mirror/ infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-05-11 18:16:23 +02:00
Code Issues

Kill the mailman2 server and put the mailman3 server in its place 

With the final lists migrated to mailman3[1], the mailman2 server can
finally be killed.

When the mailman3 server was initially setup[2], it was done on a
separate server because the mailman and mailman3 packages conflicted,
and the traffic was routed over wireguard (HTTP, LMTP and SMTP).

Instead of installing mailman3 on the original lists.al.org server and
transferring the data, it was easier just to install the missing pieces
(basically Postfix and adjusting the Nginx configuration) on the ml3
server and move the IPs (to keep the IP mail reputation).

So basically the following was done:
- The IPs for the original lists.al.org was moved to the mailman3.al.org
  server
- The mailman2 datadir was transferred to mailman3.al.org server, so we
  can keep the pipermail links alive, and import missing mails if needed
- The original lists.al.org server was decommissioned
- The mailman3.al.org server was renamed to lists.al.org
- The missing pieces was added to the mailman3 role (basically Postfix +
  Nginx adjustments)
- The mailman role was deleted and the mailman3 role renamed to mailman

[1] 75ac7d09 ("mailman: Fourth and final batch of mailman3 migrated lists")
[2] 9294828f ("Setup mailman3 server")

Fix #59
This commit is contained in:
Kristian Klausen 2022-09-16 18:56:44 +02:00
parent 3c15270927
commit 893a95f329
No known key found for this signature in database
GPG Key ID: E2BE346E410366C3
32 changed files with 261 additions and 870 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/servers.md
View File

@ -157,14 +157,6 @@ Prometheus, and Grafana server which receives selected performance/metrics from
Online collborative markdwown editor for Arch Linux Staff.
## mailman3.archlinux.org
This server runs mailman3 as mailman2 and mailman3 can't be installed on the same server. The HTTP and LMTP traffic is routed over WireGuard from lists.archlinux.org.
### Services
- mailman3
### Services
- [hedgedoc](https://hedgedoc.org/)

27
docs/ssh-hostkeys.txt
View File

@ -164,15 +164,15 @@
3072 MD5:50:c8:93:43:05:d5:73:a4:84:b1:07:66:a7:20:a5:79 root@archlinux-packer (RSA)
# lists.archlinux.org
1024 SHA256:/o3BhNZ6MdfHXrqDzVxP5OgKcTmo1/e2v80Xb+Q2ypc root@archlinux-packer (DSA)
256 SHA256:Xe+YrG+IfhtQkNft+SB7UsTQCIgbqNnqMl/Pqs6uzBE root@archlinux-packer (ECDSA)
256 SHA256:fAKD+26rDZ74MOMWZI8L3k2c7RzTYd69+iwKp4zhw8c root@archlinux-packer (ED25519)
3072 SHA256:NyspEiVRnuRtL854ErcdybtjoBia+miQkpuToYZEl78 root@archlinux-packer (RSA)
1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA)
256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA)
256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519)
3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA)
1024 MD5:fb:bb:0e:a8:0c:5c:41:5a:b1:d9:61:4d:e5:c3:bf:b1 root@archlinux-packer (DSA)
256 MD5:56:43:80:27:a7:4e:4c:1f:a4:14:dd:d1:eb:37:13:a9 root@archlinux-packer (ECDSA)
256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519)
3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA)
1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA)
256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA)
256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519)
3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA)
# mail.archlinux.org
1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA)
@ -185,17 +185,6 @@
256 MD5:dd:20:c1:f1:f2:fa:70:86:3a:e2:39:86:b1:01:2f:61 root@archlinux-packer (ED25519)
3072 MD5:b6:14:30:bd:fe:43:46:6a:20:a2:8b:b0:aa:d4:35:19 root@archlinux-packer (RSA)
# mailman3.archlinux.org
1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA)
256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA)
256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519)
3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA)
1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA)
256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA)
256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519)
3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA)
# man.archlinux.org
1024 SHA256:11C7Qa1GSNBBspSlber3Sp+LEMRpfr/VWkypfu6OnhA root@archlinux-packer (DSA)
256 SHA256:fL79NVaEiwXGfUhTXWLkue/D1seSADYbui+jwQ2dvW0 root@archlinux-packer (ECDSA)

11
docs/ssh-known_hosts.txt
View File

@ -86,20 +86,15 @@ homedir.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxEHvFCXujU6s4eW0U79o
homedir.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDuQbGoCSIPisaZeqtJhM369ugQWc8pHE8404AZu0yUgDxMl6AP5BUfdynlR6VGt4edSaEyp9BkT15YaKh5vph/9MUtZ2zbQ7WPRuvfLNG+RI458q4CYdykVMmTs1DEeAxaVMIAL3225pqh7QMcME0edX9f4PLLkQk8+AAAy24rvgwxLE0BnSLB3zp7wCJw5rm2iZAcqsKkIZw2FJKMlRuEovdvgc7A0FfkSc8muvvHET1FK/Uqv5i9R2Xk3NPFkt/bzcwOVBXCeqUrjLmD0UhRWX8J8GMmrEVPVQLBT6mn/OtlXpOiDcr9HkSLS1mqo59N9wyI4tCKjYQZMEWU36PYjXlDzqOGmdAR6Ly8vDo3BC+ByQqLf/ixkoFD/I5inGejPnAv9eXuiP8o0KoPDOALD8gqwqCoPjElE9ZVObp+NJbuQeXRZt70VKxZEWrUKxKxHM3RoYvgd3h/GHaYEGWdbvTMTVK+xnrczL+Eme4Y81zA8KTwY5qbyc5QCHvksKM=
# lists.archlinux.org
lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKBHMlX50Jr2HiVJ/qDSH3mAjobpbBrGvBRXTKB/xXFBiVXCbJQCQ9HKXQZunLALaIm+jAgpskbXqLQMEpWzST8=
lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1
lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU=
lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY=
lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1
lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c=
# mail.archlinux.org
mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s=
mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H
mail.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPrURadxte8UJiteGa6+Q+OjTAjhvGAQFkNSXj1pr4k03uxkU6l2v2LuTygk+4SZSCyUsKvNx/ljJeHBnuecQ8rRv19ZFqy/GQKB3oEmiNYMo2dYYlJWwTVBHatmghhB1j2y40yqdKWH2xQuXC3HtnS7fHG0g1Rc4R9KB4MQlcXkwnSEMpwpWBoO7sr0M4YTdwE+nSG9aNfyPbPGp3mX4ATz5X5hPJOlSFVDV6NuKrA+5qyt4jSKdeG5IuWeEnEJesYJEvShYdY9DvMCXnZykB0emzzk+5+Cp2lTPf9LOO3wNsTgHV/CwkoAoMgr9+ASefhBr3nxmmrs9T7nwuobGCGFUqQ2D8IKCmsWGVKXYERViz3x/gYUIlHgVJpoIXCFFqbdpWwxKR1aDMug2fFe699/FzuPdqrWPFdQMF2mPQ0w3AH/62KGp+PULE2HxrlCiY/gF2m8iJLgunxVKmi/c0ufgK9QilnKcPO+W4tcISa5MYt7MSTTLV9eVsgVjGhOU=
# mailman3.archlinux.org
mailman3.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY=
mailman3.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1
mailman3.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c=
# man.archlinux.org
man.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPhnsStoFw6rbVpE1S1vsXNk8de1SyMag1C+v0DWVSuNYzTylYg4322WbYzw45z2XhxrF6XmCSDMvgxvFwnfLQA=
man.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzjkN+igIxSIv5N9+ANNoo6knPa51Tj5TAXs4EQ8lY2

1
group_vars/all/root_access.yml
View File

@ -26,7 +26,6 @@ root_ssh_keys:
- dashboards.archlinux.org
- gitlab.archlinux.org
- lists.archlinux.org
- mailman3.archlinux.org
- monitoring.archlinux.org
# - run 'playbooks/tasks/reencrypt-vault-{super,default}-key.yml' when this

33
group_vars/all/vault_mailman.yml
View File

@ -1,9 +1,26 @@
$ANSIBLE_VAULT;1.1;AES256
38306134633332383131393237386134643236316136333335313130663639373434643434303734
6530323361333765393633616338333830346634363835350a363933363736393935333833313461
66336437366666316366326566313837653934333732336532393264343663643861633639636566
3330353837636631320a303533653661623866383230353563366166653232316635353631613836
39306531623538656335643031623361633465366138356263663630386362626630336262303865
31306465323730316633316534333663313565336634346164363331353962366239663035366139
33636139666262663962396236396337666336663835633865373966386534393064323333326164
35643530656134643565
63633533303232373335663630346139613137616132393738383265663337636565663935386365
3262636536383962333438653033323061306433323232610a623836643732616163383364316639
37626134643334383432346465343734353566663261643334396563336132666133666431313563
6365643566626635360a616139393131346566666266653737303562663664656231643836373038
37316436643133333261313963356435353938393032313935353939613962303733623934313965
64356635626561376130336134656436386638306538373635313638393932313337316636343533
32666138613765326332373335366634313530656162383162633861666365333230303132346263
63613031643230356361383638386230613231626135663763373630666362623536663165356335
33333033376332653130626262633563336238383931393636346339333963326330373431363931
61383733626363316539653638373562616335366363306365353166666335383037633830636263
37313663636139666131623435383833313434396665663162623934646330626362346237363331
65323537383536333763646431623061646337613761363861373261343638653235333038663239
34636662663763363832643061313035316437633965346332363432653562613865623261613235
61303239626136303736356533373739343566313464343931383962633232313263383230336438
32653534623739616436346539616336373562376632303833323230643465666262303263383334
64623362363863393866666461396237613934656239653262316438633338313036303436313236
61623562376139616539646231376438636234656363666639646465663035326161346435396439
63613839396163616135313537626535393039623866646431333239383263313931386131303464
36353837303662343530663561363036633864346131343731643535386462316663353233636638
36323134643230376239326637656537633337323333616630313531653239366263386238363333
32336538613635613964366562383165616433363738623638393364363233636262643131653532
62326363356333333563383139323366363462613031303566376365643439373163613166333339
38353266616463396139336663353536336631666565656630396431363439333034653336316234
61663232383136353937336431353131323933613462666233663464656166356161613039316436
3136

26
group_vars/all/vault_mailman3.yml
View File

@ -1,26 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
63633533303232373335663630346139613137616132393738383265663337636565663935386365
3262636536383962333438653033323061306433323232610a623836643732616163383364316639
37626134643334383432346465343734353566663261643334396563336132666133666431313563
6365643566626635360a616139393131346566666266653737303562663664656231643836373038
37316436643133333261313963356435353938393032313935353939613962303733623934313965
64356635626561376130336134656436386638306538373635313638393932313337316636343533
32666138613765326332373335366634313530656162383162633861666365333230303132346263
63613031643230356361383638386230613231626135663763373630666362623536663165356335
33333033376332653130626262633563336238383931393636346339333963326330373431363931
61383733626363316539653638373562616335366363306365353166666335383037633830636263
37313663636139666131623435383833313434396665663162623934646330626362346237363331
65323537383536333763646431623061646337613761363861373261343638653235333038663239
34636662663763363832643061313035316437633965346332363432653562613865623261613235
61303239626136303736356533373739343566313464343931383962633232313263383230336438
32653534623739616436346539616336373562376632303833323230643465666262303263383334
64623362363863393866666461396237613934656239653262316438633338313036303436313236
61623562376139616539646231376438636234656363666639646465663035326161346435396439
63613839396163616135313537626535393039623866646431333239383263313931386131303464
36353837303662343530663561363036633864346131343731643535386462316663353233636638
36323134643230376239326637656537633337323333616630313531653239366263386238363333
32336538613635613964366562383165616433363738623638393364363233636262643131653532
62326363356333333563383139323366363462613031303566376365643439373163613166333339
38353266616463396139336663353536336631666565656630396431363439333034653336316234
61663232383136353937336431353131323933613462666233663464656166356161613039316436
3136

4
host_vars/mailman3.archlinux.org/misc
View File

@ -1,4 +0,0 @@
filesystem: btrfs
ipv4_address: 65.21.106.94
wireguard_address: 10.0.0.37
wireguard_public_key: obBFreFGNDLB17+PaJspE4qNeVX4o7ZPcJj3ZmJhahg=

9
host_vars/mailman3.archlinux.org/vault_wireguard.yml
View File

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
32363065633737653663623334663139323638366462343630623765396636353932653932356261
6239356162633731656330383436363861376231616462390a356432316532333632653839333230
63636434373462643231323532633362363434646230323636333264393032373632343932616361
6536383038313134300a363139313337646533626334333666326535623039323332666338306532
33643430313864663833343765623138393165386564343636306363626232666436353665353235
34623064363764336139633334663530376332633536383033313438613035303662333435313536
34366663643130633064646161613065373532653235373730316439643165383635353761396639
61656462333035666437

2
hosts
View File

@ -51,7 +51,6 @@ security.archlinux.org
md.archlinux.org
lists.archlinux.org
gluebuddy.archlinux.org
mailman3.archlinux.org
[public_html]
homedir.archlinux.org
@ -138,7 +137,6 @@ gluebuddy.archlinux.org
homedir.archlinux.org
lists.archlinux.org
mail.archlinux.org
mailman3.archlinux.org
man.archlinux.org
matrix.archlinux.org
md.archlinux.org

3
playbooks/lists.archlinux.org.yml
View File

@ -8,7 +8,7 @@
- { role: sshd }
- { role: root_ssh }
- { role: hardening }
- { role: borg_client, tags: ["borg"], when: "'borg_clients' in group_names" }
- { role: borg_client, tags: ["borg"] }
- { role: prometheus_exporters }
- { role: promtail }
- { role: certbot }
@ -17,4 +17,5 @@
- { role: rspamd, rspamd_dkim_domain: lists.archlinux.org, rspamd_dkim_use_esld: false, tags: ["mail"] }
- { role: unbound, unbound_port: 5353, tags: ["mail"] }
- { role: uwsgi }
- { role: postgres }
- { role: mailman }

17
playbooks/mailman3.archlinux.org.yml
View File

@ -1,17 +0,0 @@
- name: Setup mailman3 server
hosts: mailman3.archlinux.org
remote_user: root
roles:
- { role: common }
- { role: firewalld }
- { role: wireguard }
- { role: sshd }
- { role: root_ssh }
- { role: hardening }
- { role: borg_client, tags: ["borg"] }
- { role: prometheus_exporters }
- { role: promtail }
- { role: nginx, nginx_firewall_zone: wireguard }
- { role: uwsgi }
- { role: postgres }
- { role: mailman3 }

134
roles/mailman/defaults/main.yml
View File

File diff suppressed because one or more lines are too long

0
roles/mailman3/files/list_base_configuration.json → roles/mailman/files/list_base_configuration.json
View File

10
roles/mailman/files/mailman.ini
View File

@ -1,10 +0,0 @@
[uwsgi]
plugins = cgi
socket = /run/uwsgi/%n.sock
chmod-socket = 770
threads = 2
cgi = /=/usr/lib/mailman/cgi-bin/
cgi-index = listinfo
uid = mailman
gid = http

25
roles/mailman/files/migrated-lists.map
View File

@ -1,25 +0,0 @@
/listinfo/arch-announce /mailman3/lists/arch-announce@lists.archlinux.org/;
/listinfo/arch-commits /mailman3/lists/arch-commits@lists.archlinux.org/;
/listinfo/arch-dev /mailman3/lists/arch-dev@lists.archlinux.org/;
/listinfo/arch-dev-public /mailman3/lists/arch-dev-public@lists.archlinux.org/;
/listinfo/arch-devops /mailman3/lists/arch-devops@lists.archlinux.org/;
/listinfo/arch-devops-private /mailman3/lists/arch-devops-private@lists.archlinux.org/;
/listinfo/arch-events /mailman3/lists/arch-events@lists.archlinux.org/;
/listinfo/arch-general /mailman3/lists/arch-general@lists.archlinux.org/;
/listinfo/arch-mirrors /mailman3/lists/arch-mirrors@lists.archlinux.org/;
/listinfo/arch-mirrors-announce /mailman3/lists/arch-mirrors-announce@lists.archlinux.org/;
/listinfo/arch-multilib /mailman3/lists/arch-multilib@lists.archlinux.org/;
/listinfo/arch-ports /mailman3/lists/arch-ports@lists.archlinux.org/;
/listinfo/arch-proaudio /mailman3/lists/arch-proaudio@lists.archlinux.org/;
/listinfo/arch-projects /mailman3/lists/arch-projects@lists.archlinux.org/;
/listinfo/arch-releng /mailman3/lists/arch-releng@lists.archlinux.org/;
/listinfo/arch-security /mailman3/lists/arch-security@lists.archlinux.org/;
/listinfo/arch-tu /mailman3/lists/arch-tu@lists.archlinux.org/;
/listinfo/arch-wiki-admins /mailman3/lists/arch-wiki-admins@lists.archlinux.org/;
/listinfo/arch-women /mailman3/lists/arch-women@lists.archlinux.org/;
/listinfo/aur-dev /mailman3/lists/aur-dev@lists.archlinux.org/;
/listinfo/aur-general /mailman3/lists/aur-general@lists.archlinux.org/;
/listinfo/aur-requests /mailman3/lists/aur-requests@lists.archlinux.org/;
/listinfo/pacman-contrib /mailman3/lists/pacman-contrib@lists.archlinux.org/;
/listinfo/pacman-dev /mailman3/lists/pacman-dev@lists.archlinux.org/;
/listinfo/staff /mailman3/lists/staff@lists.archlinux.org/;

2
roles/mailman/files/override.conf
View File

@ -1,2 +0,0 @@
[Service]
Restart=always

9
roles/mailman/handlers/main.yml
View File

@ -1,8 +1,8 @@
- name: Restart mailman
service: name=mailman daemon_reload=yes state=restarted
- name: Reload mailman
service: name=mailman state=reloaded
service: name=mailman3 state=reloaded
- name: Restart mailman-web
service: name=uwsgi@mailman\\x2dweb.service state=restarted
- name: Reload postfix
service: name=postfix state=reloaded
@ -11,4 +11,3 @@
command: postmap /etc/postfix/{{ item }}
loop:
- aliases
- transport

102
roles/mailman/tasks/main.yml
View File

@ -4,12 +4,19 @@
vars:
domains: ["{{ lists_domain }}"]
- name: Install mailman, uwsgi-plugin-cgi and postfx
pacman: name=mailman,uwsgi-plugin-cgi,postfix,postfix-pcre state=present
- name: Install mailman3 and related packages
pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python,postfix,postfix-pcre state=present
register: install
- name: Install mailman configuration
template: src=mm_cfg.py.j2 dest=/etc/mailman/mm_cfg.py follow=yes owner=root group=root mode=0644
notify: Reload mailman
- name: Install {mailman,mailman-web} configuration
template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
loop:
- {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
- {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
- {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
notify:
- Reload mailman
- Restart mailman-web
- name: Install postfix configuration
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0644
@ -22,59 +29,66 @@
- milter_header_checks
notify: Run postmap
- name: Install postfix templated maps
template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
loop:
- transport
notify: Run postmap
- name: Open firewall holes for postfix
ansible.posix.firewalld: service=smtp zone={{ item }} permanent=true state=enabled immediate=yes
loop:
-
- wireguard
when: configure_firewall
ansible.posix.firewalld: service=smtp permanent=true state=enabled immediate=yes
tags:
- firewall
- name: Create mailman list
command: /usr/lib/mailman/bin/newlist -a mailman root@{{ lists_domain }} meG0n5Wq6dEWCA6s
args:
creates: /var/lib/mailman/lists/mailman
- name: Configure mailman uwsgi service
copy: src=mailman.ini dest=/etc/uwsgi/vassals/ owner=mailman group=http mode=0644
- name: Make nginx log dir
file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755
- name: Install nginx mailman2->mailman3 redirect map
copy: src=migrated-lists.map dest=/etc/nginx/maps/ owner=root group=root mode=0644
notify: Reload nginx
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
notify: Reload nginx
tags: ['nginx']
- name: Create postgres {mailman,mailman-web} user
postgresql_user: name={{ item.username }} password={{ item.password }}
loop:
- {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
- {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
become: true
become_user: postgres
become_method: su
no_log: true
- name: Create {mailman,mailman-web} db
postgresql_db: name={{ item.db }} owner={{ item.owner }}
loop:
- {db: mailman, owner: "{{ vault_mailman_db_user }}"}
- {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
become: true
become_user: postgres
become_method: su
- name: Run Django management tasks
command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings
loop:
- migrate
- loaddata
- collectstatic
- compress
become: true
become_user: mailman-web
when: false
- name: Start and enable postfix
systemd: name=postfix.service enabled=yes daemon_reload=yes state=started
- name: Create drop-in directory for mailman.service
file: path=/etc/systemd/system/mailman.service.d state=directory owner=root group=root mode=0755
- name: Install drop-in for mailman.service
copy: src=override.conf dest=/etc/systemd/system/mailman.service.d/ owner=root group=root mode=0644
notify: Restart mailman
- name: Start and enable mailman{.service,-*.timer}
systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
loop:
- mailman.service
- mailman-senddigests.timer
- mailman-nightlygzip.timer
- mailman-mailpasswds.timer
- mailman-gatenews.timer
- mailman-disabled.timer
- mailman-cullbadshunt.timer
- mailman-checkdbs.timer
- mailman3.service
- mailman3-digests.timer
- mailman3-notify.timer
- uwsgi@mailman\x2dweb.service
- name: Update list configurations
uri:
url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
user: "{{ vault_mailman_admin_user }}"
password: "{{ vault_mailman_admin_pass }}"
method: PUT
body_format: json
status_code: 204
body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}"
loop: "{{ lists.keys() }}"

2
roles/mailman3/templates/mailman-hyperkitty.cfg.j2 → roles/mailman/templates/mailman-hyperkitty.cfg.j2
View File

@ -15,7 +15,7 @@
# better if it is not.
# However, if your Mailman installation is accessed via HTTPS, the URL needs
# to match your SSL certificate (e.g. https://lists.example.com/hyperkitty).
base_url: http://localhost/archives/
base_url: http://localhost:8000/archives/
# Shared API key, must be the identical to the value in HyperKitty's
# settings.

7
roles/mailman3/templates/mailman.cfg.j2 → roles/mailman/templates/mailman.cfg.j2
View File

@ -10,13 +10,6 @@ url: postgres://{{ vault_mailman_db_user }}:{{ vault_mailman_db_password }}@/mai
admin_user: {{ vault_mailman_admin_user }}
admin_pass: {{ vault_mailman_admin_pass }}
[mta]
configuration: /etc/postfix.cfg
lmtp_host: {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}
lmtp_port: 8024
smtp_host: {{ hostvars['lists.archlinux.org']['wireguard_address'] }}
smtp_port: 25
[archiver.hyperkitty]
class: mailman_hyperkitty.Archiver
enable: yes

7
roles/mailman/templates/main.cf.j2
View File

@ -22,7 +22,6 @@ mynetworks =
127.0.0.0/8
[::1]/128
[fe80::]/64
{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}
# fatal: configuration error: mailbox_size_limit is smaller than message_size_limit
message_size_limit = 104857600
@ -46,10 +45,10 @@ smtpd_reject_footer = For assistance contact <postmaster@archlinux.org>. Please
smtpd_milters = inet:localhost:11332
non_smtpd_milters = $smtpd_milters
alias_maps = hash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases
local_recipient_maps = hash:/etc/postfix/transport $alias_maps
alias_maps = hash:/etc/postfix/aliases
local_recipient_maps = hash:/var/lib/mailman/data/postfix_lmtp $alias_maps
alias_database = $alias_maps
transport_maps = hash:/etc/postfix/transport
transport_maps = hash:/var/lib/mailman/data/postfix_lmtp
milter_header_checks = pcre:/etc/postfix/milter_header_checks

79
roles/mailman/templates/mm_cfg.py.j2
View File

@ -1,79 +0,0 @@
# -*- python -*-
# Copyright (C) 1998-2018 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
"""This module contains your site-specific settings.
From a brand new distribution it should be copied to mm_cfg.py. If you
already have an mm_cfg.py, be careful to add in only the new settings you
want. Mailman's installation procedure will never overwrite your mm_cfg.py
file.
The complete set of distributed defaults, with documentation, are in the file
Defaults.py. In mm_cfg.py, override only those you want to change, after the
from Defaults import *
line (see below).
Note that these are just default settings; many can be overridden via the
administrator and user interfaces on a per-list or per-user basis.
Also note that many of these settings will not be effective until Mailman
is restarted. Thus, you should always restart Mailman after changing this
file.
Further, settings which relate to a list's host_name and web_page_url only
affect lists created after the change. For existing lists, see the FAQ at
<http://wiki.list.org/x/mIA9>.
"""
###############################################
# Here's where we get the distributed defaults.
from Defaults import *
##################################################
# Put YOUR site-specific settings below this line.
# Please see: http://wiki.list.org/x/mIA9 if you change this
DEFAULT_URL_HOST = '{{ lists_domain }}'
DEFAULT_EMAIL_HOST = '{{ lists_domain }}'
MTA = 'Postfix'
VIRTUAL_HOSTS.clear()
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['{{ lists_domain }}']
DEFAULT_URL_PATTERN = 'https://%s/'
PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s'
# bot protection
SUBSCRIBE_FORM_SECRET = '{{ vault_mailman_subscribe_form_secret }}'
VIRTUAL_HOST_OVERVIEW = Off
DEFAULT_SEND_REMINDERS = 0
PUBLIC_MBOX = Yes
DEFAULT_MSG_HEADER = ""
DEFAULT_MSG_FOOTER = ""
#DEFAULT_DMARC_MODERATION_ACTION = 1
REMOVE_DKIM_HEADERS = 1

55
roles/mailman/templates/nginx.d.conf.j2
View File

@ -1,3 +1,17 @@
# This is for POSTORIUS_TEMPLATE_BASE_URL and mailman_hyperkitty.Archiver's base_url.
server {
listen 8000;
listen [::]:8000;
server_name localhost;
access_log off;
location / {
include /etc/nginx/uwsgi_params;
uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
}
}
server {
listen 80;
listen [::]:80;
@ -15,10 +29,6 @@ server {
}
}
map $uri $migrated_uri {
include maps/migrated-lists.map;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
@ -32,41 +42,16 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ lists_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ lists_domain }}/chain.pem;
if ($migrated_uri) {
return 302 $migrated_uri;
location /static/ {
alias /var/lib/mailman-web/static/;
}
location = / {
return 302 /mailman3/lists/;
}
# redirect old urls
location /mailman/ {
rewrite ^/mailman/(.*) /$1 permanent;
}
location /icons/ {
alias /usr/lib/mailman/icons/;
}
location ~ ^/pipermail(?:/(.*))?$ {
alias /var/lib/mailman/archives/public/$1;
add_header Cache-Control "public, no-cache";
autoindex on;
location /pipermail/ {
alias /var/lib/mailman2/archives/public/;
}
location / {
root /usr/lib/mailman/cgi-bin/;
index listinfo;
include uwsgi_params;
uwsgi_modifier1 9;
uwsgi_pass unix:/run/uwsgi/mailman.sock;
}
location ~ ^/(static|mailman3|archives|user-profile|accounts|admin3)($|/) {
proxy_pass http://{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }};
proxy_set_header Host {{ lists_domain }};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
include /etc/nginx/uwsgi_params;
uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
}
}

4
roles/mailman3/templates/settings.py.j2 → roles/mailman/templates/settings.py.j2
View File

@ -38,14 +38,14 @@ MAILMAN_ARCHIVER_KEY = '{{ vault_mailman_archiver_key }}'
#: https://docs.djangoproject.com/en/3.2/topics/email/#smtp-backend
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = '{{ hostvars['lists.archlinux.org']['wireguard_address'] }}'
EMAIL_HOST = '127.0.0.1'
EMAIL_PORT = 25
#: Sender in Emails sent out by Postorius.
DEFAULT_FROM_EMAIL = 'postorius@{{ lists_domain }}'
SERVER_EMAIL = 'root@{{ lists_domain }}'
POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost'
POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost:8000'
HYPERKITTY_ALLOW_WEB_POSTING = False
HYPERKITTY_ENABLE_GRAVATAR = False

257
roles/mailman/templates/transport.j2
View File

@ -1,257 +0,0 @@
# AUTOMATICALLY GENERATED BY MAILMAN ON 2022-09-15 21:34:14
#
# This file is generated by Mailman, and is kept in sync with the binary hash
# file. YOU SHOULD NOT MANUALLY EDIT THIS FILE unless you know what you're
# doing, and can keep the two files properly in sync. If you screw it up,
# you're on your own.
# Aliases which are visible only in the @lists.archlinux.org domain.
arch-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-commits-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-dev-public-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-devops-private-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-events-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-mirrors-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-multilib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-ports-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-proaudio-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-projects-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-releng-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-security-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-tu-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-wiki-admins-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
arch-women-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
aur-requests-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-contrib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
pacman-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
staff-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024

135
roles/mailman3/defaults/main.yml
View File

File diff suppressed because one or more lines are too long

13
roles/mailman3/files/postfix.cfg
View File

@ -1,13 +0,0 @@
[postfix]
# Additional configuration variables for the postfix MTA.
# This variable describe the program to use for regenerating the transport map
# db file, from the associated plain text files. The file being updated will
# be appended to this string (with a separating space), so it must be
# appropriate for os.system().
postmap_command: /usr/bin/true
# This variable describes the type of transport maps that will be generated by
# mailman to be used with postfix for LMTP transport. By default, it is set to
# hash, but mailman also supports `regex` tables.
transport_file_type: hash

5
roles/mailman3/handlers/main.yml
View File

@ -1,5 +0,0 @@
- name: Reload mailman
service: name=mailman3 state=reloaded
- name: Restart mailman-web
service: name=uwsgi@mailman\\x2dweb.service state=restarted

81
roles/mailman3/tasks/main.yml
View File

@ -1,81 +0,0 @@
- name: Install mailman3 and related packages
pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python state=present
register: install
- name: Install {mailman,mailman-web} configuration
template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
loop:
- {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
- {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
- {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
- {src: urls.py.j2, dest: /etc/webapps/mailman-web/urls.py, group: mailman-web}
notify:
- Reload mailman
- Restart mailman-web
- name: Install mailman postfix.cfg configuration
copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644
notify: Reload mailman
- name: Make nginx log dir
file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
notify: Reload nginx
tags: ['nginx']
- name: Create postgres {mailman,mailman-web} user
postgresql_user: name={{ item.username }} password={{ item.password }}
loop:
- {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
- {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
become: true
become_user: postgres
become_method: su
no_log: true
- name: Create {mailman,mailman-web} db
postgresql_db: name={{ item.db }} owner={{ item.owner }}
loop:
- {db: mailman, owner: "{{ vault_mailman_db_user }}"}
- {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
become: true
become_user: postgres
become_method: su
- name: Run Django management tasks
command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings
loop:
- migrate
- loaddata
- collectstatic
- compress
become: true
become_user: mailman-web
when: install.changed
- name: Open LMTP ipv4 port for lists.archlinux.org
ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
rich_rule="rule family=ipv4 source address={{ hostvars['lists.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8024 accept"
tags:
- firewall
- name: Start and enable mailman{.service,-*.timer}
systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
loop:
- mailman3.service
- mailman3-digests.timer
- mailman3-notify.timer
- uwsgi@mailman\x2dweb.service
- name: Update list configurations
uri:
url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
user: "{{ vault_mailman_admin_user }}"
password: "{{ vault_mailman_admin_pass }}"
method: PUT
body_format: json
status_code: 204
body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}"
loop: "{{ lists.keys() }}"

22
roles/mailman3/templates/nginx.d.conf.j2
View File

@ -1,22 +0,0 @@
server {
listen 80;
listen [::]:80;
server_name {{ lists_domain }} localhost;
set_real_ip_from {{ hostvars['lists.archlinux.org']['wireguard_address'] }}/32;
real_ip_header X-Forwarded-For;
access_log /var/log/nginx/{{ lists_domain }}/access.log main;
access_log /var/log/nginx/{{ lists_domain }}/access.log.json json_main;
error_log /var/log/nginx/{{ lists_domain }}/error.log;
location /static/ {
alias /var/lib/mailman-web/static/;
}
# include uwsgi_params
location / {
include /etc/nginx/uwsgi_params;
uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
}
}

35
roles/mailman3/templates/urls.py.j2
View File

@ -1,35 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (C) 1998-2016 by the Free Software Foundation, Inc.
#
# This file is part of Postorius.
#
# Postorius is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# Postorius is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# Postorius. If not, see <http://www.gnu.org/licenses/>.
from django.conf.urls import include
from django.contrib import admin
from django.urls import path, reverse_lazy
from django.views.generic import RedirectView
urlpatterns = [
path(
'',
RedirectView.as_view(url=reverse_lazy('list_index'), permanent=True),
),
path('mailman3/', include('postorius.urls')),
path('archives/', include('hyperkitty.urls')),
path('', include('django_mailman3.urls')),
path('accounts/', include('allauth.urls')),
path('admin3/', admin.site.urls),
]

6
tf-stage1/archlinux.tf
View File

@ -93,17 +93,13 @@ locals {
domain = "homedir"
}
"lists.archlinux.org" = {
server_type = "cpx11"
server_type = "cx21"
domain = "lists"
}
"mail.archlinux.org" = {
server_type = "cx11"
domain = "mail"
}
"mailman3.archlinux.org" = {
server_type = "cx21"
domain = "mailman3"
}
"man.archlinux.org" = {
server_type = "cx11"
domain = "man"