main.yml 2.61 KB
Newer Older
Kristian Klausen's avatar
Kristian Klausen committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
---
- name: install mailman3 and related packages
  pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,uwsgi-plugin-python state=present
  register: install

- name: install {mailman,mailman-web} configuration
  template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
  loop:
    - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
    - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
    - {src: settings.py.j2, dest: /etc/mailman3/settings.py, group: mailman-web}
    - {src: urls.py.j2, dest: /etc/mailman3/urls.py, group: mailman-web}
  notify:
    - reload mailman
    - restart mailman-web

- name: install mailman postfix.cfg configuration
  copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644
  notify: reload mailman

- name: make nginx log dir
  file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755

- name: set up nginx
  template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
  notify: reload nginx
  tags: ['nginx']

- name: create postgres {mailman,mailman-web} user
  postgresql_user: name={{ item.username }} password={{ item.password }}
  loop:
    - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
    - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
  become: true
  become_user: postgres
  become_method: su
  no_log: true

- name: create {mailman,mailman-web} db
  postgresql_db: name={{ item.db }} owner={{ item.owner }}
  loop:
    - {db: mailman, owner: "{{ vault_mailman_db_user }}"}
    - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
  become: true
  become_user: postgres
  become_method: su

- name: run Django management tasks
  command: django-admin {{ item }} --pythonpath /etc/mailman3 --settings settings
  loop:
    - migrate
    - loaddata
    - collectstatic
    - compress
  become: true
  become_user: mailman-web
  when: install.changed

- name: open LMTP ipv4 port for lists.archlinux.org
  ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
    rich_rule="rule family=ipv4 source address={{ hostvars['lists.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8024 accept"
  tags:
    - firewall

- name: start and enable mailman{.service,-*.timer}
  systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
  loop:
    - mailman3.service
    - mailman3-digests.timer
    - mailman3-gatenews.timer
    - mailman3-notify.timer
    - uwsgi@mailman\x2dweb.service