doveauth: fix home directory returned from lookup_passdb

It is currently unused, but better have it correct
in case of enabling debugging options such as rawlogs.

README.md

@@ -157,6 +157,6 @@ While this file is present, account creation will be blocked.
 [acmetool](https://hlandau.github.io/acmetool/) listens on port 80 (http).
 
 Delta Chat apps will, however, discover all ports and configurations
-automatically by reading the [autoconfig XML file](https://www.ietf.org/archive/id/draft-bucksch-autoconfig-00.html) from the chatmail service.
+automatically by reading the [autoconfig XML file](https://web.archive.org/web/20210624004729/https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration) from the chatmail service.
 
 

cmdeploy/src/cmdeploy/__init__.py

@@ -255,9 +255,7 @@ def _configure_postfix(config: Config, debug: bool = False) -> bool:
     need_restart |= master_config.changed
 
     header_cleanup = files.put(
-        src=importlib.resources.files(__package__).joinpath(
-            "postfix/submission_header_cleanup"
-        ),
+        src=importlib.resources.files(__package__).joinpath("postfix/submission_header_cleanup"),
         dest="/etc/postfix/submission_header_cleanup",
         user="root",
         group="root",
@@ -424,10 +422,7 @@ def deploy_chatmail(config_path: Path) -> None:
     )
 
     # Deploy acmetool to have TLS certificates.
-    deploy_acmetool(
-        nginx_hook=True,
-        domains=[mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"],
-    )
+    deploy_acmetool(nginx_hook=True, domains=[mail_domain, f"mta-sts.{mail_domain}"])
 
     apt.packages(
         name="Install Postfix",

cmdeploy/src/cmdeploy/chatmail.zone.f

@@ -10,6 +10,5 @@ _imaps._tcp.{chatmail_domain}.       SRV 0 1 993 {chatmail_domain}.
 _dmarc.{chatmail_domain}.            TXT "v=DMARC1;p=reject;rua=mailto:{email};ruf=mailto:{email};fo=1;adkim=r;aspf=r"
 _mta-sts.{chatmail_domain}.          TXT "v=STSv1; id={sts_id}"
 mta-sts.{chatmail_domain}.           CNAME {chatmail_domain}.
-www.{chatmail_domain}.               CNAME {chatmail_domain}.
 _smtp._tls.{chatmail_domain}.        TXT "v=TLSRPTv1;rua=mailto:{email}"
 {dkim_entry}

cmdeploy/src/cmdeploy/dns.py

@@ -4,6 +4,7 @@ import requests
 import importlib
 import subprocess
 import datetime
+from ipaddress import ip_address
 
 
 class DNS:
@@ -183,14 +184,14 @@ def check_necessary_dns(out, mail_domain):
     ipv4 = dns.get("A", mail_domain)
     ipv6 = dns.get("AAAA", mail_domain)
     mta_entry = dns.get("CNAME", "mta-sts." + mail_domain)
-    www_entry = dns.get("CNAME", "www." + mail_domain)
+    mta_ip = dns.get("A", mta_entry)
+    if not mta_ip:
+        mta_ip = dns.get("AAAA", mta_entry)
     to_print = []
     if not (ipv4 or ipv6):
         to_print.append(f"\t{mail_domain}.\t\t\tA<your server's IPv4 address>")
-    if mta_entry != mail_domain + ".":
+    if not mta_ip or not (mta_ip == ipv4 or mta_ip == ipv6):
         to_print.append(f"\tmta-sts.{mail_domain}.\tCNAME\t{mail_domain}.")
-    if www_entry != mail_domain + ".":
-        to_print.append(f"\twww.{mail_domain}.\tCNAME\t{mail_domain}.")
     if to_print:
         to_print.insert(
             0,

cmdeploy/src/cmdeploy/nginx/nginx.conf.j2

@@ -41,19 +41,11 @@ http {
 			try_files $uri $uri/ =404;
 		}
 
-		location /metrics {
-			default_type text/plain;
-		}
+                location /metrics {
+                        default_type text/plain;
+                }
 
-		# add cgi-bin support
-		include /usr/share/doc/fcgiwrap/examples/nginx.conf;
-	}
-
-	# Redirect www. to non-www
-	server {
-		listen 443 ssl;
-		listen [::]:443 ssl;
-		server_name www.{{ config.domain_name }};
-		return 301 $scheme://{{ config.domain_name }}$request_uri;
+        # add cgi-bin support
+        include /usr/share/doc/fcgiwrap/examples/nginx.conf;
 	}
 }