From 791144b9ea4356ce23c6b59c7013ef27519d7b85 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Wed, 8 Feb 2017 17:48:58 +0100
Subject: [PATCH] mailman: Add redirect for mailman.archlinux.org

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 playbooks/apollo.yml                    |  1 +
 roles/mailman/tasks/main.yml            | 15 ++++++++++++
 roles/mailman/templates/nginx.d.conf.j2 | 31 +++++++++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 roles/mailman/tasks/main.yml
 create mode 100644 roles/mailman/templates/nginx.d.conf.j2

diff --git a/playbooks/apollo.yml b/playbooks/apollo.yml
index 43c413c97..436c73de3 100644
--- a/playbooks/apollo.yml
+++ b/playbooks/apollo.yml
@@ -28,3 +28,4 @@
     - { role: archweb, tags: ["archweb"] }
     - { role: security_tracker, security_tracker_domain: "security.archlinux.org", security_tracker_dir: "/srv/http/security-tracker", tags: ["security_tracker"] }
     - { role: flyspray, tags: ["flyspray"] }
+    - { role: mailman, mailman_domain: "lists.archlinux.org", tags: ["mailman"] }
diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
new file mode 100644
index 000000000..42bebeae5
--- /dev/null
+++ b/roles/mailman/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+
+- name: set up nginx
+  template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/mailman.conf owner=root group=root mode=644
+  notify:
+    - reload nginx
+  tags:
+    - nginx
+
+- name: make nginx log dir
+  file: path=/var/log/nginx/{{ mailman_domain }} state=directory owner=root group=log mode=750
+  when: archweb_site
+  tags:
+    - nginx
+
diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2
new file mode 100644
index 000000000..c742aa71e
--- /dev/null
+++ b/roles/mailman/templates/nginx.d.conf.j2
@@ -0,0 +1,31 @@
+server {
+    listen       80;
+    listen       [::]:80;
+    server_name  mailman.archlinux.org;
+
+    access_log   /var/log/nginx/{{ mailman_domain }}/access.log;
+    error_log    /var/log/nginx/{{ mailman_domain }}/error.log;
+
+    include snippets/letsencrypt.conf;
+
+    location / {
+        rewrite ^(.*) https://{{ mailman_domain }}$1 permanent;
+    }
+}
+
+server {
+    listen       443 ssl http2;
+    listen       [::]:443 ssl http2;
+    server_name  mailman.archlinux.org;
+
+    access_log   /var/log/nginx/{{ mailman_domain }}/access.log;
+    error_log    /var/log/nginx/{{ mailman_domain }}/error.log;
+
+    ssl_certificate      /etc/letsencrypt/live/mailman.archlinux.org/fullchain.pem;
+    ssl_certificate_key  /etc/letsencrypt/live/mailman.archlinux.org/privkey.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/mailman.archlinux.org/chain.pem;
+
+    location / {
+        rewrite ^(.*) https://{{ mailman_domain }}$1 permanent;
+    }
+}
-- 
GitLab