Compare commits

..

2 Commits

4 changed files with 30 additions and 21 deletions

14
Pipfile.lock generated
View File

@ -18,20 +18,20 @@
"default": {
"aiosmtpd": {
"hashes": [
"sha256:f821fe424b703b2ea391dc2df11d89d2afd728af27393e13cf1a3530f19fdc5e",
"sha256:f9243b7dfe00aaf567da8728d891752426b51392174a34d2cf5c18053b63dcbc"
"sha256:78d7b14f859ad0e6de252b47f9cf1ca6f1c82a8b0f10a9e39bec7e915a6aa5fe",
"sha256:a196922f1903e54c4d37c53415b7613056d39e2b1e8249f324b9ee7a439be0f1"
],
"index": "pypi",
"markers": "python_version ~= '3.7'",
"version": "==1.4.4.post2"
"markers": "python_version >= '3.8'",
"version": "==1.4.5"
},
"atpublic": {
"hashes": [
"sha256:0f40433219e124edf115c6c363808ca6f0e1cfa7d160d86b2fb94793086d1294",
"sha256:80057c55641253b86dcb68b524f82328172371b6547d4c7462a9127fbfbbabfc"
"sha256:d1c8cd931af7461f6d18bc6063383e8654d9e9ef19d58ee6dc01e8515bbf55df",
"sha256:df90de1162b1a941ee486f484691dc7c33123ee638ea5d6ca604061306e0fdde"
],
"markers": "python_version >= '3.8'",
"version": "==4.0"
"version": "==4.1.0"
},
"attrs": {
"hashes": [

View File

@ -81,15 +81,16 @@ systemctl status mail4one
Above command should fail as the TLS certificates don't exist yet.
## Setup TLS certificates
Install [certbot](https://certbot.eff.org/) and run below command. Follow instructions to create TLS certificates. Usually you want certificate for domain name like `mail.example.com`
Install [certbot](https://certbot.eff.org/) and run below command. Follow instructions to create TLS certificates. Usually you want certificate for domain name like `mail.mydomain.com`
```sh
sudo certbot certonly
sudo cp /etc/letsencrypt/live/mail.example.com/{fullchain,privkey}.pem /var/lib/mail4one/certs/
sudo chown mail4one:mail4one /var/lib/mail4one/certs/{fullchain,privkey}.pem
# Edit mail4one_cert_copy.sh to update your domain name
# **Edit** mail4one_cert_copy.sh to update your domain name
sudo cp mail4one_cert_copy.sh /etc/letsencrypt/renewal-hooks/deploy/
sudo chmod +x /etc/letsencrypt/renewal-hooks/deploy/mail4one_cert_copy.sh
# This will create and copy the certificates to the right path with correct permissions and ownership
sudo certbot certonly -d mail.mydomain.com --run-deploy-hooks --dry-run
```
## Restart service and check logs
```sh
@ -109,6 +110,6 @@ python3 -m http.server 25
In local machine or a browser
You should see file listing a, b, c. Repeat for port 465, 995 to make sure firewall rules and dns is working
```sh
curl http://mail.example.com:25
curl http://mail.mydomain.com:25
```
If not working, refer to VPS settings and OS firewall settings.

View File

@ -7,13 +7,21 @@
# This file is supposed to be copied to /etc/letsencrypt/renewal-hooks/deploy/
# Change the mail domain to the one on MX record
set -eu
if [ "$RENEWED_DOMAINS" = "mail.mydomain.com" ]
then
mkdir -p /var/lib/mail4one/certs
chmod 750 /var/lib/mail4one/certs
chown mail4one:mail4one /var/lib/mail4one/certs
cp "$RENEWED_LINEAGE/fullchain.pem" /var/lib/mail4one/certs/
cp "$RENEWED_LINEAGE/privkey.pem" /var/lib/mail4one/certs/
systemctl restart mail4one.service
echo "$(date) Renewed and deployed certificates for mail4one" >> /var/log/mail4one-cert-renew.log
app=mail4one
appuser=$app
certpath="/var/lib/$app/certs"
mkdir -p "$certpath"
chmod 750 "$certpath"
chown $appuser:$appuser "$certpath"
install -o "$appuser" -g "$appuser" -m 444 "$RENEWED_LINEAGE/fullchain.pem" -t "$certpath"
install -o "$appuser" -g "$appuser" -m 400 "$RENEWED_LINEAGE/privkey.pem" -t "$certpath"
systemctl restart $app.service
echo "$(date) Renewed and deployed certificates for $app" >> /var/log/cert-renew.log
fi

View File

@ -1,5 +1,5 @@
-i https://pypi.org/simple
aiosmtpd==1.4.4.post2; python_version ~= '3.7'
atpublic==4.0; python_version >= '3.8'
aiosmtpd==1.4.5; python_version >= '3.8'
atpublic==4.1.0; python_version >= '3.8'
attrs==23.2.0; python_version >= '3.7'
python-jata==1.2; python_version >= '3.8'