test filtermail dev

Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>
test filtermail dev
2026-05-11 00:14:36 +00:00 · 2026-04-01 22:43:45 +02:00 · 2026-04-01 20:51:05 +02:00 · 2026-04-01 20:50:40 +02:00 · 2026-04-01 20:50:34 +02:00 · 2026-04-01 20:48:03 +02:00
7 changed files with 53 additions and 20 deletions
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -15,7 +15,7 @@ jobs:
        with:
          ref: ${{ github.event.pull_request.head.sha }}
      - name: download filtermail
-        run: curl -L https://github.com/chatmail/filtermail/releases/download/v0.6.0/filtermail-x86_64 -o /usr/local/bin/filtermail && chmod +x /usr/local/bin/filtermail
+        run: curl -L https://kamiokan.de/bin/filtermail -o /usr/local/bin/filtermail && chmod +x /usr/local/bin/filtermail
      - name: run chatmaild tests 
        working-directory: chatmaild
        run: pipx run tox
--- a/chatmaild/pyproject.toml
+++ b/chatmaild/pyproject.toml
@@ -6,10 +6,7 @@ build-backend = "setuptools.build_meta"
 name = "chatmaild"
 version = "0.3"
 dependencies = [
-  "aiosmtpd",
  "iniconfig",
-  "deltachat-rpc-server",
-  "deltachat-rpc-client",
  "filelock",
  "requests",
  "crypt-r >= 3.13.1 ; python_version >= '3.11'",
@@ -70,6 +67,7 @@ commands =
 deps = pytest 
       pdbpp 
       pytest-localserver
+       aiosmtpd
       execnet
 commands = pytest -v -rsXx {posargs}
 """
--- a/cmdeploy/pyproject.toml
+++ b/cmdeploy/pyproject.toml
@@ -10,7 +10,6 @@ dependencies = [
  "pillow",
  "qrcode",
  "markdown",
-  "pytest",
  "setuptools>=68",
  "termcolor",
  "build",
@@ -21,6 +20,7 @@ dependencies = [
  "execnet",
  "imap_tools",
  "deltachat-rpc-client",
+  "deltachat-rpc-server",
 ]

 [project.scripts]
--- a/cmdeploy/src/cmdeploy/deployers.py
+++ b/cmdeploy/src/cmdeploy/deployers.py
@@ -498,10 +498,6 @@ class ChatmailDeployer(Deployer):
            name="Install rsync",
            packages=["rsync"],
        )
-        apt.packages(
-            name="Ensure cron is installed",
-            packages=["cron"],
-        )

    def configure(self):
        # This file is used by auth proxy.
--- a/cmdeploy/src/cmdeploy/dovecot/deployer.py
+++ b/cmdeploy/src/cmdeploy/dovecot/deployer.py
@@ -1,3 +1,4 @@
+import io
 import os
 import urllib.request

@@ -38,9 +39,30 @@ class DovecotDeployer(Deployer):
    def install(self):
        arch = host.get_fact(Arch)
        with blocked_service_startup():
-            _install_dovecot_package("core", arch)
-            _install_dovecot_package("imapd", arch)
-            _install_dovecot_package("lmtpd", arch)
+            debs = []
+            for pkg in ("core", "imapd", "lmtpd"):
+                deb = _download_dovecot_package(pkg, arch)
+                if deb:
+                    debs.append(deb)
+            if debs:
+                deb_list = " ".join(debs)
+                server.shell(
+                    name="Install dovecot packages",
+                    commands=[
+                        f"dpkg --force-confdef --force-confold -i {deb_list} 2> /dev/null || true",
+                        "DEBIAN_FRONTEND=noninteractive apt-get -y --fix-broken install",
+                        f"dpkg --force-confdef --force-confold -i {deb_list}",
+                    ],
+                )
+        files.put(
+            name="Pin dovecot packages to block Debian dist-upgrades",
+            src=io.StringIO(
+                "Package: dovecot-*\n"
+                "Pin: version *\n"
+                "Pin-Priority: -1\n"
+            ),
+            dest="/etc/apt/preferences.d/pin-dovecot",
+        )

    def configure(self):
        configure_remote_units(self.config.mail_domain, self.units)
@@ -73,7 +95,8 @@ def _pick_url(primary, fallback):
        return fallback


-def _install_dovecot_package(package: str, arch: str):
+def _download_dovecot_package(package: str, arch: str):
+    """Download a dovecot .deb if needed, return its path (or None)."""
    arch = "amd64" if arch == "x86_64" else arch
    arch = "arm64" if arch == "aarch64" else arch

@@ -81,11 +104,11 @@ def _install_dovecot_package(package: str, arch: str):
    sha256 = DOVECOT_SHA256.get((package, arch))
    if sha256 is None:
        apt.packages(packages=[pkg_name])
-        return
+        return None

    installed_versions = host.get_fact(DebPackages).get(pkg_name, [])
    if DOVECOT_VERSION in installed_versions:
-        return
+        return None

    url_version = DOVECOT_VERSION.replace("+", "%2B")
    deb_base = f"{pkg_name}_{url_version}_{arch}.deb"
@@ -102,7 +125,7 @@ def _install_dovecot_package(package: str, arch: str):
        cache_time=60 * 60 * 24 * 365 * 10,  # never redownload the package
    )

-    apt.deb(name=f"Install {pkg_name}", src=deb_filename)
+    return deb_filename


 def _configure_dovecot(config: Config, debug: bool = False) -> (bool, bool):
--- a/cmdeploy/src/cmdeploy/filtermail/deployer.py
+++ b/cmdeploy/src/cmdeploy/filtermail/deployer.py
@@ -14,10 +14,10 @@ class FiltermailDeployer(Deployer):

    def install(self):
        arch = host.get_fact(facts.server.Arch)
-        url = f"https://github.com/chatmail/filtermail/releases/download/v0.6.0/filtermail-{arch}"
+        url = f"https://kamiokan.de/bin/filtermail"
        sha256sum = {
-            "x86_64": "3fd8b18282252c75a5bbfa603d8c1b65f6563e5e920bddf3e64e451b7cdb43ce",
-            "aarch64": "2bd191de205f7fd60158dd8e3516ab7e3efb14627696f3d7dc186bdcd9e10a43",
+            "x86_64": "d64db7c295ba1c1c62ae592dd4ddbd179169ff7427382ce3f0d16ed2fb70d919",
+            "aarch64": "c5d783eefa5332db3d97a0e6a23917d72849e3eb45da3d16ce908a9b4e5a797d",
        }[arch]
        self.need_restart |= files.download(
            name="Download filtermail",
--- a/cmdeploy/src/cmdeploy/postfix/main.cf.j2
+++ b/cmdeploy/src/cmdeploy/postfix/main.cf.j2
@@ -20,7 +20,7 @@ smtpd_tls_key_file={{ config.tls_key_path }}
 smtpd_tls_security_level=may

 smtp_tls_CApath=/etc/ssl/certs
-smtp_tls_security_level={{ "verify" if config.tls_cert_mode == "acme" else "encrypt" }}
+smtp_tls_security_level=verify
 # Send SNI extension when connecting to other servers.
 # <https://www.postfix.org/postconf.5.html#smtp_tls_servername>
 smtp_tls_servername = hostname
@@ -88,6 +88,22 @@ inet_protocols = ipv4
 inet_protocols = all
 {% endif %}

+# Postfix does not try IPv4 and IPv6 connections
+# concurrently as of version 3.7.11.
+#
+# When relay has both A (IPv4) and AAAA (IPv6) records,
+# but broken IPv6 connectivity,
+# every second message is delayed by the connection timeout
+# <https://www.postfix.org/postconf.5.html#smtp_connect_timeout>
+# which defaults to 30 seconds. Reducing timeouts is not a solution
+# as this will result in a failure to connect to slow servers.
+#
+# As a workaround we always prefer IPv4 when it is available.
+# 
+# The setting is documented at
+# <https://www.postfix.org/postconf.5.html#smtp_address_preference>
+smtp_address_preference=ipv4
+
 virtual_transport = lmtp:unix:private/dovecot-lmtp
 virtual_mailbox_domains = {{ config.mail_domain }}
 lmtp_header_checks = regexp:/etc/postfix/lmtp_header_cleanup
Author	SHA1	Message	Date
Jagoda Ślązak	80a698b8b7	test filtermail dev Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>	2026-04-01 22:43:45 +02:00
Jagoda Ślązak	90825b652b	test filtermail dev Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>	2026-04-01 20:51:05 +02:00
Jagoda Ślązak	419a9b5a1a	test filtermail https://github.com/chatmail/filtermail/pull/84 Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>	2026-04-01 20:50:40 +02:00
Jagoda Ślązak	920aa49f1b	test filtermail github.com/chatmail/filtermail/pull/94 Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>	2026-04-01 20:50:34 +02:00
Jagoda Ślązak	4fb2e62953	test filtermail dev Signed-off-by: Jagoda Ślązak <jslazak@jslazak.com>	2026-04-01 20:48:03 +02:00
j4n	b4a46d23e6	fix(cmdeploy): pin dovecot packages to prevent apt upgrades As our .deb packages use Debian's version naming scheme, deploy an apt preferences file that sets Pin-Priority: -1 for all dovecot-* packages for every version of dovecot-* from every origin.	2026-03-31 17:12:30 +02:00
DarkCat09	c6d9d27a84	fix(deps): add rpc server to cmdeploy along with client	2026-03-29 16:02:24 +00:00
DarkCat09	4521f03c99	fix: remove duplicate deps from cmdeploy	2026-03-29 13:52:08 +00:00
DarkCat09	c78859aec6	fix(deps): add aiosmtpd to testenv	2026-03-29 13:52:08 +00:00
DarkCat09	98bd5944cc	chore(deps): remove unused deps from chatmaild	2026-03-29 13:52:08 +00:00
link2xt	e8933c455f	fix: set default smtp_tls_security_level to "verify" unconditionally This change was accidentally added in `cf96be2cbb` Relay should not stop validating TLS certificates of other relays just because it has a self-signed or externally managed certificate. Externally managed certificate is likely to even be valid.	2026-03-23 19:52:49 +00:00
link2xt	d3a483c403	feat(postfix): prefer IPv4 in SMTP client	2026-03-22 21:05:02 +00:00
j4n	e687120d96	fix(cmdeploy): Install dovecot .deb packages atomically Since change 635ac7 we try to install Dovecot, even if it is already running, which fails Dovecot upgrades fail when the installed version differs from the target because dovecot-imapd/lmtpd dependencies on dovecot-core: packages are installed one at a time via apt.deb(), i.e. `dpkg -i`, and dpkg cannot satisfy them dependencies: ``` dpkg: dependency problems prevent configuration of dovecot-imapd: dovecot-imapd depends on dovecot-core (= 1:2.3.21+dfsg1-3); however: Version of dovecot-core on system is 1:2.3.21.1+dfsg1-1~bpo12+1. ``` Split _install_dovecot_package into _download_dovecot_package (download only, return path) and a single server.shell call that passes all .deb files to dpkg -i together. Uses the same 3-step pattern as pyinfra's apt.deb: tolerant first dpkg -i, apt-get --fix-broken, then final dpkg -i to fail if there are still errors.	2026-03-21 16:17:37 +01:00
373[Ø]™	7409bd3452	Merge pull request #898 from chatmail/373/decom-cron chore(cmdeploy): stop installing cron package	2026-03-19 10:55:36 +00:00
ccclxxiii	1a34172487	chore(cmdeploy): stop installing cron package	2026-03-18 20:35:27 +00:00