Getting started
Important installation steps
The default installation will configure the Mailman service under
the lists.<example.org>
DNS domain. This can be changed using the
mailman__fqdn
variable.
On installation, if the LDAP support is not enabled, the role will create an
initial superuser account with a random password. The default superuser account
will use the login name specified in the mailman__superuser_name
variable and e-mail address specified in the mailman__superuser_email
variable. They are based on the facts defined by the debops.core role,
but you might want to redefine them beforehand in the inventory to be sure that
the validation e-mail is sent to the correct e-mail account.
After the role configures Mailman, you should go to the https://lists.example.org/ website (make sure that the DNS record is configured). The default superuser account has a random password assigned to it, so the first step is to request a password change by specifying your admin e-mail address. When you get the e-mail, you will be able to specify your own password. After logging in again, you will receive another e-mail request to confirm the authenticity of the account - when you confirm that you are who you say you are in the web interface, you will be able to login as the site administrator.
The Postorius/HyperKitty web interface uses example.com
as the default
"website" defined in the Django framework. You will have to change that to your
preferred domain using the https://lists.example.org/admin/ interface. In the
Django admin page, in the "Pages" section, click "Modify", "example.com" and
change the default site domain to your preferred one. After this you can create
a new domain for the mailing lists, and a new mailing list in the Postorius web
interface.
LDAP integration
If the LDAP environment is configured on the host, the role will configure the LDAP support in the Django framework to allow the users in the UNIX Administrators group to login as superuser accounts. You should be able to login with your username and password defined in LDAP directory, and the confirmation e-mail should be sent to your e-mail account.
SMTP service integration
The debops.mailman role provides the configuration for
debops.postfix Ansible role which are used in the example playbook. The
configuration is defined in the mailman__postfix__dependent_maincf
variable and is passed to the role via role dependent variables.
HTTP service integration
The role provides configuration for debops.nginx role which will configure the Mailman web interface using nginx service.
Example inventory
To configure Mailman on a host, you need to add it to
[debops_service_mailman]
Ansible inventory group. Some other services will
also need to be configured as well. The role integrates with the Postfix service using
the debops.postfix role. A database is needed; role can use either
PostgreSQL or MariaDB service, depending on which one is available. If none of
them are installed, a fallback to SQLite3 database will happen automatically.
An example inventory configuration:
[debops_all_hosts]
hostname ansible_host=hostname.example.org
[debops_service_postgresql_server]
hostname
[debops_service_postfix]
hostname
[debops_service_mailman]
hostname
Example playbook
The debops.mailman uses a set of other roles to configure additional services like HTTP and SMTP server. Here's an example playbook with all of the required DebOps services:
---
- name: Manage Mailman service
collections: [ 'debops.debops', 'debops.roles01',
'debops.roles02', 'debops.roles03' ]
hosts: [ 'debops_service_mailman' ]
become: True
environment: '{{ inventory__environment | d({})
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
pre_tasks:
- name: Prepare postfix environment
ansible.builtin.import_role:
name: 'postfix'
tasks_from: 'main_env'
vars:
postfix__dependent_maincf:
- role: 'mailman'
config: '{{ mailman__postfix__dependent_maincf }}'
tags: [ 'role::postfix', 'role::secret', 'role::ferm' ]
roles:
- role: keyring
tags: [ 'role::keyring', 'skip::keyring', 'role::nginx' ]
keyring__dependent_apt_keys:
- '{{ nginx__keyring__dependent_apt_keys }}'
- role: secret
tags: [ 'role::secret', 'role::postfix' ]
secret__directories:
- '{{ postfix__secret__directories }}'
- role: apt_preferences
tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
apt_preferences__dependent_list:
- '{{ nginx__apt_preferences__dependent_list }}'
- role: ferm
tags: [ 'role::ferm', 'skip::ferm' ]
ferm__dependent_rules:
- '{{ nginx__ferm__dependent_rules }}'
- '{{ postfix__ferm__dependent_rules }}'
- role: python
tags: [ 'role::python', 'skip::python' ]
python__dependent_packages3:
- '{{ ldap__python__dependent_packages3 | d([]) }}'
- '{{ nginx__python__dependent_packages3 }}'
- '{{ mailman__python__dependent_packages3 }}'
python__dependent_packages2:
- '{{ ldap__python__dependent_packages2 | d([]) }}'
- '{{ nginx__python__dependent_packages2 }}'
- '{{ mailman__python__dependent_packages2 }}'
- role: ldap
tags: [ 'role::ldap', 'skip::ldap' ]
ldap__dependent_tasks:
- '{{ mailman__ldap__dependent_tasks }}'
when: mailman__ldap_enabled | bool
- role: postfix
tags: [ 'role::postfix', 'skip::postfix' ]
postfix__dependent_maincf:
- role: 'mailman'
config: '{{ mailman__postfix__dependent_maincf }}'
- role: nginx
tags: [ 'role::nginx', 'skip::nginx' ]
nginx__dependent_servers:
- '{{ mailman__nginx__dependent_servers }}'
nginx__dependent_upstreams:
- '{{ mailman__nginx__dependent_upstreams }}'
- role: mailman
tags: [ 'role::mailman', 'skip::mailman' ]