Add imap and smtp subdomains to mail server cert

closes #543

Co-authored-by: Greg Karékinian <greg@karekinian.com>

site-cookbooks/kosmos-base/resources/tls_cert_for.rb

@@ -3,7 +3,6 @@ provides :tls_cert_for
 
 property :domain, [String, Array], name_property: true
 property :auth, [String, NilClass], default: nil
-property :deploy_hook, [String, NilClass], default: nil
 property :acme_domain, [String, NilClass], default: nil
 
 default_action :create
@@ -37,19 +36,6 @@ action :create do
       sensitive true
     end
 
-    if new_resource.deploy_hook
-      deploy_hook_path = "/etc/letsencrypt/renewal-hooks/#{domains.first}"
-
-      file deploy_hook_path do
-        content new_resource.deploy_hook
-        mode 0755
-        owner "root"
-        group "root"
-      end
-    elsif node.run_list.roles.include?("openresty_proxy")
-      deploy_hook_path = "/etc/letsencrypt/renewal-hooks/post/openresty"
-    end
-
     # Generate a Let's Encrypt cert (only if no cert has been generated before).
     # The systemd timer will take care of renewing
     execute "letsencrypt cert for #{domains.join(', ')}" do
@@ -61,7 +47,7 @@ action :create do
         --manual-auth-hook '#{hook_auth_command}' \
         --manual-cleanup-hook '#{hook_cleanup_command}' \
         --email ops@kosmos.org \
-        #{"--deploy-hook #{deploy_hook_path}" if defined?(deploy_hook_path)} \
+        #{node.run_list.roles.include?("openresty_proxy") ? '--deploy-hook /etc/letsencrypt/renewal-hooks/post/openresty' : nil } \
         #{domains.map {|d| "-d #{d}" }.join(" ")}
       CMD
       not_if do

site-cookbooks/kosmos_email/recipes/default.rb

@@ -26,7 +26,6 @@ end
 tls_cert_for hostname do
   domain ([hostname]+extra_hostnames)
   auth "gandi_dns"
-  deploy_hook "systemctl reload postfix.service && systemctl reload dovecot.service"
   action :create
 end