fix: Add fallback mechanism for acmetool account URL retrieval

When acmetool account-url command fails, directly read the URL from filesystem.
This ensures cmdeploy dns can proceed even if the acmetool command
is not functioning properly.

Fixes #545

CHANGELOG.md

@@ -2,9 +2,6 @@
 
 ## untagged
 
-- Avoid "acmetool not found" during initial run
-  ([#550](https://github.com/chatmail/relay/pull/550))
-
 - Enforce end-to-end encryption for incoming messages. 
   New user address mailboxes now get a `enforceE2EEincoming` file 
   which prohibits incoming cleartext messages from other domains. 
@@ -24,9 +21,6 @@
 - Send SNI when connecting to outside servers
   ([#524](https://github.com/chatmail/server/pull/524))
 
-- postfix master.cf: use 127.0.0.1 for consistency
-  ([#544](https://github.com/chatmail/relay/pull/544))
-
 - Pass through `original_content` instead of `content` in filtermail
   ([#509](https://github.com/chatmail/server/pull/509))
 

cmdeploy/src/cmdeploy/postfix/master.cf.j2

@@ -77,13 +77,13 @@ scache    unix  -       -       y       -       1       scache
 postlog   unix-dgram n  -       n       -       1       postlogd
 filter    unix -        n       n       -       -       lmtp
 # Local SMTP server for reinjecting outgoing filtered mail.
-127.0.0.1:{{ config.postfix_reinject_port }} inet  n       -       n       -       10      smtpd
+localhost:{{ config.postfix_reinject_port }} inet  n       -       n       -       10      smtpd
   -o syslog_name=postfix/reinject
   -o smtpd_milters=unix:opendkim/opendkim.sock
   -o cleanup_service_name=authclean
 
 # Local SMTP server for reinjecting incoming filtered mail 
-127.0.0.1:{{ config.postfix_reinject_port_incoming }} inet  n       -       n       -       10      smtpd
+localhost:{{ config.postfix_reinject_port_incoming }} inet  n       -       n       -       10      smtpd
   -o syslog_name=postfix/reinject_incoming
   -o smtpd_milters=unix:opendkim/opendkim.sock
 

cmdeploy/src/cmdeploy/remote/rdns.py

@@ -11,10 +11,49 @@ All functions of this module
 """
 
 import re
+import os
+import glob
 
 from .rshell import CalledProcessError, shell
 
 
+def get_acme_account_url():
+    """Get the acmetool account URL with fallback methods.
+    
+    First tries the acmetool command, then falls back to searching the filesystem
+    if the command fails or returns empty.
+    """
+    # Try the acmetool command first
+    acme_url = shell("acmetool account-url", fail_ok=True)
+    if acme_url:
+        return acme_url
+    
+    # Fallback: search for URL files in acme accounts directory
+    try:
+        acct_base = "/var/lib/acme/accounts/"
+        # Find Let's Encrypt directory
+        le_dirs = glob.glob(os.path.join(acct_base, "*letsencrypt*"))
+        if not le_dirs:
+            return ""
+        
+        # Find account directories
+        for le_dir in le_dirs:
+            acct_dirs = glob.glob(os.path.join(le_dir, "*"))
+            for acct_dir in acct_dirs:
+                url_file = os.path.join(acct_dir, "url")
+                if os.path.isfile(url_file):
+                    # Read the URL file content
+                    with open(url_file, "r") as f:
+                        url = f.read().strip()
+                        if url:
+                            return url
+    except Exception:
+        # Any exception during fallback should be ignored
+        pass
+    
+    return ""
+
+
 def perform_initial_checks(mail_domain):
     """Collecting initial DNS settings."""
     assert mail_domain
@@ -26,7 +65,7 @@ def perform_initial_checks(mail_domain):
     WWW = query_dns("CNAME", f"www.{mail_domain}")
 
     res = dict(mail_domain=mail_domain, A=A, AAAA=AAAA, MTA_STS=MTA_STS, WWW=WWW)
-    res["acme_account_url"] = shell("acmetool account-url", fail_ok=True)
+    res["acme_account_url"] = get_acme_account_url()
     res["dkim_entry"], res["web_dkim_entry"] = get_dkim_entry(
         mail_domain, dkim_selector="opendkim"
     )

cmdeploy/src/cmdeploy/remote/rshell.py

@@ -1,13 +1,10 @@
-from subprocess import DEVNULL, CalledProcessError, check_output
+from subprocess import CalledProcessError, check_output
 
 
 def shell(command, fail_ok=False):
     print(f"$ {command}")
-    args = dict(shell=True)
-    if fail_ok:
-        args["stderr"] = DEVNULL
     try:
-        return check_output(command, **args).decode().rstrip()
+        return check_output(command, shell=True).decode().rstrip()
     except CalledProcessError:
         if not fail_ok:
             raise

www/src/info.md

@@ -6,6 +6,29 @@ interoperable e-mail service for everyone. What's behind a `chatmail` is
 effectively a normal e-mail address just like any other but optimized 
 for the usage in chats, especially DeltaChat.
 
+### Choosing a chatmail address instead of using a random one
+
+In the Delta Chat account setup you may tap `Create a profile` then `Use other server` and choose `Classic e-mail login`. Here fill the two fields like this: 
+
+- `E-Mail Address`: invent a word with
+{% if username_min_length == username_max_length %}
+  *exactly* {{ username_min_length }}
+{% else %}
+  {{ username_min_length}}
+  {% if username_max_length == "more" %}
+    or more
+  {% else %}
+    to {{ username_max_length }}
+  {% endif %}
+{% endif %}
+  characters
+  and append `@{{config.mail_domain}}` to it.
+
+- `Existing Password`: invent at least {{ password_min_length }} characters.
+
+If the e-mail address is not yet taken, you'll get that account. 
+The first login sets your password. 
+
 
 ### Rate and storage limits 
 
@@ -15,10 +38,9 @@ for the usage in chats, especially DeltaChat.
 
 - You may send up to {{ config.max_user_send_per_minute }} messages per minute.
 
-- You can store up to [{{ config.max_mailbox_size }} messages on the server](https://delta.chat/en/help#what-happens-if-i-turn-on-delete-old-messages-from-server).
+- Messages are unconditionally removed {{ config.delete_mails_after }} days after arriving on the server.
 
-- Messages are unconditionally removed latest {{ config.delete_mails_after }} days after arriving on the server.
+- You can store up to [{{ config.max_mailbox_size }} messages on the server](https://delta.chat/en/help#what-happens-if-i-turn-on-delete-old-messages-from-server).
-  Earlier, if storage may exceed otherwise.
 
 
 ### <a name="account-deletion"></a> Account deletion