From 08f990cf79b9a5602e68e9f960dfe48bdbbfb1a0 Mon Sep 17 00:00:00 2001 From: Michal Konecny Date: Thu, 27 Jun 2024 13:47:20 +0200 Subject: [PATCH] [mailman3] We need admin access to database for migrations We didn't need that on staging, but on production the permissions are more granular. Signed-off-by: Michal Konecny --- roles/mailman3/tasks/main.yml | 9 ++++++-- roles/mailman3/templates/settings_admin.py.j2 | 23 +++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 roles/mailman3/templates/settings_admin.py.j2 diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml index 3ad09f04a5..da2645694c 100644 --- a/roles/mailman3/tasks/main.yml +++ b/roles/mailman3/tasks/main.yml @@ -147,8 +147,11 @@ - name: Install the hyperkitty/postorius settings file ansible.builtin.template: - src: settings.py.j2 - dest: "{{ mailman_webui_confdir }}/settings.py" + src: "{{ item }}.j2" + dest: "{{ mailman_webui_confdir }}/{{ item }}" + with_items: + - settings.py + - settings_admin.py tags: - config - mailman @@ -334,6 +337,8 @@ chdir: /etc/mailman3 become_user: mailman become: true + environment: + DJANGO_SETTINGS_MODULE = "{{ mailman_webui_confdir }}/settings_admin.py" tags: - mailman - db diff --git a/roles/mailman3/templates/settings_admin.py.j2 b/roles/mailman3/templates/settings_admin.py.j2 new file mode 100644 index 0000000000..41f256743e --- /dev/null +++ b/roles/mailman3/templates/settings_admin.py.j2 @@ -0,0 +1,23 @@ +#-*- coding: utf-8 -*- + +""" +Copy of the Django settings file, but with database admin credentials (for +schema modifications) +""" + +from settings import * +try: + from settings_local import * +except ImportError: + pass + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql_psycopg2', + 'NAME': 'hyperkitty', + 'USER': 'hyperkittyadmin', + 'PASSWORD': '{{ mailman_hyperkitty_admin_db_pass }}', + 'HOST': '{{ mailman_db_server }}', + 'PORT': '', + } +}