Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • infrastruktur/ansible-warpzone
  • specki/ansible-warpzone
2 results
Show changes
Showing
with 323 additions and 285 deletions
version: '2.1'
services:
{% for domain in mail_domains %}
{{ domain }}:
image: monogramm/autodiscover-email-settings:1.4.0
restart: always
environment:
- DOMAIN={{ mail_domains[domain].maildomain }}
- IMAP_HOST={{ mail_domains[domain].mxserver }}
- IMAP_PORT=993
- IMAP_SOCKET=SSL
- POP_HOST={{ mail_domains[domain].mxserver }}
- POP_PORT=995
- POP_SOCKET=SSL
- SMTP_HOST={{ mail_domains[domain].mxserver }}
- SMTP_PORT=587
- SMTP_SOCKET=STARTTLS
labels:
- traefik.enable=true
- traefik.http.routers.{{ servicename }}-{{ domain }}.rule=Host(`autodiscover.{{ mail_domains[domain].maildomain }}`) || Host(`autoconfig.{{ mail_domains[domain].maildomain }}`)
- traefik.http.routers.{{ servicename }}-{{ domain }}.entrypoints=websecure
- traefik.http.services.{{ servicename }}-{{ domain }}.loadbalancer.server.port=8000
networks:
- default
- web
{% endfor %}
networks:
web:
external: true
...@@ -3,7 +3,7 @@ version: "3" ...@@ -3,7 +3,7 @@ version: "3"
services: services:
coturn: coturn:
image: coturn/coturn:4.5.2 image: coturn/coturn:4.6.1
restart: always restart: always
command: command:
- turnserver - turnserver
......
...@@ -9,23 +9,19 @@ ...@@ -9,23 +9,19 @@
path: "{{item}}" path: "{{item}}"
state: "directory" state: "directory"
with_items: with_items:
- /srv/dokuwiki/ - "{{ basedir }}"
- /srv/dokuwiki/data - "{{ basedir }}/data"
- /srv/dokuwiki/pdftemplate - "{{ basedir }}/pdftemplate"
- name: Docker Compose Konfig-Datei erstellen - name: Docker Compose Konfig-Datei erstellen
template: template:
src: "{{item}}" src: "{{item}}"
dest: "/srv/dokuwiki/{{item}}" dest: "{{ basedir }}/{{item}}"
with_items: with_items:
- docker-compose.yml - docker-compose.yml
- Dockerfile - Dockerfile
- sendmail_plenum.py - sendmail_plenum.py
register: config
- name: start dokuwiki docker
docker_compose:
project_src: /srv/dokuwiki/
state: present
- name: Cronjob für Mailversand Plenumsmail - name: Cronjob für Mailversand Plenumsmail
cron: cron:
...@@ -33,5 +29,16 @@ ...@@ -33,5 +29,16 @@
weekday: "0" weekday: "0"
hour: "20" hour: "20"
minute: "0" minute: "0"
job: "/usr/bin/python3 /srv/dokuwiki/sendmail_plenum.py" job: "/usr/bin/python3 {{ basedir }}/sendmail_plenum.py"
disabled: false disabled: false
- name: "stop {{ servicename}} docker"
docker_compose:
project_src: "{{ basedir }}"
state: absent
when: config.changed
- name: "start {{ servicename}} docker"
docker_compose:
project_src: "{{ basedir }}"
state: present
...@@ -3,6 +3,7 @@ version: "3" ...@@ -3,6 +3,7 @@ version: "3"
services: services:
app: app:
# values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port
build: . build: .
image: "dokuwiki--{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}-{{ ansible_date_time.second }}" image: "dokuwiki--{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}-{{ ansible_date_time.second }}"
restart: always restart: always
...@@ -16,11 +17,8 @@ services: ...@@ -16,11 +17,8 @@ services:
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=80 - traefik.http.services.{{ servicename }}.loadbalancer.server.port=80
networks: networks:
- default - default
- mail
- web - web
networks: networks:
mail:
external: true
web: web:
external: true external: true
...@@ -2,73 +2,76 @@ import smtplib ...@@ -2,73 +2,76 @@ import smtplib
import datetime import datetime
from email.message import EmailMessage from email.message import EmailMessage
from email.utils import formatdate from email.utils import formatdate
import requests
with open("/srv/dokuwiki/data/data/pages/intern/diskussionsthemen.txt") as fp:
raw = fp.read().split('\n') def do_work():
with open("/srv/dokuwiki/data/data/pages/intern/diskussionsthemen.txt") as fp:
# Extract Themen raw = fp.read().split('\n')
firstline = 0
lastline = 0 # Extract Themen
for index, line in enumerate(raw): firstline = 0
# Start marker lastline = 0
if "====== 1." in line: for index, line in enumerate(raw):
firstline = index + 1 # Start marker
continue if "====== 1." in line:
firstline = index + 1
continue
# End marker
if "====== 2." in line:
lastline = index
break
# End marker # Remove empty lines from topics
if "====== 2." in line: topics = []
lastline = index for extracted in raw[firstline:lastline-1]:
break if extracted != '':
topics.append(extracted)
# Remove empty lines from topics
topics = [] # There are no topics - just exit
for extracted in raw[firstline:lastline-1]: if (len(topics) == 0):
if extracted != '': return True
topics.append(extracted)
# calculate date of next tuesday
# There are no topics - just exit d = datetime.date.today()
if (len(topics) == 0): while d.strftime('%a') != 'Tue':
exit() d += datetime.timedelta(1)
# calculate date of next tuesday # mail template
d = datetime.date.today() mail = f"""
while d.strftime('%a') != 'Tue': Liebe Zonies,
d += datetime.timedelta(1)
es gibt wieder Themen die im Plenum besprochen werden sollen. Der nächste
# mail template Reguläre Termin ist am nächsten Dienstag ({str(d)}) um 20:00.
mail = f""" Im Wiki (https://wiki.warpzone.ms/intern:diskussionsthemen#diskussionsthemen_naechstes_plenum_automatische_einladung)
Liebe Zonies, stehen folgende Themen:
es gibt wieder Themen die im Plenum besprochen werden sollen. Der nächste
Reguläre Termin ist am nächsten Dienstag ({str(d)}) um 20:00.
Im Wiki (https://wiki.warpzone.ms/intern:diskussionsthemen#diskussionsthemen_naechstes_plenum_automatische_einladung)
stehen folgende Themen:
{chr(10).join(topics)}
Die Teilnahme ist natürlich auch remote möglich unter
https://jitsi.dorf-post.de/warpzone-plenum möglich.
Viele Grüße und bis Dienstag,
sendmail_plenum.py
"""
msg = EmailMessage()
msg['Subject'] = f'Aktuelle Plenumsthemen für Dienstag ({str(d)} 20:00)'
msg['From'] = '{{noreply_email_user}}'
msg['To'] = 'intern@warpzone.ms'
msg['Date'] = formatdate(localtime=True)
msg.set_content(mail)
server = smtplib.SMTP('{{smtp_host}}', {{smtp_port}})
server.starttls()
server.login("{{noreply_email_user}}", "{{noreply_email_pass}}")
server.send_message(msg)
server.quit()
{chr(10).join(topics)}
Die Teilnahme ist natürlich auch remote möglich unter
https://jitsi.dorf-post.de/warpzone-plenum möglich.
Viele Grüße und bis Dienstag,
sendmail_plenum.py
"""
msg = EmailMessage()
msg['Subject'] = f'Aktuelle Plenumsthemen für Dienstag ({str(d)} 20:00)'
msg['From'] = '{{noreply_email_user}}'
msg['To'] = 'intern@warpzone.ms'
msg['Date'] = formatdate(localtime=True)
msg.set_content(mail)
server = smtplib.SMTP('{{smtp_host}}', {{smtp_port}})
server.starttls()
server.login("{{noreply_email_user}}", "{{noreply_email_pass}}")
server.send_message(msg)
server.quit()
return True
success = False
try:
success = do_work()
finally:
requests.get("{{ healthchecks_url }}" if success else "{{ healthchecks_url }}" + "/fail")
...@@ -116,8 +116,8 @@ gitlab_rails['gitlab_email_enabled'] = true ...@@ -116,8 +116,8 @@ gitlab_rails['gitlab_email_enabled'] = true
# gitlab_rails['gitlab_email_smime_key_file'] = '/etc/gitlab/ssl/gitlab_smime.key' # gitlab_rails['gitlab_email_smime_key_file'] = '/etc/gitlab/ssl/gitlab_smime.key'
# gitlab_rails['gitlab_email_smime_cert_file'] = '/etc/gitlab/ssl/gitlab_smime.crt' # gitlab_rails['gitlab_email_smime_cert_file'] = '/etc/gitlab/ssl/gitlab_smime.crt'
# gitlab_rails['gitlab_email_smime_ca_certs_file'] = '/etc/gitlab/ssl/gitlab_smime_cas.crt' # gitlab_rails['gitlab_email_smime_ca_certs_file'] = '/etc/gitlab/ssl/gitlab_smime_cas.crt'
gitlab_rails['gitlab_email_from'] = '{{ noreply_email_user }}' gitlab_rails['gitlab_email_from'] = 'gitlab@{{ smtp_domain }}'
gitlab_rails['gitlab_email_display_name'] = 'Gitlab Warpzone' gitlab_rails['gitlab_email_display_name'] = 'Warpzone Gitlab'
gitlab_rails['gitlab_email_reply_to'] = '{{ noreply_email_user }}' gitlab_rails['gitlab_email_reply_to'] = '{{ noreply_email_user }}'
### GitLab user privileges ### GitLab user privileges
......
...@@ -5,7 +5,7 @@ services: ...@@ -5,7 +5,7 @@ services:
app: app:
image: gitlab/gitlab-ce:15.9.3-ce.0 image: gitlab/gitlab-ce:15.11.5-ce.0
restart: always restart: always
ports: ports:
- "444:22" - "444:22"
......
...@@ -8,6 +8,7 @@ ...@@ -8,6 +8,7 @@
- { path: "{{ basedir }}/icinga_api_pass", length: 8 } - { path: "{{ basedir }}/icinga_api_pass", length: 8 }
- { path: "{{ basedir }}/mysql_admin_pass", length: 12 } - { path: "{{ basedir }}/mysql_admin_pass", length: 12 }
- { path: "{{ basedir }}/mysql_user_pass", length: 12 } - { path: "{{ basedir }}/mysql_user_pass", length: 12 }
- { path: "{{ basedir }}/matrix_notification_access_token", length: -1 }
- name: pakete installieren - name: pakete installieren
......
...@@ -13,9 +13,10 @@ RUN apt-get update \ ...@@ -13,9 +13,10 @@ RUN apt-get update \
libnet-dns-perl \ libnet-dns-perl \
libnet-ip-perl \ libnet-ip-perl \
perl \ perl \
python3-requests \
python3 \ python3 \
python3-paho-mqtt \ python3-pip \
python3-requests \
virtualenv \
&& apt-get autoremove -y \ && apt-get autoremove -y \
&& apt-get clean \ && apt-get clean \
&& rm -rf /tmp/* /var/lib/apt/lists/* /var/cache/debconf/*-old && rm -rf /tmp/* /var/lib/apt/lists/* /var/cache/debconf/*-old
...@@ -48,3 +49,17 @@ RUN cd /opt/ \ ...@@ -48,3 +49,17 @@ RUN cd /opt/ \
&& git clone https://github.com/elberfeld/check_metric_value.git \ && git clone https://github.com/elberfeld/check_metric_value.git \
&& cd /opt/check_metric_value/ \ && cd /opt/check_metric_value/ \
&& git checkout b94d3c3e78497a05e3b4520d33421f37e4d77985 && git checkout b94d3c3e78497a05e3b4520d33421f37e4d77985
# icinga2-matrix-bot - commit from 10.06.2018
# create a symlink to emulate virtualenv
# patch matrix-service-notification.sh
RUN cd /opt/ \
&& git clone https://github.com/symptog/icinga2-matrix-bot.git \
&& cd /opt/icinga2-matrix-bot/ \
&& git checkout 86d03ed8884950eb2b883a9a94ecf93460b8e0bb \
&& pip install -r requirements.txt \
&& mkdir /opt/icinga2-matrix-bot/.venv \
&& mkdir /opt/icinga2-matrix-bot/.venv/bin \
&& ln -s /usr/bin/python3 /opt/icinga2-matrix-bot/.venv/bin/python \
&& sed -i 's/matrix-host-state/matrix-service-state/' icinga2/matrix-service-notification.sh
\ No newline at end of file
/**
* Check MQTT values
*/
object CheckCommand "check_mqtt" { object CheckCommand "check_mqtt" {
import "plugin-check-command" import "plugin-check-command"
...@@ -33,6 +37,10 @@ object CheckCommand "check_mqtt" { ...@@ -33,6 +37,10 @@ object CheckCommand "check_mqtt" {
} }
} }
/**
* Check for Mail Blacklisting
*/
object CheckCommand "check_mail_blacklist" { object CheckCommand "check_mail_blacklist" {
import "plugin-check-command" import "plugin-check-command"
...@@ -45,6 +53,9 @@ object CheckCommand "check_mail_blacklist" { ...@@ -45,6 +53,9 @@ object CheckCommand "check_mail_blacklist" {
} }
} }
/**
* Check for Prometheus values
*/
object CheckCommand "check_metric_value" { object CheckCommand "check_metric_value" {
import "plugin-check-command" import "plugin-check-command"
...@@ -62,4 +73,56 @@ object CheckCommand "check_metric_value" { ...@@ -62,4 +73,56 @@ object CheckCommand "check_metric_value" {
"-w" = "$metric_warn$" "-w" = "$metric_warn$"
"-c" = "$metric_crit$" "-c" = "$metric_crit$"
} }
} }
\ No newline at end of file
/**
* Matrix Notification
*/
object NotificationCommand "matrix-host-notification" {
import "plugin-notification-command"
command = [ "/opt/icinga2-matrix-bot/icinga2/matrix-host-notification.sh" ]
env = {
"NOTIFICATIONTYPE" = "$notification.type$"
"HOSTALIAS" = "$host.display_name$",
"HOSTADDRESS" = "$address$",
"HOSTNAME" = "$host.name$",
"HOSTSTATE" = "$host.state$",
"LONGDATETIME" = "$icinga.long_date_time$",
"HOSTOUTPUT" = "$host.output$",
"NOTIFICATIONAUTHORNAME" = "$notification.author$",
"NOTIFICATIONCOMMENT" = "$notification.comment$",
"HOSTDISPLAYNAME" = "$host.display_name$",
"ICINGA_WEBURL" = "$notification_icingaweb2url$",
"MATRIX_SERVER" = "$user.vars.matrix.server$",
"MATRIX_TOKEN" = "$user.vars.matrix.token$",
"MATRIX_CHANNEL" = "$user.vars.matrix.channel$",
}
}
object NotificationCommand "matrix-service-notification" {
import "plugin-notification-command"
command = [ "/opt/icinga2-matrix-bot/icinga2/matrix-service-notification.sh" ]
env = {
"NOTIFICATIONTYPE" = "$notification.type$"
"SERVICEDESC" = "$service.name$"
"HOSTALIAS" = "$host.display_name$",
"HOSTNAME" = "$host.name$",
"HOSTADDRESS" = "$address$",
"SERVICESTATE" = "$service.state$",
"LONGDATETIME" = "$icinga.long_date_time$",
"SERVICEOUTPUT" = "$service.output$",
"NOTIFICATIONAUTHORNAME" = "$notification.author$",
"NOTIFICATIONCOMMENT" = "$notification.comment$",
"HOSTDISPLAYNAME" = "$host.display_name$",
"SERVICEDISPLAYNAME" = "$service.display_name$",
"ICINGA_WEBURL" = "$notification_icingaweb2url$",
"MATRIX_SERVER" = "$user.vars.matrix.server$",
"MATRIX_TOKEN" = "$user.vars.matrix.token$",
"MATRIX_CHANNEL" = "$user.vars.matrix.channel$",
}
}
apply Notification "matrix" to Host {
import "matrix-host-notification"
users = [ "matrix" ]
interval = 4h
assign where host.address
}
apply Notification "matrix" to Service {
import "matrix-service-notification"
users = [ "matrix" ]
interval = 4h
assign where service.name
}
...@@ -81,3 +81,30 @@ template Notification "mail-service-notification" { ...@@ -81,3 +81,30 @@ template Notification "mail-service-notification" {
period = "24x7" period = "24x7"
} }
/**
* Provides default settings for Matrix.org service notifications.
*/
template Notification "matrix-host-notification" {
command = "matrix-host-notification"
states = [ Up, Down ]
types = [ Problem, Acknowledgement, Custom, FlappingStart, FlappingEnd ]
period = "24x7"
vars += {
notification_icingaweb2url = "https://{{ domain }}/icingaweb2"
}
}
template Notification "matrix-service-notification" {
command = "matrix-service-notification"
states = [ OK, Critical, Unknown ]
types = [ Problem, Acknowledgement, Custom, FlappingStart, FlappingEnd ]
period = "24x7"
vars += {
notification_icingaweb2url = "https://{{ domain }}/icingaweb2"
}
}
...@@ -3,3 +3,18 @@ object UserGroup "icingaadmins" { ...@@ -3,3 +3,18 @@ object UserGroup "icingaadmins" {
display_name = "Icinga 2 Admin Group" display_name = "Icinga 2 Admin Group"
} }
object User "matrix" {
import "generic-user"
display_name = "Matrix User"
vars.matrix = {
token = "{{ matrix_notification_access_token }}"
channel = "!iYefxbySFEfFQfUGEK:matrix.warpzone.ms"
server = "https://matrix.warpzone.ms"
}
}
object UserGroup "matrix" {
display_name = "Matrix Group"
assign where user.vars.matrix
}
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
- include_tasks: ../functions/get_secret.yml - include_tasks: ../functions/get_secret.yml
with_items: with_items:
- { path: /srv/shared/noreply_email_pass, length: -1 }
- { path: /srv/keycloak/keycloak_admin_pass, length: 32 } - { path: /srv/keycloak/keycloak_admin_pass, length: 32 }
- { path: /srv/keycloak/postgres_user_pass, length: 24 } - { path: /srv/keycloak/postgres_user_pass, length: 24 }
......
...@@ -6,7 +6,7 @@ services: ...@@ -6,7 +6,7 @@ services:
app: app:
# values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port
image: jboss/keycloak:16.1.1 image: jboss/keycloak:16.1.1
restart: always restart: always
depends_on: depends_on:
...@@ -31,7 +31,6 @@ services: ...@@ -31,7 +31,6 @@ services:
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080 - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
networks: networks:
- default - default
- mail
- web - web
...@@ -64,7 +63,5 @@ services: ...@@ -64,7 +63,5 @@ services:
networks: networks:
mail:
external: true
web: web:
external: true external: true
---
servicename: mail
basedir: /srv/mail
...@@ -2,21 +2,23 @@ ...@@ -2,21 +2,23 @@
- include_tasks: ../functions/get_secret.yml - include_tasks: ../functions/get_secret.yml
with_items: with_items:
- { path: "{{ basedir }}/secrets/mailcow_admin_pass", length: 28 } - { path: "{{ basedir }}/secrets/mailu_secret_key", length: 32 }
- { path: "{{ basedir }}/secrets/mysql_mailcow_pass", length: 28 } - { path: "{{ basedir }}/secrets/mailu_admin_pass", length: 32 }
- { path: "{{ basedir }}/secrets/mysql_root_pass", length: 28 } - { path: "{{ basedir }}/secrets/mailu_api_token", length: 32 }
# mailman - { path: "{{ basedir }}/secrets/mailu_db_pass", length: 28 }
- { path: "{{ basedir }}/secrets/roundcube_db_pass", length: 28 }
- { path: "{{ basedir }}/secrets/hyperkitty_api_key", length: 28 } - { path: "{{ basedir }}/secrets/hyperkitty_api_key", length: 28 }
- { path: "{{ basedir }}/secrets/postgres_mailman_pass", length: 28 } - { path: "{{ basedir }}/secrets/mailman_db_pass", length: 28 }
- { path: "{{ basedir }}/secrets/mailman_secret_key", length: 28 } - { path: "{{ basedir }}/secrets/mailman_secret_key", length: 28 }
- { path: "{{ basedir }}/secrets/mailman_restapi_pass", length: 28 } - { path: "{{ basedir }}/secrets/mailman_restapi_pass", length: 28 }
- { path: "{{ basedir }}/secrets/mysql_root_pass", length: 28 }
- name: pakete installieren # - name: pakete installieren
apt: # apt:
pkg: ['git', 'logrotate', 'openssl'] # pkg: ['logrotate']
update_cache: no # update_cache: no
state: present # state: present
- name: "create folder struct for {{ servicename }}" - name: "create folder struct for {{ servicename }}"
...@@ -26,139 +28,85 @@ ...@@ -26,139 +28,85 @@
with_items: with_items:
- "{{ basedir }}" - "{{ basedir }}"
- "{{ basedir }}/secrets" - "{{ basedir }}/secrets"
# mailcow - "{{ basedir }}/db"
- "{{ basedir }}/data/mysql" - "{{ basedir }}/db-init"
- "{{ basedir }}/data/mysql-socket" - "{{ basedir }}/mailu"
- "{{ basedir }}/data/redis" - "{{ basedir }}/mailu/overrides"
- "{{ basedir }}/data/rspamd" - "{{ basedir }}/mailu/overrides/postfix"
- "{{ basedir }}/data/solr" - "{{ basedir }}/mailman-core"
- "{{ basedir }}/data/postfix" - "{{ basedir }}/mailman-core/var"
- "{{ basedir }}/data/sogo-web" - "{{ basedir }}/mailman-core/var/data"
- "{{ basedir }}/data/sogo-userdata-backup" - "{{ basedir }}/mailman-web"
- "{{ basedir }}/data/xmpp-vol-1" # - "{{ basedir }}/mailman-db"
- "{{ basedir }}/data/xmpp-upload-vol-1"
# mailmann
- "{{ basedir }}/data/mailman-core" # - name: "create folder struct for {{ servicename }} with rights"
- "{{ basedir }}/data/mailman-core/var" # file:
- "{{ basedir }}/data/mailman-core/var/data" # path: "{{ item }}"
- "{{ basedir }}/data/mailman-web" # state: "directory"
- "{{ basedir }}/data/mailman-postgres" # owner: "5000"
# group: "5000"
# mode: "ugo+rwx"
- name: "create folder struct for {{ servicename }} with rights" # with_items:
file: # - "{{ basedir }}/data/crypt"
path: "{{ item }}" # - "{{ basedir }}/data/vmail"
state: "directory" # - "{{ basedir }}/data/vmail-index"
owner: "5000"
group: "5000"
mode: "ugo+rwx"
with_items: - name: "deploy {{ servicename }} config files"
- "{{ basedir }}/data/crypt"
- "{{ basedir }}/data/vmail"
- "{{ basedir }}/data/vmail-index"
- name: check if git dir exists
stat:
path: "{{ basedir }}/mailcow-dockerized/.git"
register: mailcow_dotgit
- name: revert main.cf to avoid local changes
command: "git checkout data/conf/postfix/main.cf"
args:
chdir: "{{ basedir }}/mailcow-dockerized"
when: mailcow_dotgit.stat.exists == True
- name: Git checkout mailcow
git:
repo: 'https://github.com/mailcow/mailcow-dockerized.git'
dest: "{{ basedir }}/mailcow-dockerized"
version: d6a3094bcc8b3d748994978ca7e274301b39e583
# current version 2021-05-18
- name: Git checkout mailman-dockerized
git:
repo: 'https://github.com/maxking/docker-mailman.git'
dest: "{{ basedir }}/docker-mailman"
version: v0.4.4
# current version 2020-03-15
- name: "create folder struct for {{ servicename }} 3"
file:
path: "{{ item }}"
state: "directory"
with_items:
- "{{ basedir }}/mailcow-dockerized/data/assets/ssl/"
- name: check if DH Params exists
stat:
path: "{{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem"
register: dhparams
- name: generate new DH Params
command: "openssl dhparam -out {{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem 2048"
when: dhparams.stat.exists == False
- name: deploy mailcow config files
template:
dest: "{{ basedir }}/{{ item }}"
src: "{{ item }}"
mode: 0644
with_items:
- mailcow-dockerized/mailcow.conf
- mailcow-dockerized/docker-compose.override.yml
- mailcow-dockerized/data/conf/postfix/extra.cf
register: config_mailcow
- name: deploy mailman config files
template: template:
dest: "{{ basedir }}/{{ item }}" dest: "{{ basedir }}/{{ item }}"
src: "{{ item }}" src: "{{ item }}"
mode: 0644 mode: 0644
with_items: with_items:
- docker-mailman/docker-compose.override.yml - docker-compose.yml
- docker-mailman/nginx.conf - mailu.env
- data/mailman-core/mailman-extra.cfg - mailman.env
- data/mailman-web/settings_local.py - mailman-nginx.conf
register: config_mailman - db-init/mailman.sql
- db-init/roundcube.sql
- mailu/overrides/postfix/postfix.cf
- name: deploy LogRotate configs register: config
template:
src: "logrotate/{{item}}" - name: "set local dns record"
dest: "/etc/logrotate.d/{{item}}" become: true
with_items: blockinfile:
- mailman-core path: /etc/hosts
- mailman-web create: yes
block: |
{{ ext_ip4 }} mailserver.warpzone.ms
# Start mailcow containers
- name: "stop {{ servicename }} (mailcow) docker" # - name: deploy LogRotate configs
# template:
# src: "logrotate/{{item}}"
# dest: "/etc/logrotate.d/{{item}}"
# with_items:
# - mailman-core
# - mailman-web
# Start containers
- name: "stop {{ servicename }} docker"
docker_compose: docker_compose:
project_src: "{{ basedir }}/mailcow-dockerized" project_src: "{{ basedir }}"
state: absent state: absent
when: config_mailcow.changed when: config.changed
- name: "start {{ servicename }} (mailcow) docker" - name: "start {{ servicename }} docker"
docker_compose: docker_compose:
project_src: "{{ basedir }}/mailcow-dockerized" project_src: "{{ basedir }}"
state: present state: present
# Start mailman containers # Start mailman containers
- name: "stop {{ servicename }} (mailman) docker" # - name: "stop {{ servicename }} (mailman) docker"
docker_compose: # docker_compose:
project_src: "{{ basedir }}/docker-mailman" # project_src: "{{ basedir }}/docker-mailman"
state: absent # state: absent
when: config_mailcow.changed # when: config_mailcow.changed
- name: "start {{ servicename }} (mailman) docker" # - name: "start {{ servicename }} (mailman) docker"
docker_compose: # docker_compose:
project_src: "{{ basedir }}/docker-mailman" # project_src: "{{ basedir }}/docker-mailman"
state: present # state: present
[mailman]
site_owner: listmaster@warpzone.ms
[mta]
remove_dkim_headers: yes
from settings import *
import socket
# Archivierung für Mailman-Core Container erlauben
MAILMAN_ARCHIVER_FROM = (socket.gethostbyname('mailman-core'),)
# disable social logins (google, facebook, etc. )
INSTALLED_APPS = [a for a in INSTALLED_APPS if not
a.startswith('allauth.socialaccount.providers') and not
a.startswith('django_mailman3.lib.auth.fedora')]
# Mail backend settings
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'postfix'
EMAIL_PORT = 25
EMAIL_HOST_USER = ''
EMAIL_HOST_PASSWORD = ''
DEFAULT_FROM_EMAIL = 'listmaster@warpzone.ms'
SERVER_EMAIL = 'listmaster@warpzone.ms'
CREATE DATABASE IF NOT EXISTS mailman;
CREATE USER IF NOT EXISTS mailman@'%' IDENTIFIED BY '{{ mailman_db_pass }}';
GRANT ALL ON mailman.* TO mailman@'%';
FLUSH PRIVILEGES;