From 893a95f3292f1cd860377c43175149ad45da76d2 Mon Sep 17 00:00:00 2001 From: Kristian Klausen Date: Fri, 16 Sep 2022 18:56:44 +0200 Subject: [PATCH] Kill the mailman2 server and put the mailman3 server in its place With the final lists migrated to mailman3[1], the mailman2 server can finally be killed. When the mailman3 server was initially setup[2], it was done on a separate server because the mailman and mailman3 packages conflicted, and the traffic was routed over wireguard (HTTP, LMTP and SMTP). Instead of installing mailman3 on the original lists.al.org server and transferring the data, it was easier just to install the missing pieces (basically Postfix and adjusting the Nginx configuration) on the ml3 server and move the IPs (to keep the IP mail reputation). So basically the following was done: - The IPs for the original lists.al.org was moved to the mailman3.al.org server - The mailman2 datadir was transferred to mailman3.al.org server, so we can keep the pipermail links alive, and import missing mails if needed - The original lists.al.org server was decommissioned - The mailman3.al.org server was renamed to lists.al.org - The missing pieces was added to the mailman3 role (basically Postfix + Nginx adjustments) - The mailman role was deleted and the mailman3 role renamed to mailman [1] 75ac7d09 ("mailman: Fourth and final batch of mailman3 migrated lists") [2] 9294828f ("Setup mailman3 server") Fix #59 --- docs/servers.md | 8 - docs/ssh-hostkeys.txt | 27 +- docs/ssh-known_hosts.txt | 11 +- group_vars/all/root_access.yml | 1 - group_vars/all/vault_mailman.yml | 33 ++- group_vars/all/vault_mailman3.yml | 26 -- host_vars/mailman3.archlinux.org/misc | 4 - .../vault_wireguard.yml | 9 - hosts | 2 - playbooks/lists.archlinux.org.yml | 3 +- playbooks/mailman3.archlinux.org.yml | 17 -- roles/mailman/defaults/main.yml | 134 +++++++++ .../files/list_base_configuration.json | 0 roles/mailman/files/mailman.ini | 10 - roles/mailman/files/migrated-lists.map | 25 -- roles/mailman/files/override.conf | 2 - roles/mailman/handlers/main.yml | 9 +- roles/mailman/tasks/main.yml | 102 ++++--- .../templates/mailman-hyperkitty.cfg.j2 | 2 +- .../templates/mailman.cfg.j2 | 7 - roles/mailman/templates/main.cf.j2 | 7 +- roles/mailman/templates/mm_cfg.py.j2 | 79 ------ roles/mailman/templates/nginx.d.conf.j2 | 55 ++-- .../templates/settings.py.j2 | 4 +- roles/mailman/templates/transport.j2 | 257 ------------------ roles/mailman3/defaults/main.yml | 135 --------- roles/mailman3/files/postfix.cfg | 13 - roles/mailman3/handlers/main.yml | 5 - roles/mailman3/tasks/main.yml | 81 ------ roles/mailman3/templates/nginx.d.conf.j2 | 22 -- roles/mailman3/templates/urls.py.j2 | 35 --- tf-stage1/archlinux.tf | 6 +- 32 files changed, 261 insertions(+), 870 deletions(-) delete mode 100644 group_vars/all/vault_mailman3.yml delete mode 100644 host_vars/mailman3.archlinux.org/misc delete mode 100644 host_vars/mailman3.archlinux.org/vault_wireguard.yml delete mode 100644 playbooks/mailman3.archlinux.org.yml rename roles/{mailman3 => mailman}/files/list_base_configuration.json (100%) delete mode 100644 roles/mailman/files/mailman.ini delete mode 100644 roles/mailman/files/migrated-lists.map delete mode 100644 roles/mailman/files/override.conf rename roles/{mailman3 => mailman}/templates/mailman-hyperkitty.cfg.j2 (95%) rename roles/{mailman3 => mailman}/templates/mailman.cfg.j2 (66%) delete mode 100644 roles/mailman/templates/mm_cfg.py.j2 rename roles/{mailman3 => mailman}/templates/settings.py.j2 (93%) delete mode 100644 roles/mailman/templates/transport.j2 delete mode 100644 roles/mailman3/defaults/main.yml delete mode 100644 roles/mailman3/files/postfix.cfg delete mode 100644 roles/mailman3/handlers/main.yml delete mode 100644 roles/mailman3/tasks/main.yml delete mode 100644 roles/mailman3/templates/nginx.d.conf.j2 delete mode 100644 roles/mailman3/templates/urls.py.j2 diff --git a/docs/servers.md b/docs/servers.md index 0f61ee62..deb392ef 100644 --- a/docs/servers.md +++ b/docs/servers.md @@ -157,14 +157,6 @@ Prometheus, and Grafana server which receives selected performance/metrics from Online collborative markdwown editor for Arch Linux Staff. -## mailman3.archlinux.org - -This server runs mailman3 as mailman2 and mailman3 can't be installed on the same server. The HTTP and LMTP traffic is routed over WireGuard from lists.archlinux.org. - -### Services - - - mailman3 - ### Services - [hedgedoc](https://hedgedoc.org/) diff --git a/docs/ssh-hostkeys.txt b/docs/ssh-hostkeys.txt index f19b6dc2..e89944a9 100644 --- a/docs/ssh-hostkeys.txt +++ b/docs/ssh-hostkeys.txt @@ -164,15 +164,15 @@ 3072 MD5:50:c8:93:43:05:d5:73:a4:84:b1:07:66:a7:20:a5:79 root@archlinux-packer (RSA) # lists.archlinux.org -1024 SHA256:/o3BhNZ6MdfHXrqDzVxP5OgKcTmo1/e2v80Xb+Q2ypc root@archlinux-packer (DSA) -256 SHA256:Xe+YrG+IfhtQkNft+SB7UsTQCIgbqNnqMl/Pqs6uzBE root@archlinux-packer (ECDSA) -256 SHA256:fAKD+26rDZ74MOMWZI8L3k2c7RzTYd69+iwKp4zhw8c root@archlinux-packer (ED25519) -3072 SHA256:NyspEiVRnuRtL854ErcdybtjoBia+miQkpuToYZEl78 root@archlinux-packer (RSA) +1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA) +256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA) +256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519) +3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA) -1024 MD5:fb:bb:0e:a8:0c:5c:41:5a:b1:d9:61:4d:e5:c3:bf:b1 root@archlinux-packer (DSA) -256 MD5:56:43:80:27:a7:4e:4c:1f:a4:14:dd:d1:eb:37:13:a9 root@archlinux-packer (ECDSA) -256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519) -3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA) +1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA) +256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA) +256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519) +3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA) # mail.archlinux.org 1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA) @@ -185,17 +185,6 @@ 256 MD5:dd:20:c1:f1:f2:fa:70:86:3a:e2:39:86:b1:01:2f:61 root@archlinux-packer (ED25519) 3072 MD5:b6:14:30:bd:fe:43:46:6a:20:a2:8b:b0:aa:d4:35:19 root@archlinux-packer (RSA) -# mailman3.archlinux.org -1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA) -256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA) -256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519) -3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA) - -1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA) -256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA) -256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519) -3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA) - # man.archlinux.org 1024 SHA256:11C7Qa1GSNBBspSlber3Sp+LEMRpfr/VWkypfu6OnhA root@archlinux-packer (DSA) 256 SHA256:fL79NVaEiwXGfUhTXWLkue/D1seSADYbui+jwQ2dvW0 root@archlinux-packer (ECDSA) diff --git a/docs/ssh-known_hosts.txt b/docs/ssh-known_hosts.txt index 6570c8db..8275c63e 100644 --- a/docs/ssh-known_hosts.txt +++ b/docs/ssh-known_hosts.txt @@ -86,20 +86,15 @@ homedir.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxEHvFCXujU6s4eW0U79o homedir.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDuQbGoCSIPisaZeqtJhM369ugQWc8pHE8404AZu0yUgDxMl6AP5BUfdynlR6VGt4edSaEyp9BkT15YaKh5vph/9MUtZ2zbQ7WPRuvfLNG+RI458q4CYdykVMmTs1DEeAxaVMIAL3225pqh7QMcME0edX9f4PLLkQk8+AAAy24rvgwxLE0BnSLB3zp7wCJw5rm2iZAcqsKkIZw2FJKMlRuEovdvgc7A0FfkSc8muvvHET1FK/Uqv5i9R2Xk3NPFkt/bzcwOVBXCeqUrjLmD0UhRWX8J8GMmrEVPVQLBT6mn/OtlXpOiDcr9HkSLS1mqo59N9wyI4tCKjYQZMEWU36PYjXlDzqOGmdAR6Ly8vDo3BC+ByQqLf/ixkoFD/I5inGejPnAv9eXuiP8o0KoPDOALD8gqwqCoPjElE9ZVObp+NJbuQeXRZt70VKxZEWrUKxKxHM3RoYvgd3h/GHaYEGWdbvTMTVK+xnrczL+Eme4Y81zA8KTwY5qbyc5QCHvksKM= # lists.archlinux.org -lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKBHMlX50Jr2HiVJ/qDSH3mAjobpbBrGvBRXTKB/xXFBiVXCbJQCQ9HKXQZunLALaIm+jAgpskbXqLQMEpWzST8= -lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1 -lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU= +lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY= +lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1 +lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c= # mail.archlinux.org mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s= mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H mail.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPrURadxte8UJiteGa6+Q+OjTAjhvGAQFkNSXj1pr4k03uxkU6l2v2LuTygk+4SZSCyUsKvNx/ljJeHBnuecQ8rRv19ZFqy/GQKB3oEmiNYMo2dYYlJWwTVBHatmghhB1j2y40yqdKWH2xQuXC3HtnS7fHG0g1Rc4R9KB4MQlcXkwnSEMpwpWBoO7sr0M4YTdwE+nSG9aNfyPbPGp3mX4ATz5X5hPJOlSFVDV6NuKrA+5qyt4jSKdeG5IuWeEnEJesYJEvShYdY9DvMCXnZykB0emzzk+5+Cp2lTPf9LOO3wNsTgHV/CwkoAoMgr9+ASefhBr3nxmmrs9T7nwuobGCGFUqQ2D8IKCmsWGVKXYERViz3x/gYUIlHgVJpoIXCFFqbdpWwxKR1aDMug2fFe699/FzuPdqrWPFdQMF2mPQ0w3AH/62KGp+PULE2HxrlCiY/gF2m8iJLgunxVKmi/c0ufgK9QilnKcPO+W4tcISa5MYt7MSTTLV9eVsgVjGhOU= -# mailman3.archlinux.org -mailman3.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY= -mailman3.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1 -mailman3.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c= - # man.archlinux.org man.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPhnsStoFw6rbVpE1S1vsXNk8de1SyMag1C+v0DWVSuNYzTylYg4322WbYzw45z2XhxrF6XmCSDMvgxvFwnfLQA= man.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzjkN+igIxSIv5N9+ANNoo6knPa51Tj5TAXs4EQ8lY2 diff --git a/group_vars/all/root_access.yml b/group_vars/all/root_access.yml index a5f9ba67..1f6a54b7 100644 --- a/group_vars/all/root_access.yml +++ b/group_vars/all/root_access.yml @@ -26,7 +26,6 @@ root_ssh_keys: - dashboards.archlinux.org - gitlab.archlinux.org - lists.archlinux.org - - mailman3.archlinux.org - monitoring.archlinux.org # - run 'playbooks/tasks/reencrypt-vault-{super,default}-key.yml' when this diff --git a/group_vars/all/vault_mailman.yml b/group_vars/all/vault_mailman.yml index 06f7aef2..03690e65 100644 --- a/group_vars/all/vault_mailman.yml +++ b/group_vars/all/vault_mailman.yml @@ -1,9 +1,26 @@ $ANSIBLE_VAULT;1.1;AES256 -38306134633332383131393237386134643236316136333335313130663639373434643434303734 -6530323361333765393633616338333830346634363835350a363933363736393935333833313461 -66336437366666316366326566313837653934333732336532393264343663643861633639636566 -3330353837636631320a303533653661623866383230353563366166653232316635353631613836 -39306531623538656335643031623361633465366138356263663630386362626630336262303865 -31306465323730316633316534333663313565336634346164363331353962366239663035366139 -33636139666262663962396236396337666336663835633865373966386534393064323333326164 -35643530656134643565 +63633533303232373335663630346139613137616132393738383265663337636565663935386365 +3262636536383962333438653033323061306433323232610a623836643732616163383364316639 +37626134643334383432346465343734353566663261643334396563336132666133666431313563 +6365643566626635360a616139393131346566666266653737303562663664656231643836373038 +37316436643133333261313963356435353938393032313935353939613962303733623934313965 +64356635626561376130336134656436386638306538373635313638393932313337316636343533 +32666138613765326332373335366634313530656162383162633861666365333230303132346263 +63613031643230356361383638386230613231626135663763373630666362623536663165356335 +33333033376332653130626262633563336238383931393636346339333963326330373431363931 +61383733626363316539653638373562616335366363306365353166666335383037633830636263 +37313663636139666131623435383833313434396665663162623934646330626362346237363331 +65323537383536333763646431623061646337613761363861373261343638653235333038663239 +34636662663763363832643061313035316437633965346332363432653562613865623261613235 +61303239626136303736356533373739343566313464343931383962633232313263383230336438 +32653534623739616436346539616336373562376632303833323230643465666262303263383334 +64623362363863393866666461396237613934656239653262316438633338313036303436313236 +61623562376139616539646231376438636234656363666639646465663035326161346435396439 +63613839396163616135313537626535393039623866646431333239383263313931386131303464 +36353837303662343530663561363036633864346131343731643535386462316663353233636638 +36323134643230376239326637656537633337323333616630313531653239366263386238363333 +32336538613635613964366562383165616433363738623638393364363233636262643131653532 +62326363356333333563383139323366363462613031303566376365643439373163613166333339 +38353266616463396139336663353536336631666565656630396431363439333034653336316234 +61663232383136353937336431353131323933613462666233663464656166356161613039316436 +3136 diff --git a/group_vars/all/vault_mailman3.yml b/group_vars/all/vault_mailman3.yml deleted file mode 100644 index 03690e65..00000000 --- a/group_vars/all/vault_mailman3.yml +++ /dev/null @@ -1,26 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -63633533303232373335663630346139613137616132393738383265663337636565663935386365 -3262636536383962333438653033323061306433323232610a623836643732616163383364316639 -37626134643334383432346465343734353566663261643334396563336132666133666431313563 -6365643566626635360a616139393131346566666266653737303562663664656231643836373038 -37316436643133333261313963356435353938393032313935353939613962303733623934313965 -64356635626561376130336134656436386638306538373635313638393932313337316636343533 -32666138613765326332373335366634313530656162383162633861666365333230303132346263 -63613031643230356361383638386230613231626135663763373630666362623536663165356335 -33333033376332653130626262633563336238383931393636346339333963326330373431363931 -61383733626363316539653638373562616335366363306365353166666335383037633830636263 -37313663636139666131623435383833313434396665663162623934646330626362346237363331 -65323537383536333763646431623061646337613761363861373261343638653235333038663239 -34636662663763363832643061313035316437633965346332363432653562613865623261613235 -61303239626136303736356533373739343566313464343931383962633232313263383230336438 -32653534623739616436346539616336373562376632303833323230643465666262303263383334 -64623362363863393866666461396237613934656239653262316438633338313036303436313236 -61623562376139616539646231376438636234656363666639646465663035326161346435396439 -63613839396163616135313537626535393039623866646431333239383263313931386131303464 -36353837303662343530663561363036633864346131343731643535386462316663353233636638 -36323134643230376239326637656537633337323333616630313531653239366263386238363333 -32336538613635613964366562383165616433363738623638393364363233636262643131653532 -62326363356333333563383139323366363462613031303566376365643439373163613166333339 -38353266616463396139336663353536336631666565656630396431363439333034653336316234 -61663232383136353937336431353131323933613462666233663464656166356161613039316436 -3136 diff --git a/host_vars/mailman3.archlinux.org/misc b/host_vars/mailman3.archlinux.org/misc deleted file mode 100644 index 01d1a3f5..00000000 --- a/host_vars/mailman3.archlinux.org/misc +++ /dev/null @@ -1,4 +0,0 @@ -filesystem: btrfs -ipv4_address: 65.21.106.94 -wireguard_address: 10.0.0.37 -wireguard_public_key: obBFreFGNDLB17+PaJspE4qNeVX4o7ZPcJj3ZmJhahg= diff --git a/host_vars/mailman3.archlinux.org/vault_wireguard.yml b/host_vars/mailman3.archlinux.org/vault_wireguard.yml deleted file mode 100644 index e8e3b3fc..00000000 --- a/host_vars/mailman3.archlinux.org/vault_wireguard.yml +++ /dev/null @@ -1,9 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -32363065633737653663623334663139323638366462343630623765396636353932653932356261 -6239356162633731656330383436363861376231616462390a356432316532333632653839333230 -63636434373462643231323532633362363434646230323636333264393032373632343932616361 -6536383038313134300a363139313337646533626334333666326535623039323332666338306532 -33643430313864663833343765623138393165386564343636306363626232666436353665353235 -34623064363764336139633334663530376332633536383033313438613035303662333435313536 -34366663643130633064646161613065373532653235373730316439643165383635353761396639 -61656462333035666437 diff --git a/hosts b/hosts index 4c4d84ab..3cf03bfc 100644 --- a/hosts +++ b/hosts @@ -51,7 +51,6 @@ security.archlinux.org md.archlinux.org lists.archlinux.org gluebuddy.archlinux.org -mailman3.archlinux.org [public_html] homedir.archlinux.org @@ -138,7 +137,6 @@ gluebuddy.archlinux.org homedir.archlinux.org lists.archlinux.org mail.archlinux.org -mailman3.archlinux.org man.archlinux.org matrix.archlinux.org md.archlinux.org diff --git a/playbooks/lists.archlinux.org.yml b/playbooks/lists.archlinux.org.yml index 0629ec0b..6669dd30 100644 --- a/playbooks/lists.archlinux.org.yml +++ b/playbooks/lists.archlinux.org.yml @@ -8,7 +8,7 @@ - { role: sshd } - { role: root_ssh } - { role: hardening } - - { role: borg_client, tags: ["borg"], when: "'borg_clients' in group_names" } + - { role: borg_client, tags: ["borg"] } - { role: prometheus_exporters } - { role: promtail } - { role: certbot } @@ -17,4 +17,5 @@ - { role: rspamd, rspamd_dkim_domain: lists.archlinux.org, rspamd_dkim_use_esld: false, tags: ["mail"] } - { role: unbound, unbound_port: 5353, tags: ["mail"] } - { role: uwsgi } + - { role: postgres } - { role: mailman } diff --git a/playbooks/mailman3.archlinux.org.yml b/playbooks/mailman3.archlinux.org.yml deleted file mode 100644 index 171eb42d..00000000 --- a/playbooks/mailman3.archlinux.org.yml +++ /dev/null @@ -1,17 +0,0 @@ -- name: Setup mailman3 server - hosts: mailman3.archlinux.org - remote_user: root - roles: - - { role: common } - - { role: firewalld } - - { role: wireguard } - - { role: sshd } - - { role: root_ssh } - - { role: hardening } - - { role: borg_client, tags: ["borg"] } - - { role: prometheus_exporters } - - { role: promtail } - - { role: nginx, nginx_firewall_zone: wireguard } - - { role: uwsgi } - - { role: postgres } - - { role: mailman3 } diff --git a/roles/mailman/defaults/main.yml b/roles/mailman/defaults/main.yml index b2d2b3fd..7ac12333 100644 --- a/roles/mailman/defaults/main.yml +++ b/roles/mailman/defaults/main.yml @@ -1 +1,135 @@ lists_domain: lists.archlinux.org +lists: + arch-announce: + allow_list_posts: false + bounce_info_stale_after: 60d + default_member_action: reject + default_nonmember_action: reject + description: This mailing list is for official announcements for the Arch Linux distribution. + display_name: Arch-announce + moderator_password: "{{ vault_archweb_mailman_password }}" + arch-commits: + allow_list_posts: false + accept_these_nonmembers: + - ^.+@(.+\.)?archlinux\.org + archive_policy: never + default_member_action: reject + default_nonmember_action: reject + description: Arch Linux packaging commits + display_name: Arch-commits + info: This list contains all commits to the package repositories, including diffs for newest changes. + max_message_size: 200 + arch-dev: + advertised: false + archive_policy: private + description: Development Discussion for Arch Linux + display_name: Arch-dev + info: This list is for development discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux developers. + subscription_policy: confirm_then_moderate + arch-devops: + display_name: Arch-devops + description: Arch Linux Infrastructure development discussion + arch-devops-private: + advertised: false + archive_policy: private + description: List for internal discussion of the devops team + display_name: Arch-devops-private + subscription_policy: confirm_then_moderate + arch-dev-public: + default_member_action: hold + description: Public mailing list for Arch Linux development + display_name: Arch-dev-public + arch-events: + description: Arch Linux Events + display_name: Arch-events + arch-general: + description: General Discussion about Arch Linux + display_name: Arch-general + info: | + This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here. + + You must be subscribed to the list in order to post to it. + arch-mirrors-announce: + description: List for mirror admins to send announcements (like downtime notifications) to our users + display_name: Arch-mirrors-announce + info: | + This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror. + + This list also accepts mails from non-subscribers. + arch-mirrors: + description: Arch Linux Mirroring Discussion and Announcements + display_name: Arch-mirrors + info: This list is intended for admins of Arch Linux mirrors. Discussion and announcements regarding mirroring will use this list. + arch-multilib: + description: Arch Linux Multilib (32bit libs on 64bit OSes) + display_name: Arch-multilib + arch-ports: + description: Discussion regarding the porting of Arch Linux to non-x86_64 architectures + display_name: Arch-ports + info: This list is primarily used to talk about porting Arch Linux to non-x86_64 platforms, such as PPC, ARM, i586, i686, etc. + arch-proaudio: + description: Discussion about real-time multimedia, including (semi-)pro audio and video + display_name: Arch-proaudio + arch-projects: + description: Arch Linux projects development discussion + display_name: Arch-projects + info: | + Announcements, development discussion, patches and pull requests for the Arch Linux projects: + + Please begin the email subject with the name of a project in square brackets (e.g. [devtools]). If no project matches, use [projects]. + + Note: No user discussion! + arch-releng: + description: Arch Linux Release Engineering + display_name: Arch-releng + arch-security: + description: Announcements about security issues in Arch Linux and its packages + display_name: Arch-security + info: Discussion about announcements should happen on arch-general. + arch-tu: + advertised: false + archive_policy: private + description: Trusted Users Discussion for Arch Linux + display_name: Arch-tu + info: This list is for trusted users discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux trusted users. + subscription_policy: confirm_then_moderate + arch-wiki-admins: + advertised: false + archive_policy: private + default_nonmember_action: defer + display_name: Arch-wiki-admins + subscription_policy: confirm_then_moderate + arch-women: + description: Mailing list for the Arch Women project + display_name: Arch-women + info: | + Arch Women is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS. + + Mailing list graciously hosted by the Arch Linux™ project. + aur-dev: + description: Arch User Repository (AUR) Development + display_name: Aur-dev + info: This list is intended for discussion of AUR and community based code and development. + aur-general: + description: Discussion about the Arch User Repository (AUR) + display_name: Aur-general + info: This list is for Trusted Users, Arch Linux developers, and the general public to discuss issues surrounding the Trusted User structure and the Arch User Repository (AUR). + aur-requests: + accept_these_nonmembers: + - notify@aur.archlinux.org + description: Public mailing list for AUR package deletion/merge/orphan requests + display_name: Aur-requests + pacman-contrib: + description: Discussion list for pacman-contrib development + display_name: Pacman-contrib + info: This list is used by pacman-contrib developers to coordinate, share patches, etc. + pacman-dev: + description: Discussion list for pacman development + display_name: Pacman-dev + info: This list is used by pacman developers and contributors to coordinate, fix problems, share patches, etc. + staff: + advertised: false + archive_policy: private + description: Internal list that includes all Arch Linux staff members (devs, TUs, support staff) + display_name: Staff + subscription_policy: confirm_then_moderate diff --git a/roles/mailman3/files/list_base_configuration.json b/roles/mailman/files/list_base_configuration.json similarity index 100% rename from roles/mailman3/files/list_base_configuration.json rename to roles/mailman/files/list_base_configuration.json diff --git a/roles/mailman/files/mailman.ini b/roles/mailman/files/mailman.ini deleted file mode 100644 index fe6d040f..00000000 --- a/roles/mailman/files/mailman.ini +++ /dev/null @@ -1,10 +0,0 @@ -[uwsgi] -plugins = cgi -socket = /run/uwsgi/%n.sock -chmod-socket = 770 -threads = 2 - -cgi = /=/usr/lib/mailman/cgi-bin/ -cgi-index = listinfo -uid = mailman -gid = http diff --git a/roles/mailman/files/migrated-lists.map b/roles/mailman/files/migrated-lists.map deleted file mode 100644 index 5e9c72c0..00000000 --- a/roles/mailman/files/migrated-lists.map +++ /dev/null @@ -1,25 +0,0 @@ -/listinfo/arch-announce /mailman3/lists/arch-announce@lists.archlinux.org/; -/listinfo/arch-commits /mailman3/lists/arch-commits@lists.archlinux.org/; -/listinfo/arch-dev /mailman3/lists/arch-dev@lists.archlinux.org/; -/listinfo/arch-dev-public /mailman3/lists/arch-dev-public@lists.archlinux.org/; -/listinfo/arch-devops /mailman3/lists/arch-devops@lists.archlinux.org/; -/listinfo/arch-devops-private /mailman3/lists/arch-devops-private@lists.archlinux.org/; -/listinfo/arch-events /mailman3/lists/arch-events@lists.archlinux.org/; -/listinfo/arch-general /mailman3/lists/arch-general@lists.archlinux.org/; -/listinfo/arch-mirrors /mailman3/lists/arch-mirrors@lists.archlinux.org/; -/listinfo/arch-mirrors-announce /mailman3/lists/arch-mirrors-announce@lists.archlinux.org/; -/listinfo/arch-multilib /mailman3/lists/arch-multilib@lists.archlinux.org/; -/listinfo/arch-ports /mailman3/lists/arch-ports@lists.archlinux.org/; -/listinfo/arch-proaudio /mailman3/lists/arch-proaudio@lists.archlinux.org/; -/listinfo/arch-projects /mailman3/lists/arch-projects@lists.archlinux.org/; -/listinfo/arch-releng /mailman3/lists/arch-releng@lists.archlinux.org/; -/listinfo/arch-security /mailman3/lists/arch-security@lists.archlinux.org/; -/listinfo/arch-tu /mailman3/lists/arch-tu@lists.archlinux.org/; -/listinfo/arch-wiki-admins /mailman3/lists/arch-wiki-admins@lists.archlinux.org/; -/listinfo/arch-women /mailman3/lists/arch-women@lists.archlinux.org/; -/listinfo/aur-dev /mailman3/lists/aur-dev@lists.archlinux.org/; -/listinfo/aur-general /mailman3/lists/aur-general@lists.archlinux.org/; -/listinfo/aur-requests /mailman3/lists/aur-requests@lists.archlinux.org/; -/listinfo/pacman-contrib /mailman3/lists/pacman-contrib@lists.archlinux.org/; -/listinfo/pacman-dev /mailman3/lists/pacman-dev@lists.archlinux.org/; -/listinfo/staff /mailman3/lists/staff@lists.archlinux.org/; diff --git a/roles/mailman/files/override.conf b/roles/mailman/files/override.conf deleted file mode 100644 index 8a764e34..00000000 --- a/roles/mailman/files/override.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Restart=always diff --git a/roles/mailman/handlers/main.yml b/roles/mailman/handlers/main.yml index 61ce4bee..2f46b762 100644 --- a/roles/mailman/handlers/main.yml +++ b/roles/mailman/handlers/main.yml @@ -1,8 +1,8 @@ -- name: Restart mailman - service: name=mailman daemon_reload=yes state=restarted - - name: Reload mailman - service: name=mailman state=reloaded + service: name=mailman3 state=reloaded + +- name: Restart mailman-web + service: name=uwsgi@mailman\\x2dweb.service state=restarted - name: Reload postfix service: name=postfix state=reloaded @@ -11,4 +11,3 @@ command: postmap /etc/postfix/{{ item }} loop: - aliases - - transport diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml index 450bfd81..22419224 100644 --- a/roles/mailman/tasks/main.yml +++ b/roles/mailman/tasks/main.yml @@ -4,12 +4,19 @@ vars: domains: ["{{ lists_domain }}"] -- name: Install mailman, uwsgi-plugin-cgi and postfx - pacman: name=mailman,uwsgi-plugin-cgi,postfix,postfix-pcre state=present +- name: Install mailman3 and related packages + pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python,postfix,postfix-pcre state=present + register: install -- name: Install mailman configuration - template: src=mm_cfg.py.j2 dest=/etc/mailman/mm_cfg.py follow=yes owner=root group=root mode=0644 - notify: Reload mailman +- name: Install {mailman,mailman-web} configuration + template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640 + loop: + - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman} + - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman} + - {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web} + notify: + - Reload mailman + - Restart mailman-web - name: Install postfix configuration template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0644 @@ -22,59 +29,66 @@ - milter_header_checks notify: Run postmap -- name: Install postfix templated maps - template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644 - loop: - - transport - notify: Run postmap - - name: Open firewall holes for postfix - ansible.posix.firewalld: service=smtp zone={{ item }} permanent=true state=enabled immediate=yes - loop: - - - - wireguard - when: configure_firewall + ansible.posix.firewalld: service=smtp permanent=true state=enabled immediate=yes tags: - firewall -- name: Create mailman list - command: /usr/lib/mailman/bin/newlist -a mailman root@{{ lists_domain }} meG0n5Wq6dEWCA6s - args: - creates: /var/lib/mailman/lists/mailman - -- name: Configure mailman uwsgi service - copy: src=mailman.ini dest=/etc/uwsgi/vassals/ owner=mailman group=http mode=0644 - - name: Make nginx log dir file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755 -- name: Install nginx mailman2->mailman3 redirect map - copy: src=migrated-lists.map dest=/etc/nginx/maps/ owner=root group=root mode=0644 - notify: Reload nginx - - name: Set up nginx template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644 notify: Reload nginx - tags: ['nginx'] + +- name: Create postgres {mailman,mailman-web} user + postgresql_user: name={{ item.username }} password={{ item.password }} + loop: + - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"} + - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"} + become: true + become_user: postgres + become_method: su + no_log: true + +- name: Create {mailman,mailman-web} db + postgresql_db: name={{ item.db }} owner={{ item.owner }} + loop: + - {db: mailman, owner: "{{ vault_mailman_db_user }}"} + - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"} + become: true + become_user: postgres + become_method: su + +- name: Run Django management tasks + command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings + loop: + - migrate + - loaddata + - collectstatic + - compress + become: true + become_user: mailman-web + when: false - name: Start and enable postfix systemd: name=postfix.service enabled=yes daemon_reload=yes state=started -- name: Create drop-in directory for mailman.service - file: path=/etc/systemd/system/mailman.service.d state=directory owner=root group=root mode=0755 - -- name: Install drop-in for mailman.service - copy: src=override.conf dest=/etc/systemd/system/mailman.service.d/ owner=root group=root mode=0644 - notify: Restart mailman - - name: Start and enable mailman{.service,-*.timer} systemd: name={{ item }} enabled=yes daemon_reload=yes state=started loop: - - mailman.service - - mailman-senddigests.timer - - mailman-nightlygzip.timer - - mailman-mailpasswds.timer - - mailman-gatenews.timer - - mailman-disabled.timer - - mailman-cullbadshunt.timer - - mailman-checkdbs.timer + - mailman3.service + - mailman3-digests.timer + - mailman3-notify.timer + - uwsgi@mailman\x2dweb.service + +- name: Update list configurations + uri: + url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config + user: "{{ vault_mailman_admin_user }}" + password: "{{ vault_mailman_admin_pass }}" + method: PUT + body_format: json + status_code: 204 + body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}" + loop: "{{ lists.keys() }}" diff --git a/roles/mailman3/templates/mailman-hyperkitty.cfg.j2 b/roles/mailman/templates/mailman-hyperkitty.cfg.j2 similarity index 95% rename from roles/mailman3/templates/mailman-hyperkitty.cfg.j2 rename to roles/mailman/templates/mailman-hyperkitty.cfg.j2 index d85fc57f..a2ab2a8a 100644 --- a/roles/mailman3/templates/mailman-hyperkitty.cfg.j2 +++ b/roles/mailman/templates/mailman-hyperkitty.cfg.j2 @@ -15,7 +15,7 @@ # better if it is not. # However, if your Mailman installation is accessed via HTTPS, the URL needs # to match your SSL certificate (e.g. https://lists.example.com/hyperkitty). -base_url: http://localhost/archives/ +base_url: http://localhost:8000/archives/ # Shared API key, must be the identical to the value in HyperKitty's # settings. diff --git a/roles/mailman3/templates/mailman.cfg.j2 b/roles/mailman/templates/mailman.cfg.j2 similarity index 66% rename from roles/mailman3/templates/mailman.cfg.j2 rename to roles/mailman/templates/mailman.cfg.j2 index 82b4c47e..2eca990e 100644 --- a/roles/mailman3/templates/mailman.cfg.j2 +++ b/roles/mailman/templates/mailman.cfg.j2 @@ -10,13 +10,6 @@ url: postgres://{{ vault_mailman_db_user }}:{{ vault_mailman_db_password }}@/mai admin_user: {{ vault_mailman_admin_user }} admin_pass: {{ vault_mailman_admin_pass }} -[mta] -configuration: /etc/postfix.cfg -lmtp_host: {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }} -lmtp_port: 8024 -smtp_host: {{ hostvars['lists.archlinux.org']['wireguard_address'] }} -smtp_port: 25 - [archiver.hyperkitty] class: mailman_hyperkitty.Archiver enable: yes diff --git a/roles/mailman/templates/main.cf.j2 b/roles/mailman/templates/main.cf.j2 index 5d29e60b..c6f6c4fe 100644 --- a/roles/mailman/templates/main.cf.j2 +++ b/roles/mailman/templates/main.cf.j2 @@ -22,7 +22,6 @@ mynetworks = 127.0.0.0/8 [::1]/128 [fe80::]/64 - {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }} # fatal: configuration error: mailbox_size_limit is smaller than message_size_limit message_size_limit = 104857600 @@ -46,10 +45,10 @@ smtpd_reject_footer = For assistance contact . Please smtpd_milters = inet:localhost:11332 non_smtpd_milters = $smtpd_milters -alias_maps = hash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases -local_recipient_maps = hash:/etc/postfix/transport $alias_maps +alias_maps = hash:/etc/postfix/aliases +local_recipient_maps = hash:/var/lib/mailman/data/postfix_lmtp $alias_maps alias_database = $alias_maps -transport_maps = hash:/etc/postfix/transport +transport_maps = hash:/var/lib/mailman/data/postfix_lmtp milter_header_checks = pcre:/etc/postfix/milter_header_checks diff --git a/roles/mailman/templates/mm_cfg.py.j2 b/roles/mailman/templates/mm_cfg.py.j2 deleted file mode 100644 index abe99fe3..00000000 --- a/roles/mailman/templates/mm_cfg.py.j2 +++ /dev/null @@ -1,79 +0,0 @@ -# -*- python -*- - -# Copyright (C) 1998-2018 by the Free Software Foundation, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -"""This module contains your site-specific settings. - -From a brand new distribution it should be copied to mm_cfg.py. If you -already have an mm_cfg.py, be careful to add in only the new settings you -want. Mailman's installation procedure will never overwrite your mm_cfg.py -file. - -The complete set of distributed defaults, with documentation, are in the file -Defaults.py. In mm_cfg.py, override only those you want to change, after the - - from Defaults import * - -line (see below). - -Note that these are just default settings; many can be overridden via the -administrator and user interfaces on a per-list or per-user basis. - -Also note that many of these settings will not be effective until Mailman -is restarted. Thus, you should always restart Mailman after changing this -file. - -Further, settings which relate to a list's host_name and web_page_url only -affect lists created after the change. For existing lists, see the FAQ at -. - -""" - -############################################### -# Here's where we get the distributed defaults. - -from Defaults import * - -################################################## -# Put YOUR site-specific settings below this line. - -# Please see: http://wiki.list.org/x/mIA9 if you change this -DEFAULT_URL_HOST = '{{ lists_domain }}' -DEFAULT_EMAIL_HOST = '{{ lists_domain }}' -MTA = 'Postfix' - -VIRTUAL_HOSTS.clear() -add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) - -POSTFIX_STYLE_VIRTUAL_DOMAINS = ['{{ lists_domain }}'] - -DEFAULT_URL_PATTERN = 'https://%s/' -PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' - -# bot protection -SUBSCRIBE_FORM_SECRET = '{{ vault_mailman_subscribe_form_secret }}' - -VIRTUAL_HOST_OVERVIEW = Off - -DEFAULT_SEND_REMINDERS = 0 - -PUBLIC_MBOX = Yes - -DEFAULT_MSG_HEADER = "" -DEFAULT_MSG_FOOTER = "" -#DEFAULT_DMARC_MODERATION_ACTION = 1 -REMOVE_DKIM_HEADERS = 1 diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2 index 5fc39fba..8c602b82 100644 --- a/roles/mailman/templates/nginx.d.conf.j2 +++ b/roles/mailman/templates/nginx.d.conf.j2 @@ -1,3 +1,17 @@ +# This is for POSTORIUS_TEMPLATE_BASE_URL and mailman_hyperkitty.Archiver's base_url. +server { + listen 8000; + listen [::]:8000; + server_name localhost; + + access_log off; + + location / { + include /etc/nginx/uwsgi_params; + uwsgi_pass unix:/run/mailman-web/mailman-web.sock; + } +} + server { listen 80; listen [::]:80; @@ -15,10 +29,6 @@ server { } } -map $uri $migrated_uri { - include maps/migrated-lists.map; -} - server { listen 443 ssl http2; listen [::]:443 ssl http2; @@ -32,41 +42,16 @@ server { ssl_certificate_key /etc/letsencrypt/live/{{ lists_domain }}/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/{{ lists_domain }}/chain.pem; - if ($migrated_uri) { - return 302 $migrated_uri; + location /static/ { + alias /var/lib/mailman-web/static/; } - location = / { - return 302 /mailman3/lists/; - } - - # redirect old urls - location /mailman/ { - rewrite ^/mailman/(.*) /$1 permanent; - } - - location /icons/ { - alias /usr/lib/mailman/icons/; - } - - location ~ ^/pipermail(?:/(.*))?$ { - alias /var/lib/mailman/archives/public/$1; - add_header Cache-Control "public, no-cache"; - autoindex on; + location /pipermail/ { + alias /var/lib/mailman2/archives/public/; } location / { - root /usr/lib/mailman/cgi-bin/; - index listinfo; - include uwsgi_params; - uwsgi_modifier1 9; - uwsgi_pass unix:/run/uwsgi/mailman.sock; - } - - location ~ ^/(static|mailman3|archives|user-profile|accounts|admin3)($|/) { - proxy_pass http://{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}; - proxy_set_header Host {{ lists_domain }}; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; + include /etc/nginx/uwsgi_params; + uwsgi_pass unix:/run/mailman-web/mailman-web.sock; } } diff --git a/roles/mailman3/templates/settings.py.j2 b/roles/mailman/templates/settings.py.j2 similarity index 93% rename from roles/mailman3/templates/settings.py.j2 rename to roles/mailman/templates/settings.py.j2 index 63acbdfb..3f85967e 100644 --- a/roles/mailman3/templates/settings.py.j2 +++ b/roles/mailman/templates/settings.py.j2 @@ -38,14 +38,14 @@ MAILMAN_ARCHIVER_KEY = '{{ vault_mailman_archiver_key }}' #: https://docs.djangoproject.com/en/3.2/topics/email/#smtp-backend EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' -EMAIL_HOST = '{{ hostvars['lists.archlinux.org']['wireguard_address'] }}' +EMAIL_HOST = '127.0.0.1' EMAIL_PORT = 25 #: Sender in Emails sent out by Postorius. DEFAULT_FROM_EMAIL = 'postorius@{{ lists_domain }}' SERVER_EMAIL = 'root@{{ lists_domain }}' -POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost' +POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost:8000' HYPERKITTY_ALLOW_WEB_POSTING = False HYPERKITTY_ENABLE_GRAVATAR = False diff --git a/roles/mailman/templates/transport.j2 b/roles/mailman/templates/transport.j2 deleted file mode 100644 index 6918dfca..00000000 --- a/roles/mailman/templates/transport.j2 +++ /dev/null @@ -1,257 +0,0 @@ -# AUTOMATICALLY GENERATED BY MAILMAN ON 2022-09-15 21:34:14 -# -# This file is generated by Mailman, and is kept in sync with the binary hash -# file. YOU SHOULD NOT MANUALLY EDIT THIS FILE unless you know what you're -# doing, and can keep the two files properly in sync. If you screw it up, -# you're on your own. - -# Aliases which are visible only in the @lists.archlinux.org domain. -arch-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-commits@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-commits-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-dev-public@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-dev-public-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-devops@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-devops-private@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-devops-private-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-events@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-events-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-mirrors@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-mirrors-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-mirrors-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-multilib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-multilib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-ports@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-ports-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-proaudio@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-proaudio-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-projects@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-projects-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-releng@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-releng-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-security@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-security-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-tu@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-tu-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-wiki-admins@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-wiki-admins-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -arch-women@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -arch-women-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -aur-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -aur-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -aur-requests@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -aur-requests-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -pacman-contrib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-contrib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -pacman-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -pacman-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 - -staff@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 -staff-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024 diff --git a/roles/mailman3/defaults/main.yml b/roles/mailman3/defaults/main.yml deleted file mode 100644 index 7ac12333..00000000 --- a/roles/mailman3/defaults/main.yml +++ /dev/null @@ -1,135 +0,0 @@ -lists_domain: lists.archlinux.org -lists: - arch-announce: - allow_list_posts: false - bounce_info_stale_after: 60d - default_member_action: reject - default_nonmember_action: reject - description: This mailing list is for official announcements for the Arch Linux distribution. - display_name: Arch-announce - moderator_password: "{{ vault_archweb_mailman_password }}" - arch-commits: - allow_list_posts: false - accept_these_nonmembers: - - ^.+@(.+\.)?archlinux\.org - archive_policy: never - default_member_action: reject - default_nonmember_action: reject - description: Arch Linux packaging commits - display_name: Arch-commits - info: This list contains all commits to the package repositories, including diffs for newest changes. - max_message_size: 200 - arch-dev: - advertised: false - archive_policy: private - description: Development Discussion for Arch Linux - display_name: Arch-dev - info: This list is for development discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux developers. - subscription_policy: confirm_then_moderate - arch-devops: - display_name: Arch-devops - description: Arch Linux Infrastructure development discussion - arch-devops-private: - advertised: false - archive_policy: private - description: List for internal discussion of the devops team - display_name: Arch-devops-private - subscription_policy: confirm_then_moderate - arch-dev-public: - default_member_action: hold - description: Public mailing list for Arch Linux development - display_name: Arch-dev-public - arch-events: - description: Arch Linux Events - display_name: Arch-events - arch-general: - description: General Discussion about Arch Linux - display_name: Arch-general - info: | - This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here. - - You must be subscribed to the list in order to post to it. - arch-mirrors-announce: - description: List for mirror admins to send announcements (like downtime notifications) to our users - display_name: Arch-mirrors-announce - info: | - This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror. - - This list also accepts mails from non-subscribers. - arch-mirrors: - description: Arch Linux Mirroring Discussion and Announcements - display_name: Arch-mirrors - info: This list is intended for admins of Arch Linux mirrors. Discussion and announcements regarding mirroring will use this list. - arch-multilib: - description: Arch Linux Multilib (32bit libs on 64bit OSes) - display_name: Arch-multilib - arch-ports: - description: Discussion regarding the porting of Arch Linux to non-x86_64 architectures - display_name: Arch-ports - info: This list is primarily used to talk about porting Arch Linux to non-x86_64 platforms, such as PPC, ARM, i586, i686, etc. - arch-proaudio: - description: Discussion about real-time multimedia, including (semi-)pro audio and video - display_name: Arch-proaudio - arch-projects: - description: Arch Linux projects development discussion - display_name: Arch-projects - info: | - Announcements, development discussion, patches and pull requests for the Arch Linux projects:
  • archweb (patches preferably on Github as pull requests)
  • arch-release-promotion (patches only on GitLab as merge requests)
  • dbscripts (patches preferably on GitLab as merge requests)
  • devtools (patches preferably on GitLab as merge requests)
  • mkinitcpio (patches preferably on Github as pull requests)
  • namcap (patches preferably on GitLab as merge requests)
  • netctl (patches preferably on the mailing list)
  • pyalpm (patches preferably on GitLab as merge requests)
  • repod (patches only on GitLab as merge requests)
  • shim-signed (contributions preferably on GitLab as merge requests)
- - Please begin the email subject with the name of a project in square brackets (e.g. [devtools]). If no project matches, use [projects]. - - Note: No user discussion! - arch-releng: - description: Arch Linux Release Engineering - display_name: Arch-releng - arch-security: - description: Announcements about security issues in Arch Linux and its packages - display_name: Arch-security - info: Discussion about announcements should happen on arch-general. - arch-tu: - advertised: false - archive_policy: private - description: Trusted Users Discussion for Arch Linux - display_name: Arch-tu - info: This list is for trusted users discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux trusted users. - subscription_policy: confirm_then_moderate - arch-wiki-admins: - advertised: false - archive_policy: private - default_nonmember_action: defer - display_name: Arch-wiki-admins - subscription_policy: confirm_then_moderate - arch-women: - description: Mailing list for the Arch Women project - display_name: Arch-women - info: | - Arch Women is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS. - - Mailing list graciously hosted by the Arch Linux™ project. - aur-dev: - description: Arch User Repository (AUR) Development - display_name: Aur-dev - info: This list is intended for discussion of AUR and community based code and development. - aur-general: - description: Discussion about the Arch User Repository (AUR) - display_name: Aur-general - info: This list is for Trusted Users, Arch Linux developers, and the general public to discuss issues surrounding the Trusted User structure and the Arch User Repository (AUR). - aur-requests: - accept_these_nonmembers: - - notify@aur.archlinux.org - description: Public mailing list for AUR package deletion/merge/orphan requests - display_name: Aur-requests - pacman-contrib: - description: Discussion list for pacman-contrib development - display_name: Pacman-contrib - info: This list is used by pacman-contrib developers to coordinate, share patches, etc. - pacman-dev: - description: Discussion list for pacman development - display_name: Pacman-dev - info: This list is used by pacman developers and contributors to coordinate, fix problems, share patches, etc. - staff: - advertised: false - archive_policy: private - description: Internal list that includes all Arch Linux staff members (devs, TUs, support staff) - display_name: Staff - subscription_policy: confirm_then_moderate diff --git a/roles/mailman3/files/postfix.cfg b/roles/mailman3/files/postfix.cfg deleted file mode 100644 index 6068f1cc..00000000 --- a/roles/mailman3/files/postfix.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[postfix] -# Additional configuration variables for the postfix MTA. - -# This variable describe the program to use for regenerating the transport map -# db file, from the associated plain text files. The file being updated will -# be appended to this string (with a separating space), so it must be -# appropriate for os.system(). -postmap_command: /usr/bin/true - -# This variable describes the type of transport maps that will be generated by -# mailman to be used with postfix for LMTP transport. By default, it is set to -# hash, but mailman also supports `regex` tables. -transport_file_type: hash diff --git a/roles/mailman3/handlers/main.yml b/roles/mailman3/handlers/main.yml deleted file mode 100644 index f56cbaed..00000000 --- a/roles/mailman3/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Reload mailman - service: name=mailman3 state=reloaded - -- name: Restart mailman-web - service: name=uwsgi@mailman\\x2dweb.service state=restarted diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml deleted file mode 100644 index 8f8dd7fb..00000000 --- a/roles/mailman3/tasks/main.yml +++ /dev/null @@ -1,81 +0,0 @@ -- name: Install mailman3 and related packages - pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python state=present - register: install - -- name: Install {mailman,mailman-web} configuration - template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640 - loop: - - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman} - - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman} - - {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web} - - {src: urls.py.j2, dest: /etc/webapps/mailman-web/urls.py, group: mailman-web} - notify: - - Reload mailman - - Restart mailman-web - -- name: Install mailman postfix.cfg configuration - copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644 - notify: Reload mailman - -- name: Make nginx log dir - file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755 - -- name: Set up nginx - template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644 - notify: Reload nginx - tags: ['nginx'] - -- name: Create postgres {mailman,mailman-web} user - postgresql_user: name={{ item.username }} password={{ item.password }} - loop: - - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"} - - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"} - become: true - become_user: postgres - become_method: su - no_log: true - -- name: Create {mailman,mailman-web} db - postgresql_db: name={{ item.db }} owner={{ item.owner }} - loop: - - {db: mailman, owner: "{{ vault_mailman_db_user }}"} - - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"} - become: true - become_user: postgres - become_method: su - -- name: Run Django management tasks - command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings - loop: - - migrate - - loaddata - - collectstatic - - compress - become: true - become_user: mailman-web - when: install.changed - -- name: Open LMTP ipv4 port for lists.archlinux.org - ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes - rich_rule="rule family=ipv4 source address={{ hostvars['lists.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8024 accept" - tags: - - firewall - -- name: Start and enable mailman{.service,-*.timer} - systemd: name={{ item }} enabled=yes daemon_reload=yes state=started - loop: - - mailman3.service - - mailman3-digests.timer - - mailman3-notify.timer - - uwsgi@mailman\x2dweb.service - -- name: Update list configurations - uri: - url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config - user: "{{ vault_mailman_admin_user }}" - password: "{{ vault_mailman_admin_pass }}" - method: PUT - body_format: json - status_code: 204 - body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}" - loop: "{{ lists.keys() }}" diff --git a/roles/mailman3/templates/nginx.d.conf.j2 b/roles/mailman3/templates/nginx.d.conf.j2 deleted file mode 100644 index 62fb9011..00000000 --- a/roles/mailman3/templates/nginx.d.conf.j2 +++ /dev/null @@ -1,22 +0,0 @@ -server { - listen 80; - listen [::]:80; - server_name {{ lists_domain }} localhost; - - set_real_ip_from {{ hostvars['lists.archlinux.org']['wireguard_address'] }}/32; - real_ip_header X-Forwarded-For; - - access_log /var/log/nginx/{{ lists_domain }}/access.log main; - access_log /var/log/nginx/{{ lists_domain }}/access.log.json json_main; - error_log /var/log/nginx/{{ lists_domain }}/error.log; - - location /static/ { - alias /var/lib/mailman-web/static/; - } - - # include uwsgi_params - location / { - include /etc/nginx/uwsgi_params; - uwsgi_pass unix:/run/mailman-web/mailman-web.sock; - } -} diff --git a/roles/mailman3/templates/urls.py.j2 b/roles/mailman3/templates/urls.py.j2 deleted file mode 100644 index 4121553c..00000000 --- a/roles/mailman3/templates/urls.py.j2 +++ /dev/null @@ -1,35 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright (C) 1998-2016 by the Free Software Foundation, Inc. -# -# This file is part of Postorius. -# -# Postorius is free software: you can redistribute it and/or modify it under -# the terms of the GNU General Public License as published by the Free -# Software Foundation, either version 3 of the License, or (at your option) -# any later version. -# -# Postorius is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -# more details. -# -# You should have received a copy of the GNU General Public License along with -# Postorius. If not, see . - - -from django.conf.urls import include -from django.contrib import admin -from django.urls import path, reverse_lazy -from django.views.generic import RedirectView - -urlpatterns = [ - path( - '', - RedirectView.as_view(url=reverse_lazy('list_index'), permanent=True), - ), - path('mailman3/', include('postorius.urls')), - path('archives/', include('hyperkitty.urls')), - path('', include('django_mailman3.urls')), - path('accounts/', include('allauth.urls')), - path('admin3/', admin.site.urls), -] diff --git a/tf-stage1/archlinux.tf b/tf-stage1/archlinux.tf index e9eae05d..5c042697 100644 --- a/tf-stage1/archlinux.tf +++ b/tf-stage1/archlinux.tf @@ -93,17 +93,13 @@ locals { domain = "homedir" } "lists.archlinux.org" = { - server_type = "cpx11" + server_type = "cx21" domain = "lists" } "mail.archlinux.org" = { server_type = "cx11" domain = "mail" } - "mailman3.archlinux.org" = { - server_type = "cx21" - domain = "mailman3" - } "man.archlinux.org" = { server_type = "cx11" domain = "man"