tests: let remote fixture run commands locally in a docker container

tests: skip test_logged for DockerExec
tests: catch AssertionError by DockerExec
2026-05-11 16:34:39 +00:00 · 2025-10-18 17:35:43 +02:00 · 2025-10-18 17:35:43 +02:00 · 2025-10-18 17:35:43 +02:00 · 2025-10-18 17:35:43 +02:00 · 2025-10-14 22:29:34 +02:00
29 changed files with 323 additions and 325 deletions
--- a/.github/workflows/test-and-deploy-ipv4only.yaml
+++ b/.github/workflows/test-and-deploy-ipv4only.yaml
@@ -77,7 +77,7 @@ jobs:
          cmdeploy init staging-ipv4.testrun.org
          sed -i 's#disable_ipv6 = False#disable_ipv6 = True#' chatmail.ini
-      - run: cmdeploy run
+      - run: cmdeploy run --verbose --skip-dns-check
      - name: set DNS entries
        run: |
--- a/.github/workflows/test-and-deploy.yaml
+++ b/.github/workflows/test-and-deploy.yaml
@@ -75,7 +75,7 @@ jobs:
      - run: cmdeploy init staging2.testrun.org
-      - run: cmdeploy run --verbose
+      - run: cmdeploy run --verbose --skip-dns-check
      - name: set DNS entries
        run: |
--- a/.gitignore
+++ b/.gitignore
@@ -170,4 +170,3 @@ chatmail.zone
 /custom/
 docker-compose.yaml
 .env
 /traefik/data/
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,30 +2,47 @@
 ## untagged
 - Setup TURN server
  ([#621](https://github.com/chatmail/relay/pull/621))
 - cmdeploy: make --ssh-host work with localhost
  ([#659](https://github.com/chatmail/relay/pull/659))
 - Update iroh-relay to 0.35.0
  ([#650](https://github.com/chatmail/relay/pull/650))
 - filtermail: accept mails from Protonmail
  ([#616](https://github.com/chatmail/relay/pull/655))
 - Ignore all RCPT TO: parameters
  ([#651](https://github.com/chatmail/relay/pull/651))
 - Add config parameter for Let's Encrypt ACME email
  ([#663](https://github.com/chatmail/relay/pull/663))
 - Use max username length in newemail.py, not min
  ([#648](https://github.com/chatmail/relay/pull/648))
 - Add startup for `fcgiwrap.service` because sometimes it did not start automatically.
  ([#657](https://github.com/chatmail/relay/pull/657))
 - Add `cmdeploy init --force` command for recreating chatmail.ini
  ([#656](https://github.com/chatmail/relay/pull/656))
 - Increase maxproc for reinjecting ports from 10 to 100
  ([#646](https://github.com/chatmail/relay/pull/646))
 - Allow ports 143 and 993 to be used by `dovecot` process
  ([#639](https://github.com/chatmail/relay/pull/639))
 - Add `--skip-dns-check` argument to `cmdeploy run` command, which disables DNS record checking before installation.
  ([#661](https://github.com/chatmail/relay/pull/661))
 - Add installation via docker compose (MVP 1). The instructions, known issues and limitations are located in `/docs` 
  ([#614](https://github.com/chatmail/relay/pull/614))
 - Add configuration parameters
  ([#614](https://github.com/chatmail/relay/pull/614)):
  - `use_foreign_cert_manager` - Use a third-party certificate manager instead of acmetool (default: `False`)
  - `change_kernel_settings` - Whether to change kernel parameters during installation (default: `True`)
  - `fs_inotify_max_user_instances_and_watchers` - Value for kernel parameters `fs.inotify.max_user_instances` and `fs.inotify.max_user_watches` (default: `65535`)
--- a/README.md
+++ b/README.md
@@ -101,7 +101,10 @@ Please substitute it with your own domain.
   (it can take some time until they are public).
 ### Docker installation
-Installation using docker compose is presented [here](./docs/DOCKER_INSTALLATION_EN.md)
+
 We have experimental support for [docker compose](./docs/DOCKER_INSTALLATION_EN.md),
 but it is not covered by automated tests yet,
 so don't expect everything to work.
 ### Other helpful commands
--- a/chatmaild/pyproject.toml
+++ b/chatmaild/pyproject.toml
@@ -29,6 +29,7 @@ echobot = "chatmaild.echo:main"
 chatmail-metrics = "chatmaild.metrics:main"
 delete_inactive_users = "chatmaild.delete_inactive_users:main"
 lastlogin = "chatmaild.lastlogin:main"
 turnserver = "chatmaild.turnserver:main"
 [project.entry-points.pytest11]
 "chatmaild.testplugin" = "chatmaild.tests.plugin"
--- a/chatmaild/src/chatmaild/config.py
+++ b/chatmaild/src/chatmaild/config.py
@@ -44,9 +44,7 @@ class Config:
        )
        self.mtail_address = params.get("mtail_address")
        self.disable_ipv6 = params.get("disable_ipv6", "false").lower() == "true"
-        self.use_foreign_cert_manager = (
+        self.acme_email = params.get("acme_email", "")
            params.get("use_foreign_cert_manager", "false").lower() == "true"
        )
        self.change_kernel_settings = (
            params.get("change_kernel_settings", "true").lower() == "true"
        )
--- a/chatmaild/src/chatmaild/filtermail.py
+++ b/chatmaild/src/chatmaild/filtermail.py
@@ -83,8 +83,14 @@ def check_openpgp_payload(payload: bytes):
    return False
-def check_armored_payload(payload: str):
+def check_armored_payload(payload: str, outgoing: bool):
-    prefix = "-----BEGIN PGP MESSAGE-----\r\n\r\n"
+    """Check the armored PGP message for invalid content.
    :param payload: the armored PGP message
    :param outgoing: whether the message is outgoing or incoming
    :return: whether the message is a valid PGP message
    """
    prefix = "-----BEGIN PGP MESSAGE-----\r\n"
    if not payload.startswith(prefix):
        return False
    payload = payload.removeprefix(prefix)
@@ -96,6 +102,17 @@ def check_armored_payload(payload: str):
        return False
    payload = payload.removesuffix(suffix)
    # Disallow comments in outgoing messages
    version_comment = "Version: "
    if payload.startswith(version_comment):
        version_line = payload.splitlines()[0]
        payload = payload.removeprefix(version_line)
        if outgoing:
            return False
    while payload.startswith("\r\n"):
        payload = payload.removeprefix("\r\n")
    # Remove CRC24.
    payload = payload.rpartition("=")[0]
@@ -131,7 +148,7 @@ def is_securejoin(message):
    return True
-def check_encrypted(message):
+def check_encrypted(message, outgoing=True):
    """Check that the message is an OpenPGP-encrypted message.
    MIME structure of the message must correspond to <https://www.rfc-editor.org/rfc/rfc3156>.
@@ -158,7 +175,7 @@ def check_encrypted(message):
            if part.get_content_type() != "application/octet-stream":
                return False
-            if not check_armored_payload(part.get_payload()):
+            if not check_armored_payload(part.get_payload(), outgoing=outgoing):
                return False
        else:
            return False
@@ -241,7 +258,7 @@ class OutgoingBeforeQueueHandler:
        logging.info(f"Processing DATA message from {envelope.mail_from}")
        message = BytesParser(policy=policy.default).parsebytes(envelope.content)
-        mail_encrypted = check_encrypted(message)
+        mail_encrypted = check_encrypted(message, outgoing=True)
        _, from_addr = parseaddr(message.get("from").strip())
@@ -301,7 +318,7 @@ class IncomingBeforeQueueHandler:
        logging.info(f"Processing DATA message from {envelope.mail_from}")
        message = BytesParser(policy=policy.default).parsebytes(envelope.content)
-        mail_encrypted = check_encrypted(message)
+        mail_encrypted = check_encrypted(message, outgoing=False)
        if mail_encrypted or is_securejoin(message):
            print("Incoming: Filtering encrypted mail.", file=sys.stderr)
--- a/chatmaild/src/chatmaild/ini/chatmail.ini.f
+++ b/chatmaild/src/chatmaild/ini/chatmail.ini.f
@@ -45,11 +45,14 @@ passthrough_senders =
 # (space-separated, item may start with "@" to whitelist whole recipient domains)
 passthrough_recipients = xstore@testrun.org echo@{mail_domain}
 # path to www directory - documented here: https://github.com/chatmail/relay/#custom-web-pages
 #www_folder = www
 #
 # Deployment Details
 #
-# SMTP outgoing filtermail and reinjection
+# SMTP outgoing filtermail and reinjection 
 filtermail_smtp_port = 10080
 postfix_reinject_port = 10025
@@ -60,8 +63,8 @@ postfix_reinject_port_incoming = 10026
 # if set to "True" IPv6 is disabled
 disable_ipv6 = False
-# if you set "True", acmetool will not be installed and you will have to manage certificates yourself.
+# Your email adress, which will be used in acmetool to manage Let's Encrypt SSL certificates
-use_foreign_cert_manager = False
+acme_email = 
 #
 # Kernel settings
--- a/chatmaild/src/chatmaild/metadata.py
+++ b/chatmaild/src/chatmaild/metadata.py
@@ -7,6 +7,7 @@ from .config import read_config
 from .dictproxy import DictProxy
 from .filedict import FileDict
 from .notifier import Notifier
 from .turnserver import turn_credentials
 def _is_valid_token_timestamp(timestamp, now):
@@ -75,11 +76,12 @@ class Metadata:
 class MetadataDictProxy(DictProxy):
-    def __init__(self, notifier, metadata, iroh_relay=None):
+    def __init__(self, notifier, metadata, iroh_relay=None, turn_hostname=None):
        super().__init__()
        self.notifier = notifier
        self.metadata = metadata
        self.iroh_relay = iroh_relay
        self.turn_hostname = turn_hostname
    def handle_lookup(self, parts):
        # Lpriv/43f5f508a7ea0366dff30200c15250e3/devicetoken\tlkj123poi@c2.testrun.org
@@ -98,6 +100,11 @@ class MetadataDictProxy(DictProxy):
            ):
                # Handle `GETMETADATA "" /shared/vendor/deltachat/irohrelay`
                return f"O{self.iroh_relay}\n"
            elif keyname == "vendor/vendor.dovecot/pvt/server/vendor/deltachat/turn":
                res = turn_credentials()
                port = 3478
                return f"O{self.turn_hostname}:{port}:{res}\n"
        logging.warning(f"lookup ignored: {parts!r}")
        return "N\n"
@@ -121,6 +128,7 @@ def main():
    config = read_config(config_path)
    iroh_relay = config.iroh_relay
    mail_domain = config.mail_domain
    vmail_dir = config.mailboxes_dir
    if not vmail_dir.exists():
@@ -134,7 +142,10 @@ def main():
    notifier.start_notification_threads(metadata.remove_token_from_addr)
    dictproxy = MetadataDictProxy(
-        notifier=notifier, metadata=metadata, iroh_relay=iroh_relay
+        notifier=notifier,
        metadata=metadata,
        iroh_relay=iroh_relay,
        turn_hostname=mail_domain,
    )
    dictproxy.serve_forever_from_socket(socket)
--- a/chatmaild/src/chatmaild/tests/test_filtermail.py
+++ b/chatmaild/src/chatmaild/tests/test_filtermail.py
@@ -241,8 +241,9 @@ def test_cleartext_passthrough_senders(gencreds, handler, maildata):
 def test_check_armored_payload():
-    payload = """-----BEGIN PGP MESSAGE-----\r
+    prefix = "-----BEGIN PGP MESSAGE-----\r\n"
-\r
+    comment = "Version: ProtonMail\r\n"
    payload = """\r
 wU4DSqFx0d1yqAoSAQdAYkX/ZN/Az4B0k7X47zKyWrXxlDEdS3WOy0Yf2+GJTFgg\r
 Zk5ql0mLG8Ze+ZifCS0XMO4otlemSyJ0K1ZPdFMGzUDBTgNqzkFabxXoXRIBB0AM\r
 755wlX41X6Ay3KhnwBq7yEqSykVH6F3x11iHPKraLCAGZoaS8bKKNy/zg5slda1X\r
@@ -278,16 +279,25 @@ UN4fiB0KR9JyG2ayUdNJVkXZSZLnHyRgiaadlpUo16LVvw==\r
 \r
 """
-    assert check_armored_payload(payload) == True
+    commented_payload = prefix + comment + payload
    assert check_armored_payload(commented_payload, outgoing=False) == True
    assert check_armored_payload(commented_payload, outgoing=True) == False
    payload = prefix + payload
    assert check_armored_payload(payload, outgoing=False) == True
    assert check_armored_payload(payload, outgoing=True) == True
    payload = payload.removesuffix("\r\n")
-    assert check_armored_payload(payload) == True
+    assert check_armored_payload(payload, outgoing=False) == True
    assert check_armored_payload(payload, outgoing=True) == True
    payload = payload.removesuffix("\r\n")
-    assert check_armored_payload(payload) == True
+    assert check_armored_payload(payload, outgoing=False) == True
    assert check_armored_payload(payload, outgoing=True) == True
    payload = payload.removesuffix("\r\n")
-    assert check_armored_payload(payload) == True
+    assert check_armored_payload(payload, outgoing=False) == True
    assert check_armored_payload(payload, outgoing=True) == True
    payload = """-----BEGIN PGP MESSAGE-----\r
 \r
@@ -295,7 +305,8 @@ HELLOWORLD
 -----END PGP MESSAGE-----\r
 \r
 """
-    assert check_armored_payload(payload) == False
+    assert check_armored_payload(payload, outgoing=False) == False
    assert check_armored_payload(payload, outgoing=True) == False
    payload = """-----BEGIN PGP MESSAGE-----\r
 \r
@@ -303,7 +314,8 @@ HELLOWORLD
 -----END PGP MESSAGE-----\r
 \r
 """
-    assert check_armored_payload(payload) == False
+    assert check_armored_payload(payload, outgoing=False) == False
    assert check_armored_payload(payload, outgoing=True) == False
    # Test payload using partial body length
    # as generated by GopenPGP.
@@ -345,4 +357,5 @@ myLbG7cJB787QjplEyVe2P/JBO6xYvbkJLf9Q+HaviTO25rugRSrYsoKMDfO8VlQ\r
 =6iHb\r
 -----END PGP MESSAGE-----\r
 """
-    assert check_armored_payload(payload) == True
+    assert check_armored_payload(payload, outgoing=False) == True
    assert check_armored_payload(payload, outgoing=True) == True
--- a/chatmaild/src/chatmaild/turnserver.py
+++ b/chatmaild/src/chatmaild/turnserver.py
@@ -0,0 +1,9 @@
 #!/usr/bin/env python3
 import socket
 def turn_credentials() -> str:
    with socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) as client_socket:
        client_socket.connect("/run/chatmail-turn/turn.socket")
        with client_socket.makefile("rb") as file:
            return file.readline().decode("utf-8")
--- a/cmdeploy/src/cmdeploy/init.py
+++ b/cmdeploy/src/cmdeploy/init.py
@@ -128,6 +128,7 @@ def _install_remote_venv_with_chatmaild(config) -> None:
        "echobot",
        "chatmail-metadata",
        "lastlogin",
        "turnserver",
    ):
        execpath = fn if fn != "filtermail-incoming" else "filtermail"
        params = dict(
@@ -498,6 +499,56 @@ def check_config(config):
    return config
 def deploy_turn_server(config):
    (url, sha256sum) = {
        "x86_64": (
            "https://github.com/chatmail/chatmail-turn/releases/download/v0.3/chatmail-turn-x86_64-linux",
            "841e527c15fdc2940b0469e206188ea8f0af48533be12ecb8098520f813d41e4",
        ),
        "aarch64": (
            "https://github.com/chatmail/chatmail-turn/releases/download/v0.3/chatmail-turn-aarch64-linux",
            "a5fc2d06d937b56a34e098d2cd72a82d3e89967518d159bf246dc69b65e81b42",
        ),
    }[host.get_fact(facts.server.Arch)]
    need_restart = False
    existing_sha256sum = host.get_fact(Sha256File, "/usr/local/bin/chatmail-turn")
    if existing_sha256sum != sha256sum:
        server.shell(
            name="Download chatmail-turn",
            commands=[
                f"(curl -L {url} >/usr/local/bin/chatmail-turn.new && (echo '{sha256sum} /usr/local/bin/chatmail-turn.new' | sha256sum -c) && mv /usr/local/bin/chatmail-turn.new /usr/local/bin/chatmail-turn)",
                "chmod 755 /usr/local/bin/chatmail-turn",
            ],
        )
        need_restart = True
    source_path = importlib.resources.files(__package__).joinpath(
        "service", "turnserver.service.f"
    )
    content = source_path.read_text().format(mail_domain=config.mail_domain).encode()
    systemd_unit = files.put(
        name="Upload turnserver.service",
        src=io.BytesIO(content),
        dest="/etc/systemd/system/turnserver.service",
        user="root",
        group="root",
        mode="644",
    )
    need_restart |= systemd_unit.changed
    systemd.service(
        name="Setup turnserver service",
        service="turnserver.service",
        running=True,
        enabled=True,
        restarted=need_restart,
        daemon_reload=systemd_unit.changed,
    )
 def deploy_mtail(config):
    # Uninstall mtail package, we are going to install a static binary.
    apt.packages(name="Uninstall mtail", packages=["mtail"], present=False)
@@ -674,6 +725,8 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
        packages=["rsync"],
    )
    deploy_turn_server(config)
    # Run local DNS resolver `unbound`.
    # `resolvconf` takes care of setting up /etc/resolv.conf
    # to use 127.0.0.1 as the resolver.
@@ -726,11 +779,11 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
    deploy_iroh_relay(config)
    # Deploy acmetool to have TLS certificates.
-    if not config.use_foreign_cert_manager:
+    tls_domains = [mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"]
-        tls_domains = [mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"]
+    deploy_acmetool(
-        deploy_acmetool(
+        email=config.acme_email,
-            domains=tls_domains,
+        domains=tls_domains,
-        )
+    )
    apt.packages(
        # required for setfacl for echobot
@@ -767,7 +820,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
        if build_dir:
            www_path = build_webpages(src_dir, build_dir, config)
        # if it is not a hugo page, upload it as is
-        files.rsync(f"{www_path}/", "/var/www/html", flags=["-avz"])
+        files.rsync(f"{www_path}/", "/var/www/html", flags=["-avz", "--chown=www-data"])
    _install_remote_venv_with_chatmaild(config)
    debug = False
@@ -815,6 +868,13 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None:
        restarted=nginx_need_restart,
    )
    systemd.service(
        name="Start and enable fcgiwrap",
        service="fcgiwrap.service",
        running=True,
        enabled=True,
    )
    systemd.service(
        name="Restart echobot if postfix and dovecot were just started",
        service="echobot.service",
--- a/cmdeploy/src/cmdeploy/cmdeploy.py
+++ b/cmdeploy/src/cmdeploy/cmdeploy.py
@@ -19,7 +19,7 @@ from packaging import version
 from termcolor import colored
 from . import dns, remote
-from .sshexec import SSHExec
+from .sshexec import SSHExec, LocalExec
 #
 # cmdeploy sub commands and options
@@ -32,17 +32,30 @@ def init_cmd_options(parser):
        action="store",
        help="fully qualified DNS domain name for your chatmail instance",
    )
    parser.add_argument(
        "--force",
        dest="recreate_ini",
        action="store_true",
        help="force reacreate ini file",
    )
 def init_cmd(args, out):
    """Initialize chatmail config file."""
    mail_domain = args.chatmail_domain
    inipath = args.inipath
    if args.inipath.exists():
-        print(f"Path exists, not modifying: {args.inipath}")
+        if not args.recreate_ini:
-        return 1
+            print(f"[WARNING] Path exists, not modifying: {inipath}")
-    else:
+            return 1
-        write_initial_config(args.inipath, mail_domain, overrides={})
+        else:
-        out.green(f"created config file for {mail_domain} in {args.inipath}")
+            print(
                f"[WARNING] Force argument was provided, deleting config file: {inipath}"
            )
            inipath.unlink()
    write_initial_config(inipath, mail_domain, overrides={})
    out.green(f"created config file for {mail_domain} in {inipath}")
 def run_cmd_options(parser):
@@ -59,10 +72,12 @@ def run_cmd_options(parser):
        help="install/upgrade the server, but disable postfix & dovecot for now",
    )
    parser.add_argument(
-        "--ssh-host",
+        "--skip-dns-check",
-        dest="ssh_host",
+        dest="dns_check_disabled",
-        help="Deploy to 'localhost', via 'docker', or to a specific SSH host",
+        action="store_true",
        help="disable checks nslookup for dns",
    )
    add_ssh_host_option(parser)
 def run_cmd(args, out):
@@ -71,9 +86,10 @@ def run_cmd(args, out):
    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain
    sshexec = get_sshexec(ssh_host)
    require_iroh = args.config.enable_iroh_relay
-    remote_data = dns.get_initial_remote_data(sshexec, args.config.mail_domain)
+    if not args.dns_check_disabled:
-    if not dns.check_initial_remote_data(remote_data, print=out.red):
+        remote_data = dns.get_initial_remote_data(sshexec, args.config.mail_domain)
-        return 1
+        if not dns.check_initial_remote_data(remote_data, print=out.red):
            return 1
    env = os.environ.copy()
    env["CHATMAIL_INI"] = args.inipath
@@ -83,7 +99,7 @@ def run_cmd(args, out):
    pyinf = "pyinfra --dry" if args.dry_run else "pyinfra"
    cmd = f"{pyinf} --ssh-user root {ssh_host} {deploy_path} -y"
-    if ssh_host in ["localhost", "docker"]:
+    if ssh_host in ["localhost", "@docker"]:
        cmd = f"{pyinf} @local {deploy_path} -y"
    if version.parse(pyinfra.__version__) < version.parse("3"):
@@ -93,14 +109,15 @@ def run_cmd(args, out):
    try:
        retcode = out.check_call(cmd, env=env)
        if retcode == 0:
-            print("\nYou can try out the relay by talking to this echo bot: ")
+            if not args.disable_mail:
-            sshexec = SSHExec(args.config.mail_domain, verbose=args.verbose)
+                print("\nYou can try out the relay by talking to this echo bot: ")
-            print(
+                sshexec = SSHExec(args.config.mail_domain, verbose=args.verbose)
-                sshexec(
+                print(
-                    call=remote.rshell.shell,
+                    sshexec(
-                    kwargs=dict(command="cat /var/lib/echobot/invite-link.txt"),
+                        call=remote.rshell.shell,
                        kwargs=dict(command="cat /var/lib/echobot/invite-link.txt"),
                    )
                )
            )
            server_deployed_message = f"Chatmail server started: https://{args.config.mail_domain}/"
            delimiter_line = "=" * len(server_deployed_message)
            out.green(f"{delimiter_line}\n{server_deployed_message}\n{delimiter_line}")
@@ -125,11 +142,7 @@ def dns_cmd_options(parser):
        default=None,
        help="write out a zonefile",
    )
-    parser.add_argument(
+    add_ssh_host_option(parser)
        "--ssh-host",
        dest="ssh_host",
        help="Run the DNS queries on 'localhost', in the chatmail 'docker' container, or on a specific SSH host",
    )
 def dns_cmd(args, out):
@@ -289,6 +302,15 @@ class Out:
        return proc.returncode
 def add_ssh_host_option(parser):
    parser.add_argument(
        "--ssh-host",
        dest="ssh_host",
        help="Run commands on 'localhost', via '@docker', or on a specific SSH host "
             "instead of chatmail.ini's mail_domain.",
    )
 def add_config_option(parser):
    parser.add_argument(
        "--config",
@@ -346,9 +368,9 @@ def get_parser():
 def get_sshexec(ssh_host: str, verbose=True):
    if ssh_host in ["localhost", "@local"]:
-        return "localhost"
+        return LocalExec(verbose, docker=False)
-    elif ssh_host == "docker":
+    elif ssh_host == "@docker":
-        return "docker"
+        return LocalExec(verbose, docker=True)
    if verbose:
        print(f"[ssh] login to {ssh_host}")
    return SSHExec(ssh_host, verbose=verbose)
--- a/cmdeploy/src/cmdeploy/dns.py
+++ b/cmdeploy/src/cmdeploy/dns.py
@@ -7,15 +7,9 @@ from . import remote
 def get_initial_remote_data(sshexec, mail_domain):
-    if sshexec == "localhost":
+    return sshexec.logged(
-        result = remote.rdns.perform_initial_checks(mail_domain)
+        call=remote.rdns.perform_initial_checks, kwargs=dict(mail_domain=mail_domain)
-    elif sshexec == "docker":
+    )
        result = remote.rdns.perform_initial_checks(mail_domain, pre_command="docker exec chatmail ")
    else:
        result = sshexec.logged(
            call=remote.rdns.perform_initial_checks, kwargs=dict(mail_domain=mail_domain)
        )
    return result
 def check_initial_remote_data(remote_data, *, print=print):
@@ -50,14 +44,9 @@ def check_full_zone(sshexec, remote_data, out, zonefile) -> int:
    """Check existing DNS records, optionally write them to zone file
    and return (exitcode, remote_data) tuple."""
-    if sshexec in ["localhost", "docker"]:
+    required_diff, recommended_diff = sshexec.logged(
-        required_diff, recommended_diff = remote.rdns.check_zonefile(
+        remote.rdns.check_zonefile, kwargs=dict(zonefile=zonefile, verbose=False),
-            zonefile=zonefile, verbose=False
+    )
        )
    else:
        required_diff, recommended_diff = sshexec.logged(
            remote.rdns.check_zonefile, kwargs=dict(zonefile=zonefile, verbose=False),
        )
    returncode = 0
    if required_diff:
--- a/cmdeploy/src/cmdeploy/iroh-relay.toml
+++ b/cmdeploy/src/cmdeploy/iroh-relay.toml
@@ -1,5 +1,11 @@
 enable_relay = true
 http_bind_addr = "[::]:3340"
-enable_stun = true
+
 # Disable built-in STUN server in iroh-relay 0.35
 # as we deploy our own TURN server instead.
 # STUN server is going to be removed in iroh-relay 1.0
 # and this line can be removed after upgrade.
 enable_stun = false
 enable_metrics = false
 metrics_bind_addr = "127.0.0.1:9092"
--- a/cmdeploy/src/cmdeploy/service/turnserver.service.f
+++ b/cmdeploy/src/cmdeploy/service/turnserver.service.f
@@ -0,0 +1,16 @@
 [Unit]
 Description=A wrapper for the TURN server
 After=network.target
 [Service]
 Type=simple
 Restart=always
 ExecStart=/usr/local/bin/chatmail-turn --realm {mail_domain} --socket /run/chatmail-turn/turn.socket
 # Create /run/chatmail-turn
 RuntimeDirectory=chatmail-turn
 User=vmail
 Group=vmail
 [Install]
 WantedBy=multi-user.target
--- a/cmdeploy/src/cmdeploy/sshexec.py
+++ b/cmdeploy/src/cmdeploy/sshexec.py
@@ -82,3 +82,19 @@ class SSHExec:
            res = self(call, kwargs, log_callback=remote.rshell.log_progress)
            print_stderr()
            return res
 class LocalExec:
    def __init__(self, verbose=False, docker=False):
        self.verbose = verbose
        self.docker = docker
    def logged(self, call, kwargs: dict):
        where = "locally"
        if self.docker:
            if call == remote.rdns.perform_initial_checks:
                kwargs['pre_command'] = "docker exec chatmail "
                where = "in docker"
        if self.verbose:
            print(f"Running {where}: {call.__name__}(**{kwargs})")
        return call(**kwargs)
--- a/cmdeploy/src/cmdeploy/tests/online/test_1_basic.py
+++ b/cmdeploy/src/cmdeploy/tests/online/test_1_basic.py
@@ -2,6 +2,7 @@ import datetime
 import smtplib
 import socket
 import subprocess
 import time
 import pytest
@@ -9,10 +10,37 @@ from cmdeploy import remote
 from cmdeploy.sshexec import SSHExec
 class FuncError(Exception):
    pass
 class DockerExec:
    FuncError = FuncError
    def __init__(self, pre_command):
        self.pre_command = pre_command
    def __call__(self, call, kwargs=None):
        if kwargs is None:
            kwargs = {}
        return call(**kwargs)
    def logged(self, call, kwargs):
        title = call.__doc__
        if not title:
            title = call.__name__
        print("[ssh] " + title)
        return self(call, kwargs)
 class TestSSHExecutor:
    @pytest.fixture(scope="class")
    def sshexec(self, sshdomain):
-        return SSHExec(sshdomain)
+        try:
            sshexec = SSHExec(sshdomain)
        except FileNotFoundError:
            sshexec = DockerExec("docker exec chatmail ")
        return sshexec
    def test_ls(self, sshexec):
        out = sshexec(call=remote.rdns.shell, kwargs=dict(command="ls"))
@@ -26,11 +54,14 @@ class TestSSHExecutor:
        assert res["A"] or res["AAAA"]
    def test_logged(self, sshexec, maildomain, capsys):
        if isinstance(sshexec, DockerExec):
            pytest.skip("This test only works via SSH")
        sshexec.logged(
            remote.rdns.perform_initial_checks, kwargs=dict(mail_domain=maildomain)
        )
        out, err = capsys.readouterr()
        assert err.startswith("Collecting")
        # XXX could not figure out how capturing can be made to work properly
        #assert err.endswith("....\n")
        assert err.count("\n") == 1
@@ -40,6 +71,7 @@ class TestSSHExecutor:
        )
        out, err = capsys.readouterr()
        lines = err.split("\n")
        # XXX could not figure out how capturing can be made to work properly
        #assert len(lines) > 4
        assert remote.rdns.perform_initial_checks.__doc__ in lines[0]
@@ -52,6 +84,8 @@ class TestSSHExecutor:
        except sshexec.FuncError as e:
            assert "rdns.py" in str(e)
            assert "AssertionError" in str(e)
        except AssertionError:
            assert isinstance(sshexec, DockerExec)
        else:
            pytest.fail("didn't raise exception")
@@ -69,7 +103,7 @@ def test_timezone_env(remote):
    for line in remote.iter_output("env"):
        print(line)
        if line == "tz=:/etc/localtime":
-            return True
+            return
    pytest.fail("TZ is not set")
@@ -146,6 +180,16 @@ def test_reject_missing_dkim(cmsetup, maildata, from_addr):
            s.sendmail(from_addr=from_addr, to_addrs=recipient.addr, msg=msg)
 def try_n_times(n, f):
    for _ in range(n - 1):
        try:
            return f()
        except Exception:
            time.sleep(1)
    return f()
 def test_rewrite_subject(cmsetup, maildata):
    """Test that subject gets replaced with [...]."""
    user1, user2 = cmsetup.gen_users(2)
@@ -158,7 +202,8 @@ def test_rewrite_subject(cmsetup, maildata):
    ).as_string()
    user1.smtp.sendmail(from_addr=user1.addr, to_addrs=[user2.addr], msg=sent_msg)
-    messages = user2.imap.fetch_all_messages()
+    # The message may need some time to get delivered by postfix.
    messages = try_n_times(5, user2.imap.fetch_all_messages)
    assert len(messages) == 1
    rcvd_msg = messages[0]
    assert "Subject: [...]" not in sent_msg
--- a/cmdeploy/src/cmdeploy/tests/plugin.py
+++ b/cmdeploy/src/cmdeploy/tests/plugin.py
@@ -337,10 +337,14 @@ class Remote:
    def iter_output(self, logcmd=""):
        getjournal = "journalctl -f" if not logcmd else logcmd
-        self.popen = subprocess.Popen(
+        try:
-            ["ssh", f"root@{self.sshdomain}", getjournal],
+            self.popen = subprocess.Popen(
-            stdout=subprocess.PIPE,
+                ["ssh", f"root@{self.sshdomain}", getjournal],
-        )
+                stdout=subprocess.PIPE,
            )
        except FileNotFoundError:
            # inside docker container, run locally
            self.popen = subprocess.Popen([getjournal], stdout=subprocess.PIPE)
        while 1:
            line = self.popen.stdout.readline()
            res = line.decode().strip().lower()
--- a/cmdeploy/src/cmdeploy/tests/test_cmdeploy.py
+++ b/cmdeploy/src/cmdeploy/tests/test_cmdeploy.py
@@ -26,10 +26,15 @@ class TestCmdline:
    def test_init_not_overwrite(self, capsys):
        assert main(["init", "chat.example.org"]) == 0
        capsys.readouterr()
        assert main(["init", "chat.example.org"]) == 1
        out, err = capsys.readouterr()
        assert "path exists" in out.lower()
        assert main(["init", "chat.example.org", "--force"]) == 0
        out, err = capsys.readouterr()
        assert "deleting config file" in out.lower()
 def test_www_folder(example_config, tmp_path):
    reporoot = importlib.resources.files(__package__).joinpath("../../../../").resolve()
--- a/docker/docker-compose-traefik.yaml
+++ b/docker/docker-compose-traefik.yaml
@@ -1,136 +0,0 @@
 services:
  chatmail:
    build:
      context: ./docker
      dockerfile: chatmail_relay.dockerfile
      tags:
        - chatmail-relay:latest
    image: chatmail-relay:latest
    restart: unless-stopped
    container_name: chatmail
    depends_on:
      - traefik-certs-dumper
    cgroup: host # required for systemd
    tty: true # required for logs
    tmpfs: # required for systemd
      - /tmp
      - /run
      - /run/lock
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "3"
    environment: #all possible variables you can check inside README and /chatmaild/src/chatmaild/ini/chatmail.ini.f
      MAIL_DOMAIN: $MAIL_DOMAIN
      # MAX_MESSAGE_SIZE: "50M"
      # DEBUG_COMMANDS_ENABLED: "true"
      # FORCE_REINIT_INI_FILE: "true"
      # RECREATE_VENV: "false"
      USE_FOREIGN_CERT_MANAGER: "true"
      CHANGE_KERNEL_SETTINGS: "false"
      PATH_TO_SSL: "${CERTS_ROOT_DIR_CONTAINER}/${MAIL_DOMAIN}"
      ENABLE_CERTS_MONITORING: "true"
      # CERTS_MONITORING_TIMEOUT: 60
      # IS_DEVELOPMENT_INSTANCE: "true"
    ports:
      - "25:25"
      - "587:587"
      - "143:143"
      - "465:465"
      - "993:993"
    volumes:
      ## system
      - /sys/fs/cgroup:/sys/fs/cgroup:rw # required for systemd
      - ./:/opt/chatmail
      - ${CERTS_ROOT_DIR_HOST}:${CERTS_ROOT_DIR_CONTAINER}:ro
      ## data
      - ./data/chatmail:/home
      # - ./data/chatmail-dkimkeys:/etc/dkimkeys
      # - ./data/chatmail-echobot:/run/echobot
      # - ./data/chatmail-acme:/var/lib/acme
      ## custom resources
      # - ./custom/www/src/index.md:/opt/chatmail/www/src/index.md
      ## debug
      # - ./docker/files/setup_chatmail_docker.sh:/setup_chatmail_docker.sh
      # - ./docker/files/entrypoint.sh:/entrypoint.sh
      # - ./docker/files/update_ini.sh:/update_ini.sh
    labels:
      - traefik.enable=true
      - traefik.http.services.chatmail-relay.loadbalancer.server.scheme=https
      - traefik.http.services.chatmail-relay.loadbalancer.server.port=443
      - traefik.http.services.chatmail-relay.loadbalancer.serverstransport=insecure@file
      - traefik.http.routers.chatmail-relay.rule=Host(`${MAIL_DOMAIN}`) || Host(`mta-sts.${MAIL_DOMAIN}`) || Host(`www.${MAIL_DOMAIN}`)
      - traefik.http.routers.chatmail-relay.service=chatmail-relay
      - traefik.http.routers.chatmail-relay.tls=true
      - traefik.http.routers.chatmail-relay.tls.certresolver=letsEncrypt
  traefik_init:
    image: alpine:latest
    restart: on-failure
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "3"
    working_dir: /app
    entrypoint: sh -c '
      touch acme.json &&
      chown 0:0 ./acme.json &&
      chmod 600 ./acme.json'
    volumes:
      - ./traefik/data:/app
  traefik:
    image: traefik:v3.3
    container_name: traefik
    restart: unless-stopped
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "3"
    command:
      - "--configFile=/config.yaml"
      - "--certificatesresolvers.letsEncrypt.acme.email=${ACME_EMAIL}"
    # ports:
    #   - "80:80"
    #   - "443:443"
    network_mode: host
    depends_on:
      traefik_init:
        condition: service_completed_successfully
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik/config.yaml:/config.yaml
      - ./traefik/data/acme.json:/acme.json
      - ./traefik/dynamic-configs:/dynamic/conf
  traefik-certs-dumper:
    image: ldez/traefik-certs-dumper:v2.10.0
    restart: unless-stopped
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "3"
    depends_on:
      - traefik
    entrypoint: sh -c '
      apk add openssl &&
      while ! [ -e /data/acme.json ]
      || ! [ `jq ".[] | .Certificates | length" /data/acme.json | jq -s "add" ` != 0 ]; do
      sleep 1
      ; done
      && traefik-certs-dumper file --version v3 --watch --domain-subdir=true
      --source /data/acme.json --dest /data/letsencrypt/certs --post-hook "sh /post-hook.sh"'
    environment:
      CERTS_DIR: /data/letsencrypt/certs
    volumes:
      - ./traefik/data/letsencrypt:/data/letsencrypt
      - ./traefik/data/acme.json:/data/acme.json
      - ./traefik/post-hook.sh:/post-hook.sh
--- a/docker/example.env
+++ b/docker/example.env
@@ -1,5 +1 @@
 MAIL_DOMAIN="chat.example.com"
 ACME_EMAIL="my.email@gmail.com"
 CERTS_ROOT_DIR_HOST="./traefik/data/letsencrypt/certs"
 CERTS_ROOT_DIR_CONTAINER="/var/lib/acme/live"
--- a/docker/files/entrypoint.sh
+++ b/docker/files/entrypoint.sh
@@ -3,19 +3,6 @@ set -eo pipefail
 unlink /etc/nginx/sites-enabled/default || true
 if [ "${USE_FOREIGN_CERT_MANAGER,,}" == "true" ]; then
    if [ ! -f "$PATH_TO_SSL/fullchain" ]; then
        echo "Error: file '$PATH_TO_SSL/fullchain' does not exist. Exiting..." > /dev/stderr
        sleep 2
        exit 1
    fi
    if [ ! -f "$PATH_TO_SSL/privkey" ]; then
        echo "Error: file '$PATH_TO_SSL/privkey' does not exist. Exiting..." > /dev/stderr
        sleep 2
        exit 1
    fi
 fi
 SETUP_CHATMAIL_SERVICE_PATH="${SETUP_CHATMAIL_SERVICE_PATH:-/lib/systemd/system/setup_chatmail.service}"
 env_vars=$(printenv | cut -d= -f1 | xargs)
--- a/docs/DOCKER_INSTALLATION_EN.md
+++ b/docs/DOCKER_INSTALLATION_EN.md
@@ -32,25 +32,11 @@ Please substitute it with your own domain.
   ```
 ## Installation
 When installing via Docker, there are several options:
- Use the built-in nginx and acmetool in Chatmail container to host the chat and manage certificates.
+1. Copy the file `./docker/docker-compose-default.yaml` to `docker-compose.yaml`. This is necessary because `docker-compose.yaml` is in `.gitignore` and won’t cause conflicts when updating the git repository.
 - Use third-party tools for certificate management.
 For the third-party certificate manager example, traefik will be used, but you can use whatever is more convenient for you.
 1. Copy the file `./docker/docker-compose-default.yaml` or `./docker/docker-compose-traefik.yaml` and rename it to `docker-compose.yaml`. This is necessary because `docker-compose.yaml` is in `.gitignore` and won’t cause conflicts when updating the git repository.
 ```shell
 cp ./docker/docker-compose-default.yaml docker-compose.yaml
 ## or
 # cp ./docker/docker-compose-traefik.yaml docker-compose.yaml
 ```
 2. Copy `./docker/example.env` and rename it to `.env`. This file stores variables used in `docker-compose.yaml`.
 ```shell
 cp ./docker/example.env .env
 ```
 3. Configure environment variables in the `.env` file. These variables are used in the `docker-compose.yaml` file to pass repeated values.
@@ -96,11 +82,6 @@ docker compose logs -f chatmail # view container logs, press CTRL+C to exit
 8. After installation is complete, you can open `https://<your_domain_name>` in your browser.
 9. To send messages to other chatmail relays,
   you need to set additional DNS records.
   Run `docker exec chatmail scripts/cmdeploy.sh dns --ssh-host localhost`
   to see recommended DNS records and check whether they are correct.
 ## Using custom files
 When using Docker, you can apply modified configuration files to make the installation more personalized. This is usually needed for the `www/src` section so that the Chatmail landing page is customized to your taste, but it can be used for any other cases as well.
--- a/docs/DOCKER_INSTALLATION_RU.md
+++ b/docs/DOCKER_INSTALLATION_RU.md
@@ -29,22 +29,10 @@ Please substitute it with your own domain.
   ```
 ## Installation
 При установке через docker есть несколько вариантов:
 - использовать встроенный в chatmail контейнер nginx и acmetool для хостинга чата и управления сертификатами.
 - использовать сторонние инструменты для менеджмента сертификатов
-В качестве примера для стороннего менеджера сертификатов будет использоваться traefik, но вы можете использовать то что удобнее вам.
+1. Скопировать файл `./docker/docker-compose-default.yaml` в `docker-compose.yaml`. Это нужно потому что `docker-compose.yaml` находится в `.gitignore` и не будет создавать конфликты при обновлении гит репозитория.
 1. Скопировать файл `./docker/docker-compose-default.yaml` или `./docker/docker-compose-traefik.yaml` и переименовать в `docker-compose.yaml`. Это нужно потому что `docker-compose.yaml` находится в `.gitignore` и не будет создавать конфликты при обновлении гит репозитория.
 ```shell
 cp ./docker/docker-compose-default.yaml docker-compose.yaml
 ## or
 # cp ./docker/docker-compose-traefik.yaml docker-compose.yaml
 ```
 2. Скопировать `./docker/example.env` и переименовать в `.env`. Здесь хранятся переменные, которые используятся в `docker-compose.yaml`.
 ```shell
 cp ./docker/example.env .env
 ```
 3. Настроить переменные окружения в `.env` файле. Эти переменные используются в `docker-compose.yaml` файле, чтобы передавать повторяющиеся значения.
--- a/traefik/config.yaml
+++ b/traefik/config.yaml
@@ -1,33 +0,0 @@
 log:
  level: TRACE
 entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          permanent: true
  websecure:
    address: ":443"
 providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    directory: /dynamic/conf
    watch: true
 serverstransport:
  insecureskipverify: true
 certificatesResolvers:
  letsEncrypt:
    acme:
      storage: /acme.json
      caServer: "https://acme-v02.api.letsencrypt.org/directory"
      tlschallenge: true
      httpChallenge:
        entryPoint: web
--- a/traefik/dynamic-configs/insecure.yaml
+++ b/traefik/dynamic-configs/insecure.yaml
@@ -1,4 +0,0 @@
 http:
  serversTransports:
    insecure:
      insecureSkipVerify: true
--- a/traefik/post-hook.sh
+++ b/traefik/post-hook.sh
@@ -1,15 +0,0 @@
 CERTS_DIR=${CERTS_DIR:-"/data/letsencrypt/certs"}
 echo "CERTS_DIR: $CERTS_DIR"
 for dir in "$CERTS_DIR"/*/; do
    echo "Processing: $dir"
    cd "$dir"
    if [ -f "certificate.crt" ]; then
        ln -sf certificate.crt fullchain
    fi
    if [ -f "privatekey.key" ]; then
        ln -sf privatekey.key privkey
    fi
    cd -
 done
Author	SHA1	Message	Date
missytake	ff1fff288b	tests: let remote fixture run commands locally in a docker container	2025-10-18 17:35:43 +02:00
missytake	b070677362	tests: skip test_logged for DockerExec	2025-10-18 17:35:43 +02:00
missytake	00342dd667	tests: catch AssertionError by DockerExec	2025-10-18 17:35:43 +02:00
missytake	a23e8a8e59	tests: run tests in docker if SSH is not available	2025-10-18 17:35:43 +02:00
missytake	2f4cfcc03d	README: docker compose support is experimental	2025-10-14 22:29:34 +02:00
missytake	8ffb97a538	docker: enable DNS checks before cmdeploy run again	2025-10-14 22:29:34 +02:00
Keonik1	ad03bdb80d	fix unlink if default nginx conf is not exist - https://github.com/chatmail/relay/pull/614#discussion_r2297828830	2025-10-14 22:29:34 +02:00
Keonik1	28bf01912a	Fix issue with acmetool - https://github.com/chatmail/relay/pull/614#discussion_r2279630626	2025-10-14 22:29:34 +02:00
Keonik1	209a3cc272	Delete ssh connection from docker installation - https://github.com/chatmail/relay/pull/614#discussion_r2269986372 - https://github.com/chatmail/relay/pull/614#discussion_r2269991175 - https://github.com/chatmail/relay/pull/614#discussion_r2269995037 - https://github.com/chatmail/relay/pull/614#discussion_r2270004922	2025-10-14 22:29:34 +02:00
Keonik1	884bd9570b	fix docs - nginx "restart" to "reload" https://github.com/chatmail/relay/pull/614#discussion_r2269896158	2025-10-14 22:29:34 +02:00
Keonik1	07010c27e6	Fix bug with attaching certs	2025-10-14 22:29:34 +02:00
Keonik1	e102f1ace2	pass values to `MAIL_DOMAIN` and `ACME_EMAIL` from vars for docker-compose-default https://github.com/chatmail/relay/pull/614#discussion_r2279591922	2025-10-14 22:29:34 +02:00
Keonik1	1c4e118986	change "restart nginx" to "reload nginx" https://github.com/chatmail/relay/pull/614#discussion_r2269896158	2025-10-14 22:29:34 +02:00
Keonik1	ae3214f45e	add RECREATE_VENV var https://github.com/chatmail/relay/pull/614#discussion_r2279742769	2025-10-14 22:29:34 +02:00
Keonik1	4463c62ba7	add 465 port https://github.com/chatmail/relay/pull/614#discussion_r2279707059	2025-10-14 22:29:34 +02:00
Keonik1	2136469f02	add port 80 to docker-compose-default https://github.com/chatmail/relay/pull/614#discussion_r2279656441	2025-10-14 22:29:34 +02:00
Keonik1	5952465690	rename dockerfile https://github.com/chatmail/relay/pull/614#discussion_r2270031966	2025-10-14 22:29:34 +02:00
Keonik1	29b8bb34ee	Add installation via docker compose (MVP 1) - Adds configuration parameters (`change_kernel_settings`, `fs_inotify_max_user_instances_and_watchers`)	2025-10-14 22:29:34 +02:00
missytake	e7ddf6dc32	cmdeploy: make --ssh-host expect '@docker' instead of 'docker'	2025-10-14 22:27:02 +02:00
missytake	e3c77a5b37	cmdeploy: introduce LocalExec object	2025-10-14 22:27:02 +02:00
missytake	8256080ad1	Revert "tests: first attempt to mock shell() call" This reverts commit a0c632a7006a83c8b39cff86228296c32c5c5b9e.	2025-10-14 22:27:02 +02:00
missytake	248b225665	tests: first attempt to mock shell() call	2025-10-14 22:27:02 +02:00
missytake	79591adca4	cmdeploy: prepare for being able to run commands in docker containers	2025-10-14 22:27:02 +02:00
missytake	185757cf40	tests: disable failing stderr capturing in test_logged for now	2025-10-14 22:27:02 +02:00
missytake	87a3adec03	cmdeploy: allow to run SSH commands locally fix #604 related to #629 pulled out of https://github.com/Keonik1/relay/pull/3	2025-10-14 22:27:02 +02:00
cliffmccarthy	4f5719f590	test: Add retries to test_rewrite_subject() (#670 ) - test_rewrite_subject() is prone to failure when it checks for the delivered message, because fetch_all_messages() raises "ValueError: no messages in imap folder". The check has the potential to happen before the server has had a chance to deliver the message to the user's inbox. - Added a function try_n_times() that attempts to call a function the specified number of times, with a 1-second sleep between calls. The call is retried until it doesn't raise an exception. The last call is made without a 'try' block, so that the final exception passes through to the caller if it does not return. - Wrapped call to fetch_all_messages() in try_n_times(), with 5 attempts specified. This should usually allow enough time for the message to get moved from the postfix queue to the user's inbox.	2025-10-14 21:18:15 +02:00
cliffmccarthy	9787b63cbb	test: Return None for success in test_timezone_env() (#671 ) - test_timezone_env() is producing the warning, "PytestReturnNotNoneWarning: Test functions should return None, but src/cmdeploy/tests/online/test_1_basic.py::test_timezone_env returned <class 'bool'>". - Revised test_timezone_env() to return None for success instead of True.	2025-10-14 21:17:56 +02:00
missytake	6f600fa329	config: add www_folder to default config (#634 )	2025-10-14 21:17:08 +02:00
missytake	20b6e0c528	www: chown /var/www/html to www-data	2025-10-14 21:16:49 +02:00
missytake	262e98f0ba	filtermail: allow Version comment in incoming PGP messages (#655 ) fix #616 * filtermail: accept any Version comment in incoming messages	2025-10-14 19:15:13 +02:00
cliffmccarthy	d720b8107d	Don't print echobot link when disabling mail - On a fresh install, if cmdeploy is run the first time with the --disable-mail option, the echobot invite-link.txt file will not exist yet. - Only print the echobot invite link if --disable-mail was not specified. This fixes the fresh-install error case, and also makes sense when disabling mail in general, because the echo bot will not be available at that time.	2025-10-13 21:46:47 +02:00
link2xt	d7f50183ea	feat: setup TURN server	2025-10-10 18:32:32 +00:00
missytake	248603ab0a	cmdeploy: remove colors from cmdeploy init again, hard to test	2025-10-09 23:54:44 +02:00
missytake	123531f1eb	cmdeploy: add --force to cmdeploy init for recreating chatmail.ini	2025-10-09 23:54:44 +02:00
Keonik1	1170adc1d4	cmdeploy: start and enable fcgiwrap	2025-10-08 13:11:02 +02:00
missytake	a6f7ff3652	ci: skip DNS checks during cmdeploy run	2025-10-08 13:07:24 +02:00
Keonik1	d39076f0d6	cmdeploy: cmdeploy run option to skip DNS checks	2025-10-08 13:07:24 +02:00
Keonik1	65c0bf13f2	cmdeploy: add acme_email config value	2025-10-08 13:06:48 +02:00