeys folders 2024-10-30 13:30:44 +01:00
missytake
aae05ac832 CI: set necessary DNS records before cmdeploy run, so it doesn't fail 2024-10-30 13:30:44 +01:00