WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-04 01:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
289bda56985f9cf20ff56b091e367a3e94de24ff
fedora-infra_ansible/roles/mailman3/tasks/main.yml
Michal Konecny be2edf7b47 [mailman3] Add script for generating fulltext index for mailing lists 
The index generated by the hyperkitty-hourly script generated unusually big
index (around 1TB).

This script should help with generating the search index from scratch, after
that we can leave it to hyperkitty-hourly job again.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
2024-07-29 14:41:12 +02:00

696 lines
15 KiB
YAML
Raw Blame History

---
# Configuration for Mailman 3
# PostgreSQL initialization must have been done already
- name: Install needed packages
ansible.builtin.package:
name: "{{item}}"
state: present
with_items:
- httpd
- hyperkitty
- fedora-messaging
- mailman3
- memcached
- postorius
- python3-cmarkgfm
- python3-gunicorn
- python3-mailman-hyperkitty
- python3-mailman3-fedmsg-plugin
- python3-mailman-web
- python3-pylibmc
- python3-psycopg2
- python3-whoosh
- sassc
tags:
- packages
- mailman
# This is needed till https://src.fedoraproject.org/rpms/python-django-mailman3/pull-request/2
# is available
- name: Apply django_mailman3 patch
ansible.posix.patch:
src: django_mailman3_patch/django-mailman3-fedora-oidc.patch
basedir: /usr/lib/python3.9/site-packages/
tags:
- mailman
- patch
- name: Set the mailman conffile
ansible.builtin.template:
src: mailman.cfg.j2
dest: /etc/mailman.cfg
owner: mailman
group: mailman
mode: 0640
tags:
- config
- mailman
notify:
- restart mailman3
- name: Install configuration for fedmsg-plugin
ansible.builtin.template:
src: fedmsg-plugin.toml.j2
dest: "/etc/fedora-messaging/config.toml"
tags:
- config
- mailman
- fedora-messaging
notify:
- restart mailman3
- name: Create folder where we'll place the certs
ansible.builtin.file:
path: /etc/pki/rabbitmq/mailman/
owner: root
group: root
mode: 0755
state: directory
tags:
- mailman
- fedora-messaging
- name: Deploy mailman/rabbitmq certificate
ansible.builtin.copy:
src: "{{item.src}}"
dest: "/etc/pki/rabbitmq/mailman/{{item.dest}}"
owner: root
group: mailman
mode: "{{item.mode}}"
when: env == 'staging'
with_items:
- src: "{{private}}/files/rabbitmq/staging/pki/issued/mailman.stg.crt"
dest: mailman.crt
mode: "444"
- src: "{{private}}/files/rabbitmq/staging/pki/private/mailman.stg.key"
dest: mailman.key
mode: "440"
- src: "{{private}}/files/rabbitmq/staging/pki/ca.crt"
dest: mailman.ca
mode: "444"
tags:
- mailman
- fedora-messaging
- name: Deploy mailman/rabbitmq certificate
ansible.builtin.copy:
src: "{{item.src}}"
dest: "/etc/pki/rabbitmq/mailman/{{item.dest}}"
owner: root
group: mailman
mode: "{{item.mode}}"
when: env != 'staging'
with_items:
- src: "{{private}}/files/rabbitmq/production/pki/issued/mailman.crt"
dest: mailman.crt
mode: "444"
- src: "{{private}}/files/rabbitmq/production/pki/private/mailman.key"
dest: mailman.key
mode: "440"
- src: "{{private}}/files/rabbitmq/production/pki/ca.crt"
dest: mailman.ca
mode: "444"
tags:
- mailman
- fedora-messaging
#
# Logging
#
- name: Ensuring log directory exists
ansible.builtin.file:
path: "{{ mailman_log_directory }}"
state: directory
owner: mailman
group: mailman
tags:
- logging
- mailman
- name: Mailman logging -- rotation
ansible.builtin.copy:
src: mailman3.logrotate.conf
dest: /etc/logrotate.d/mailman3
tags:
- logging
- mailman
- name: Ensuring mailman-core is started
ansible.builtin.service:
name: mailman3
state: started
enabled: yes
tags:
- mailman
#
# HyperKitty + Postorius setup
#
- name: Create site/en dir
ansible.builtin.file:
state: directory
path: /var/lib/mailman3/templates/site/en
tags:
- config
- mailman
- hyperkitty
- name: Set default list footer
ansible.builtin.copy:
src: mailman-template-list-member-generic-footer.txt
dest: /var/lib/mailman3/templates/site/en/list:member:generic:footer.txt
owner: mailman
group: mailman
mode: 0644
tags:
- config
- mailman
- hyperkitty
- name: Set default list:admin:action:post template
ansible.builtin.copy:
src: mailman-template-list-admin-action-post.txt
dest: /var/lib/mailman3/templates/site/en/list:admin:action:post.txt
owner: mailman
group: mailman
mode: 0644
tags:
- config
- mailman
- hyperkitty
- name: Create lists/users.lists.fedoraproject.org/en template dir
ansible.builtin.file:
state: directory
path: /var/lib/mailman3/templates/lists/users.lists.fedoraproject.org/en
tags:
- config
- mailman
- hyperkitty
- name: Set list:user:notice:hold template for users list
ansible.builtin.copy:
src: mailman-template-users-list-user-notice-hold.txt
dest: /var/lib/mailman3/templates/lists/users.lists.fedoraproject.org/en/list:user:notice:hold.txt
owner: mailman
group: mailman
mode: 0644
tags:
- config
- mailman
- hyperkitty
- name: Install the hyperkitty/postorius settings file
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "{{ mailman_webui_confdir }}/{{ item }}"
with_items:
- settings.py
- settings_admin.py
tags:
- config
- mailman
- hyperkitty
notify:
- restart mailmanweb
- name: Install the hyperkitty/postorius urls file
ansible.builtin.copy:
src: urls.py
dest: "{{ mailman_webui_confdir }}/urls.py"
tags:
- config
- mailman
- hyperkitty
notify:
- restart mailmanweb
- name: Create the fulltext index dir
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/fulltext_index"
state: directory
owner: mailman
group: mailman
mode: 0755
tags:
- mailman
- hyperkitty
- name: Create the hyperkitty static files dirs
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/{{ item }}"
state: directory
owner: mailman
group: mailman
mode: 0755
with_items:
- static
- static-fedora
register: static_root_dir
tags:
- mailman
- hyperkitty
- name: Create the fedora-specific hyperkitty img dir
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/static-fedora/hyperkitty/img"
state: directory
owner: mailman
group: mailman
mode: 0755
tags:
- mailman
- hyperkitty
- name: Create the hyperkitty templates override dirs
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/templates/{{ item }}"
state: directory
owner: mailman
group: mailman
mode: 0755
with_items:
- hyperkitty
- django_mailman3
tags:
- mailman
- hyperkitty
- name: Copy the initial user fixture
ansible.builtin.template:
src: initial-data.json.j2
dest: "{{ mailman_webui_confdir }}/initial-data.json"
owner: root
group: mailman
mode: 0640
tags:
- mailman
- hyperkitty
- name: Initialize authentication providers
ansible.builtin.command:
cmd: mailman-web loaddata "{{ mailman_webui_confdir }}/initial-data.json"
chdir: /etc/mailman3
become_user: mailman
become: true
tags:
- mailman
- hyperkitty
# Add the Nest banner
# See issue https://pagure.io/fedora-infrastructure/issue/10103
- name: Replace the top.html template in hyperkitty/postorius to change banner
ansible.builtin.copy:
src: top.html
dest: "{{ mailman_webui_basedir }}/templates/hyperkitty/top.html"
notify:
- restart mailmanweb
tags:
- mailman
- banner
- hyperkitty
- name: Install our fedora-specific logo
ansible.builtin.copy:
src: logo-hyperkitty-fedora.png
dest: "{{ mailman_webui_basedir }}/static-fedora/logo-hyperkitty-fedora.png"
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific favicon
ansible.builtin.copy:
src: favicon.ico
dest: "{{ mailman_webui_basedir }}/static-fedora/favicon.ico"
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific robots.txt
ansible.builtin.copy:
src: robots.txt
dest: "{{ mailman_webui_basedir }}/static-fedora/robots.txt"
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific brand template override
ansible.builtin.copy:
src: navbar-brand.html
dest: "{{ mailman_webui_basedir }}/templates/hyperkitty/navbar-brand.html"
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific page headers
ansible.builtin.copy:
src: headers.html
dest: "{{ mailman_webui_basedir }}/templates/hyperkitty/headers.html"
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific login page extension
ansible.builtin.copy:
src: login_extra_top.html
dest: "{{ mailman_webui_basedir }}/templates/django_mailman3/login_extra_top.html"
tags:
- mailman
- hyperkitty
- name: Create dirs for signup_closed page
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/templates/account"
state: directory
owner: root
group: root
mode: 0755
tags:
- mailman
- hyperkitty
- name: Install our fedora-specific signup_closed page
ansible.builtin.copy:
src: signup_closed.html
dest: "{{ mailman_webui_basedir }}/templates/account/signup_closed.html"
tags:
- mailman
- hyperkitty
- name: Install our fedmenu js hook
ansible.builtin.template:
src: bottom.html
dest: "{{mailman_webui_basedir }}/templates/hyperkitty/bottom.html"
tags:
- mailman
- hyperkitty
- name: Ensuring we have correct DB schema for django apps
ansible.builtin.command:
cmd: mailman-web migrate --pythonpath {{ mailman_webui_confdir }} --settings settings_admin --no-input
chdir: /etc/mailman3
become_user: mailman
become: true
tags:
- mailman
- db
- name: Install the fedora-specific modules
ansible.builtin.copy:
src: django_fedora_nosignup.py
dest: "{{ mailman_webui_confdir }}/django_fedora_nosignup.py"
owner: root
group: root
mode: 0644
tags:
- config
- mailman
- hyperkitty
notify:
- restart mailmanweb
# HyperKitty hotfix
- name: Disable search in hyperkitty
ansible.builtin.copy:
src: base.html
dest: /usr/lib/python3.9/site-packages/hyperkitty/templates/hyperkitty/base.html
tags:
- mailman
- hyperkitty
- patch
notify:
- restart mailmanweb
# Memcached
- name: Set the memcached sysconfig file
ansible.builtin.copy:
src: memcached.sysconfig
dest: /etc/sysconfig/memcached
notify:
- restart memcached
tags:
- mailman
- memcached
- name: Enable memcached
ansible.builtin.systemd:
name: memcached
state: stopped
enabled: no
tags:
- mailman
- systemd
- memcached
#
# Plug HyperKitty into Mailman
#
- name: Copy the mailman-hyperkitty conffile
ansible.builtin.template:
src: mailman-hyperkitty.cfg.j2
dest: "/etc/mailman3.d/hyperkitty.cfg"
owner: mailman
group: mailman
mode: 0640
tags:
- config
- mailman
- hyperkitty
notify:
- restart mailman3
- name: Populating static_root dir with django files/css
ansible.builtin.command:
cmd: mailman-web collectstatic --no-input
chdir: /etc/mailman3
become_user: mailman
become: true
tags:
- mailman
- hyperkitty
- name: Compress static files
ansible.builtin.command:
cmd: mailman-web compress
chdir: /etc/mailman3
become_user: mailman
become: true
tags:
- mailman
- hyperkitty
- name: Systemd unit to start postorius/hyperkitty through gunicorn
ansible.builtin.template:
src: mailmanweb.service.j2
dest: /etc/systemd/system/mailmanweb.service
register: mailmanweb_systemd
notify: restart mailmanweb
tags:
- mailman
- systemd
- hyperkitty
- name: Enable the mailmanweb server
ansible.builtin.systemd:
name: mailmanweb
daemon-reload: "{% if mailmanweb_systemd is changed %}yes{% else %}no{% endif %}"
state: started
enabled: yes
tags:
- mailman
- systemd
- hyperkitty
#
# Logrotate
#
- name: Setup logrotate
ansible.builtin.template:
src: "mailman.logrotate.j2"
dest: /etc/logrotate.d/mailman
tags:
- logrotate
- config
#
# Scripts
#
- name: Create the scripts dir
ansible.builtin.file:
path: "{{ mailman_webui_basedir }}/bin"
state: directory
owner: root
group: root
mode: 0755
tags: mailman
- name: Install the scripts
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ mailman_webui_basedir }}/bin/{{ item }}"
owner: root
group: root
mode: 0755
tags: mailman
with_items:
- mailman-sar.py
- migrate_fedora_auth.py
- generate_search_index.py
- name: Install the staging-sync script
ansible.builtin.copy:
src: prod-to-stg.py
dest: "{{ mailman_webui_basedir }}/bin/prod-to-stg.py"
when: env == "staging"
tags: mailman
#
# Systemd
#
- name: Install the systemd service files
ansible.builtin.template:
src: "{{ item }}.service.j2"
dest: "/etc/systemd/system/{{ item }}.service"
with_items:
- webui-qcluster
- webui-warm-up-cache
notify:
- systemctl daemon-reload
tags:
- config
- mailman
- systemd
- name: Install hyperkitty target
ansible.builtin.copy:
src: "systemd/hyperkitty.target"
dest: "/etc/systemd/system/hyperkitty.target"
notify:
- systemctl daemon-reload
tags:
- config
- mailman
- systemd
- name: Install the systemd cron services
ansible.builtin.copy:
src: "systemd/{{ item }}.service"
dest: "/etc/systemd/system/{{ item }}.service"
with_items:
- hyperkitty-daily
- hyperkitty-hourly
- hyperkitty-minutely
- hyperkitty-monthly
- hyperkitty-quarter_hourly
- hyperkitty-weekly
- hyperkitty-yearly
notify:
- systemctl daemon-reload
tags:
- config
- mailman
- systemd
- name: Install the systemd timers
ansible.builtin.copy:
src: "systemd/{{ item }}.timer"
dest: "/etc/systemd/system/{{ item }}.timer"
with_items:
- hyperkitty-daily
- hyperkitty-hourly
- hyperkitty-minutely
- hyperkitty-monthly
- hyperkitty-quarter_hourly
- hyperkitty-weekly
- hyperkitty-yearly
notify:
- systemctl daemon-reload
tags:
- config
- mailman
- systemd
# Httpd
- name: Import needed httpd configurations
ansible.builtin.template:
src: "{{item}}.j2"
dest: "/etc/httpd/conf.d/{{item}}"
with_items:
- mailmanweb.conf
notify:
- reload apache
tags:
- config
- httpd
- mailman
- name: Allow Apache to remotely connect to gunicorn
ansible.posix.seboolean:
name: httpd_can_network_relay
state: yes
persistent: yes
notify:
- restart apache
tags:
- mailman
- selinux
- name: Allow Apache to connect to localhost gunicorn
ansible.posix.seboolean:
name: httpd_can_network_connect
state: yes
persistent: yes
notify:
- restart apache
tags:
- mailman
- selinux
- name: Set the SELinux policy for the static files directory
community.general.sefcontext:
target: "{{ mailman_webui_basedir }}/static(/.*)?"
setype: httpd_sys_content_t
state: present
tags:
- mailman
- selinux
- name: Set the SELinux policy for the templates override directory
community.general.sefcontext:
target: "{{ mailman_webui_basedir }}/templates(/.*)?"
setype: httpd_sys_content_t
state: present
tags:
- mailman
- selinux
- name: Apply SELinux changes
command: restorecon -irv "{{ mailman_webui_basedir}}"
# Start services
- name: Start services
ansible.builtin.systemd:
state: started
enabled: yes
name: "{{item}}"
with_items:
- httpd
- hyperkitty-daily.timer
- hyperkitty-hourly.timer
- hyperkitty-monthly.timer
- hyperkitty-quarter_hourly.timer
- hyperkitty-weekly.timer
- hyperkitty-yearly.timer
- mailman3
- mailmanweb
- postfix
- webui-qcluster
- webui-warm-up-cache
tags:
- mailman
- hyperkitty
Reference in New Issue View Git Blame Copy Permalink