Reload Dovecot and Postfix when TLS certificate updates (#271)

CHANGELOG.md

@@ -2,6 +2,9 @@
 
 ## untagged
 
+- Reload Dovecot and Postfix when TLS certificate updates
+  ([#271](https://github.com/deltachat/chatmail/pull/271))
+
 - Use forked version of dovecot without hardcoded delays
   ([#270](https://github.com/deltachat/chatmail/pull/270))
 

cmdeploy/src/cmdeploy/__init__.py

@@ -530,7 +530,6 @@ def deploy_chatmail(config_path: Path) -> None:
 
     # Deploy acmetool to have TLS certificates.
     deploy_acmetool(
-        nginx_hook=True,
         domains=[mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"],
     )
 

cmdeploy/src/cmdeploy/acmetool/__init__.py

@@ -5,7 +5,7 @@ from pyinfra import host
 from pyinfra.facts.systemd import SystemdStatus
 
 
-def deploy_acmetool(nginx_hook=False, email="", domains=[]):
+def deploy_acmetool(email="", domains=[]):
     """Deploy acmetool."""
     apt.packages(
         name="Install acmetool",
@@ -20,11 +20,8 @@ def deploy_acmetool(nginx_hook=False, email="", domains=[]):
         mode="644",
     )
 
-    if nginx_hook:
     files.put(
-            src=importlib.resources.files(__package__)
+        src=importlib.resources.files(__package__).joinpath("acmetool.hook").open("rb"),
-            .joinpath("acmetool.hook")
-            .open("rb"),
         dest="/usr/lib/acme/hooks/nginx",
         user="root",
         group="root",

cmdeploy/src/cmdeploy/acmetool/acmetool.hook

@@ -3,3 +3,5 @@ set -e
 EVENT_NAME="$1"
 [ "$EVENT_NAME" = "live-updated" ] || exit 42
 systemctl restart nginx.service
+systemctl reload dovecot.service
+systemctl reload postfix.service