From 7abd92517fa9ceee888b710cb9a10af2e6dcbb0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?=
 <valberg@orn.li>
Date: Mon, 8 Mar 2021 15:53:23 +0100
Subject: [PATCH] Move mailman containers to the mailu.yml file.

---
 roles/docker/defaults/main.yml                | 13 ++-
 roles/docker/files/mailman/postfix.cf         | 10 ++
 roles/docker/tasks/services/mailu.yml         | 92 ++++++++++++++++++-
 .../mailman/{nginx_vhost => nginx_vhost.j2}   |  0
 4 files changed, 108 insertions(+), 7 deletions(-)
 create mode 100644 roles/docker/files/mailman/postfix.cf
 rename roles/docker/templates/mailman/{nginx_vhost => nginx_vhost.j2} (100%)

diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index 86472bf..f4593a7 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -81,13 +81,22 @@ drone:
   domain: "drone.{{ base_domain }}"
   volume_folder: "{{ volume_root_folder }}/drone"
 
+mail_subnet_base: "192.168.203"
+
 mailu:
   version: 1.6
   domain: "mail.{{ base_domain }}"
-  dns: 192.168.203.254
-  subnet: 192.168.203.0/24
+  dns: "{{ mail_subnet_base }}.254"
+  subnet: "{{ mail_subnet_base }}.0/24"
   volume_folder: "{{ volume_root_folder }}/mailu"
 
+mailman:
+  domain: "lists.{{ base_domain }}"
+  volume_folder: "{{ volume_root_folder }}/mailman"
+  core_ip: "{{ mail_subnet_base }}.12"
+  web_ip: "{{ mail_subnet_base }}.13"
+  database_ip: "{{ mail_subnet_base }}.14"
+
 portainer:
   domain: "portainer.{{ base_domain }}"
   volume_folder: "{{ volume_root_folder }}/portainer"
diff --git a/roles/docker/files/mailman/postfix.cf b/roles/docker/files/mailman/postfix.cf
new file mode 100644
index 0000000..bc5d4a4
--- /dev/null
+++ b/roles/docker/files/mailman/postfix.cf
@@ -0,0 +1,10 @@
+append_at_myorigin=no
+append_dot_mydomain=no
+recipient_delimiter = +
+unknown_local_recipient_reject_code = 550
+owner_request_special = no
+virtual_mailbox_maps = regexp:/opt/mailman-core-data/postfix_lmtp \$virtual_alias_maps
+transport_maps = regexp:/opt/mailman-core-data/postfix_lmtp
+local_recipient_maps = regexp:/opt/mailman-core-data/postfix_lmtp
+always_add_missing_headers = yes
+local_header_rewrite_clients = permit_sasl_authenticated
\ No newline at end of file
diff --git a/roles/docker/tasks/services/mailu.yml b/roles/docker/tasks/services/mailu.yml
index e53d92c..0fd39d4 100644
--- a/roles/docker/tasks/services/mailu.yml
+++ b/roles/docker/tasks/services/mailu.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: create mailu volume folders
+- name: "[Mailu] create mailu volume folders"
   file:
     name: "{{ mailu.volume_folder }}/{{ volume }}"
     state: directory
@@ -17,12 +17,12 @@
   loop_control:
     loop_var: volume
 
-- name: upload mailu.env file
+- name: "[Mailu] upload mailu.env file"
   template:
     src: mailu.env.j2
     dest: "{{ mailu.volume_folder}}/mailu.env"
 
-- name: hard link to Let's Encrypt TLS certificate
+- name: "[Mailu] hard link to Let's Encrypt TLS certificate"
   file:
     src: "{{ nginx.volume_folder }}/certs/{{ mailu.domain }}/fullchain.pem"
     dest: "{{ mailu.volume_folder }}/certs/cert.pem"
@@ -30,20 +30,34 @@
     force: yes
 
 
-- name: hard link to Let's Encrypt TLS key
+- name: "[Mailu] hard link to Let's Encrypt TLS key"
   file:
     src: "{{ nginx.volume_folder }}/certs/{{ mailu.domain }}/key.pem"
     dest: "{{ mailu.volume_folder }}/certs/key.pem"
     state: hard
     force: yes
 
-- name: run mail server containers
+- name: "[Mailman] copy nginx configuration to link static files"
+  template:
+    src: mailman/nginx_vhost.j2
+    dest: "{{ nginx.volume_folder }}/vhost/{{ mailman.domain }}"
+    mode: "0644"
+
+- name: "[Mailman] copy postfix override"
+  copy:
+    src: mailman/postfix.cf
+    dest: "{{ mailu.volume_folder }}/overrides/postfix.cf"
+    mode: "0644"
+
+- name: Start containers
   docker_compose:
     project_name: mail_server
     pull: yes
     definition:
       version: '3.6'
       services:
+
+        ### Mailu containers ###
         redis:
           image: redis:alpine
           restart: always
@@ -117,6 +131,7 @@
           env_file: "{{ mailu.volume_folder}}/mailu.env"
           volumes:
             - "{{ mailu.volume_folder }}/overrides:/overrides"
+            - "{{ mailman.volume_folder }}/core/var/data:/opt/mailman-core-data/"
           depends_on:
             - front
             - resolver
@@ -149,6 +164,73 @@
           dns:
             - "{{ mailu.dns }}"
 
+        ### Mailman containers ###
+        mailman-core:
+          image: maxking/mailman-core:0.3.11
+          volumes:
+            - "{{ mailman.volume_folder }}/core:/opt/mailman"
+          stop_grace_period: 30s
+          links:
+            - mailman-web:mailmain-web
+            - database:database
+          depends_on:
+            - database
+          environment:
+            DATABASE_URL: "postgres://mailman:{{ mailman_secrets.postgres_password }}@{{ mailman.database_ip }}/mailmandb"
+            DATABASE_TYPE: "postgres"
+            DATABASE_CLASS: "mailman.database.postgresql.PostgreSQLDatabase"
+            HYPERKITTY_API_KEY: "{{ mailman_secrets.hyperkitty_api_key }}"
+            HYPERKITTY_URL: "http://{{ mailman.web_ip }}:8000/hyperkitty"
+            MTA: "postfix"
+            SMTP_HOST: smtp
+            MM_HOSTNAME: "{{ mailman.core_ip }}"
+          networks:
+            default:
+              ipv4_address: "{{ mailman.core_ip }}"
+            external_services:
+
+        mailman-web:
+          image: maxking/mailman-web:0.3.11
+          depends_on:
+            - database
+          links:
+            - database:database
+          volumes:
+            - "{{ mailman.volume_folder }}/web:/opt/mailman-web-data"
+          environment:
+            DATABASE_TYPE: "postgres"
+            DATABASE_URL: "postgres://mailman:{{ mailman_secrets.postgres_password }}@{{ mailman.database_ip }}/mailmandb"
+            HYPERKITTY_API_KEY: "{{ mailman_secrets.hyperkitty_api_key }}"
+            DJANGO_ALLOWED_HOSTS: "{{ mailman.domain }}"
+            SERVE_FROM_DOMAIN: "{{ mailman.domain }}"
+            MAILMAN_ADMIN_USER: "valberg"
+            MAILMAN_ADMIN_EMAIL: "valberg@orn.li"
+            MAILMAN_REST_URL: "http://{{ mailman.core_ip }}:8001"
+            MAILMAN_HOST_IP: "{{ mailman.core_ip }}"
+            SECRET_KEY: "{{ mailman_secrets.django_secret_key }}"
+            SMTP_HOST: smtp
+            VIRTUAL_HOST: "{{ mailman.domain }}"
+            VIRTUAL_PORT: 8000
+            LETSENCRYPT_HOST: "{{ mailman.domain }}"
+            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+          networks:
+            default:
+              ipv4_address: "{{ mailman.web_ip }}"
+            external_services:
+
+        mailman-database:
+          image: postgres:13
+          restart: always
+          environment:
+            POSTGRES_DB: mailmandb
+            POSTGRES_USER: mailman
+            POSTGRES_PASSWORD: "{{ mailman_secrets.postgres_password }}"
+          volumes:
+            - "{{ mailman.volume_folder }}/database:/var/lib/postgresql/data"
+          networks:
+            default:
+              ipv4_address: "{{ mailman.database_ip }}"
+
       networks:
         default:
           driver: bridge
diff --git a/roles/docker/templates/mailman/nginx_vhost b/roles/docker/templates/mailman/nginx_vhost.j2
similarity index 100%
rename from roles/docker/templates/mailman/nginx_vhost
rename to roles/docker/templates/mailman/nginx_vhost.j2