From a868b2ca168729b9dc9765229c1447ce758cc98c Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Sun, 4 Jul 2021 00:51:22 +0200
Subject: [PATCH] lmtp

---
 roles/mailman/templates/main.cf.j2      | 3 ++-
 roles/mailman3/tasks/main.yml           | 6 ++++++
 roles/mailman3/templates/mailman.cfg.j2 | 2 ++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/mailman/templates/main.cf.j2 b/roles/mailman/templates/main.cf.j2
index a10ea03d5..590f82065 100644
--- a/roles/mailman/templates/main.cf.j2
+++ b/roles/mailman/templates/main.cf.j2
@@ -47,8 +47,9 @@ smtpd_milters = inet:localhost:11332
 non_smtpd_milters = $smtpd_milters
 
 alias_maps = texthash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases
-local_recipient_maps = $alias_maps
+local_recipient_maps = $alias_maps hash:/etc/postfix/transport
 alias_database = $alias_maps
+transport_maps = hash:/etc/postfix/transport
 
 milter_header_checks = pcre:/etc/postfix/milter_header_checks
 
diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
index 1a2733522..c722def6c 100644
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@@ -43,6 +43,12 @@
   become_user: postgres
   become_method: su
 
+- name: open firewall holes for mailman (LMTP)
+  ansible.posix.firewalld: port=8024/tcp zone=wireguard permanent=true state=enabled immediate=yes
+  when: configure_firewall
+  tags:
+    - firewall
+
 # TODO: start uwsgi
 # TODO: hyperkittynginx.ini
 # TODO: hyperkitty databases
diff --git a/roles/mailman3/templates/mailman.cfg.j2 b/roles/mailman3/templates/mailman.cfg.j2
index 1f3cfa9d6..128350ec6 100644
--- a/roles/mailman3/templates/mailman.cfg.j2
+++ b/roles/mailman3/templates/mailman.cfg.j2
@@ -11,5 +11,7 @@ admin_pass: {{ vault_mailman_admin_pass }}
 
 [mta]
 configuration: /etc/postfix.cfg
+lmtp_host: {{ hostvars['mailman3.archlinux.org']['wireguard_address'] }}
+lmtp_port: 8024
 smtp_host: {{ hostvars['lists.archlinux.org']['wireguard_address'] }}
 smtp_port: 25
-- 
GitLab