Previously `wait` could be defined in the user's config file, but in the
new release it appears to only be supported as a flag, so we have to
override the systemd service.
When this role was created, Ansible did not support systemd user units,
so we setup mailsync as a system service and timer running as the user.
The only practical difference in moving to a user service is that the
user can control the service without sudo, but we might as well.
Existing users should first stop, disable, and remove the old system timer and
service:
$ sudo systemctl stop mailsync@$USER.timer
$ sudo systemctl disable mailsync@$USER.timer
$ sudo rm /etc/systemd/system/mailsync@.*
If the system timer is present in the trusted unit file, remove it.
Firejail won't run jails inside of other firejails, which means that if
I jail Mutt I can't use firewarden in my mailcap to open attachments.
Mutt doesn't do a whole lot itself, and even when it is jailed, my mail
is synced outside of the Mutt jail via the systemd timer. So I think I'd
rather be able to use firewaden in my mailcap.
Netcat (and ping) are not available in the mutt jail, so calling msmtpq
(from mailsync.sh) from within that jail throws an error. But
mailsync.sh does its own connectivity testing, so we don't actually need
this!
When offline, mail will still be queued. When online, mail will still be
sent.
Previously, services would be killed anytime an interface was
deactivated, even if another interface was still connected to a trusted
network. Now we check all active connections against the trusted list
and take the appropriate action.
It's also more modular, and allows the user to more easily
activate/deactive services directly without stopping/starting networking
if for some reason the dispatcher didn't run correctly.
