AFPy/infra
AFPy
/
infra
9
0
Fork 2
Code Issues 5 Pull Requests Projects Releases Wiki Activity

hello mailman3

This commit is contained in:
Julien Palard 2020-07-08 23:45:50 +02:00
parent 6e5436aea5
commit d798b16b00
9 changed files with 211 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -22,6 +22,14 @@ Puis pour jouer les *playbooks* :
- Pour configurer Passbolt : `ansible-playbook passbolt.yml`
(attention voir [#15](https://github.com/laxathom/ansible-role-passbolt/issues/15)).
## TODO
### Mailman 3
Mailman 3 est installé sur https://mm3.afpy.org, Julien a un compte
super user, vous pouvez en demander un aussi. le mailman peut envoyer
des mails via exim4, mais pour le moment aucune mailing list.
## Faire, ne pas faire

14
afpy.org.yml
View File

@ -44,13 +44,23 @@
server_name www.afpy.org afpy.org;
access_log /var/log/nginx/afpy.org-access.log;
error_log /var/log/nginx/afpy.org-error.log;
return 301 https://$host$request_uri;
return 301 https://www.afpy.org$request_uri;
}
server
{
listen 443 ssl;
server_name www.afpy.org afpy.org;
server_name afpy.org;
access_log /var/log/nginx/afpy.org-access.log;
error_log /var/log/nginx/afpy.org-error.log;
include snippets/letsencrypt-afpy.org.conf;
return 301 https://www.afpy.org$request_uri;
}
server
{
listen 443 ssl;
server_name www.afpy.org;
access_log /var/log/nginx/afpy.org-access.log;
error_log /var/log/nginx/afpy.org-error.log;
root /var/www/afpy.org/;

3
inventory
View File

@ -15,3 +15,6 @@ deb.afpy.org
[afpyros]
deb.afpy.org
[mailmans]
deb.afpy.org

10
mm3.yml Normal file
View File

@ -0,0 +1,10 @@
---
- hosts: mailmans
tasks:
- name: Basic setup
include_role: name=common
- name: Mailman setup
tags: always
include_role: name=mailman

120
roles/mailman/tasks/main.yml Normal file
View File

@ -0,0 +1,120 @@
---
- block:
- name: Install mailman
apt:
state: present
name: [mailman3-full, nginx, python3-psycopg2]
- name: Create mm3 nginx log directory
file:
path: /var/log/nginx/mailman3
owner: www-data
group: adm
state: directory
- name: Create mailman3 postgres user
become: true
become_user: postgres
postgresql_user:
user: list
- name: Create mailman3 postgres db
become: true
become_user: postgres
postgresql_db:
name: mailman3
owner: list
- name: Configure mailman to connect via unix socket
lineinfile:
path: /etc/mailman3/mailman.cfg
line: 'url: postgres://list@/mailman3'
regex: '^url: postgres://'
- name: Configure mailman siteowner
lineinfile:
path: /etc/mailman3/mailman.cfg
line: 'site_owner: julien@palard.fr'
regex: '^site_owner:'
- name: Configure mailman language
lineinfile:
path: /etc/mailman3/mailman.cfg
line: 'default_language: fr'
regex: '^default_language:'
- name: Configure mailman to use exim4 LMTP
lineinfile:
path: /etc/mailman3/mailman.cfg
line: 'incoming: mailman.mta.exim4.LMTP'
regex: '^incoming: mailman.mta'
- name: Configure mailman to use exim4
lineinfile:
path: /etc/mailman3/mailman.cfg
line: 'configuration: python:mailman.config.exim4'
regex: 'configuration: python:mailman.config.'
- name: Configure exim4 macros
template:
src: 25_mm3_macros.j2
dest: /etc/exim4/conf.d/main/25_mm3_macros
- name: Configure exim4 router
template:
src: 455_mm3_router.j2
dest: /etc/exim4/conf.d/router/455_mm3_router
- name: Configure exim4 transport
template:
src: 55_mm3_transport.j2
dest: /etc/exim4/conf.d/transport/55_mm3_transport
- name: Configure nginx
include_role: name=julienpalard.nginx
vars:
nginx_domain: mm3.afpy.org
nginx_certificates: [mm3.afpy.org]
nginx_owner: mm3
nginx_conf: |
upstream mailman3 {
server unix:/run/mailman3-web/uwsgi.sock fail_timeout=0;
}
server {
listen 80;
server_name mm3.afpy.org;
server_tokens off;
return 301 https://$server_name$request_uri;
access_log /var/log/nginx/mailman3/access.log combined;
error_log /var/log/nginx/mailman3/error.log;
}
server {
listen 443 ssl;
server_name mm3.afpy.org;
server_tokens off;
include snippets/letsencrypt-mm3.afpy.org.conf;
location / {
uwsgi_pass mailman3;
include /etc/nginx/uwsgi_params;
}
location /mailman3/static {
alias /var/lib/mailman3/web/static;
}
location /mailman3/static/favicon.ico {
alias /var/lib/mailman3/web/static/postorius/img/favicon.ico;
}
access_log /var/log/nginx/mailman3/access.log combined;
error_log /var/log/nginx/mailman3/error.log;
}
tags: mailman

18
roles/mailman/templates/25_mm3_macros.j2 Normal file
View File

@ -0,0 +1,18 @@
# The colon-separated list of domains served by Mailman.
domainlist mm_domains=lists.afpy.org
MM3_LMTP_PORT=8024
# MM3_HOME must be set to mailman's var directory, wherever it is
# according to your installation.
MM3_HOME=/opt/mailman/var
MM3_UID=list
MM3_GID=list
################################################################
# The configuration below is boilerplate:
# you should not need to change it.
# The path to the list receipt (used as the required file when
# matching list addresses)
MM3_LISTCHK=MM3_HOME/lists/${local_part}.${domain}

21
roles/mailman/templates/455_mm3_router Normal file
View File

@ -0,0 +1,21 @@
mailman3_router:
driver = accept
domains = +mm_domains
require_files = MM3_LISTCHK
local_part_suffix_optional
local_part_suffix = \
-bounces : -bounces+* : \
-confirm : -confirm+* : \
-join : -leave : \
-owner : -request : \
-subscribe : -unsubscribe
transport = mailman3_transport
# /etc/exim4/conf.d/transport/55_mm3_transport
mailman3_transport:
driver = smtp
protocol = lmtp
allow_localhost
hosts = localhost
port = MM3_LMTP_PORT
rcpt_include_affixes = true

12
roles/mailman/templates/455_mm3_router.j2 Normal file
View File

@ -0,0 +1,12 @@
mailman3_router:
driver = accept
domains = +mm_domains
require_files = MM3_LISTCHK
local_part_suffix_optional
local_part_suffix = \
-bounces : -bounces+* : \
-confirm : -confirm+* : \
-join : -leave : \
-owner : -request : \
-subscribe : -unsubscribe
transport = mailman3_transport

7
roles/mailman/templates/55_mm3_transport.j2 Normal file
View File

@ -0,0 +1,7 @@
mailman3_transport:
driver = smtp
protocol = lmtp
allow_localhost
hosts = localhost
port = MM3_LMTP_PORT
rcpt_include_affixes = true