more notes on how to get maddy to work

Signed-off-by: Jeff Carr <jcarr@wit.com>
2023-01-29 16:10:40 -06:00 · 2023-01-29 16:10:40 -06:00 · b9945775e7
parent 3b6caca1a7
commit b9945775e7
2 changed files with 21 additions and 1 deletions
--- a/maddy/files/etc/maddy/Makefile
+++ b/maddy/files/etc/maddy/Makefile
@ -0,0 +1,17 @@
+.PHONY: certs
+
+all:
+	echo none of this works yet
+
+# ?
+tls:
+	setfacl -R -m u:maddy:rX /etc/ssl/mx1.example.org.crt /etc/ssl/mx1.example.org.key
+	setfacl -R -m u:maddy:rX /etc/letsencrypt/{live,archive}
+
+# git clone https://github.com/acmesh-official/acme.sh.git
+certs:
+	mkdir -p certs/mx1.example.org
+	./acme.sh/acme.sh --force --install-cert -d mx1.example.org \
+		--key-file       certs/mx1.example.org/privkey.pem  \
+		--fullchain-file certs/mx1.example.org/fullchain.pem
+
--- a/maddy/postinst
+++ b/maddy/postinst
@ -1 +1,4 @@
-#!/bin/sh
+#!/bin/sh -x
+
+systemctl daemon-reload
+useradd -mrU -s /sbin/nologin -d /var/lib/maddy -c "maddy mail server" maddy