From 893a95f3292f1cd860377c43175149ad45da76d2 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Fri, 16 Sep 2022 18:56:44 +0200
Subject: [PATCH] Kill the mailman2 server and put the mailman3 server in its
place
With the final lists migrated to mailman3[1], the mailman2 server can
finally be killed.
When the mailman3 server was initially setup[2], it was done on a
separate server because the mailman and mailman3 packages conflicted,
and the traffic was routed over wireguard (HTTP, LMTP and SMTP).
Instead of installing mailman3 on the original lists.al.org server and
transferring the data, it was easier just to install the missing pieces
(basically Postfix and adjusting the Nginx configuration) on the ml3
server and move the IPs (to keep the IP mail reputation).
So basically the following was done:
- The IPs for the original lists.al.org was moved to the mailman3.al.org
server
- The mailman2 datadir was transferred to mailman3.al.org server, so we
can keep the pipermail links alive, and import missing mails if needed
- The original lists.al.org server was decommissioned
- The mailman3.al.org server was renamed to lists.al.org
- The missing pieces was added to the mailman3 role (basically Postfix +
Nginx adjustments)
- The mailman role was deleted and the mailman3 role renamed to mailman
[1] 75ac7d09 ("mailman: Fourth and final batch of mailman3 migrated lists")
[2] 9294828f ("Setup mailman3 server")
Fix #59
---
docs/servers.md | 8 -
docs/ssh-hostkeys.txt | 27 +-
docs/ssh-known_hosts.txt | 11 +-
group_vars/all/root_access.yml | 1 -
group_vars/all/vault_mailman.yml | 33 ++-
group_vars/all/vault_mailman3.yml | 26 --
host_vars/mailman3.archlinux.org/misc | 4 -
.../vault_wireguard.yml | 9 -
hosts | 2 -
playbooks/lists.archlinux.org.yml | 3 +-
playbooks/mailman3.archlinux.org.yml | 17 --
roles/mailman/defaults/main.yml | 134 +++++++++
.../files/list_base_configuration.json | 0
roles/mailman/files/mailman.ini | 10 -
roles/mailman/files/migrated-lists.map | 25 --
roles/mailman/files/override.conf | 2 -
roles/mailman/handlers/main.yml | 9 +-
roles/mailman/tasks/main.yml | 102 ++++---
.../templates/mailman-hyperkitty.cfg.j2 | 2 +-
.../templates/mailman.cfg.j2 | 7 -
roles/mailman/templates/main.cf.j2 | 7 +-
roles/mailman/templates/mm_cfg.py.j2 | 79 ------
roles/mailman/templates/nginx.d.conf.j2 | 55 ++--
.../templates/settings.py.j2 | 4 +-
roles/mailman/templates/transport.j2 | 257 ------------------
roles/mailman3/defaults/main.yml | 135 ---------
roles/mailman3/files/postfix.cfg | 13 -
roles/mailman3/handlers/main.yml | 5 -
roles/mailman3/tasks/main.yml | 81 ------
roles/mailman3/templates/nginx.d.conf.j2 | 22 --
roles/mailman3/templates/urls.py.j2 | 35 ---
tf-stage1/archlinux.tf | 6 +-
32 files changed, 261 insertions(+), 870 deletions(-)
delete mode 100644 group_vars/all/vault_mailman3.yml
delete mode 100644 host_vars/mailman3.archlinux.org/misc
delete mode 100644 host_vars/mailman3.archlinux.org/vault_wireguard.yml
delete mode 100644 playbooks/mailman3.archlinux.org.yml
rename roles/{mailman3 => mailman}/files/list_base_configuration.json (100%)
delete mode 100644 roles/mailman/files/mailman.ini
delete mode 100644 roles/mailman/files/migrated-lists.map
delete mode 100644 roles/mailman/files/override.conf
rename roles/{mailman3 => mailman}/templates/mailman-hyperkitty.cfg.j2 (95%)
rename roles/{mailman3 => mailman}/templates/mailman.cfg.j2 (66%)
delete mode 100644 roles/mailman/templates/mm_cfg.py.j2
rename roles/{mailman3 => mailman}/templates/settings.py.j2 (93%)
delete mode 100644 roles/mailman/templates/transport.j2
delete mode 100644 roles/mailman3/defaults/main.yml
delete mode 100644 roles/mailman3/files/postfix.cfg
delete mode 100644 roles/mailman3/handlers/main.yml
delete mode 100644 roles/mailman3/tasks/main.yml
delete mode 100644 roles/mailman3/templates/nginx.d.conf.j2
delete mode 100644 roles/mailman3/templates/urls.py.j2
diff --git a/docs/servers.md b/docs/servers.md
index 0f61ee628..deb392ef2 100644
--- a/docs/servers.md
+++ b/docs/servers.md
@@ -157,14 +157,6 @@ Prometheus, and Grafana server which receives selected performance/metrics from
Online collborative markdwown editor for Arch Linux Staff.
-## mailman3.archlinux.org
-
-This server runs mailman3 as mailman2 and mailman3 can't be installed on the same server. The HTTP and LMTP traffic is routed over WireGuard from lists.archlinux.org.
-
-### Services
-
- - mailman3
-
### Services
- [hedgedoc](https://hedgedoc.org/)
diff --git a/docs/ssh-hostkeys.txt b/docs/ssh-hostkeys.txt
index f19b6dc24..e89944a9f 100644
--- a/docs/ssh-hostkeys.txt
+++ b/docs/ssh-hostkeys.txt
@@ -164,15 +164,15 @@
3072 MD5:50:c8:93:43:05:d5:73:a4:84:b1:07:66:a7:20:a5:79 root@archlinux-packer (RSA)
# lists.archlinux.org
-1024 SHA256:/o3BhNZ6MdfHXrqDzVxP5OgKcTmo1/e2v80Xb+Q2ypc root@archlinux-packer (DSA)
-256 SHA256:Xe+YrG+IfhtQkNft+SB7UsTQCIgbqNnqMl/Pqs6uzBE root@archlinux-packer (ECDSA)
-256 SHA256:fAKD+26rDZ74MOMWZI8L3k2c7RzTYd69+iwKp4zhw8c root@archlinux-packer (ED25519)
-3072 SHA256:NyspEiVRnuRtL854ErcdybtjoBia+miQkpuToYZEl78 root@archlinux-packer (RSA)
+1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA)
+256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA)
+256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519)
+3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA)
-1024 MD5:fb:bb:0e:a8:0c:5c:41:5a:b1:d9:61:4d:e5:c3:bf:b1 root@archlinux-packer (DSA)
-256 MD5:56:43:80:27:a7:4e:4c:1f:a4:14:dd:d1:eb:37:13:a9 root@archlinux-packer (ECDSA)
-256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519)
-3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA)
+1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA)
+256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA)
+256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519)
+3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA)
# mail.archlinux.org
1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA)
@@ -185,17 +185,6 @@
256 MD5:dd:20:c1:f1:f2:fa:70:86:3a:e2:39:86:b1:01:2f:61 root@archlinux-packer (ED25519)
3072 MD5:b6:14:30:bd:fe:43:46:6a:20:a2:8b:b0:aa:d4:35:19 root@archlinux-packer (RSA)
-# mailman3.archlinux.org
-1024 SHA256:U1A+NO+I+JRg0YPo+UgwGfbextnL+pVuqjWGdyokLpI root@archlinux-packer (DSA)
-256 SHA256:vdEZ5/6Xxd7Azjzaf5xz5kfzQrWcq1raz5cFAIclooE root@archlinux-packer (ECDSA)
-256 SHA256:iCeRz+2HK7heoapDRscHpgbEX4cbem1BZpWzrAoOxTQ root@archlinux-packer (ED25519)
-3072 SHA256:sqUYYmrNXzYPL5TtsBsTnaANsZ/P7miyCAIkt0YWfBg root@archlinux-packer (RSA)
-
-1024 MD5:8f:94:fe:a9:56:ee:3f:cc:a4:e7:a5:4f:2b:02:e8:c3 root@archlinux-packer (DSA)
-256 MD5:ca:3e:2d:aa:8a:4b:71:3a:18:22:59:0f:6e:ff:ae:5d root@archlinux-packer (ECDSA)
-256 MD5:a8:d3:f8:42:ff:ae:7d:71:1b:fe:93:4b:f7:df:38:5f root@archlinux-packer (ED25519)
-3072 MD5:51:ea:a4:ec:76:87:ee:89:e7:3a:fc:80:ea:fe:2d:9c root@archlinux-packer (RSA)
-
# man.archlinux.org
1024 SHA256:11C7Qa1GSNBBspSlber3Sp+LEMRpfr/VWkypfu6OnhA root@archlinux-packer (DSA)
256 SHA256:fL79NVaEiwXGfUhTXWLkue/D1seSADYbui+jwQ2dvW0 root@archlinux-packer (ECDSA)
diff --git a/docs/ssh-known_hosts.txt b/docs/ssh-known_hosts.txt
index 6570c8db0..8275c63e1 100644
--- a/docs/ssh-known_hosts.txt
+++ b/docs/ssh-known_hosts.txt
@@ -86,20 +86,15 @@ homedir.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxEHvFCXujU6s4eW0U79o
homedir.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDuQbGoCSIPisaZeqtJhM369ugQWc8pHE8404AZu0yUgDxMl6AP5BUfdynlR6VGt4edSaEyp9BkT15YaKh5vph/9MUtZ2zbQ7WPRuvfLNG+RI458q4CYdykVMmTs1DEeAxaVMIAL3225pqh7QMcME0edX9f4PLLkQk8+AAAy24rvgwxLE0BnSLB3zp7wCJw5rm2iZAcqsKkIZw2FJKMlRuEovdvgc7A0FfkSc8muvvHET1FK/Uqv5i9R2Xk3NPFkt/bzcwOVBXCeqUrjLmD0UhRWX8J8GMmrEVPVQLBT6mn/OtlXpOiDcr9HkSLS1mqo59N9wyI4tCKjYQZMEWU36PYjXlDzqOGmdAR6Ly8vDo3BC+ByQqLf/ixkoFD/I5inGejPnAv9eXuiP8o0KoPDOALD8gqwqCoPjElE9ZVObp+NJbuQeXRZt70VKxZEWrUKxKxHM3RoYvgd3h/GHaYEGWdbvTMTVK+xnrczL+Eme4Y81zA8KTwY5qbyc5QCHvksKM=
# lists.archlinux.org
-lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKBHMlX50Jr2HiVJ/qDSH3mAjobpbBrGvBRXTKB/xXFBiVXCbJQCQ9HKXQZunLALaIm+jAgpskbXqLQMEpWzST8=
-lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1
-lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU=
+lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY=
+lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1
+lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c=
# mail.archlinux.org
mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s=
mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H
mail.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPrURadxte8UJiteGa6+Q+OjTAjhvGAQFkNSXj1pr4k03uxkU6l2v2LuTygk+4SZSCyUsKvNx/ljJeHBnuecQ8rRv19ZFqy/GQKB3oEmiNYMo2dYYlJWwTVBHatmghhB1j2y40yqdKWH2xQuXC3HtnS7fHG0g1Rc4R9KB4MQlcXkwnSEMpwpWBoO7sr0M4YTdwE+nSG9aNfyPbPGp3mX4ATz5X5hPJOlSFVDV6NuKrA+5qyt4jSKdeG5IuWeEnEJesYJEvShYdY9DvMCXnZykB0emzzk+5+Cp2lTPf9LOO3wNsTgHV/CwkoAoMgr9+ASefhBr3nxmmrs9T7nwuobGCGFUqQ2D8IKCmsWGVKXYERViz3x/gYUIlHgVJpoIXCFFqbdpWwxKR1aDMug2fFe699/FzuPdqrWPFdQMF2mPQ0w3AH/62KGp+PULE2HxrlCiY/gF2m8iJLgunxVKmi/c0ufgK9QilnKcPO+W4tcISa5MYt7MSTTLV9eVsgVjGhOU=
-# mailman3.archlinux.org
-mailman3.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLYxKdG6ntbOV/YpVbRkJiJfAPt8BTTN/hKm0uebSwpuQbbv5hxXLSOYeA0C/yJBNXXX4EJ82J88oEJQBFxiPvY=
-mailman3.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+GtJoC+QEUyKA/ZneTBXOBs7W3JBAEb1nLDkjzsqa1
-mailman3.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdPJQIkN6wDk/140HS1WCIKc0Iz7Oq8c98XaLB0i9ksUxkWB4rxia/WP5RRF+g9yAqZvIg0f5W0d85pfuh+1TOccXk8r6GsH+gRIEkdmwu4Mf7iBpkQxl3n70yjNGxgbwGkVG9vREvJ4v3l/NRZrX2/N3RvcPG9TQwjFFOFYTRZNfUPvsppk572yQ8cjf7oUvJmLOwsKagO5WMUoKFAbO35/Mp2H6VbApYtIdpkFOXnaJUVduHInNa18CmKl28ZSTsigLkYb8pboS6RacJYgA5kK0vQsXCguDrA+SI9k1xW4i9FjUWsLlPuLkk9c7Tj39R95gWhxWwQ99ApNDVvZa+skSbMS7h4/d3NosyM2OO9LfqPiHn2xDsuvmpN0ScCwuocwR09EMrj4MQKzo31ITFHuSyxob0Z4yTQrKvJxdNwveXqaRHFNXUvSWtoRkk2cKB5hjsr0QCROBidYu4WG+/LfolzJQfuRqH7dvg5dvmJLrcozfcCpxspdBTIEKLG/c=
-
# man.archlinux.org
man.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPhnsStoFw6rbVpE1S1vsXNk8de1SyMag1C+v0DWVSuNYzTylYg4322WbYzw45z2XhxrF6XmCSDMvgxvFwnfLQA=
man.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzjkN+igIxSIv5N9+ANNoo6knPa51Tj5TAXs4EQ8lY2
diff --git a/group_vars/all/root_access.yml b/group_vars/all/root_access.yml
index a5f9ba674..1f6a54b7c 100644
--- a/group_vars/all/root_access.yml
+++ b/group_vars/all/root_access.yml
@@ -26,7 +26,6 @@ root_ssh_keys:
- dashboards.archlinux.org
- gitlab.archlinux.org
- lists.archlinux.org
- - mailman3.archlinux.org
- monitoring.archlinux.org
# - run 'playbooks/tasks/reencrypt-vault-{super,default}-key.yml' when this
diff --git a/group_vars/all/vault_mailman.yml b/group_vars/all/vault_mailman.yml
index 06f7aef2c..03690e651 100644
--- a/group_vars/all/vault_mailman.yml
+++ b/group_vars/all/vault_mailman.yml
@@ -1,9 +1,26 @@
$ANSIBLE_VAULT;1.1;AES256
-38306134633332383131393237386134643236316136333335313130663639373434643434303734
-6530323361333765393633616338333830346634363835350a363933363736393935333833313461
-66336437366666316366326566313837653934333732336532393264343663643861633639636566
-3330353837636631320a303533653661623866383230353563366166653232316635353631613836
-39306531623538656335643031623361633465366138356263663630386362626630336262303865
-31306465323730316633316534333663313565336634346164363331353962366239663035366139
-33636139666262663962396236396337666336663835633865373966386534393064323333326164
-35643530656134643565
+63633533303232373335663630346139613137616132393738383265663337636565663935386365
+3262636536383962333438653033323061306433323232610a623836643732616163383364316639
+37626134643334383432346465343734353566663261643334396563336132666133666431313563
+6365643566626635360a616139393131346566666266653737303562663664656231643836373038
+37316436643133333261313963356435353938393032313935353939613962303733623934313965
+64356635626561376130336134656436386638306538373635313638393932313337316636343533
+32666138613765326332373335366634313530656162383162633861666365333230303132346263
+63613031643230356361383638386230613231626135663763373630666362623536663165356335
+33333033376332653130626262633563336238383931393636346339333963326330373431363931
+61383733626363316539653638373562616335366363306365353166666335383037633830636263
+37313663636139666131623435383833313434396665663162623934646330626362346237363331
+65323537383536333763646431623061646337613761363861373261343638653235333038663239
+34636662663763363832643061313035316437633965346332363432653562613865623261613235
+61303239626136303736356533373739343566313464343931383962633232313263383230336438
+32653534623739616436346539616336373562376632303833323230643465666262303263383334
+64623362363863393866666461396237613934656239653262316438633338313036303436313236
+61623562376139616539646231376438636234656363666639646465663035326161346435396439
+63613839396163616135313537626535393039623866646431333239383263313931386131303464
+36353837303662343530663561363036633864346131343731643535386462316663353233636638
+36323134643230376239326637656537633337323333616630313531653239366263386238363333
+32336538613635613964366562383165616433363738623638393364363233636262643131653532
+62326363356333333563383139323366363462613031303566376365643439373163613166333339
+38353266616463396139336663353536336631666565656630396431363439333034653336316234
+61663232383136353937336431353131323933613462666233663464656166356161613039316436
+3136
diff --git a/group_vars/all/vault_mailman3.yml b/group_vars/all/vault_mailman3.yml
deleted file mode 100644
index 03690e651..000000000
--- a/group_vars/all/vault_mailman3.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-63633533303232373335663630346139613137616132393738383265663337636565663935386365
-3262636536383962333438653033323061306433323232610a623836643732616163383364316639
-37626134643334383432346465343734353566663261643334396563336132666133666431313563
-6365643566626635360a616139393131346566666266653737303562663664656231643836373038
-37316436643133333261313963356435353938393032313935353939613962303733623934313965
-64356635626561376130336134656436386638306538373635313638393932313337316636343533
-32666138613765326332373335366634313530656162383162633861666365333230303132346263
-63613031643230356361383638386230613231626135663763373630666362623536663165356335
-33333033376332653130626262633563336238383931393636346339333963326330373431363931
-61383733626363316539653638373562616335366363306365353166666335383037633830636263
-37313663636139666131623435383833313434396665663162623934646330626362346237363331
-65323537383536333763646431623061646337613761363861373261343638653235333038663239
-34636662663763363832643061313035316437633965346332363432653562613865623261613235
-61303239626136303736356533373739343566313464343931383962633232313263383230336438
-32653534623739616436346539616336373562376632303833323230643465666262303263383334
-64623362363863393866666461396237613934656239653262316438633338313036303436313236
-61623562376139616539646231376438636234656363666639646465663035326161346435396439
-63613839396163616135313537626535393039623866646431333239383263313931386131303464
-36353837303662343530663561363036633864346131343731643535386462316663353233636638
-36323134643230376239326637656537633337323333616630313531653239366263386238363333
-32336538613635613964366562383165616433363738623638393364363233636262643131653532
-62326363356333333563383139323366363462613031303566376365643439373163613166333339
-38353266616463396139336663353536336631666565656630396431363439333034653336316234
-61663232383136353937336431353131323933613462666233663464656166356161613039316436
-3136
diff --git a/host_vars/mailman3.archlinux.org/misc b/host_vars/mailman3.archlinux.org/misc
deleted file mode 100644
index 01d1a3f5b..000000000
--- a/host_vars/mailman3.archlinux.org/misc
+++ /dev/null
@@ -1,4 +0,0 @@
-filesystem: btrfs
-ipv4_address: 65.21.106.94
-wireguard_address: 10.0.0.37
-wireguard_public_key: obBFreFGNDLB17+PaJspE4qNeVX4o7ZPcJj3ZmJhahg=
diff --git a/host_vars/mailman3.archlinux.org/vault_wireguard.yml b/host_vars/mailman3.archlinux.org/vault_wireguard.yml
deleted file mode 100644
index e8e3b3fc5..000000000
--- a/host_vars/mailman3.archlinux.org/vault_wireguard.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-32363065633737653663623334663139323638366462343630623765396636353932653932356261
-6239356162633731656330383436363861376231616462390a356432316532333632653839333230
-63636434373462643231323532633362363434646230323636333264393032373632343932616361
-6536383038313134300a363139313337646533626334333666326535623039323332666338306532
-33643430313864663833343765623138393165386564343636306363626232666436353665353235
-34623064363764336139633334663530376332633536383033313438613035303662333435313536
-34366663643130633064646161613065373532653235373730316439643165383635353761396639
-61656462333035666437
diff --git a/hosts b/hosts
index 4c4d84abf..3cf03bfca 100644
--- a/hosts
+++ b/hosts
@@ -51,7 +51,6 @@ security.archlinux.org
md.archlinux.org
lists.archlinux.org
gluebuddy.archlinux.org
-mailman3.archlinux.org
[public_html]
homedir.archlinux.org
@@ -138,7 +137,6 @@ gluebuddy.archlinux.org
homedir.archlinux.org
lists.archlinux.org
mail.archlinux.org
-mailman3.archlinux.org
man.archlinux.org
matrix.archlinux.org
md.archlinux.org
diff --git a/playbooks/lists.archlinux.org.yml b/playbooks/lists.archlinux.org.yml
index 0629ec0ba..6669dd307 100644
--- a/playbooks/lists.archlinux.org.yml
+++ b/playbooks/lists.archlinux.org.yml
@@ -8,7 +8,7 @@
- { role: sshd }
- { role: root_ssh }
- { role: hardening }
- - { role: borg_client, tags: ["borg"], when: "'borg_clients' in group_names" }
+ - { role: borg_client, tags: ["borg"] }
- { role: prometheus_exporters }
- { role: promtail }
- { role: certbot }
@@ -17,4 +17,5 @@
- { role: rspamd, rspamd_dkim_domain: lists.archlinux.org, rspamd_dkim_use_esld: false, tags: ["mail"] }
- { role: unbound, unbound_port: 5353, tags: ["mail"] }
- { role: uwsgi }
+ - { role: postgres }
- { role: mailman }
diff --git a/playbooks/mailman3.archlinux.org.yml b/playbooks/mailman3.archlinux.org.yml
deleted file mode 100644
index 171eb42dc..000000000
--- a/playbooks/mailman3.archlinux.org.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-- name: Setup mailman3 server
- hosts: mailman3.archlinux.org
- remote_user: root
- roles:
- - { role: common }
- - { role: firewalld }
- - { role: wireguard }
- - { role: sshd }
- - { role: root_ssh }
- - { role: hardening }
- - { role: borg_client, tags: ["borg"] }
- - { role: prometheus_exporters }
- - { role: promtail }
- - { role: nginx, nginx_firewall_zone: wireguard }
- - { role: uwsgi }
- - { role: postgres }
- - { role: mailman3 }
diff --git a/roles/mailman/defaults/main.yml b/roles/mailman/defaults/main.yml
index b2d2b3fd9..7ac123333 100644
--- a/roles/mailman/defaults/main.yml
+++ b/roles/mailman/defaults/main.yml
@@ -1 +1,135 @@
lists_domain: lists.archlinux.org
+lists:
+ arch-announce:
+ allow_list_posts: false
+ bounce_info_stale_after: 60d
+ default_member_action: reject
+ default_nonmember_action: reject
+ description: This mailing list is for official announcements for the Arch Linux distribution.
+ display_name: Arch-announce
+ moderator_password: "{{ vault_archweb_mailman_password }}"
+ arch-commits:
+ allow_list_posts: false
+ accept_these_nonmembers:
+ - ^.+@(.+\.)?archlinux\.org
+ archive_policy: never
+ default_member_action: reject
+ default_nonmember_action: reject
+ description: Arch Linux packaging commits
+ display_name: Arch-commits
+ info: This list contains all commits to the package repositories, including diffs for newest changes.
+ max_message_size: 200
+ arch-dev:
+ advertised: false
+ archive_policy: private
+ description: Development Discussion for Arch Linux
+ display_name: Arch-dev
+ info: This list is for development discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux developers.
+ subscription_policy: confirm_then_moderate
+ arch-devops:
+ display_name: Arch-devops
+ description: Arch Linux Infrastructure development discussion
+ arch-devops-private:
+ advertised: false
+ archive_policy: private
+ description: List for internal discussion of the devops team
+ display_name: Arch-devops-private
+ subscription_policy: confirm_then_moderate
+ arch-dev-public:
+ default_member_action: hold
+ description: Public mailing list for Arch Linux development
+ display_name: Arch-dev-public
+ arch-events:
+ description: Arch Linux Events
+ display_name: Arch-events
+ arch-general:
+ description: General Discussion about Arch Linux
+ display_name: Arch-general
+ info: |
+ This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here.
+
+ You must be subscribed to the list in order to post to it.
+ arch-mirrors-announce:
+ description: List for mirror admins to send announcements (like downtime notifications) to our users
+ display_name: Arch-mirrors-announce
+ info: |
+ This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror.
+
+ This list also accepts mails from non-subscribers.
+ arch-mirrors:
+ description: Arch Linux Mirroring Discussion and Announcements
+ display_name: Arch-mirrors
+ info: This list is intended for admins of Arch Linux mirrors. Discussion and announcements regarding mirroring will use this list.
+ arch-multilib:
+ description: Arch Linux Multilib (32bit libs on 64bit OSes)
+ display_name: Arch-multilib
+ arch-ports:
+ description: Discussion regarding the porting of Arch Linux to non-x86_64 architectures
+ display_name: Arch-ports
+ info: This list is primarily used to talk about porting Arch Linux to non-x86_64 platforms, such as PPC, ARM, i586, i686, etc.
+ arch-proaudio:
+ description: Discussion about real-time multimedia, including (semi-)pro audio and video
+ display_name: Arch-proaudio
+ arch-projects:
+ description: Arch Linux projects development discussion
+ display_name: Arch-projects
+ info: |
+ Announcements, development discussion, patches and pull requests for the Arch Linux projects:<ul><li><a target="blank" href="https://github.com/archlinux/archweb/">archweb</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/arch-release-promotion/">arch-release-promotion</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/dbscripts/">dbscripts</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/devtools/">devtools</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://github.com/archlinux/mkinitcpio/">mkinitcpio</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/namcap/">namcap</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/netctl/">netctl</a> (patches preferably on the mailing list)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/pyalpm/">pyalpm</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/repod/">repod</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/shim-signed/">shim-signed</a> (contributions preferably on GitLab as merge requests)</li></ul>
+
+ Please begin the email subject with the name of a project in square brackets (e.g. <code>[devtools]</code>). If no project matches, use <code>[projects]</code>.
+
+ Note: No user discussion!
+ arch-releng:
+ description: Arch Linux Release Engineering
+ display_name: Arch-releng
+ arch-security:
+ description: Announcements about security issues in Arch Linux and its packages
+ display_name: Arch-security
+ info: Discussion about announcements should happen on arch-general.
+ arch-tu:
+ advertised: false
+ archive_policy: private
+ description: Trusted Users Discussion for Arch Linux
+ display_name: Arch-tu
+ info: This list is for trusted users discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux trusted users.
+ subscription_policy: confirm_then_moderate
+ arch-wiki-admins:
+ advertised: false
+ archive_policy: private
+ default_nonmember_action: defer
+ display_name: Arch-wiki-admins
+ subscription_policy: confirm_then_moderate
+ arch-women:
+ description: Mailing list for the Arch Women project
+ display_name: Arch-women
+ info: |
+ <a href="https://archwomen.org/">Arch Women</a> is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS.
+
+ Mailing list graciously hosted by the Arch Linuxâ„¢ project.
+ aur-dev:
+ description: Arch User Repository (AUR) Development
+ display_name: Aur-dev
+ info: This list is intended for discussion of AUR and community based code and development.
+ aur-general:
+ description: Discussion about the Arch User Repository (AUR)
+ display_name: Aur-general
+ info: This list is for Trusted Users, Arch Linux developers, and the general public to discuss issues surrounding the Trusted User structure and the Arch User Repository (AUR).
+ aur-requests:
+ accept_these_nonmembers:
+ - notify@aur.archlinux.org
+ description: Public mailing list for AUR package deletion/merge/orphan requests
+ display_name: Aur-requests
+ pacman-contrib:
+ description: Discussion list for pacman-contrib development
+ display_name: Pacman-contrib
+ info: This list is used by pacman-contrib developers to coordinate, share patches, etc.
+ pacman-dev:
+ description: Discussion list for pacman development
+ display_name: Pacman-dev
+ info: This list is used by pacman developers and contributors to coordinate, fix problems, share patches, etc.
+ staff:
+ advertised: false
+ archive_policy: private
+ description: Internal list that includes all Arch Linux staff members (devs, TUs, support staff)
+ display_name: Staff
+ subscription_policy: confirm_then_moderate
diff --git a/roles/mailman3/files/list_base_configuration.json b/roles/mailman/files/list_base_configuration.json
similarity index 100%
rename from roles/mailman3/files/list_base_configuration.json
rename to roles/mailman/files/list_base_configuration.json
diff --git a/roles/mailman/files/mailman.ini b/roles/mailman/files/mailman.ini
deleted file mode 100644
index fe6d040f4..000000000
--- a/roles/mailman/files/mailman.ini
+++ /dev/null
@@ -1,10 +0,0 @@
-[uwsgi]
-plugins = cgi
-socket = /run/uwsgi/%n.sock
-chmod-socket = 770
-threads = 2
-
-cgi = /=/usr/lib/mailman/cgi-bin/
-cgi-index = listinfo
-uid = mailman
-gid = http
diff --git a/roles/mailman/files/migrated-lists.map b/roles/mailman/files/migrated-lists.map
deleted file mode 100644
index 5e9c72c0a..000000000
--- a/roles/mailman/files/migrated-lists.map
+++ /dev/null
@@ -1,25 +0,0 @@
-/listinfo/arch-announce /mailman3/lists/arch-announce@lists.archlinux.org/;
-/listinfo/arch-commits /mailman3/lists/arch-commits@lists.archlinux.org/;
-/listinfo/arch-dev /mailman3/lists/arch-dev@lists.archlinux.org/;
-/listinfo/arch-dev-public /mailman3/lists/arch-dev-public@lists.archlinux.org/;
-/listinfo/arch-devops /mailman3/lists/arch-devops@lists.archlinux.org/;
-/listinfo/arch-devops-private /mailman3/lists/arch-devops-private@lists.archlinux.org/;
-/listinfo/arch-events /mailman3/lists/arch-events@lists.archlinux.org/;
-/listinfo/arch-general /mailman3/lists/arch-general@lists.archlinux.org/;
-/listinfo/arch-mirrors /mailman3/lists/arch-mirrors@lists.archlinux.org/;
-/listinfo/arch-mirrors-announce /mailman3/lists/arch-mirrors-announce@lists.archlinux.org/;
-/listinfo/arch-multilib /mailman3/lists/arch-multilib@lists.archlinux.org/;
-/listinfo/arch-ports /mailman3/lists/arch-ports@lists.archlinux.org/;
-/listinfo/arch-proaudio /mailman3/lists/arch-proaudio@lists.archlinux.org/;
-/listinfo/arch-projects /mailman3/lists/arch-projects@lists.archlinux.org/;
-/listinfo/arch-releng /mailman3/lists/arch-releng@lists.archlinux.org/;
-/listinfo/arch-security /mailman3/lists/arch-security@lists.archlinux.org/;
-/listinfo/arch-tu /mailman3/lists/arch-tu@lists.archlinux.org/;
-/listinfo/arch-wiki-admins /mailman3/lists/arch-wiki-admins@lists.archlinux.org/;
-/listinfo/arch-women /mailman3/lists/arch-women@lists.archlinux.org/;
-/listinfo/aur-dev /mailman3/lists/aur-dev@lists.archlinux.org/;
-/listinfo/aur-general /mailman3/lists/aur-general@lists.archlinux.org/;
-/listinfo/aur-requests /mailman3/lists/aur-requests@lists.archlinux.org/;
-/listinfo/pacman-contrib /mailman3/lists/pacman-contrib@lists.archlinux.org/;
-/listinfo/pacman-dev /mailman3/lists/pacman-dev@lists.archlinux.org/;
-/listinfo/staff /mailman3/lists/staff@lists.archlinux.org/;
diff --git a/roles/mailman/files/override.conf b/roles/mailman/files/override.conf
deleted file mode 100644
index 8a764e347..000000000
--- a/roles/mailman/files/override.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-[Service]
-Restart=always
diff --git a/roles/mailman/handlers/main.yml b/roles/mailman/handlers/main.yml
index 61ce4beea..2f46b7622 100644
--- a/roles/mailman/handlers/main.yml
+++ b/roles/mailman/handlers/main.yml
@@ -1,8 +1,8 @@
-- name: Restart mailman
- service: name=mailman daemon_reload=yes state=restarted
-
- name: Reload mailman
- service: name=mailman state=reloaded
+ service: name=mailman3 state=reloaded
+
+- name: Restart mailman-web
+ service: name=uwsgi@mailman\\x2dweb.service state=restarted
- name: Reload postfix
service: name=postfix state=reloaded
@@ -11,4 +11,3 @@
command: postmap /etc/postfix/{{ item }}
loop:
- aliases
- - transport
diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
index 450bfd818..22419224f 100644
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@@ -4,12 +4,19 @@
vars:
domains: ["{{ lists_domain }}"]
-- name: Install mailman, uwsgi-plugin-cgi and postfx
- pacman: name=mailman,uwsgi-plugin-cgi,postfix,postfix-pcre state=present
+- name: Install mailman3 and related packages
+ pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python,postfix,postfix-pcre state=present
+ register: install
-- name: Install mailman configuration
- template: src=mm_cfg.py.j2 dest=/etc/mailman/mm_cfg.py follow=yes owner=root group=root mode=0644
- notify: Reload mailman
+- name: Install {mailman,mailman-web} configuration
+ template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
+ loop:
+ - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
+ - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
+ - {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
+ notify:
+ - Reload mailman
+ - Restart mailman-web
- name: Install postfix configuration
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0644
@@ -22,59 +29,66 @@
- milter_header_checks
notify: Run postmap
-- name: Install postfix templated maps
- template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
- loop:
- - transport
- notify: Run postmap
-
- name: Open firewall holes for postfix
- ansible.posix.firewalld: service=smtp zone={{ item }} permanent=true state=enabled immediate=yes
- loop:
- -
- - wireguard
- when: configure_firewall
+ ansible.posix.firewalld: service=smtp permanent=true state=enabled immediate=yes
tags:
- firewall
-- name: Create mailman list
- command: /usr/lib/mailman/bin/newlist -a mailman root@{{ lists_domain }} meG0n5Wq6dEWCA6s
- args:
- creates: /var/lib/mailman/lists/mailman
-
-- name: Configure mailman uwsgi service
- copy: src=mailman.ini dest=/etc/uwsgi/vassals/ owner=mailman group=http mode=0644
-
- name: Make nginx log dir
file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755
-- name: Install nginx mailman2->mailman3 redirect map
- copy: src=migrated-lists.map dest=/etc/nginx/maps/ owner=root group=root mode=0644
- notify: Reload nginx
-
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
notify: Reload nginx
- tags: ['nginx']
-- name: Start and enable postfix
- systemd: name=postfix.service enabled=yes daemon_reload=yes state=started
+- name: Create postgres {mailman,mailman-web} user
+ postgresql_user: name={{ item.username }} password={{ item.password }}
+ loop:
+ - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
+ - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
+ become: true
+ become_user: postgres
+ become_method: su
+ no_log: true
-- name: Create drop-in directory for mailman.service
- file: path=/etc/systemd/system/mailman.service.d state=directory owner=root group=root mode=0755
+- name: Create {mailman,mailman-web} db
+ postgresql_db: name={{ item.db }} owner={{ item.owner }}
+ loop:
+ - {db: mailman, owner: "{{ vault_mailman_db_user }}"}
+ - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
+ become: true
+ become_user: postgres
+ become_method: su
-- name: Install drop-in for mailman.service
- copy: src=override.conf dest=/etc/systemd/system/mailman.service.d/ owner=root group=root mode=0644
- notify: Restart mailman
+- name: Run Django management tasks
+ command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings
+ loop:
+ - migrate
+ - loaddata
+ - collectstatic
+ - compress
+ become: true
+ become_user: mailman-web
+ when: false
+
+- name: Start and enable postfix
+ systemd: name=postfix.service enabled=yes daemon_reload=yes state=started
- name: Start and enable mailman{.service,-*.timer}
systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
loop:
- - mailman.service
- - mailman-senddigests.timer
- - mailman-nightlygzip.timer
- - mailman-mailpasswds.timer
- - mailman-gatenews.timer
- - mailman-disabled.timer
- - mailman-cullbadshunt.timer
- - mailman-checkdbs.timer
+ - mailman3.service
+ - mailman3-digests.timer
+ - mailman3-notify.timer
+ - uwsgi@mailman\x2dweb.service
+
+- name: Update list configurations
+ uri:
+ url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
+ user: "{{ vault_mailman_admin_user }}"
+ password: "{{ vault_mailman_admin_pass }}"
+ method: PUT
+ body_format: json
+ status_code: 204
+ body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}"
+ loop: "{{ lists.keys() }}"
diff --git a/roles/mailman3/templates/mailman-hyperkitty.cfg.j2 b/roles/mailman/templates/mailman-hyperkitty.cfg.j2
similarity index 95%
rename from roles/mailman3/templates/mailman-hyperkitty.cfg.j2
rename to roles/mailman/templates/mailman-hyperkitty.cfg.j2
index d85fc57f9..a2ab2a8a2 100644
--- a/roles/mailman3/templates/mailman-hyperkitty.cfg.j2
+++ b/roles/mailman/templates/mailman-hyperkitty.cfg.j2
@@ -15,7 +15,7 @@
# better if it is not.
# However, if your Mailman installation is accessed via HTTPS, the URL needs
# to match your SSL certificate (e.g. https://lists.example.com/hyperkitty).
-base_url: http://localhost/archives/
+base_url: http://localhost:8000/archives/
# Shared API key, must be the identical to the value in HyperKitty's
# settings.
diff --git a/roles/mailman3/templates/mailman.cfg.j2 b/roles/mailman/templates/mailman.cfg.j2
similarity index 66%
rename from roles/mailman3/templates/mailman.cfg.j2
rename to roles/mailman/templates/mailman.cfg.j2
index 82b4c47ed..2eca990e5 100644
--- a/roles/mailman3/templates/mailman.cfg.j2
+++ b/roles/mailman/templates/mailman.cfg.j2
@@ -10,13 +10,6 @@ url: postgres://{{ vault_mailman_db_user }}:{{ vault_mailman_db_password }}@/mai
admin_user: {{ vault_mailman_admin_user }}
admin_pass: {{ vault_mailman_admin_pass }}
-[mta]
-configuration: /etc/postfix.cfg
-lmtp_host: {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}
-lmtp_port: 8024
-smtp_host: {{ hostvars['lists.archlinux.org']['wireguard_address'] }}
-smtp_port: 25
-
[archiver.hyperkitty]
class: mailman_hyperkitty.Archiver
enable: yes
diff --git a/roles/mailman/templates/main.cf.j2 b/roles/mailman/templates/main.cf.j2
index 5d29e60b7..c6f6c4fe6 100644
--- a/roles/mailman/templates/main.cf.j2
+++ b/roles/mailman/templates/main.cf.j2
@@ -22,7 +22,6 @@ mynetworks =
127.0.0.0/8
[::1]/128
[fe80::]/64
- {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}
# fatal: configuration error: mailbox_size_limit is smaller than message_size_limit
message_size_limit = 104857600
@@ -46,10 +45,10 @@ smtpd_reject_footer = For assistance contact <postmaster@archlinux.org>. Please
smtpd_milters = inet:localhost:11332
non_smtpd_milters = $smtpd_milters
-alias_maps = hash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases
-local_recipient_maps = hash:/etc/postfix/transport $alias_maps
+alias_maps = hash:/etc/postfix/aliases
+local_recipient_maps = hash:/var/lib/mailman/data/postfix_lmtp $alias_maps
alias_database = $alias_maps
-transport_maps = hash:/etc/postfix/transport
+transport_maps = hash:/var/lib/mailman/data/postfix_lmtp
milter_header_checks = pcre:/etc/postfix/milter_header_checks
diff --git a/roles/mailman/templates/mm_cfg.py.j2 b/roles/mailman/templates/mm_cfg.py.j2
deleted file mode 100644
index abe99fe30..000000000
--- a/roles/mailman/templates/mm_cfg.py.j2
+++ /dev/null
@@ -1,79 +0,0 @@
-# -*- python -*-
-
-# Copyright (C) 1998-2018 by the Free Software Foundation, Inc.
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-"""This module contains your site-specific settings.
-
-From a brand new distribution it should be copied to mm_cfg.py. If you
-already have an mm_cfg.py, be careful to add in only the new settings you
-want. Mailman's installation procedure will never overwrite your mm_cfg.py
-file.
-
-The complete set of distributed defaults, with documentation, are in the file
-Defaults.py. In mm_cfg.py, override only those you want to change, after the
-
- from Defaults import *
-
-line (see below).
-
-Note that these are just default settings; many can be overridden via the
-administrator and user interfaces on a per-list or per-user basis.
-
-Also note that many of these settings will not be effective until Mailman
-is restarted. Thus, you should always restart Mailman after changing this
-file.
-
-Further, settings which relate to a list's host_name and web_page_url only
-affect lists created after the change. For existing lists, see the FAQ at
-<http://wiki.list.org/x/mIA9>.
-
-"""
-
-###############################################
-# Here's where we get the distributed defaults.
-
-from Defaults import *
-
-##################################################
-# Put YOUR site-specific settings below this line.
-
-# Please see: http://wiki.list.org/x/mIA9 if you change this
-DEFAULT_URL_HOST = '{{ lists_domain }}'
-DEFAULT_EMAIL_HOST = '{{ lists_domain }}'
-MTA = 'Postfix'
-
-VIRTUAL_HOSTS.clear()
-add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
-
-POSTFIX_STYLE_VIRTUAL_DOMAINS = ['{{ lists_domain }}']
-
-DEFAULT_URL_PATTERN = 'https://%s/'
-PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s'
-
-# bot protection
-SUBSCRIBE_FORM_SECRET = '{{ vault_mailman_subscribe_form_secret }}'
-
-VIRTUAL_HOST_OVERVIEW = Off
-
-DEFAULT_SEND_REMINDERS = 0
-
-PUBLIC_MBOX = Yes
-
-DEFAULT_MSG_HEADER = ""
-DEFAULT_MSG_FOOTER = ""
-#DEFAULT_DMARC_MODERATION_ACTION = 1
-REMOVE_DKIM_HEADERS = 1
diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2
index 5fc39fba6..8c602b821 100644
--- a/roles/mailman/templates/nginx.d.conf.j2
+++ b/roles/mailman/templates/nginx.d.conf.j2
@@ -1,3 +1,17 @@
+# This is for POSTORIUS_TEMPLATE_BASE_URL and mailman_hyperkitty.Archiver's base_url.
+server {
+ listen 8000;
+ listen [::]:8000;
+ server_name localhost;
+
+ access_log off;
+
+ location / {
+ include /etc/nginx/uwsgi_params;
+ uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
+ }
+}
+
server {
listen 80;
listen [::]:80;
@@ -15,10 +29,6 @@ server {
}
}
-map $uri $migrated_uri {
- include maps/migrated-lists.map;
-}
-
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
@@ -32,41 +42,16 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ lists_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ lists_domain }}/chain.pem;
- if ($migrated_uri) {
- return 302 $migrated_uri;
+ location /static/ {
+ alias /var/lib/mailman-web/static/;
}
- location = / {
- return 302 /mailman3/lists/;
- }
-
- # redirect old urls
- location /mailman/ {
- rewrite ^/mailman/(.*) /$1 permanent;
- }
-
- location /icons/ {
- alias /usr/lib/mailman/icons/;
- }
-
- location ~ ^/pipermail(?:/(.*))?$ {
- alias /var/lib/mailman/archives/public/$1;
- add_header Cache-Control "public, no-cache";
- autoindex on;
+ location /pipermail/ {
+ alias /var/lib/mailman2/archives/public/;
}
location / {
- root /usr/lib/mailman/cgi-bin/;
- index listinfo;
- include uwsgi_params;
- uwsgi_modifier1 9;
- uwsgi_pass unix:/run/uwsgi/mailman.sock;
- }
-
- location ~ ^/(static|mailman3|archives|user-profile|accounts|admin3)($|/) {
- proxy_pass http://{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }};
- proxy_set_header Host {{ lists_domain }};
- proxy_set_header X-Forwarded-For $remote_addr;
- proxy_set_header X-Forwarded-Proto $scheme;
+ include /etc/nginx/uwsgi_params;
+ uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
}
}
diff --git a/roles/mailman3/templates/settings.py.j2 b/roles/mailman/templates/settings.py.j2
similarity index 93%
rename from roles/mailman3/templates/settings.py.j2
rename to roles/mailman/templates/settings.py.j2
index 63acbdfb8..3f85967eb 100644
--- a/roles/mailman3/templates/settings.py.j2
+++ b/roles/mailman/templates/settings.py.j2
@@ -38,14 +38,14 @@ MAILMAN_ARCHIVER_KEY = '{{ vault_mailman_archiver_key }}'
#: https://docs.djangoproject.com/en/3.2/topics/email/#smtp-backend
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-EMAIL_HOST = '{{ hostvars['lists.archlinux.org']['wireguard_address'] }}'
+EMAIL_HOST = '127.0.0.1'
EMAIL_PORT = 25
#: Sender in Emails sent out by Postorius.
DEFAULT_FROM_EMAIL = 'postorius@{{ lists_domain }}'
SERVER_EMAIL = 'root@{{ lists_domain }}'
-POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost'
+POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost:8000'
HYPERKITTY_ALLOW_WEB_POSTING = False
HYPERKITTY_ENABLE_GRAVATAR = False
diff --git a/roles/mailman/templates/transport.j2 b/roles/mailman/templates/transport.j2
deleted file mode 100644
index 6918dfca1..000000000
--- a/roles/mailman/templates/transport.j2
+++ /dev/null
@@ -1,257 +0,0 @@
-# AUTOMATICALLY GENERATED BY MAILMAN ON 2022-09-15 21:34:14
-#
-# This file is generated by Mailman, and is kept in sync with the binary hash
-# file. YOU SHOULD NOT MANUALLY EDIT THIS FILE unless you know what you're
-# doing, and can keep the two files properly in sync. If you screw it up,
-# you're on your own.
-
-# Aliases which are visible only in the @lists.archlinux.org domain.
-arch-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-commits@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-commits-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-dev-public@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-dev-public-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-devops@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-devops-private@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-devops-private-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-events@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-events-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-mirrors@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-mirrors-announce@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-mirrors-announce-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-multilib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-multilib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-ports@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-ports-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-proaudio@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-proaudio-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-projects@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-projects-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-releng@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-releng-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-security@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-security-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-tu@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-tu-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-wiki-admins@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-wiki-admins-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-arch-women@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-arch-women-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-aur-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-aur-general@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-general-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-aur-requests@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-aur-requests-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-pacman-contrib@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-contrib-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-pacman-dev@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-pacman-dev-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-
-staff@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-bounces@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-confirm@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-join@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-leave@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-owner@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-request@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-subscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
-staff-unsubscribe@lists.archlinux.org lmtp:[{{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}]:8024
diff --git a/roles/mailman3/defaults/main.yml b/roles/mailman3/defaults/main.yml
deleted file mode 100644
index 7ac123333..000000000
--- a/roles/mailman3/defaults/main.yml
+++ /dev/null
@@ -1,135 +0,0 @@
-lists_domain: lists.archlinux.org
-lists:
- arch-announce:
- allow_list_posts: false
- bounce_info_stale_after: 60d
- default_member_action: reject
- default_nonmember_action: reject
- description: This mailing list is for official announcements for the Arch Linux distribution.
- display_name: Arch-announce
- moderator_password: "{{ vault_archweb_mailman_password }}"
- arch-commits:
- allow_list_posts: false
- accept_these_nonmembers:
- - ^.+@(.+\.)?archlinux\.org
- archive_policy: never
- default_member_action: reject
- default_nonmember_action: reject
- description: Arch Linux packaging commits
- display_name: Arch-commits
- info: This list contains all commits to the package repositories, including diffs for newest changes.
- max_message_size: 200
- arch-dev:
- advertised: false
- archive_policy: private
- description: Development Discussion for Arch Linux
- display_name: Arch-dev
- info: This list is for development discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux developers.
- subscription_policy: confirm_then_moderate
- arch-devops:
- display_name: Arch-devops
- description: Arch Linux Infrastructure development discussion
- arch-devops-private:
- advertised: false
- archive_policy: private
- description: List for internal discussion of the devops team
- display_name: Arch-devops-private
- subscription_policy: confirm_then_moderate
- arch-dev-public:
- default_member_action: hold
- description: Public mailing list for Arch Linux development
- display_name: Arch-dev-public
- arch-events:
- description: Arch Linux Events
- display_name: Arch-events
- arch-general:
- description: General Discussion about Arch Linux
- display_name: Arch-general
- info: |
- This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here.
-
- You must be subscribed to the list in order to post to it.
- arch-mirrors-announce:
- description: List for mirror admins to send announcements (like downtime notifications) to our users
- display_name: Arch-mirrors-announce
- info: |
- This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror.
-
- This list also accepts mails from non-subscribers.
- arch-mirrors:
- description: Arch Linux Mirroring Discussion and Announcements
- display_name: Arch-mirrors
- info: This list is intended for admins of Arch Linux mirrors. Discussion and announcements regarding mirroring will use this list.
- arch-multilib:
- description: Arch Linux Multilib (32bit libs on 64bit OSes)
- display_name: Arch-multilib
- arch-ports:
- description: Discussion regarding the porting of Arch Linux to non-x86_64 architectures
- display_name: Arch-ports
- info: This list is primarily used to talk about porting Arch Linux to non-x86_64 platforms, such as PPC, ARM, i586, i686, etc.
- arch-proaudio:
- description: Discussion about real-time multimedia, including (semi-)pro audio and video
- display_name: Arch-proaudio
- arch-projects:
- description: Arch Linux projects development discussion
- display_name: Arch-projects
- info: |
- Announcements, development discussion, patches and pull requests for the Arch Linux projects:<ul><li><a target="blank" href="https://github.com/archlinux/archweb/">archweb</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/arch-release-promotion/">arch-release-promotion</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/dbscripts/">dbscripts</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/devtools/">devtools</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://github.com/archlinux/mkinitcpio/">mkinitcpio</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/namcap/">namcap</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/netctl/">netctl</a> (patches preferably on the mailing list)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/pyalpm/">pyalpm</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/repod/">repod</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/shim-signed/">shim-signed</a> (contributions preferably on GitLab as merge requests)</li></ul>
-
- Please begin the email subject with the name of a project in square brackets (e.g. <code>[devtools]</code>). If no project matches, use <code>[projects]</code>.
-
- Note: No user discussion!
- arch-releng:
- description: Arch Linux Release Engineering
- display_name: Arch-releng
- arch-security:
- description: Announcements about security issues in Arch Linux and its packages
- display_name: Arch-security
- info: Discussion about announcements should happen on arch-general.
- arch-tu:
- advertised: false
- archive_policy: private
- description: Trusted Users Discussion for Arch Linux
- display_name: Arch-tu
- info: This list is for trusted users discussion about Arch Linux. This list is closed to the general public and only used by internal Arch Linux trusted users.
- subscription_policy: confirm_then_moderate
- arch-wiki-admins:
- advertised: false
- archive_policy: private
- default_nonmember_action: defer
- display_name: Arch-wiki-admins
- subscription_policy: confirm_then_moderate
- arch-women:
- description: Mailing list for the Arch Women project
- display_name: Arch-women
- info: |
- <a href="https://archwomen.org/">Arch Women</a> is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS.
-
- Mailing list graciously hosted by the Arch Linuxâ„¢ project.
- aur-dev:
- description: Arch User Repository (AUR) Development
- display_name: Aur-dev
- info: This list is intended for discussion of AUR and community based code and development.
- aur-general:
- description: Discussion about the Arch User Repository (AUR)
- display_name: Aur-general
- info: This list is for Trusted Users, Arch Linux developers, and the general public to discuss issues surrounding the Trusted User structure and the Arch User Repository (AUR).
- aur-requests:
- accept_these_nonmembers:
- - notify@aur.archlinux.org
- description: Public mailing list for AUR package deletion/merge/orphan requests
- display_name: Aur-requests
- pacman-contrib:
- description: Discussion list for pacman-contrib development
- display_name: Pacman-contrib
- info: This list is used by pacman-contrib developers to coordinate, share patches, etc.
- pacman-dev:
- description: Discussion list for pacman development
- display_name: Pacman-dev
- info: This list is used by pacman developers and contributors to coordinate, fix problems, share patches, etc.
- staff:
- advertised: false
- archive_policy: private
- description: Internal list that includes all Arch Linux staff members (devs, TUs, support staff)
- display_name: Staff
- subscription_policy: confirm_then_moderate
diff --git a/roles/mailman3/files/postfix.cfg b/roles/mailman3/files/postfix.cfg
deleted file mode 100644
index 6068f1cc6..000000000
--- a/roles/mailman3/files/postfix.cfg
+++ /dev/null
@@ -1,13 +0,0 @@
-[postfix]
-# Additional configuration variables for the postfix MTA.
-
-# This variable describe the program to use for regenerating the transport map
-# db file, from the associated plain text files. The file being updated will
-# be appended to this string (with a separating space), so it must be
-# appropriate for os.system().
-postmap_command: /usr/bin/true
-
-# This variable describes the type of transport maps that will be generated by
-# mailman to be used with postfix for LMTP transport. By default, it is set to
-# hash, but mailman also supports `regex` tables.
-transport_file_type: hash
diff --git a/roles/mailman3/handlers/main.yml b/roles/mailman3/handlers/main.yml
deleted file mode 100644
index f56cbaed7..000000000
--- a/roles/mailman3/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Reload mailman
- service: name=mailman3 state=reloaded
-
-- name: Restart mailman-web
- service: name=uwsgi@mailman\\x2dweb.service state=restarted
diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
deleted file mode 100644
index 8f8dd7fb6..000000000
--- a/roles/mailman3/tasks/main.yml
+++ /dev/null
@@ -1,81 +0,0 @@
-- name: Install mailman3 and related packages
- pacman: name=mailman3,mailman3-hyperkitty,python-psycopg2,mailman-web,python-xapian-haystack,uwsgi-plugin-python state=present
- register: install
-
-- name: Install {mailman,mailman-web} configuration
- template: src={{ item.src }} dest={{ item.dest }} owner=root group={{ item.group }} mode=0640
- loop:
- - {src: mailman.cfg.j2, dest: /etc/mailman.cfg, group: mailman}
- - {src: mailman-hyperkitty.cfg.j2, dest: /etc/mailman-hyperkitty.cfg, group: mailman}
- - {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
- - {src: urls.py.j2, dest: /etc/webapps/mailman-web/urls.py, group: mailman-web}
- notify:
- - Reload mailman
- - Restart mailman-web
-
-- name: Install mailman postfix.cfg configuration
- copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644
- notify: Reload mailman
-
-- name: Make nginx log dir
- file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755
-
-- name: Set up nginx
- template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
- notify: Reload nginx
- tags: ['nginx']
-
-- name: Create postgres {mailman,mailman-web} user
- postgresql_user: name={{ item.username }} password={{ item.password }}
- loop:
- - {username: "{{ vault_mailman_db_user }}", password: "{{ vault_mailman_db_password }}"}
- - {username: "{{ vault_mailman_web_db_user }}", password: "{{ vault_mailman_web_db_password }}"}
- become: true
- become_user: postgres
- become_method: su
- no_log: true
-
-- name: Create {mailman,mailman-web} db
- postgresql_db: name={{ item.db }} owner={{ item.owner }}
- loop:
- - {db: mailman, owner: "{{ vault_mailman_db_user }}"}
- - {db: mailman-web, owner: "{{ vault_mailman_web_db_user }}"}
- become: true
- become_user: postgres
- become_method: su
-
-- name: Run Django management tasks
- command: django-admin {{ item }} --pythonpath /etc/webapps/mailman-web --settings settings
- loop:
- - migrate
- - loaddata
- - collectstatic
- - compress
- become: true
- become_user: mailman-web
- when: install.changed
-
-- name: Open LMTP ipv4 port for lists.archlinux.org
- ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
- rich_rule="rule family=ipv4 source address={{ hostvars['lists.archlinux.org']['wireguard_address'] }} port protocol=tcp port=8024 accept"
- tags:
- - firewall
-
-- name: Start and enable mailman{.service,-*.timer}
- systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
- loop:
- - mailman3.service
- - mailman3-digests.timer
- - mailman3-notify.timer
- - uwsgi@mailman\x2dweb.service
-
-- name: Update list configurations
- uri:
- url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
- user: "{{ vault_mailman_admin_user }}"
- password: "{{ vault_mailman_admin_pass }}"
- method: PUT
- body_format: json
- status_code: 204
- body: "{{ lookup('file', 'list_base_configuration.json') | from_json | combine(lists[item]) | to_json }}"
- loop: "{{ lists.keys() }}"
diff --git a/roles/mailman3/templates/nginx.d.conf.j2 b/roles/mailman3/templates/nginx.d.conf.j2
deleted file mode 100644
index 62fb9011d..000000000
--- a/roles/mailman3/templates/nginx.d.conf.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-server {
- listen 80;
- listen [::]:80;
- server_name {{ lists_domain }} localhost;
-
- set_real_ip_from {{ hostvars['lists.archlinux.org']['wireguard_address'] }}/32;
- real_ip_header X-Forwarded-For;
-
- access_log /var/log/nginx/{{ lists_domain }}/access.log main;
- access_log /var/log/nginx/{{ lists_domain }}/access.log.json json_main;
- error_log /var/log/nginx/{{ lists_domain }}/error.log;
-
- location /static/ {
- alias /var/lib/mailman-web/static/;
- }
-
- # include uwsgi_params
- location / {
- include /etc/nginx/uwsgi_params;
- uwsgi_pass unix:/run/mailman-web/mailman-web.sock;
- }
-}
diff --git a/roles/mailman3/templates/urls.py.j2 b/roles/mailman3/templates/urls.py.j2
deleted file mode 100644
index 4121553cb..000000000
--- a/roles/mailman3/templates/urls.py.j2
+++ /dev/null
@@ -1,35 +0,0 @@
-# -*- coding: utf-8 -*-
-# Copyright (C) 1998-2016 by the Free Software Foundation, Inc.
-#
-# This file is part of Postorius.
-#
-# Postorius is free software: you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free
-# Software Foundation, either version 3 of the License, or (at your option)
-# any later version.
-#
-# Postorius is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
-# more details.
-#
-# You should have received a copy of the GNU General Public License along with
-# Postorius. If not, see <http://www.gnu.org/licenses/>.
-
-
-from django.conf.urls import include
-from django.contrib import admin
-from django.urls import path, reverse_lazy
-from django.views.generic import RedirectView
-
-urlpatterns = [
- path(
- '',
- RedirectView.as_view(url=reverse_lazy('list_index'), permanent=True),
- ),
- path('mailman3/', include('postorius.urls')),
- path('archives/', include('hyperkitty.urls')),
- path('', include('django_mailman3.urls')),
- path('accounts/', include('allauth.urls')),
- path('admin3/', admin.site.urls),
-]
diff --git a/tf-stage1/archlinux.tf b/tf-stage1/archlinux.tf
index e9eae05d4..5c0426970 100644
--- a/tf-stage1/archlinux.tf
+++ b/tf-stage1/archlinux.tf
@@ -93,17 +93,13 @@ locals {
domain = "homedir"
}
"lists.archlinux.org" = {
- server_type = "cpx11"
+ server_type = "cx21"
domain = "lists"
}
"mail.archlinux.org" = {
server_type = "cx11"
domain = "mail"
}
- "mailman3.archlinux.org" = {
- server_type = "cx21"
- domain = "mailman3"
- }
"man.archlinux.org" = {
server_type = "cx11"
domain = "man"
--
GitLab