Compare commits
5 Commits
61f1751416
...
d6eac0bbfb
Author | SHA1 | Date |
---|---|---|
Jim Hague | d6eac0bbfb | |
Jim Hague | 11ff53033f | |
Jim Hague | 9245260571 | |
Jim Hague | 60962b28e4 | |
Jim Hague | 2783177943 |
|
@ -0,0 +1,44 @@
|
||||||
|
# /etc/aliases
|
||||||
|
mailer-daemon: postmaster
|
||||||
|
postmaster: root
|
||||||
|
nobody: root
|
||||||
|
hostmaster: root
|
||||||
|
usenet: root
|
||||||
|
news: root
|
||||||
|
webmaster: root
|
||||||
|
www: root
|
||||||
|
www-data: root
|
||||||
|
ftp: root
|
||||||
|
abuse: root
|
||||||
|
noc: root
|
||||||
|
security: root
|
||||||
|
|
||||||
|
root:jim@lunch.org.uk
|
||||||
|
|
||||||
|
alexandra: alex
|
||||||
|
alexandra.hague: alex
|
||||||
|
bunny: alex
|
||||||
|
ali: alex
|
||||||
|
ali.hague: alex
|
||||||
|
jim.hague: jim
|
||||||
|
heather.james: heather
|
||||||
|
chrissie: chrissy
|
||||||
|
christina: chrissy
|
||||||
|
christina.hague: chrissy
|
||||||
|
toby: jim
|
||||||
|
fitzroy: jim
|
||||||
|
nthague: jim
|
||||||
|
|
||||||
|
hannah.farncombe: hannah
|
||||||
|
#hannah: hjfarncombe@me.com
|
||||||
|
|
||||||
|
wpcc: jim
|
||||||
|
|
||||||
|
ryman: jim
|
||||||
|
|
||||||
|
parents: jim,heather
|
||||||
|
|
||||||
|
jenkins: jim
|
||||||
|
|
||||||
|
clamav: root
|
||||||
|
monit: root
|
|
@ -0,0 +1,11 @@
|
||||||
|
# This is the aliases file for cryhavoc.org.uk. It does not permit
|
||||||
|
# file aliases.
|
||||||
|
|
||||||
|
postmaster: root
|
||||||
|
root: jim@lunch.org.uk
|
||||||
|
mailer-daemon: postmaster
|
||||||
|
mail: postmaster
|
||||||
|
webmaster: root
|
||||||
|
admin: root
|
||||||
|
|
||||||
|
woody: jim
|
|
@ -0,0 +1,23 @@
|
||||||
|
# This is the aliases file for cryhavoc.org.uk. It does not permit
|
||||||
|
# file aliases.
|
||||||
|
|
||||||
|
postmaster: root
|
||||||
|
root: jim@lunch.org.uk
|
||||||
|
mailer-daemon: postmaster
|
||||||
|
mail: postmaster
|
||||||
|
webmaster: root
|
||||||
|
admin: root
|
||||||
|
|
||||||
|
info: jim
|
||||||
|
|
||||||
|
www-data: jim@lunch.org.uk
|
||||||
|
jim: jim@lunch.org.uk
|
||||||
|
wiki: jim@lunch.org.uk
|
||||||
|
|
||||||
|
bag: louisthurman@gmail.com, jim@lunch.org.uk
|
||||||
|
foreman: jim@lunch.org.uk
|
||||||
|
dottes: jim@lunch.org.uk
|
||||||
|
squire: jim@lunch.org.uk
|
||||||
|
treasurer: phm.day202@btinternet.com
|
||||||
|
|
||||||
|
privacy: squire,bag
|
|
@ -0,0 +1,77 @@
|
||||||
|
# This is the aliases file for lunch.org.uk. It does not permit
|
||||||
|
# file and pipe aliases.
|
||||||
|
|
||||||
|
postmaster: root
|
||||||
|
root: jim
|
||||||
|
mailer-daemon: postmaster
|
||||||
|
mail: postmaster
|
||||||
|
webmaster: root
|
||||||
|
|
||||||
|
nas: jim
|
||||||
|
|
||||||
|
alexandra: alex
|
||||||
|
alexandra.hague: alex
|
||||||
|
ali: alex
|
||||||
|
bunny: alex
|
||||||
|
jim.hague: jim
|
||||||
|
heather.james: heather
|
||||||
|
chrissie: chrissy
|
||||||
|
christina: chrissy
|
||||||
|
christina.hague: chrissy
|
||||||
|
toby: jim
|
||||||
|
fitzroy: jim
|
||||||
|
santa: jim
|
||||||
|
joybear: jim
|
||||||
|
|
||||||
|
#OxLUG
|
||||||
|
#oxlug: jim@lunch.org.uk,
|
||||||
|
# leonard.ian@gmail.com,
|
||||||
|
# ian@smallworld.cx,
|
||||||
|
# phil@kantaka.co.uk,
|
||||||
|
# hubert@oxyware.com,
|
||||||
|
# tim.pizey@gmail.com,
|
||||||
|
# entity@danny.id.au,
|
||||||
|
# robertbentall@gmail.com,
|
||||||
|
# chris@griggs.me.uk,
|
||||||
|
# nicholas.cole@history.ox.ac.uk,
|
||||||
|
# dom@earth.li,
|
||||||
|
# deya_sanchez@oslerdiagnostics.com,
|
||||||
|
# james@inkblotsoftware.com
|
||||||
|
|
||||||
|
# MHCC
|
||||||
|
mhcc-all: jim@bear-cave.org.uk,
|
||||||
|
MarlbHCricket@aol.com,
|
||||||
|
martin@italy-update.demon.co.uk,
|
||||||
|
em_dom@hotmail.com,
|
||||||
|
gurmej.lal@siemens.com,
|
||||||
|
Huw.Leggate@Jet.uk,
|
||||||
|
Karen.Carroll@oxmhc-tr.nhs.uk,
|
||||||
|
jondunkley@aol.com,
|
||||||
|
Marni786ms@hotmail.com,
|
||||||
|
Mike.Reeves@wallingfordsoftware.com,
|
||||||
|
mitchell_fraser-jones@hen.invesco.com,
|
||||||
|
Sally.Moore@oxon.blackwellpublishing.com,
|
||||||
|
sureshp@sterilox.com,
|
||||||
|
mshelloxford@yahoo.com,
|
||||||
|
owenslat@hotmail.com,
|
||||||
|
sundancekid69@Hotmail.com,
|
||||||
|
bigash51@yahoo.co.uk,
|
||||||
|
andrewlines@O2.co.uk,
|
||||||
|
willsyboy3@hotmail.com,
|
||||||
|
Richard.Body@WallingfordSoftware.com,
|
||||||
|
abastin@oxford.gov.uk,
|
||||||
|
Andrew.Land@atkinsglobal.com,
|
||||||
|
gwyn.jones@aeat.co.uk,
|
||||||
|
Paul.Henley@Man.ac.uk,
|
||||||
|
alberto.behar@nuffield.oxford.ac.uk,
|
||||||
|
jeremy.bowell@oup.com,
|
||||||
|
richard.coggins@magdalen.oxford.ac.uk,
|
||||||
|
gwyn.jones@aeat.co.uk,
|
||||||
|
alistair.james@eng.ox.ac.uk
|
||||||
|
|
||||||
|
|
||||||
|
# MHCC SMS
|
||||||
|
mhcc-sms: bcb7049f07f4c44cbc6497aa81f92b@dist.aql.com
|
||||||
|
|
||||||
|
jane: janestannard@hotmail.com
|
||||||
|
#jane: jim@lunch.org.uk, janestannard@hotmail.com
|
|
@ -18,3 +18,10 @@ protocol imap {
|
||||||
mail_max_userip_connections = 40
|
mail_max_userip_connections = 40
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Allow client auth to exim4.
|
||||||
|
service auth {
|
||||||
|
unix_listener auth-client {
|
||||||
|
mode = 0660
|
||||||
|
group = Debian-exim
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -1,12 +1,31 @@
|
||||||
outbound:
|
fdef SRS_SECRET
|
||||||
|
|
||||||
|
.ifdef DCconfig_internet
|
||||||
|
|
||||||
|
outbound_srs:
|
||||||
|
debug_print = "R: SRS outbound for $local_part@$domain original $original_local_part@$original_domain"
|
||||||
driver = dnslookup
|
driver = dnslookup
|
||||||
# if outbound, and forwarding has been done, use an alternate transport
|
# if outbound, and forwarding has been done, use an alternate transport
|
||||||
domains = ! +local_domains
|
domains = ! +local_domains
|
||||||
transport = ${if eq {$local_part@$domain} \
|
condition = ${if !eq {$local_part@$domain} \
|
||||||
{$original_local_part@$original_domain} \
|
{$original_local_part@$original_domain}}
|
||||||
{remote_smtp} {remote_forwarded_smtp}}
|
transport = {remote_forwarded_smtp}
|
||||||
|
|
||||||
|
.elifdef DCconfig_smarthost DCconfig_satellite
|
||||||
|
|
||||||
|
outbound_srs_smarthost:
|
||||||
|
debug_print = "R: SRS outbound smarthost for $local_part@$domain original $original_local_part@$original_domain"
|
||||||
|
driver = dnslookup
|
||||||
|
# if outbound, and forwarding has been done, use an alternate transport
|
||||||
|
domains = ! +local_domains
|
||||||
|
condition = ${if !eq {$local_part@$domain} \
|
||||||
|
{$original_local_part@$original_domain}}
|
||||||
|
transport = {remote_forwarded_smtp_smarthost}
|
||||||
|
|
||||||
|
.endif
|
||||||
|
|
||||||
inbound_srs:
|
inbound_srs:
|
||||||
|
debug_print = "R: inbound_srs for $local_part@$domain"
|
||||||
driver = redirect
|
driver = redirect
|
||||||
senders = :
|
senders = :
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
|
@ -15,6 +34,7 @@
|
||||||
data = $srs_recipient
|
data = $srs_recipient
|
||||||
|
|
||||||
inbound_srs_failure:
|
inbound_srs_failure:
|
||||||
|
debug_print = "R: inbound_srs_failure for $local_part@$domain"
|
||||||
driver = redirect
|
driver = redirect
|
||||||
senders = :
|
senders = :
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
|
@ -22,3 +42,5 @@
|
||||||
condition = ${if inbound_srs {$local_part} {}}
|
condition = ${if inbound_srs {$local_part} {}}
|
||||||
allow_fail
|
allow_fail
|
||||||
data = :fail: Invalid SRS recipient address
|
data = :fail: Invalid SRS recipient address
|
||||||
|
|
||||||
|
.endif
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
# transport; should look like the non-forward outbound
|
|
||||||
# one, plus the max_rcpt and return_path options
|
|
||||||
remote_forwarded_smtp:
|
|
||||||
driver = smtp
|
|
||||||
# modify the envelope from, for mails that we forward
|
|
||||||
max_rcpt = 1
|
|
||||||
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
# transport; should look like the non-forward outbound
|
||||||
|
# one, plus the max_rcpt and return_path options
|
||||||
|
remote_forwarded_smtp:
|
||||||
|
debug_print = "T: remote_forwarded_smtp for $local_part@$domain original domain $original_domain"
|
||||||
|
driver = smtp
|
||||||
|
# modify the envelope from, for mails that we forward
|
||||||
|
max_rcpt = 1
|
||||||
|
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
||||||
|
.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
|
||||||
|
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
|
||||||
|
hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_RETURN_PATH
|
||||||
|
return_path = REMOTE_SMTP_RETURN_PATH
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HELO_DATA
|
||||||
|
helo_data=REMOTE_SMTP_HELO_DATA
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_INTERFACE
|
||||||
|
interface = REMOTE_SMTP_INTERFACE
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_DOMAIN
|
||||||
|
dkim_domain = DKIM_DOMAIN
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_SELECTOR
|
||||||
|
dkim_selector = DKIM_SELECTOR
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_PRIVATE_KEY
|
||||||
|
dkim_private_key = DKIM_PRIVATE_KEY
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_CANON
|
||||||
|
dkim_canon = DKIM_CANON
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_STRICT
|
||||||
|
dkim_strict = DKIM_STRICT
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_SIGN_HEADERS
|
||||||
|
dkim_sign_headers = DKIM_SIGN_HEADERS
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_TIMESTAMPS
|
||||||
|
dkim_timestamps = DKIM_TIMESTAMPS
|
||||||
|
.endif
|
||||||
|
.ifdef TLS_DH_MIN_BITS
|
||||||
|
tls_dh_min_bits = TLS_DH_MIN_BITS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TLS_CERTIFICATE
|
||||||
|
tls_certificate = REMOTE_SMTP_TLS_CERTIFICATE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_PRIVATEKEY
|
||||||
|
tls_privatekey = REMOTE_SMTP_PRIVATEKEY
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HOSTS_REQUIRE_TLS
|
||||||
|
hosts_require_tls = REMOTE_SMTP_HOSTS_REQUIRE_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
.endif
|
|
@ -0,0 +1,51 @@
|
||||||
|
# transport; should look like the non-forward outbound
|
||||||
|
# one, plus the max_rcpt and return_path options
|
||||||
|
remote_forwarded_smtp_smarthost:
|
||||||
|
debug_print = "T: remote_forwarded_smtp_smarthost for $local_part@$domain original domain $original_domain"
|
||||||
|
driver = smtp
|
||||||
|
# modify the envelope from, for mails that we forward
|
||||||
|
max_rcpt = 1
|
||||||
|
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
||||||
|
multi_domain
|
||||||
|
.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
|
||||||
|
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
|
||||||
|
.endif
|
||||||
|
hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
|
||||||
|
{\
|
||||||
|
${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
|
||||||
|
}\
|
||||||
|
{} \
|
||||||
|
}
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
|
||||||
|
hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
|
||||||
|
hosts_require_tls = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES
|
||||||
|
tls_verify_certificates = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS
|
||||||
|
tls_verify_hosts = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_RETURN_PATH
|
||||||
|
return_path = REMOTE_SMTP_RETURN_PATH
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HELO_DATA
|
||||||
|
helo_data=REMOTE_SMTP_HELO_DATA
|
||||||
|
.endif
|
||||||
|
.ifdef TLS_DH_MIN_BITS
|
||||||
|
tls_dh_min_bits = TLS_DH_MIN_BITS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
|
||||||
|
tls_certificate = REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_PRIVATEKEY
|
||||||
|
tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
.endif
|
|
@ -2,3 +2,4 @@ include:
|
||||||
- email/dovecot
|
- email/dovecot
|
||||||
- email/rspamd
|
- email/rspamd
|
||||||
- email/exim4
|
- email/exim4
|
||||||
|
- email/mailboxes
|
||||||
|
|
|
@ -0,0 +1,48 @@
|
||||||
|
# Mailboxes that need to exist, and supporting files.
|
||||||
|
|
||||||
|
heather:
|
||||||
|
group.present:
|
||||||
|
- gid: 1001
|
||||||
|
user.present:
|
||||||
|
- fullname: 'Heather James'
|
||||||
|
- home: /home/heather
|
||||||
|
- shell: /bin/bash
|
||||||
|
- uid: 1001
|
||||||
|
- gid: 1001
|
||||||
|
|
||||||
|
alex:
|
||||||
|
group.present:
|
||||||
|
- gid: 1002
|
||||||
|
user.present:
|
||||||
|
- fullname: 'Alexandra Hague'
|
||||||
|
- home: /home/alex
|
||||||
|
- shell: /bin/bash
|
||||||
|
- uid: 1002
|
||||||
|
- gid: 1002
|
||||||
|
|
||||||
|
chrissy:
|
||||||
|
group.present:
|
||||||
|
- gid: 1003
|
||||||
|
user.present:
|
||||||
|
- fullname: 'Christina Hague'
|
||||||
|
- home: /home/chrissy
|
||||||
|
- shell: /bin/bash
|
||||||
|
- uid: 1003
|
||||||
|
- gid: 1003
|
||||||
|
|
||||||
|
hannah:
|
||||||
|
group.present:
|
||||||
|
- gid: 1007
|
||||||
|
user.present:
|
||||||
|
- fullname: 'Hannah Farncombe'
|
||||||
|
- home: /home/hannah
|
||||||
|
- shell: /bin/bash
|
||||||
|
- uid: 1005
|
||||||
|
- gid: 1007
|
||||||
|
|
||||||
|
email_aliases:
|
||||||
|
file.recurse:
|
||||||
|
- name: /etc
|
||||||
|
- file_mode: '0644'
|
||||||
|
- source: salt://email/aliases
|
||||||
|
|
|
@ -0,0 +1,190 @@
|
||||||
|
# This file is imported by the Mailman Suite. It is used to override
|
||||||
|
# the default settings from /usr/share/mailman3-web/settings.py.
|
||||||
|
|
||||||
|
# SECURITY WARNING: keep the secret key used in production secret!
|
||||||
|
SECRET_KEY = 'PMjOqXpDCJkloOvDJoutsV4ZqNNzI8hXyLN6KCLalLresPaA'
|
||||||
|
|
||||||
|
ADMINS = (
|
||||||
|
('Mailman Suite Admin', 'root@localhost'),
|
||||||
|
)
|
||||||
|
|
||||||
|
# Hosts/domain names that are valid for this site; required if DEBUG is False
|
||||||
|
# See https://docs.djangoproject.com/en/1.8/ref/settings/#allowed-hosts
|
||||||
|
# Set to '*' per default in the Deian package to allow all hostnames. Mailman3
|
||||||
|
# is meant to run behind a webserver reverse proxy anyway.
|
||||||
|
ALLOWED_HOSTS = [
|
||||||
|
#"localhost", # Archiving API from Mailman, keep it.
|
||||||
|
# "lists.your-domain.org",
|
||||||
|
# Add here all production URLs you may have.
|
||||||
|
'*'
|
||||||
|
]
|
||||||
|
|
||||||
|
# Mailman API credentials
|
||||||
|
MAILMAN_REST_API_URL = 'http://localhost:8001'
|
||||||
|
MAILMAN_REST_API_USER = 'restadmin'
|
||||||
|
MAILMAN_REST_API_PASS = 'JLXqquLV2xJyuC9XpwuGrg9wVnrADgc8LA4UKdGXFudEJ5FM'
|
||||||
|
MAILMAN_ARCHIVER_KEY = 'yecyDwdMl5Sl5LnIfQbLWdhlpEeNGSUx'
|
||||||
|
MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1')
|
||||||
|
|
||||||
|
# Application definition
|
||||||
|
|
||||||
|
INSTALLED_APPS = (
|
||||||
|
'hyperkitty',
|
||||||
|
'postorius',
|
||||||
|
'django_mailman3',
|
||||||
|
# Uncomment the next line to enable the admin:
|
||||||
|
'django.contrib.admin',
|
||||||
|
# Uncomment the next line to enable admin documentation:
|
||||||
|
# 'django.contrib.admindocs',
|
||||||
|
'django.contrib.auth',
|
||||||
|
'django.contrib.contenttypes',
|
||||||
|
'django.contrib.sessions',
|
||||||
|
'django.contrib.sites',
|
||||||
|
'django.contrib.messages',
|
||||||
|
'django.contrib.staticfiles',
|
||||||
|
'rest_framework',
|
||||||
|
'django_gravatar',
|
||||||
|
'compressor',
|
||||||
|
'haystack',
|
||||||
|
'django_extensions',
|
||||||
|
'django_q',
|
||||||
|
'allauth',
|
||||||
|
'allauth.account',
|
||||||
|
'allauth.socialaccount',
|
||||||
|
#'django_mailman3.lib.auth.fedora',
|
||||||
|
#'allauth.socialaccount.providers.openid',
|
||||||
|
#'allauth.socialaccount.providers.github',
|
||||||
|
#'allauth.socialaccount.providers.gitlab',
|
||||||
|
#'allauth.socialaccount.providers.google',
|
||||||
|
#'allauth.socialaccount.providers.facebook',
|
||||||
|
#'allauth.socialaccount.providers.twitter',
|
||||||
|
#'allauth.socialaccount.providers.stackexchange',
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# Database
|
||||||
|
# https://docs.djangoproject.com/en/1.8/ref/settings/#databases
|
||||||
|
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
# Use 'sqlite3', 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
|
||||||
|
'ENGINE': 'django.db.backends.sqlite3',
|
||||||
|
#'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
||||||
|
#'ENGINE': 'django.db.backends.mysql',
|
||||||
|
# DB name or path to database file if using sqlite3.
|
||||||
|
'NAME': '/var/lib/mailman3/web/mailman3web.db',
|
||||||
|
# The following settings are not used with sqlite3:
|
||||||
|
'USER': '',
|
||||||
|
'PASSWORD': '',
|
||||||
|
# HOST: empty for localhost through domain sockets or '127.0.0.1' for
|
||||||
|
# localhost through TCP.
|
||||||
|
'HOST': '',
|
||||||
|
# PORT: set to empty string for default.
|
||||||
|
'PORT': '',
|
||||||
|
# OPTIONS: Extra parameters to use when connecting to the database.
|
||||||
|
'OPTIONS': {
|
||||||
|
# Set sql_mode to 'STRICT_TRANS_TABLES' for MySQL. See
|
||||||
|
# https://docs.djangoproject.com/en/1.11/ref/
|
||||||
|
# databases/#setting-sql-mode
|
||||||
|
#'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# If you're behind a proxy, use the X-Forwarded-Host header
|
||||||
|
# See https://docs.djangoproject.com/en/1.8/ref/settings/#use-x-forwarded-host
|
||||||
|
USE_X_FORWARDED_HOST = True
|
||||||
|
|
||||||
|
# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER
|
||||||
|
# https://docs.djangoproject.com/en/1.8/ref/settings/#secure-proxy-ssl-header
|
||||||
|
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||||
|
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SCHEME', 'https')
|
||||||
|
|
||||||
|
# Other security settings
|
||||||
|
# SECURE_SSL_REDIRECT = True
|
||||||
|
# If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT
|
||||||
|
# contains at least this line:
|
||||||
|
# SECURE_REDIRECT_EXEMPT = [
|
||||||
|
# "archives/api/mailman/.*", # Request from Mailman.
|
||||||
|
# ]
|
||||||
|
# SESSION_COOKIE_SECURE = True
|
||||||
|
# SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
|
# SECURE_BROWSER_XSS_FILTER = True
|
||||||
|
# CSRF_COOKIE_SECURE = True
|
||||||
|
# CSRF_COOKIE_HTTPONLY = True
|
||||||
|
# X_FRAME_OPTIONS = 'DENY'
|
||||||
|
|
||||||
|
|
||||||
|
# Internationalization
|
||||||
|
# https://docs.djangoproject.com/en/1.8/topics/i18n/
|
||||||
|
|
||||||
|
LANGUAGE_CODE = 'en-us'
|
||||||
|
|
||||||
|
TIME_ZONE = 'UTC'
|
||||||
|
|
||||||
|
USE_I18N = True
|
||||||
|
USE_L10N = True
|
||||||
|
USE_TZ = True
|
||||||
|
|
||||||
|
|
||||||
|
# Set default domain for email addresses.
|
||||||
|
EMAILNAME = 'localhost.local'
|
||||||
|
|
||||||
|
# If you enable internal authentication, this is the address that the emails
|
||||||
|
# will appear to be coming from. Make sure you set a valid domain name,
|
||||||
|
# otherwise the emails may get rejected.
|
||||||
|
# https://docs.djangoproject.com/en/1.8/ref/settings/#default-from-email
|
||||||
|
# DEFAULT_FROM_EMAIL = "mailing-lists@you-domain.org"
|
||||||
|
DEFAULT_FROM_EMAIL = 'postorius@{}'.format(EMAILNAME)
|
||||||
|
|
||||||
|
# If you enable email reporting for error messages, this is where those emails
|
||||||
|
# will appear to be coming from. Make sure you set a valid domain name,
|
||||||
|
# otherwise the emails may get rejected.
|
||||||
|
# https://docs.djangoproject.com/en/1.8/ref/settings/#std:setting-SERVER_EMAIL
|
||||||
|
# SERVER_EMAIL = 'root@your-domain.org'
|
||||||
|
SERVER_EMAIL = 'root@{}'.format(EMAILNAME)
|
||||||
|
|
||||||
|
|
||||||
|
# Django Allauth
|
||||||
|
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Social auth
|
||||||
|
#
|
||||||
|
SOCIALACCOUNT_PROVIDERS = {
|
||||||
|
#'openid': {
|
||||||
|
# 'SERVERS': [
|
||||||
|
# dict(id='yahoo',
|
||||||
|
# name='Yahoo',
|
||||||
|
# openid_url='http://me.yahoo.com'),
|
||||||
|
# ],
|
||||||
|
#},
|
||||||
|
#'google': {
|
||||||
|
# 'SCOPE': ['profile', 'email'],
|
||||||
|
# 'AUTH_PARAMS': {'access_type': 'online'},
|
||||||
|
#},
|
||||||
|
#'facebook': {
|
||||||
|
# 'METHOD': 'oauth2',
|
||||||
|
# 'SCOPE': ['email'],
|
||||||
|
# 'FIELDS': [
|
||||||
|
# 'email',
|
||||||
|
# 'name',
|
||||||
|
# 'first_name',
|
||||||
|
# 'last_name',
|
||||||
|
# 'locale',
|
||||||
|
# 'timezone',
|
||||||
|
# ],
|
||||||
|
# 'VERSION': 'v2.4',
|
||||||
|
#},
|
||||||
|
}
|
||||||
|
|
||||||
|
# On a production setup, setting COMPRESS_OFFLINE to True will bring a
|
||||||
|
# significant performance improvement, as CSS files will not need to be
|
||||||
|
# recompiled on each requests. It means running an additional "compress"
|
||||||
|
# management command after each code upgrade.
|
||||||
|
# http://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
|
||||||
|
COMPRESS_OFFLINE = True
|
||||||
|
|
||||||
|
POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost/mailman3/'
|
|
@ -0,0 +1,272 @@
|
||||||
|
# Copyright (C) 2008-2017 by the Free Software Foundation, Inc.
|
||||||
|
#
|
||||||
|
# This file is part of GNU Mailman.
|
||||||
|
#
|
||||||
|
# GNU Mailman is free software: you can redistribute it and/or modify it under
|
||||||
|
# the terms of the GNU General Public License as published by the Free
|
||||||
|
# Software Foundation, either version 3 of the License, or (at your option)
|
||||||
|
# any later version.
|
||||||
|
#
|
||||||
|
# GNU Mailman is distributed in the hope that it will be useful, but WITHOUT
|
||||||
|
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||||
|
# more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License along with
|
||||||
|
# GNU Mailman. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
# This file contains the Debian configuration for mailman. It uses ini-style
|
||||||
|
# formats under the lazr.config regime to define all system configuration
|
||||||
|
# options. See <https://launchpad.net/lazr.config> for details.
|
||||||
|
|
||||||
|
|
||||||
|
[mailman]
|
||||||
|
# This address is the "site owner" address. Certain messages which must be
|
||||||
|
# delivered to a human, but which can't be delivered to a list owner (e.g. a
|
||||||
|
# bounce from a list owner), will be sent to this address. It should point to
|
||||||
|
# a human.
|
||||||
|
site_owner: postmaster@lunch.org.uk
|
||||||
|
|
||||||
|
# This is the local-part of an email address used in the From field whenever a
|
||||||
|
# message comes from some entity to which there is no natural reply recipient.
|
||||||
|
# Mailman will append '@' and the host name of the list involved. This
|
||||||
|
# address must not bounce and it must not point to a Mailman process.
|
||||||
|
#noreply_address: noreply
|
||||||
|
noreply_address: postmaster
|
||||||
|
|
||||||
|
# The default language for this server.
|
||||||
|
default_language: en
|
||||||
|
|
||||||
|
# Membership tests for posting purposes are usually performed by looking at a
|
||||||
|
# set of headers, passing the test if any of their values match a member of
|
||||||
|
# the list. Headers are checked in the order given in this variable. The
|
||||||
|
# value From_ means to use the envelope sender. Field names are case
|
||||||
|
# insensitive. This is a space separate list of headers.
|
||||||
|
sender_headers: from from_ reply-to sender
|
||||||
|
|
||||||
|
# Mail command processor will ignore mail command lines after designated max.
|
||||||
|
email_commands_max_lines: 10
|
||||||
|
|
||||||
|
# Default length of time a pending request is live before it is evicted from
|
||||||
|
# the pending database.
|
||||||
|
pending_request_life: 3d
|
||||||
|
|
||||||
|
# How long should files be saved before they are evicted from the cache?
|
||||||
|
cache_life: 7d
|
||||||
|
|
||||||
|
# A callable to run with no arguments early in the initialization process.
|
||||||
|
# This runs before database initialization.
|
||||||
|
pre_hook:
|
||||||
|
|
||||||
|
# A callable to run with no arguments late in the initialization process.
|
||||||
|
# This runs after adapters are initialized.
|
||||||
|
post_hook:
|
||||||
|
|
||||||
|
# Which paths.* file system layout to use.
|
||||||
|
# You should not change this variable.
|
||||||
|
layout: debian
|
||||||
|
|
||||||
|
# Can MIME filtered messages be preserved by list owners?
|
||||||
|
filtered_messages_are_preservable: no
|
||||||
|
|
||||||
|
# How should text/html parts be converted to text/plain when the mailing list
|
||||||
|
# is set to convert HTML to plaintext? This names a command to be called,
|
||||||
|
# where the substitution variable $filename is filled in by Mailman, and
|
||||||
|
# contains the path to the temporary file that the command should read from.
|
||||||
|
# The command should print the converted text to stdout.
|
||||||
|
html_to_plain_text_command: /usr/bin/lynx -dump $filename
|
||||||
|
|
||||||
|
# Specify what characters are allowed in list names. Characters outside of
|
||||||
|
# the class [-_.+=!$*{}~0-9a-z] matched case insensitively are never allowed,
|
||||||
|
# but this specifies a subset as the only allowable characters. This must be
|
||||||
|
# a valid character class regexp or the effect on list creation is
|
||||||
|
# unpredictable.
|
||||||
|
listname_chars: [-_.0-9a-z]
|
||||||
|
|
||||||
|
|
||||||
|
[shell]
|
||||||
|
# `mailman shell` (also `withlist`) gives you an interactive prompt that you
|
||||||
|
# can use to interact with an initialized and configured Mailman system. Use
|
||||||
|
# --help for more information. This section allows you to configure certain
|
||||||
|
# aspects of this interactive shell.
|
||||||
|
|
||||||
|
# Customize the interpreter prompt.
|
||||||
|
prompt: >>>
|
||||||
|
|
||||||
|
# Banner to show on startup.
|
||||||
|
banner: Welcome to the GNU Mailman shell
|
||||||
|
|
||||||
|
# Use IPython as the shell, which must be found on the system. Valid values
|
||||||
|
# are `no`, `yes`, and `debug` where the latter is equivalent to `yes` except
|
||||||
|
# that any import errors will be displayed to stderr.
|
||||||
|
use_ipython: no
|
||||||
|
|
||||||
|
# Set this to allow for command line history if readline is available. This
|
||||||
|
# can be as simple as $var_dir/history.py to put the file in the var directory.
|
||||||
|
history_file:
|
||||||
|
|
||||||
|
|
||||||
|
[paths.debian]
|
||||||
|
# Important directories for Mailman operation. These are defined here so that
|
||||||
|
# different layouts can be supported. For example, a developer layout would
|
||||||
|
# be different from a FHS layout. Most paths are based off the var_dir, and
|
||||||
|
# often just setting that will do the right thing for all the other paths.
|
||||||
|
# You might also have to set spool_dir though.
|
||||||
|
#
|
||||||
|
# Substitutions are allowed, but must be of the form $var where 'var' names a
|
||||||
|
# configuration variable in the paths.* section. Substitutions are expanded
|
||||||
|
# recursively until no more $-variables are present. Beware of infinite
|
||||||
|
# expansion loops!
|
||||||
|
#
|
||||||
|
# This is the root of the directory structure that Mailman will use to store
|
||||||
|
# its run-time data.
|
||||||
|
var_dir: /var/lib/mailman3
|
||||||
|
# This is where the Mailman queue files directories will be created.
|
||||||
|
queue_dir: $var_dir/queue
|
||||||
|
# This is the directory containing the Mailman 'runner' and 'master' commands
|
||||||
|
# if set to the string '$argv', it will be taken as the directory containing
|
||||||
|
# the 'mailman' command.
|
||||||
|
bin_dir: /usr/lib/mailman3/bin
|
||||||
|
# All list-specific data.
|
||||||
|
list_data_dir: $var_dir/lists
|
||||||
|
# Directory where log files go.
|
||||||
|
log_dir: /var/log/mailman3
|
||||||
|
# Directory for system-wide locks.
|
||||||
|
lock_dir: $var_dir/locks
|
||||||
|
# Directory for system-wide data.
|
||||||
|
data_dir: $var_dir/data
|
||||||
|
# Cache files.
|
||||||
|
cache_dir: $var_dir/cache
|
||||||
|
# Directory for configuration files and such.
|
||||||
|
etc_dir: /etc/mailman3
|
||||||
|
# Directory containing Mailman plugins.
|
||||||
|
ext_dir: $var_dir/ext
|
||||||
|
# Directory where the default IMessageStore puts its messages.
|
||||||
|
messages_dir: $var_dir/messages
|
||||||
|
# Directory for archive backends to store their messages in. Archivers should
|
||||||
|
# create a subdirectory in here to store their files.
|
||||||
|
archive_dir: $var_dir/archives
|
||||||
|
# Root directory for site-specific template override files.
|
||||||
|
template_dir: $var_dir/templates
|
||||||
|
# There are also a number of paths to specific file locations that can be
|
||||||
|
# defined. For these, the directory containing the file must already exist,
|
||||||
|
# or be one of the directories created by Mailman as per above.
|
||||||
|
#
|
||||||
|
# This is where PID file for the master runner is stored.
|
||||||
|
pid_file: /run/mailman3/master.pid
|
||||||
|
# Lock file.
|
||||||
|
lock_file: $lock_dir/master.lck
|
||||||
|
|
||||||
|
|
||||||
|
[database]
|
||||||
|
# The class implementing the IDatabase.
|
||||||
|
class: mailman.database.sqlite.SQLiteDatabase
|
||||||
|
#class: mailman.database.mysql.MySQLDatabase
|
||||||
|
#class: mailman.database.postgresql.PostgreSQLDatabase
|
||||||
|
|
||||||
|
# Use this to set the Storm database engine URL. You generally have one
|
||||||
|
# primary database connection for all of Mailman. List data and most rosters
|
||||||
|
# will store their data in this database, although external rosters may access
|
||||||
|
# other databases in their own way. This string supports standard
|
||||||
|
# 'configuration' substitutions.
|
||||||
|
url: sqlite:///$DATA_DIR/mailman.db
|
||||||
|
#url: mysql+pymysql://mailman3:mmpass@localhost/mailman3?charset=utf8&use_unicode=1
|
||||||
|
#url: postgres://mailman3:mmpass@localhost/mailman3
|
||||||
|
|
||||||
|
debug: no
|
||||||
|
|
||||||
|
|
||||||
|
[logging.debian]
|
||||||
|
# This defines various log settings. The options available are:
|
||||||
|
#
|
||||||
|
# - level -- Overrides the default level; this may be any of the
|
||||||
|
# standard Python logging levels, case insensitive.
|
||||||
|
# - format -- Overrides the default format string
|
||||||
|
# - datefmt -- Overrides the default date format string
|
||||||
|
# - path -- Overrides the default logger path. This may be a relative
|
||||||
|
# path name, in which case it is relative to Mailman's LOG_DIR,
|
||||||
|
# or it may be an absolute path name. You cannot change the
|
||||||
|
# handler class that will be used.
|
||||||
|
# - propagate -- Boolean specifying whether to propagate log message from this
|
||||||
|
# logger to the root "mailman" logger. You cannot override
|
||||||
|
# settings for the root logger.
|
||||||
|
#
|
||||||
|
# In this section, you can define defaults for all loggers, which will be
|
||||||
|
# prefixed by 'mailman.'. Use subsections to override settings for specific
|
||||||
|
# loggers. The names of the available loggers are:
|
||||||
|
#
|
||||||
|
# - archiver -- All archiver output
|
||||||
|
# - bounce -- All bounce processing logs go here
|
||||||
|
# - config -- Configuration issues
|
||||||
|
# - database -- Database logging (SQLAlchemy and Alembic)
|
||||||
|
# - debug -- Only used for development
|
||||||
|
# - error -- All exceptions go to this log
|
||||||
|
# - fromusenet -- Information related to the Usenet to Mailman gateway
|
||||||
|
# - http -- Internal wsgi-based web interface
|
||||||
|
# - locks -- Lock state changes
|
||||||
|
# - mischief -- Various types of hostile activity
|
||||||
|
# - runner -- Runner process start/stops
|
||||||
|
# - smtp -- Successful SMTP activity
|
||||||
|
# - smtp-failure -- Unsuccessful SMTP activity
|
||||||
|
# - subscribe -- Information about leaves/joins
|
||||||
|
# - vette -- Message vetting information
|
||||||
|
format: %(asctime)s (%(process)d) %(message)s
|
||||||
|
datefmt: %b %d %H:%M:%S %Y
|
||||||
|
propagate: no
|
||||||
|
level: info
|
||||||
|
path: mailman.log
|
||||||
|
|
||||||
|
[webservice]
|
||||||
|
# The hostname at which admin web service resources are exposed.
|
||||||
|
hostname: localhost
|
||||||
|
|
||||||
|
# The port at which the admin web service resources are exposed.
|
||||||
|
port: 8001
|
||||||
|
|
||||||
|
# Whether or not requests to the web service are secured through SSL.
|
||||||
|
use_https: no
|
||||||
|
|
||||||
|
# Whether or not to show tracebacks in an HTTP response for a request that
|
||||||
|
# raised an exception.
|
||||||
|
show_tracebacks: yes
|
||||||
|
|
||||||
|
# The API version number for the current (highest) API.
|
||||||
|
api_version: 3.1
|
||||||
|
|
||||||
|
# The administrative username.
|
||||||
|
admin_user: restadmin
|
||||||
|
|
||||||
|
# The administrative password.
|
||||||
|
admin_pass: JLXqquLV2xJyuC9XpwuGrg9wVnrADgc8LA4UKdGXFudEJ5FM
|
||||||
|
|
||||||
|
[mta]
|
||||||
|
# The class defining the interface to the incoming mail transport agent.
|
||||||
|
incoming: mailman.mta.exim4.LMTP
|
||||||
|
#incoming: mailman.mta.postfix.LMTP
|
||||||
|
|
||||||
|
# The callable implementing delivery to the outgoing mail transport agent.
|
||||||
|
# This must accept three arguments, the mailing list, the message, and the
|
||||||
|
# message metadata dictionary.
|
||||||
|
outgoing: mailman.mta.deliver.deliver
|
||||||
|
|
||||||
|
# How to connect to the outgoing MTA. If smtp_user and smtp_pass is given,
|
||||||
|
# then Mailman will attempt to log into the MTA when making a new connection.
|
||||||
|
smtp_host: localhost
|
||||||
|
smtp_port: 25
|
||||||
|
smtp_user:
|
||||||
|
smtp_pass:
|
||||||
|
|
||||||
|
# Where the LMTP server listens for connections. Use 127.0.0.1 instead of
|
||||||
|
# localhost for Postfix integration, because Postfix only consults DNS
|
||||||
|
# (e.g. not /etc/hosts).
|
||||||
|
lmtp_host: 127.0.0.1
|
||||||
|
lmtp_port: 8024
|
||||||
|
|
||||||
|
# Where can we find the mail server specific configuration file? The path can
|
||||||
|
# be either a file system path or a Python import path. If the value starts
|
||||||
|
# with python: then it is a Python import path, otherwise it is a file system
|
||||||
|
# path. File system paths must be absolute since no guarantees are made about
|
||||||
|
# the current working directory. Python paths should not include the trailing
|
||||||
|
# .cfg, which the file must end with.
|
||||||
|
configuration: python:mailman.config.exim4
|
||||||
|
#configuration: python:mailman.config.postfix
|
|
@ -0,0 +1,19 @@
|
||||||
|
# The colon-separated list of domains served by Mailman.
|
||||||
|
domainlist mm_domains=lunch.org.uk:cryhavoc.org.uk
|
||||||
|
|
||||||
|
MM3_LMTP_PORT=8024
|
||||||
|
|
||||||
|
# MM3_HOME must be set to mailman's var directory, wherever it is
|
||||||
|
# according to your installation.
|
||||||
|
MM3_HOME=/var/lib/mailman3
|
||||||
|
MM3_UID=list
|
||||||
|
MM3_GID=list
|
||||||
|
|
||||||
|
################################################################
|
||||||
|
# The configuration below is boilerplate:
|
||||||
|
# you should not need to change it.
|
||||||
|
|
||||||
|
# The path to the list receipt (used as the required file when
|
||||||
|
# matching list addresses)
|
||||||
|
MM3_LISTCHK=MM3_HOME/lists/${local_part}.${domain}
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
mailman3_router:
|
||||||
|
driver = accept
|
||||||
|
domains = +mm_domains
|
||||||
|
require_files = MM3_LISTCHK
|
||||||
|
local_part_suffix_optional
|
||||||
|
local_part_suffix = \
|
||||||
|
-bounces : -bounces+* : \
|
||||||
|
-confirm : -confirm+* : \
|
||||||
|
-join : -leave : \
|
||||||
|
-owner : -request : \
|
||||||
|
-subscribe : -unsubscribe
|
||||||
|
transport = mailman3_transport
|
|
@ -0,0 +1,7 @@
|
||||||
|
mailman3_transport:
|
||||||
|
driver = smtp
|
||||||
|
protocol = lmtp
|
||||||
|
allow_localhost
|
||||||
|
hosts = localhost
|
||||||
|
port = MM3_LMTP_PORT
|
||||||
|
rcpt_include_affixes = true
|
|
@ -0,0 +1,72 @@
|
||||||
|
mailman3:
|
||||||
|
pkg.installed:
|
||||||
|
- pkgs:
|
||||||
|
- mailman3-full
|
||||||
|
- libapache2-mod-proxy-uwsgi
|
||||||
|
|
||||||
|
mailman3_conf:
|
||||||
|
file.managed:
|
||||||
|
- names:
|
||||||
|
- /etc/mailman3/mailman.cfg:
|
||||||
|
- source: salt://mailman/etc/mailman.cfg
|
||||||
|
- group: list
|
||||||
|
- mode: 0640
|
||||||
|
- /etc/mailman3/mailman-web.py:
|
||||||
|
- source: salt://mailman/etc/mailman-web.py
|
||||||
|
- group: www-data
|
||||||
|
- mode: 0640
|
||||||
|
- require:
|
||||||
|
- pkg: mailman3
|
||||||
|
- sls: apache
|
||||||
|
service.running:
|
||||||
|
- name: mailman3
|
||||||
|
- restart: true
|
||||||
|
- watch:
|
||||||
|
- file: mailman3_conf
|
||||||
|
|
||||||
|
mailman3_exim4_conf:
|
||||||
|
file.recurse:
|
||||||
|
- name: /etc/exim4
|
||||||
|
- dir_mode: '0755'
|
||||||
|
- file_mode: '0644'
|
||||||
|
- source: salt://mailman/exim4
|
||||||
|
- require:
|
||||||
|
- sls: email/exim4
|
||||||
|
|
||||||
|
mailman3_exim4_update_conf:
|
||||||
|
cmd.run:
|
||||||
|
- name: update-exim4.conf
|
||||||
|
- onchanges:
|
||||||
|
- file: mailman3_exim4_conf
|
||||||
|
|
||||||
|
mailman3_exim4_service:
|
||||||
|
service.running:
|
||||||
|
- name: exim4
|
||||||
|
- reload: true
|
||||||
|
- watch:
|
||||||
|
- cmd: mailman3_exim4_update_conf
|
||||||
|
|
||||||
|
mailman3_apache_uwsgi:
|
||||||
|
apache_module.enabled:
|
||||||
|
- name: proxy_uwsgi
|
||||||
|
- require:
|
||||||
|
- pkg: mailman3
|
||||||
|
|
||||||
|
mailman3_apache_web:
|
||||||
|
file.managed:
|
||||||
|
- require:
|
||||||
|
- sls: apache
|
||||||
|
- sls: certificates
|
||||||
|
- names:
|
||||||
|
- /etc/apache2/sites-available/lists.lunch.org.uk.conf:
|
||||||
|
- source: salt://mailman/lists.lunch.org.uk.conf
|
||||||
|
apache_site.enabled:
|
||||||
|
- require:
|
||||||
|
- file: /etc/apache2/sites-available/lists.lunch.org.uk.conf
|
||||||
|
- name: lists.lunch.org.uk
|
||||||
|
service.running:
|
||||||
|
- name: apache2
|
||||||
|
- reload: true
|
||||||
|
- watch:
|
||||||
|
- file: /etc/apache2/sites-available/lists.lunch.org.uk.conf
|
||||||
|
|
|
@ -0,0 +1,75 @@
|
||||||
|
<IfModule mod_ssl.c>
|
||||||
|
<VirtualHost *:443>
|
||||||
|
ServerName lists.cryhavoc.org.uk
|
||||||
|
|
||||||
|
ErrorLog /var/log/apache2/lists-error.log
|
||||||
|
CustomLog /var/log/apache2/lists-access.log combined
|
||||||
|
|
||||||
|
RemoteIPProxyProtocol On
|
||||||
|
|
||||||
|
Alias /mailman3/favicon.ico /var/lib/mailman3/web/static/postorius/img/favicon.ico
|
||||||
|
Alias /mailman3/static /var/lib/mailman3/web/static
|
||||||
|
|
||||||
|
<Directory "/var/lib/mailman3/web/static">
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<IfModule mod_proxy_uwsgi.c>
|
||||||
|
ProxyPass /mailman3/favicon.ico !
|
||||||
|
ProxyPass /mailman3/static !
|
||||||
|
ProxyPass / unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
SSLEngine on
|
||||||
|
SSLCertificateFile /var/local/certificates/lists.lunch.org.uk/fullchain.pem
|
||||||
|
SSLCertificateKeyFile /var/local/certificates/lists.lunch.org.uk/privkey.pem
|
||||||
|
</VirtualHost>
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<VirtualHost *:443>
|
||||||
|
ServerName lists.lunch.org.uk
|
||||||
|
|
||||||
|
ErrorLog /var/log/apache2/lists-error.log
|
||||||
|
CustomLog /var/log/apache2/lists-access.log combined
|
||||||
|
|
||||||
|
RemoteIPProxyProtocol On
|
||||||
|
|
||||||
|
<IfModule rewrite_module>
|
||||||
|
#
|
||||||
|
# This redirects all accesses to the HTTPS version of the site.
|
||||||
|
#
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule ^/?(.*) https://lists.cryhavoc.org.uk/$1 [R=301,L]
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
SSLEngine on
|
||||||
|
SSLCertificateFile /var/local/certificates/lists.lunch.org.uk/fullchain.pem
|
||||||
|
SSLCertificateKeyFile /var/local/certificates/lists.lunch.org.uk/privkey.pem
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName lists.cryhavoc.org.uk
|
||||||
|
ServerAlias lists.lunch.org.uk
|
||||||
|
|
||||||
|
ErrorLog /var/log/apache2/lists-error.log
|
||||||
|
CustomLog /var/log/apache2/lists-access.log combined
|
||||||
|
|
||||||
|
RemoteIPProxyProtocol On
|
||||||
|
|
||||||
|
<Directory /var/www-cryhavoc>
|
||||||
|
Options Indexes FollowSymLinks MultiViews
|
||||||
|
AllowOverride All
|
||||||
|
Order allow,deny
|
||||||
|
allow from all
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<IfModule rewrite_module>
|
||||||
|
#
|
||||||
|
# This redirects all accesses to the HTTPS version of the site.
|
||||||
|
#
|
||||||
|
RewriteEngine On
|
||||||
|
|
||||||
|
RewriteRule ^/?(.*) https://lists.cryhavoc.org.uk/$1 [R=301,L]
|
||||||
|
</IfModule>
|
||||||
|
</VirtualHost>
|
|
@ -28,5 +28,6 @@ base:
|
||||||
- gitea
|
- gitea
|
||||||
- jenkins
|
- jenkins
|
||||||
- jenkins/worker
|
- jenkins/worker
|
||||||
|
- mailman
|
||||||
- mercurial
|
- mercurial
|
||||||
- webmail
|
- webmail
|
||||||
|
|
|
@ -53,7 +53,7 @@ $config['smtp_server'] = 'tls://mail.lunch.org.uk';
|
||||||
|
|
||||||
// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
|
// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
|
||||||
// deprecated SSL over SMTP (aka SMTPS))
|
// deprecated SSL over SMTP (aka SMTPS))
|
||||||
$config['smtp_port'] = 587;
|
$config['smtp_port'] = 465;
|
||||||
|
|
||||||
// SMTP username (if required) if you use %u as the username Roundcube
|
// SMTP username (if required) if you use %u as the username Roundcube
|
||||||
// will use the current username for login
|
// will use the current username for login
|
||||||
|
|
Loading…
Reference in New Issue