diff --git a/CHANGELOG.md b/CHANGELOG.md index e3e520dc..1ec7acb7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ - Check whether GCC is installed in initenv.sh ([#608](https://github.com/chatmail/relay/pull/608)) +- Automate file ownership setting from host migration process + ([#609](https://github.com/chatmail/relay/pull/609)) + - Expire push notification tokens after 90 days ([#583](https://github.com/chatmail/relay/pull/583)) diff --git a/README.md b/README.md index 7ba08fdb..4ff8aa47 100644 --- a/README.md +++ b/README.md @@ -395,15 +395,6 @@ in this case, just run `ssh-keygen -R "mail.example.org"` as recommended. Postfix and Dovecot are disabled for now; we will enable them later. We first need to make the new site fully operational. -3. On the new site, run the following to ensure the ownership is correct in case UIDs/GIDs changed: - - ``` - chown root: -R /var/lib/acme - chown opendkim: -R /etc/dkimkeys - chown vmail: -R /home/vmail/mail - chown echobot: -R /run/echobot - ``` - 4. Now, update DNS entries. If other MTAs try to deliver messages to your chatmail domain they may fail intermittently, diff --git a/cmdeploy/src/cmdeploy/__init__.py b/cmdeploy/src/cmdeploy/__init__.py index cb894750..dfd269f0 100644 --- a/cmdeploy/src/cmdeploy/__init__.py +++ b/cmdeploy/src/cmdeploy/__init__.py @@ -748,6 +748,20 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: _remove_rspamd() opendkim_need_restart = _configure_opendkim(mail_domain, "opendkim") + # + # If this system is pre-populated with data from a previous instance, + # we might need to adjust ownership of files. + # + stateful_paths = { + "/etc/dkimkeys": "opendkim", + "/home/vmail/mail": "vmail", + "/run/echobot": "echobot", + "/var/lib/acme": "root", + } + for stateful_path, path_owner in stateful_paths.items(): + files.directory(stateful_path) # In case it doesn't exist yet. + server.shell("chown {}: -R {}".format(path_owner, stateful_path)) + systemd.service( name="Start and enable OpenDKIM", service="opendkim.service",