main.yml 2.61 KB
Newer Older
Kristian Klausen's avatar
Kristian Klausen committed
1
2
3
4
5
6
7
8
9
10
---
- name: install mailman3 and related packages
  pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,uwsgi-plugin-python state=present
  register: install

- name: install {mailman,mailman-web} configuration
  template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
  loop:
    - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
    - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
11
12
    - {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
    - {src: urls.py.j2, dest: /etc/webapps/mailman-web/urls.py, group: mailman-web}
Kristian Klausen's avatar
Kristian Klausen committed
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
  notify:
    - reload mailman
    - restart mailman-web

- name: install mailman postfix.cfg configuration
  copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644
  notify: reload mailman

- name: make nginx log dir
  file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755

- name: set up nginx
  template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
  notify: reload nginx
  tags: ['nginx']

- name: create postgres {mailman,mailman-web} user
  postgresql_user: name={{ item.username }} password={{ item.password }}
  loop:
    - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
    - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
  become: true
  become_user: postgres
  become_method: su
  no_log: true

- name: create {mailman,mailman-web} db
  postgresql_db: name={{ item.db }} owner={{ item.owner }}
  loop:
    - {db: mailman, owner: "{{ vault_mailman_db_user }}"}
    - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
  become: true
  become_user: postgres
  become_method: su

- name: run Django management tasks
49
  command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings
Kristian Klausen's avatar
Kristian Klausen committed
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
  loop:
    - migrate
    - loaddata
    - collectstatic
    - compress
  become: true
  become_user: mailman-web
  when: install.changed

- name: open LMTP ipv4 port for lists.archlinux.org
  ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
    rich_rule="rule family=ipv4 source address={{ hostvars['lists.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8024 accept"
  tags:
    - firewall

- name: start and enable mailman{.service,-*.timer}
  systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
  loop:
    - mailman3.service
    - mailman3-digests.timer
    - mailman3-notify.timer
    - uwsgi@mailman\x2dweb.service