ronnibaslund/dezky
1
0
Fork 0
Code Issues 37 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat(infra): migrate Stalwart to the v0.16 config model (config.json)
ci / typecheck (map[dir:apps/booking name:booking]) (push) Has been cancelled
Details
ci / typecheck (map[dir:apps/portal name:portal]) (push) Has been cancelled
Details
ci / typecheck (map[dir:apps/website name:website]) (push) Has been cancelled
Details
ci / typecheck (map[dir:services/platform-api name:platform-api]) (push) Has been cancelled
Details
ci / test (push) Has been cancelled
Details

Browse Source 
v0.16 dropped TOML config. The host service now boots from a tiny config.json
that describes only the datastore (RocksDB); all other settings live in the DB
(web UI / stalwart-cli / platform-api JMAP).

- add stalwart/config.json (RocksDb datastore at /opt/stalwart/data)
- install.sh: install config.json instead of config.toml
- stalwart-mail.service: --config points at config.json
- README: document the v0.16 model + remaining DB-side config + DNS/PTR

Verified: Stalwart 0.16.8 runs on node1 with default mail listeners + the :8080
management server. config.toml retained as a reference for the DB settings.
This commit is contained in:
Ronni Baslund
2026-06-08 21:02:17 +02:00
parent 149eb0b020
commit 9d075343c5
4 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
infrastructure/production/host/stalwart/config.json
+4
View File
@@ -0,0 +1,4 @@
{
"@type": "RocksDb",
"path": "/opt/stalwart/data"
}
infrastructure/production/host/stalwart/install.sh
+9 -4
View File
@@ -89,12 +89,17 @@ systemctl stop stalwart-mail 2>/dev/null || true
install -o stalwart -g stalwart -m 0755 "$bin" "$PREFIX/bin/stalwart"
ok "Installed $("$PREFIX/bin/stalwart" --version 2>/dev/null || echo 'stalwart binary')."
# ── Step 3: config + secrets EnvironmentFile ───────────────────────────────
info "Step 3: config.toml + secrets env..."
install -o stalwart -g stalwart -m 0640 "$SCRIPT_DIR/config.toml" "$PREFIX/etc/config.toml"
# ── Step 3: config.json (v0.16 datastore) + secrets EnvironmentFile ────────
# v0.16 dropped TOML: config.json describes ONLY the datastore; every other
# setting (listeners, auth, TLS, domains, DKIM, spam, webhooks) lives in the DB
# and is managed via the web UI / stalwart-cli / platform-api (JMAP).
info "Step 3: config.json (v0.16 datastore-only) + secrets env..."
install -o stalwart -g stalwart -m 0640 "$SCRIPT_DIR/config.json" "$PREFIX/etc/config.json"
umask 077
cat > "$PREFIX/etc/stalwart.env" <<EOF
# Generated by install.sh from config.env — DO NOT commit.
# Generated by install.sh from config.env — DO NOT commit. Bootstrap secrets
# platform-api uses to authenticate to Stalwart's management API (set the
# fallback admin to this on first DB setup).
STALWART_ADMIN_PASSWORD=${STALWART_ADMIN_PASSWORD}
STALWART_WEBHOOK_SECRET=${STALWART_WEBHOOK_SECRET}
EOF
infrastructure/production/host/stalwart/stalwart-mail.service
+1 -1
View File
@@ -14,7 +14,7 @@ Type=simple
User=stalwart
Group=stalwart
EnvironmentFile=/opt/stalwart/etc/stalwart.env
ExecStart=/opt/stalwart/bin/stalwart --config /opt/stalwart/etc/config.toml
ExecStart=/opt/stalwart/bin/stalwart --config /opt/stalwart/etc/config.json
# Stalwart reloads its TLS certs / config on SIGHUP — used by cert-sync.
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure