cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-06-13 15:11:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
da3d726fb1c725802236fe936690034dd7743292
relay/cmdeploy/src/cmdeploy/external/tls-cert-reload.path.f
T
holger krekel da3d726fb1 feat: support externally managed TLS via tls_external_cert_and_key option 
Adds a new tls_external_cert_and_key config option for chatmail servers
that manage their own TLS certificates (e.g. via an external ACME client
or a load balancer).

A systemd path unit (tls-cert-reload.path) watches the certificate file
via inotify and automatically reloads dovecot and nginx when it changes.
Postfix reads certs per TLS handshake so needs no reload.

Also extracts openssl_selfsigned_args() so cert generation parameters
are shared between SelfSignedTlsDeployer and the e2e test.
2026-02-19 19:49:53 +01:00

12 lines
309 B
FortranFixed
Raw Blame History

# Watch the TLS certificate file for changes.
# When the cert is updated (e.g. renewed by an external process),
# this triggers tls-cert-reload.service to restart the affected services.
[Unit]
Description=Watch TLS certificate for changes
[Path]
PathChanged={cert_path}
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink