mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-28 12:32:50 +08:00
424 lines
10 KiB
YAML
424 lines
10 KiB
YAML
---
|
|
# Configuration for Mailman 3
|
|
# PostgreSQL initialization must have been done already
|
|
|
|
|
|
#
|
|
# SELinux
|
|
#
|
|
- name: install semanage
|
|
yum: pkg=policycoreutils-python state=present
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the configuration directory
|
|
command: semanage fcontext -a -t etc_t "{{ mailman_webui_confdir }}(/.*)?"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the fulltext index
|
|
command: semanage fcontext -a -t httpd_sys_rw_content_t "{{ mailman_webui_basedir }}/fulltext_index(/.*)?"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the static files directory
|
|
command: semanage fcontext -a -t httpd_sys_content_t "{{ mailman_webui_basedir }}/static(/.*)?"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the templates override directory
|
|
command: semanage fcontext -a -t httpd_sys_content_t "{{ mailman_webui_basedir }}/templates(/.*)?"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the log directory
|
|
command: semanage fcontext -a -t httpd_log_t "/var/log/hyperkitty(/.*)?"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: set the SELinux policy for the generated postfix databases
|
|
command: semanage fcontext -a -t etc_aliases_t "{{ mailman_webui_basedir }}/var/data/postfix_.*"
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: allow Apache to remotely connect to PostgreSQL
|
|
seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: allow Apache to remotely connect to Mailman
|
|
seboolean: name=httpd_can_network_connect state=yes persistent=yes
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
- name: allow Apache to remotely connect to Memcached
|
|
seboolean: name=httpd_can_network_memcache state=yes persistent=yes
|
|
tags:
|
|
- mailman
|
|
- selinux
|
|
|
|
|
|
#
|
|
# Packages
|
|
#
|
|
- name: setup the hyperkitty repo
|
|
copy: src=hyperkitty.{{ansible_distribution}}.repo
|
|
dest=/etc/yum.repos.d/hyperkitty.repo
|
|
tags: mailman
|
|
|
|
- name: install GPG to validate the key
|
|
yum: state=present name=gnupg
|
|
tags: mailman
|
|
|
|
- name: add the GPG key
|
|
rpm_key: state=present key=https://repos.fedorapeople.org/repos/abompard/abompard.asc
|
|
tags: mailman
|
|
|
|
- name: install needed packages
|
|
yum: pkg={{ item }} state=present
|
|
with_items:
|
|
- python-psycopg2
|
|
- python34-psycopg2
|
|
- hyperkitty
|
|
- hyperkitty-selinux
|
|
- postorius
|
|
- memcached
|
|
- python-pylibmc
|
|
- python-django-haystack-xapian
|
|
- yum-plugin-post-transaction-actions
|
|
# to run the test suite:
|
|
- python-beautifulsoup4
|
|
- python-mock
|
|
- python-whoosh
|
|
- python-tox
|
|
- python-vcrpy
|
|
# django-compressor implicitely requires BeautifulSoup until v1.4
|
|
- python-BeautifulSoup
|
|
# scripts
|
|
- python34-PyYAML
|
|
# mailman soft dep to convert html to plaintext
|
|
- lynx
|
|
tags:
|
|
- packages
|
|
- mailman
|
|
|
|
- name: setup the mailman3-fedmsg repo
|
|
copy: src=mailman3-fedmsg-plugin.RedHat.repo
|
|
dest=/etc/yum.repos.d/mailman3-fedmsg-plugin.repo
|
|
when: ansible_distribution == 'RedHat'
|
|
tags: mailman
|
|
|
|
- name: add the GPG key for the mailman3-fedmsg-plugin repo
|
|
rpm_key: state=present key=https://copr-be.cloud.fedoraproject.org/results/ralph/fedmsg-python34/pubkey.gpg
|
|
when: ansible_distribution == 'RedHat'
|
|
tags: mailman
|
|
|
|
- name: install the mailman3 fedmsg plugin rpm
|
|
yum: pkg=mailman3-fedmsg-plugin state=latest
|
|
notify: restart mailman3
|
|
when: ansible_distribution == 'RedHat'
|
|
tags: mailman
|
|
|
|
- name: copy in our fedmsg-plugin conf file
|
|
copy: src=fedmsg-plugin-conf.py dest=/etc/fedmsg.d/fedmsg-plugin-conf.py
|
|
tags:
|
|
- fedmsgdconfig
|
|
- mailman
|
|
notify: restart mailman3
|
|
|
|
- name: install packages when not using source extracts
|
|
when: ansible_hostname != "lists-dev.cloud.fedoraproject.org"
|
|
yum: pkg={{ item }} state=present
|
|
with_items:
|
|
- mailman3
|
|
- mailman3-selinux
|
|
- mailman3-hyperkitty
|
|
tags:
|
|
- packages
|
|
- mailman
|
|
|
|
|
|
#
|
|
# Initialize mailman (must be done after settings up the DBs)
|
|
#
|
|
#- name: add mailman to the apache group
|
|
# user: name=mailman groups=apache append=yes
|
|
# tags:
|
|
# - config
|
|
# - mailman
|
|
# #notify:
|
|
# # - restart mailman3
|
|
|
|
# access to the aliases files generated by mailman
|
|
- name: add postfix to the mailman group
|
|
user: name=postfix groups=mailman append=yes
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- restart postfix
|
|
|
|
## for access to the full-text index
|
|
#- name: add apache to the mailman group
|
|
# user: name=apache groups=mailman append=yes
|
|
# tags:
|
|
# - config
|
|
# - mailman
|
|
# notify:
|
|
# - reload httpd
|
|
|
|
- name: set the mailman conffile
|
|
template: src={{ item }} dest=/etc/mailman.cfg
|
|
owner=root group=mailman mode=0640
|
|
with_first_found:
|
|
- mailman.cfg.{{ ansible_hostname }}.j2
|
|
- mailman.cfg.j2
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- restart mailman3
|
|
|
|
|
|
#
|
|
# Crontab
|
|
#
|
|
- name: set the hyperkitty crontab
|
|
template: src=crontab.j2 dest=/etc/cron.d/hyperkitty
|
|
tags:
|
|
- config
|
|
- mailman
|
|
|
|
#
|
|
# Logging
|
|
#
|
|
- name: hyperkitty logging -- directory
|
|
file: path=/var/log/hyperkitty state=directory
|
|
owner=root group=apache mode=2775
|
|
tags: mailman
|
|
- name: hyperkitty logging -- file creation
|
|
copy: content="" dest=/var/log/hyperkitty/hyperkitty.log
|
|
force=no
|
|
tags: mailman
|
|
- name: hyperkitty logging -- file permissions
|
|
file: path=/var/log/hyperkitty/hyperkitty.log state=file
|
|
owner=root group=apache mode=664
|
|
tags: mailman
|
|
- name: hyperkitty logging -- rotation
|
|
copy: src=hyperkitty.logrotate.conf
|
|
dest=/etc/logrotate.d/hyperkitty
|
|
tags: mailman
|
|
|
|
|
|
#
|
|
# HyperKitty + Postorius setup
|
|
#
|
|
|
|
- name: create the configuration directory
|
|
file: path={{ mailman_webui_confdir }} state=directory
|
|
tags: mailman
|
|
|
|
- name: install the hyperkitty settings file
|
|
template: src=settings.py.j2
|
|
dest="{{ mailman_webui_confdir }}/settings.py"
|
|
owner=root group=apache mode=0640
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- reload apache
|
|
#- restart mailman3
|
|
|
|
- name: install the hyperkitty settings admin file
|
|
template: src=settings_admin.py.j2
|
|
dest="{{ mailman_webui_confdir }}/settings_admin.py"
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- config
|
|
- mailman
|
|
|
|
- name: install the hyperkitty settings test file
|
|
copy: src=settings_test.py
|
|
dest="{{ mailman_webui_confdir }}/settings_test.py"
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- config
|
|
- mailman
|
|
|
|
- name: install the hyperkitty urls file
|
|
copy: src=urls.py
|
|
dest="{{ mailman_webui_confdir }}/urls.py"
|
|
owner=root group=root mode=0644
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- reload apache
|
|
|
|
- name: install the hyperkitty wsgi file
|
|
copy: src=webui.wsgi
|
|
dest="{{ mailman_webui_confdir }}/webui.wsgi"
|
|
owner=root group=root mode=0644
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- reload apache
|
|
|
|
- name: install the hyperkitty/postorius dummy httpd conf file
|
|
template: src=apache-dummy.conf.j2
|
|
dest=/etc/httpd/conf.d/{{ item }}.conf
|
|
with_items:
|
|
- hyperkitty
|
|
- postorius
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- reload apache
|
|
|
|
- name: install the hyperkitty httpd conf file
|
|
template: src=apache.conf.j2
|
|
dest=/etc/httpd/conf.d/mailman-webui.conf
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- reload apache
|
|
|
|
- name: create the fulltext index dir
|
|
file: path="{{ mailman_webui_basedir }}/fulltext_index"
|
|
state=directory owner=apache group=apache mode=0755
|
|
tags: mailman
|
|
|
|
- name: create the hyperkitty static files dir
|
|
file: path="{{ mailman_webui_basedir }}/static"
|
|
state=directory owner=root group=root mode=0755
|
|
tags: mailman
|
|
|
|
- name: create the hyperkitty templates override dir
|
|
file: path="{{ mailman_webui_basedir }}/templates/hyperkitty"
|
|
state=directory owner=root group=root mode=0755
|
|
tags: mailman
|
|
|
|
- name: Install our fedmenu js hook
|
|
template: src=bottom.html
|
|
dest="{{mailman_webui_basedir }}/templates/hyperkitty/bottom.html"
|
|
tags: mailman
|
|
|
|
#
|
|
# Plug HyperKitty into Mailman
|
|
#
|
|
- name: copy the mailman-hyperkitty conffile
|
|
copy: src=mailman-hyperkitty.cfg
|
|
dest="{{ mailman_webui_confdir }}/mailman-hyperkitty.cfg"
|
|
owner=root group=mailman mode=0640
|
|
tags:
|
|
- config
|
|
- mailman
|
|
notify:
|
|
- restart mailman3
|
|
|
|
# To avoid confusion with "{{ mailman_webui_confdir }}/mailman-hyperkitty.cfg"
|
|
# Don't create a symlink because ansible won't convert the regular file coming
|
|
# from the RPM to a symlink.
|
|
- name: remove the hyperkitty conffile in the mailman directory to avoid confusion
|
|
file: path=/etc/mailman3.d/hyperkitty.cfg state=absent
|
|
tags:
|
|
- config
|
|
- mailman
|
|
|
|
|
|
#
|
|
# Scripts
|
|
#
|
|
- name: install the migration conffile
|
|
template: src=mailman-migration.conf.j2
|
|
dest=/etc/mailman-migration.conf
|
|
owner=root group=root mode=0644
|
|
tags: mailman
|
|
|
|
- name: create the scripts dir
|
|
file: path="{{ mailman_webui_basedir }}/bin"
|
|
state=directory owner=root group=root mode=0755
|
|
tags: mailman
|
|
|
|
- name: install the migration environment
|
|
template: src=mailman-migration-path.sh.j2
|
|
dest=/etc/profile.d/mailman-migration-path.sh
|
|
owner=root group=root mode=0644
|
|
tags: mailman
|
|
|
|
- name: install the scripts
|
|
copy: src={{ item }} dest="{{ mailman_webui_basedir }}/bin/{{ item }}"
|
|
owner=root group=root mode=0755
|
|
tags: mailman
|
|
with_items:
|
|
- yamlget
|
|
- pg-give-rights.py
|
|
- post-update.sh
|
|
- import-mm2.py
|
|
|
|
- name: copy the initial user fixture
|
|
copy: src=postorius.initial-user.json
|
|
dest=/etc/postorius/sites/default/initial-user.json
|
|
owner=root group=apache mode=0640
|
|
tags: mailman
|
|
|
|
|
|
# Sync databases and collect static files on RPM install/upgrade
|
|
- name: install the post-transaction trigger
|
|
template: src=post-transaction.action.j2
|
|
dest=/etc/yum/post-actions/hyperkitty.action
|
|
tags: mailman
|
|
|
|
#
|
|
# Only run this on mailman01 for now.
|
|
# TODO: run it on lists-dev too
|
|
#
|
|
|
|
# The post-update scripts needs memcached to be up (django-compressor will
|
|
# store the timestamps there)
|
|
- name: start services
|
|
service: state=started enabled=yes name=memcached
|
|
tags: mailman
|
|
|
|
- name: run the post-update script
|
|
command: "{{ mailman_webui_basedir }}/bin/post-update.sh"
|
|
when: inventory_hostname.startswith('mailman01')
|
|
tags: mailman
|
|
|
|
|
|
## Postfix
|
|
#- name: create the postfix aliases
|
|
# command: su mailman -s /bin/sh -c "mailman3 aliases"
|
|
# creates=/var/lib/mailman3/data/postfix_lmtp.db
|
|
|
|
|
|
# Memcached
|
|
- name: set the memcached sysconfig file
|
|
copy: src=memcached.sysconfig dest=/etc/sysconfig/memcached
|
|
tags: mailman
|
|
notify:
|
|
- restart memcached
|
|
|
|
|
|
# Start services
|
|
- name: start services
|
|
service: state=started enabled=yes name={{ item }}
|
|
with_items:
|
|
- httpd
|
|
- mailman3
|
|
- postfix
|
|
- memcached
|
|
tags: mailman
|