From: Ralf Jung Date: Sun, 20 May 2018 21:48:41 +0000 (+0200) Subject: configure mailman; group mailman tasks together X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/d8b2db0f1004d3496e6e64aafef506eb4f7e373a?ds=sidebyside;hp=1eafda5361195d887ba73c0a88f033c91aa4ad23 configure mailman; group mailman tasks together --- diff --git a/host_vars/template.yml b/host_vars/template.yml index bd5ccb1..dbc47ef 100644 --- a/host_vars/template.yml +++ b/host_vars/template.yml @@ -1,4 +1,6 @@ postfix: + # postmaster email address + postmaster: postmaster@example.org # optional: Whether to put a postscreen on port 25 postscreen: True # optional: Open another SMTP daemon on port 26 that only accepts mail from local hosts @@ -8,8 +10,6 @@ postfix: # optional: Whether to accept emails for arbitrary destination on the submission port, # authenticated by dovecot. Requires a dovecot: section (see below). submission: True - # optional: Whether to install mailman and add it as a possible postfix transport. - mailman: True # optional: From which IPs to accept mail. mynetworks: '127.0.0.0/8 [::1]/128 203.0.113.0/24' # optional: List multiple outgoing transports using different IP addresses. @@ -41,12 +41,18 @@ postfix: transport: mailman - domain: example.org transport: lmtp:unix:private/dovecot-lmtp + # optional: install and configure mailman + mailman: + default_host: lists.example.org + default_lang: en # if you change this, also run "dpkg-reconfigure mailman" to enable more languages + domains: + - lists.example.org + default_footer: "-- \n%(list_name)s@%(host_name)s - %(description)s\nConfiguration: %(web_page_url)slistinfo%(cgiext)s/%(list_name)s\nUnsubscribe: %(list_name)s-unsubscribe@%(host_name)s\n" # optional: Install and configure dovecot dovecot: mysql_password: $RANDOM vmail_uid: 200 mail_gid: 8 - postmaster: postmaster@example.org quota: general: 1G trash: +10M diff --git a/roles/email/handlers/main.yml b/roles/email/handlers/main.yml index 342976a..9e40ba3 100644 --- a/roles/email/handlers/main.yml +++ b/roles/email/handlers/main.yml @@ -4,3 +4,5 @@ service: name=postfix state=restarted enabled=yes - name: dovecot service: name=dovecot state=restarted enabled=yes +- name: mailman + service: name=mailman state=restarted enabled=yes diff --git a/roles/email/tasks/mailman.yml b/roles/email/tasks/mailman.yml new file mode 100644 index 0000000..7f4aaea --- /dev/null +++ b/roles/email/tasks/mailman.yml @@ -0,0 +1,12 @@ +- name: install mailman + apt: name=mailman state=latest +- name: configure mailman + template: + dest: /etc/mailman/mm_cfg.py + src: templates/mm_cfg.py + notify: mailman +- name: install mailman-check cronjob + copy: + dest: /etc/cron.daily/mailman-check + src: files/mailman-check + mode: u=rwx,g=rx,o=rx diff --git a/roles/email/tasks/main.yml b/roles/email/tasks/main.yml index 71d184c..871ea7c 100644 --- a/roles/email/tasks/main.yml +++ b/roles/email/tasks/main.yml @@ -5,6 +5,9 @@ - import_tasks: dovecot.yml when: postfix.dovecot is defined tags: dovecot +- import_tasks: mailman.yml + when: postfix.mailman is defined and postfix.mailman + tags: mailman - import_tasks: postfix.yml tags: postfix # some basic security stuff that relies on working email diff --git a/roles/email/tasks/opendkim.yml b/roles/email/tasks/opendkim.yml index c56d6f5..8da35b3 100644 --- a/roles/email/tasks/opendkim.yml +++ b/roles/email/tasks/opendkim.yml @@ -10,7 +10,7 @@ src: templates/opendkim.env - name: regenerate opendkim service when: opendkim_env.changed - shell: /lib/opendkim/opendkim.service.generate && systemctl daemon-reload && systemd-tmpfiles /etc/tmpfiles.d/opendkim.conf --create + shell: /lib/opendkim/opendkim.service.generate && chmod +r /etc/systemd/system/opendkim.service.d/ -R && systemctl daemon-reload && systemd-tmpfiles /etc/tmpfiles.d/opendkim.conf --create notify: opendkim # tables - name: create opendkim dir diff --git a/roles/email/tasks/postfix.yml b/roles/email/tasks/postfix.yml index f9f8856..fb8f703 100644 --- a/roles/email/tasks/postfix.yml +++ b/roles/email/tasks/postfix.yml @@ -5,9 +5,6 @@ apt: name=postfix-mysql state=latest - name: enable postfix service: name=postfix enabled=yes -- name: install mailman - when: postfix.mailman is defined and postfix.mailman - apt: name=mailman state=latest # config - name: install postfix config template: @@ -88,17 +85,6 @@ dest: /etc/cron.daily/check-for-local-mail src: files/check-for-local-mail mode: u=rwx,g=rx,o=rx -- name: install mailman-check cronjob - when: postfix.mailman is defined and postfix.mailman - copy: - dest: /etc/cron.daily/mailman-check - src: files/mailman-check - mode: u=rwx,g=rx,o=rx -- name: remove mailman-check cronjob - when: not (postfix.mailman is defined and postfix.mailman) - file: - path: /etc/cron.daily/mailman-check - state: absent # tools - block: - name: create newmail dir diff --git a/roles/email/templates/dovecot/conf.d/15-lda.conf b/roles/email/templates/dovecot/conf.d/15-lda.conf index 7ded4cd..6da44d0 100644 --- a/roles/email/templates/dovecot/conf.d/15-lda.conf +++ b/roles/email/templates/dovecot/conf.d/15-lda.conf @@ -4,7 +4,7 @@ # Address to use when sending rejection mails. # Default is postmaster@. %d expands to recipient domain. -postmaster_address = {{postfix.dovecot.postmaster}} +postmaster_address = {{postfix.postmaster}} # Hostname to use in various parts of sent mails (e.g. in Message-Id) and # in LMTP replies. Default is the system's real hostname@domain. diff --git a/roles/email/templates/mm_cfg.py b/roles/email/templates/mm_cfg.py new file mode 100644 index 0000000..a3b02f9 --- /dev/null +++ b/roles/email/templates/mm_cfg.py @@ -0,0 +1,130 @@ +# -*- python -*- + +# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + + +"""This is the module which takes your site-specific settings. + +From a raw distribution it should be copied to mm_cfg.py. If you +already have an mm_cfg.py, be careful to add in only the new settings +you want. The complete set of distributed defaults, with annotation, +are in ./Defaults. In mm_cfg, override only those you want to +change, after the + + from Defaults import * + +line (see below). + +Note that these are just default settings - many can be overridden via the +admin and user interfaces on a per-list or per-user basis. + +Note also that some of the settings are resolved against the active list +setting by using the value as a format string against the +list-instance-object's dictionary - see the distributed value of +DEFAULT_MSG_FOOTER for an example.""" + + +####################################################### +# Here's where we get the distributed defaults. # + +from Defaults import * + +############################################################## +# Put YOUR site-specific configuration below, in mm_cfg.py . # +# See Defaults.py for explanations of the values. # + +#------------------------------------------------------------- +# The name of the list Mailman uses to send password reminders +# and similar. Don't change if you want mailman-owner to be +# a valid local part. +MAILMAN_SITE_LIST = 'mailman' + +#------------------------------------------------------------- +# If you change these, you have to configure your http server +# accordingly (Alias and ScriptAlias directives in most httpds) +DEFAULT_URL_PATTERN = 'https://%s/' +IMAGE_LOGOS = '/images/mailman/' +PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s/' + +#------------------------------------------------------------- +# Default domain for email addresses of newly created MLs +DEFAULT_EMAIL_HOST = '{{postfix.mailman.default_host}}' +#------------------------------------------------------------- +# Default host for web interface of newly created MLs +DEFAULT_URL_HOST = '{{postfix.mailman.default_host}}' +#------------------------------------------------------------- +# Required when setting any of its arguments. +add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) + +#------------------------------------------------------------- +# The default language for this server. +DEFAULT_SERVER_LANGUAGE = '{{postfix.mailman.default_lang}}' + +#------------------------------------------------------------- +# Iirc this was used in pre 2.1, leave it for now +USE_ENVELOPE_SENDER = 0 # Still used? + +#------------------------------------------------------------- +# Unset send_reminders on newly created lists +DEFAULT_SEND_REMINDERS = 0 + +#------------------------------------------------------------- +# Uncomment this if you configured your MTA such that it +# automatically recognizes newly created lists. +# (see /usr/share/doc/mailman/README.Exim4.Debian or +# /usr/share/mailman/postfix-to-mailman.py) +# MTA=None # Misnomer, suppresses alias output on newlist + +#------------------------------------------------------------- +# Uncomment if you use Postfix virtual domains (but not +# postfix-to-mailman.py), but be sure to see +# /usr/share/doc/mailman/README.Debian first. +MTA='Postfix' + +POSTFIX_STYLE_VIRTUAL_DOMAINS = [ +{% for item in postfix.mailman.domains %} + '{{item}}', +{% endfor %} +] + +DEB_LISTMASTER = '{{postfix.postmaster}}' + +#------------------------------------------------------------- +# Uncomment if you want to filter mail with SpamAssassin. For +# more information please visit this website: +# http://www.jamesh.id.au/articles/mailman-spamassassin/ +# GLOBAL_PIPELINE.insert(1, 'SpamAssassin') + +# Note - if you're looking for something that is imported from mm_cfg, but you +# didn't find it above, it's probably in /usr/lib/mailman/Mailman/Defaults.py. + + +#------------------------------------------------------------- +# other, custom configuration + +DEFAULT_ARCHIVE = Off +DEFAULT_MAX_MESSAGE_SIZE = 1024 # KB +DEFAULT_ADMIN_MEMBER_CHUNKSIZE = 100 + +# footer +DEFAULT_MSG_FOOTER = """{{postfix.mailman.default_footer}}""" +DEFAULT_DIGEST_FOOTER = DEFAULT_MSG_FOOTER + +# DMARC, DKIM-compatibility +REMOVE_DKIM_HEADERS = 1 # remove DKIM headers for lists where From: is changed +DEFAULT_DMARC_MODERATION_ACTION = 1 # Munge From