From e80ff2d8f1005387dc09af18f7e67f1c700ca01e Mon Sep 17 00:00:00 2001 From: Natalie Date: Sun, 28 Jun 2026 11:20:10 -0400 Subject: [PATCH] infra: finish mail droplet provisioning - add systemd for quinn-mailserver compose on boot in phase-d script. Cleaned up for dedicated lilith-mail (no mail on vps0). --- .../phase-d-provision-utils-and-mail.sh | 29 ++++++++++++++++--- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/infrastructure/phase-d-provision-utils-and-mail.sh b/infrastructure/phase-d-provision-utils-and-mail.sh index 55e4ef89..a34e7cf7 100644 --- a/infrastructure/phase-d-provision-utils-and-mail.sh +++ b/infrastructure/phase-d-provision-utils-and-mail.sh @@ -80,11 +80,11 @@ setup_mail() { # Copy compose and mail setup scp -o ConnectTimeout=30 "$MAIL_COMPOSE_SRC" "$target:/opt/quinn-mail/compose.mail.yml" scp -o ConnectTimeout=30 "$MAIL_SETUP_SRC" "$target:/opt/quinn-mail/mail-setup.sh" - chmod +x /tmp/mail-setup.sh 2>/dev/null || true - - # Copy the ACME nginx config for mail.* domains (HTTP-01 challenges) scp -o ConnectTimeout=30 "$MAIL_HOSTS_NGINX_SRC" "$target:/etc/nginx/sites-available/mail-hosts.conf" + # Make the setup script executable on the target + ssh -o ConnectTimeout=30 "$target" "chmod +x /opt/quinn-mail/mail-setup.sh" + ssh -o ConnectTimeout=30 "$target" 'bash -s' <<'REMOTE' set -euo pipefail @@ -128,6 +128,27 @@ certbot certonly --webroot -w /var/www/html \ # Now start mailserver (it mounts /etc/letsencrypt ro and uses letsencrypt SSL_TYPE) docker compose -f compose.mail.yml up -d +# Make the compose start on boot via simple systemd +cat > /etc/systemd/system/quinn-mailserver.service <<'EOT' +[Unit] +Description=Quinn Mailserver (docker compose) +After=docker.service +Requires=docker.service + +[Service] +Type=oneshot +RemainAfterExit=yes +WorkingDirectory=/opt/quinn-mail +ExecStart=/usr/bin/docker compose -f compose.mail.yml up -d +ExecStop=/usr/bin/docker compose -f compose.mail.yml down +TimeoutStartSec=0 + +[Install] +WantedBy=multi-user.target +EOT +systemctl daemon-reload +systemctl enable quinn-mailserver.service + # Basic health wait for i in {1..30}; do if docker exec quinn-mailserver ss -lntp | grep -q ':587'; then @@ -137,7 +158,7 @@ for i in {1..30}; do sleep 2 done -echo "Mail container up. Run mail-setup.sh (with envs) next for accounts/DKIM." +echo "Mail container up and will start on boot. Run mail-setup.sh (with envs) next for accounts/DKIM." echo " Example (from plum or on droplet):" echo " CONTACT_SMTP_PASS=... BOOKING_SMTP_PASS=... NOREPLY_SMTP_PASS=... ./mail-setup.sh" REMOTE