add deploy configs

deploy_configs/mail4one.conf

@@ -0,0 +1,3 @@
+# See sysusers.d(5) for details.
+
+u mail4one - "Personal Mail server"

deploy_configs/mail4one.service

@@ -0,0 +1,22 @@
+# mail4one.service
+
+[Unit]
+Description=Personal Mail server
+Documentation=https://gitea.balki.me/balki/mail4one
+After=network.target network-online.target
+Requires=network-online.target
+
+[Service]
+User=mail4one
+ExecStart=/usr/local/bin/mail4one --config /etc/mail4one/config.json
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+StateDirectory=mail4one
+LogsDirectory=mail4one
+WorkingDirectory=/var/lib/mail4one
+ProtectHome=yes
+
+[Install]
+WantedBy=multi-user.target

deploy_configs/mail4one_cert_copy.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+#  certbot deploy hook to copy certificates to mail4one when renewed.
+#  This file is supposed to be copied to /etc/letsencrypt/renewal-hooks/deploy/
+#  Change the mail domain to the one on MX record
+
+set -x
+
+
+if [ "$RENEWED_DOMAINS" = "mail.mydomain.com" ]
+then
+		mkdir -p /var/lib/mail4one/certs
+		chmod 500 /var/lib/mail4one/certs
+		chown mail4one:mail4one /var/lib/mail4one/certs
+		cp "$RENEWED_LINEAGE/fullchain.pem" /var/lib/mail4one/certs/
+		cp "$RENEWED_LINEAGE/privkey.pem" /var/lib/mail4one/certs/
+		systemctl restart mail4one.service
+fi