HomeDevCentral

Allow to update SMTP server certificates
Concern Raised4d9fcc57d6fc

Authored by dereckson on Nov 3 2016, 14:32.

Description

Allow to update SMTP server certificates

Summary:
The SMTP server certificate is managed by Let's encrypt.
It's renewed by a timer on Dwellers introduced in cd39c567ec4f.

When renewed, it's only available for nginx, but must also be
deployed to the LXC mailserver container to be accessible by Postfix.

There is a work in progress to automate the process: as Let's encrypt
renew code runs in a Docker container without access to the LXC mail
container, we want to check file hashes to copy and restart when needed.

Meanwhile, this change allows manual certificate propagation.

Test Plan: Tested to solve T1038.

Reviewers: Sandlayth

Differential Revision: https://devcentral.nasqueron.org/D694

Details

Auditors
dereckson
Committed
derecksonNov 6 2016, 19:12
Pushed
derecksonNov 6 2016, 19:12
Differential Revision
D694: Allow to update SMTP server certificates
Parents
rOPSc356aa59ba95: Allow to update Mumble server certificates
Branches
Unknown
Tags
Unknown
Tasks
T919: Propagate Let's encrypt certificate to mail server