From 856cdf909adcc1816bdb1bd13caeff857f605f75 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Thu, 4 Aug 2022 01:16:09 +0200
Subject: [PATCH] mailman3: IaC list configurations
It is cumbersome to manage the list configurations from the web ui and
easy for them to diverge, so let's instead manage them with Ansible.
Fix #254
---
roles/mailman3/defaults/main.yml | 79 +++++++++++++++++++
.../files/list_base_configuration.json | 77 ++++++++++++++++++
roles/mailman3/tasks/main.yml | 11 +++
3 files changed, 167 insertions(+)
create mode 100644 roles/mailman3/files/list_base_configuration.json
diff --git a/roles/mailman3/defaults/main.yml b/roles/mailman3/defaults/main.yml
index b2d2b3fd9..5cd5753bb 100644
--- a/roles/mailman3/defaults/main.yml
+++ b/roles/mailman3/defaults/main.yml
@@ -1 +1,80 @@
lists_domain: lists.archlinux.org
+lists:
+ arch-announce:
+ allow_list_posts: false
+ bounce_info_stale_after: 60d
+ default_member_action: reject
+ default_nonmember_action: reject
+ description: This mailing list is for official announcements for the Arch Linux distribution.
+ display_name: Arch-announce
+ moderator_password: "{{ vault_archweb_mailman_password }}"
+ arch-dev:
+ advertised: false
+ archive_policy: private
+ description: Development Discussion for Arch Linux
+ display_name: Arch-dev
+ info: This list is for development discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux developers.
+ subscription_policy: confirm_then_moderate
+ arch-devops:
+ display_name: Arch-devops
+ description: Arch Linux Infrastructure development discussion
+ arch-devops-private:
+ advertised: false
+ archive_policy: private
+ description: List for internal discussion of the devops team
+ display_name: Arch-devops-private
+ subscription_policy: confirm_then_moderate
+ arch-dev-public:
+ default_member_action: hold
+ description: Public mailing list for Arch Linux development
+ display_name: Arch-dev-public
+ arch-events:
+ description: Arch Linux Events
+ display_name: Arch-events
+ arch-mirrors-announce:
+ description: List for mirror admins to send announcements (like downtime notifications) to our users
+ display_name: Arch-mirrors-announce
+ info: "This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror.\r\n\r\nThis list also accepts mails from non-subscribers."
+ arch-mirrors:
+ description: Arch Linux Mirroring Discussion and Announcements
+ display_name: Arch-mirrors
+ info: This list is intended for admins of Arch Linux mirrors. Discussion and announcements regarding mirroring will use this list.
+ arch-multilib:
+ description: Arch Linux Multilib (32bit libs on 64bit OSes)
+ display_name: Arch-multilib
+ arch-ports:
+ description: Discussion regarding the porting of Arch Linux to non-x86_64 architectures
+ display_name: Arch-ports
+ info: This list is primarily used to talk about porting Arch Linux to non-x86_64 platforms, such as PPC, ARM, i586, i686, etc.
+ arch-proaudio:
+ description: Discussion about real-time multimedia, including (semi-)pro audio and video
+ display_name: Arch-proaudio
+ arch-projects:
+ description: Arch Linux projects development discussion
+ display_name: Arch-projects
+ info: "Announcements, development discussion, patches and pull requests for the Arch Linux projects:<ul><li><a target=\"blank\" href=\"https://github.com/archlinux/archweb/\">archweb</a> (patches preferably on Github as pull requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/arch-release-promotion/\">arch-release-promotion</a> (patches only on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/dbscripts/\">dbscripts</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/devtools/\">devtools</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://github.com/archlinux/mkinitcpio/\">mkinitcpio</a> (patches preferably on Github as pull requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/namcap/\">namcap</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/netctl/\">netctl</a> (patches preferably on the mailing list)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/pyalpm/\">pyalpm</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/repod/\">repod</a> (patches only on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/shim-signed/\">shim-signed</a> (contributions preferably on GitLab as merge requests)</li></ul>\r\nPlease begin the email subject with the name of a project in square brackets (e.g. <code>[devtools]</code>). If no project matches, use <code>[projects]</code>.\r\n\r\nNote: No user discussion!"
+ arch-releng:
+ description: Arch Linux Release Engineering
+ display_name: Arch-releng
+ arch-tu:
+ advertised: false
+ archive_policy: private
+ description: Trusted Users Discussion for Arch Linux
+ display_name: Arch-tu
+ info: This list is for trusted users discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux trusted users.
+ subscription_policy: confirm_then_moderate
+ arch-wiki-admins:
+ advertised: false
+ archive_policy: private
+ display_name: Arch-wiki-admins
+ subscription_policy: confirm_then_moderate
+ arch-women:
+ description: Mailing list for the Arch Women project
+ display_name: Arch-women
+ info: "<a href=\"https://archwomen.org/\">Arch Women</a> is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS.\r\n\r\nMailing list graciously hosted by the Arch Linuxâ„¢ project."
+ staff:
+ advertised: false
+ archive_policy: private
+ description: Internal list that includes all Arch Linux staff members (devs, TUs, support staff)
+ display_name: Staff
+ subscription_policy: confirm_then_moderate
diff --git a/roles/mailman3/files/list_base_configuration.json b/roles/mailman3/files/list_base_configuration.json
new file mode 100644
index 000000000..e727e96da
--- /dev/null
+++ b/roles/mailman3/files/list_base_configuration.json
@@ -0,0 +1,77 @@
+{
+ "acceptable_aliases": [],
+ "accept_these_nonmembers": [],
+ "admin_immed_notify": true,
+ "admin_notify_mchanges": false,
+ "administrivia": true,
+ "advertised": true,
+ "allow_list_posts": true,
+ "anonymous_list": false,
+ "archive_policy": "public",
+ "archive_rendering_mode": "text",
+ "autorespond_owner": "none",
+ "autorespond_postings": "none",
+ "autorespond_requests": "none",
+ "autoresponse_grace_period": "90d",
+ "autoresponse_owner_text": "",
+ "autoresponse_postings_text": "",
+ "autoresponse_request_text": "",
+ "bounce_info_stale_after": "7d",
+ "bounce_notify_owner_on_bounce_increment": false,
+ "bounce_notify_owner_on_disable": true,
+ "bounce_notify_owner_on_removal": true,
+ "bounce_score_threshold": 5,
+ "bounce_you_are_disabled_warnings": 3,
+ "bounce_you_are_disabled_warnings_interval": "7d",
+ "collapse_alternatives": true,
+ "convert_html_to_plaintext": false,
+ "default_member_action": "defer",
+ "default_nonmember_action": "hold",
+ "description": "",
+ "digest_send_periodic": true,
+ "digest_size_threshold": 30,
+ "digest_volume_frequency": "monthly",
+ "digests_enabled": true,
+ "display_name": "",
+ "discard_these_nonmembers": [],
+ "dmarc_mitigate_action": "no_mitigation",
+ "dmarc_mitigate_unconditionally": false,
+ "dmarc_moderation_notice": "",
+ "dmarc_wrapped_message_text": "",
+ "emergency": false,
+ "filter_action": "discard",
+ "filter_content": false,
+ "filter_extensions": [],
+ "filter_types": [],
+ "first_strip_reply_to": false,
+ "forward_unrecognized_bounces_to": "administrators",
+ "gateway_to_mail": false,
+ "gateway_to_news": false,
+ "hold_these_nonmembers": [],
+ "include_rfc2369_headers": true,
+ "info": "",
+ "linked_newsgroup": "",
+ "max_message_size": 40,
+ "max_num_recipients": 10,
+ "max_days_to_hold": 0,
+ "member_roster_visibility": "moderators",
+ "moderator_password": null,
+ "newsgroup_moderation": "none",
+ "nntp_prefix_subject_too": true,
+ "pass_types": [],
+ "pass_extensions": [],
+ "personalize": "none",
+ "posting_pipeline": "default-posting-pipeline",
+ "preferred_language": "en",
+ "process_bounces": true,
+ "reject_these_nonmembers": [],
+ "reply_goes_to_list": "no_munging",
+ "reply_to_address": "",
+ "require_explicit_destination": true,
+ "respond_to_post_requests": true,
+ "send_goodbye_message": true,
+ "send_welcome_message": true,
+ "subject_prefix": "",
+ "subscription_policy": "confirm",
+ "unsubscription_policy": "confirm"
+}
diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
index bbe0d188a..fb5ad7b7d 100644
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@@ -68,3 +68,14 @@
- mailman3-digests.timer
- mailman3-notify.timer
- uwsgi@mailman\x2dweb.service
+
+- name: update list configurations
+ uri:
+ url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
+ user: "{{ vault_mailman_admin_user }}"
+ password: "{{ vault_mailman_admin_pass }}"
+ method: PUT
+ body_format: json
+ status_code: 204
+ body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}"
+ loop: "{{ lists.keys() }}"
--
GitLab