From ba19c9cf029868e2c1138422c6f6e30b2c85eee2 Mon Sep 17 00:00:00 2001 From: Stasiek Michalski Date: Apr 21 2020 01:25:30 +0000 Subject: Only include the needed bits of config --- diff --git a/pillar/role/mailman3.sls b/pillar/role/mailman3.sls index eb100a7..48d819f 100644 --- a/pillar/role/mailman3.sls +++ b/pillar/role/mailman3.sls @@ -3,7 +3,6 @@ profile: postfix: maincf: recipient_delimiter: '+' - unknown_local_recipient_reject_code: '550' owner_request_special: 'no' transport_maps: 'hash://var/lib/mailman/data/postfix_lmtp' local_recipient_maps: 'hash://var/lib/mailman/data/postfix_lmtp' diff --git a/salt/profile/mailman3/files/manage.py b/salt/profile/mailman3/files/manage.py index 4eb6f34..dc7af6b 100644 --- a/salt/profile/mailman3/files/manage.py +++ b/salt/profile/mailman3/files/manage.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python3 +#!/usr/bin/python3 import os import sys diff --git a/salt/profile/mailman3/files/settings.py b/salt/profile/mailman3/files/settings.py index fdcdf44..6a81e43 100644 --- a/salt/profile/mailman3/files/settings.py +++ b/salt/profile/mailman3/files/settings.py @@ -25,92 +25,33 @@ For the full list of settings and their values, see https://docs.djangoproject.com/en/1.8/ref/settings/ """ -# Build paths inside the project like this: os.path.join(BASE_DIR, ...) import os - -BASE_DIR = os.path.dirname(os.path.abspath(__file__)) +from mailman_web.settings.base import * +from mailman_web.settings.mailman import * # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = '{{ pillar['profile']['lists']['secret_key'] }}' -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = False - ADMINS = ( ('openSUSE Mailing Lists Admins', 'admin@opensuse.org'), ) SITE_ID = 1 -# Hosts/domain names that are valid for this site; required if DEBUG is False -# See https://docs.djangoproject.com/en/1.8/ref/settings/#allowed-hosts ALLOWED_HOSTS = [ "localhost", # Archiving API from Mailman, keep it. {%- for server in pillar['profile']['mailman3']['server_list'] %} "{{server}}", {%- endfor %} - # Add here all production URLs you may have. ] # Mailman API credentials -MAILMAN_REST_API_URL = 'http://localhost:8001' MAILMAN_REST_API_USER = '{{ pillar['profile']['mailman3']['admin_user'] }}' MAILMAN_REST_API_PASS = '{{ pillar['profile']['mailman3']['admin_pass'] }}' MAILMAN_ARCHIVER_KEY = '{{ pillar['profile']['mailman3']['archiver_key'] }}' -MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1') - -# Application definition - -INSTALLED_APPS = ( - 'hyperkitty', - 'postorius', - 'django_mailman3', - # Uncomment the next line to enable the admin: - 'django.contrib.admin', - # Uncomment the next line to enable admin documentation: - # 'django.contrib.admindocs', - 'django.contrib.auth', - 'django.contrib.contenttypes', - 'django.contrib.sessions', - 'django.contrib.sites', - 'django.contrib.messages', - 'django.contrib.staticfiles', - 'rest_framework', - 'django_gravatar', - 'compressor', - 'haystack', - 'django_extensions', - 'django_q', - 'allauth', - 'allauth.account', - 'allauth.socialaccount', - 'django_mailman3.lib.auth.fedora', - 'allauth.socialaccount.providers.openid', - 'allauth.socialaccount.providers.github', - 'allauth.socialaccount.providers.gitlab', - 'allauth.socialaccount.providers.google', - # 'allauth.socialaccount.providers.facebook', - 'allauth.socialaccount.providers.twitter', - 'allauth.socialaccount.providers.stackexchange', -) - - -MIDDLEWARE = ( - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.middleware.locale.LocaleMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'django.middleware.security.SecurityMiddleware', - 'django_mailman3.middleware.TimezoneMiddleware', - 'postorius.middleware.PostoriusMiddleware', -) ROOT_URLCONF = 'urls' - TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', @@ -120,7 +61,6 @@ TEMPLATES = [ 'APP_DIRS': True, 'OPTIONS': { 'loaders': [ - # https://docs.djangoproject.com/en/1.8/ref/templates/api/#django.template.loaders.cached.Loader ('django.template.loaders.cached.Loader', [ 'django.template.loaders.filesystem.Loader', 'django.template.loaders.app_directories.Loader', @@ -149,9 +89,8 @@ WSGI_APPLICATION = 'wsgi.application' # Database # https://docs.djangoproject.com/en/1.8/ref/settings/#databases - +# DATABASES = { - # Example for PostgreSQL (recommanded for production): 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': 'mailman_frontend', @@ -186,84 +125,17 @@ CSRF_COOKIE_HTTPONLY = True X_FRAME_OPTIONS = 'DENY' -# Password validation -# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - 'NAME': -'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', - }, - { - 'NAME': -'django.contrib.auth.password_validation.MinimumLengthValidator', - }, - { - 'NAME': -'django.contrib.auth.password_validation.CommonPasswordValidator', - }, - { - 'NAME': -'django.contrib.auth.password_validation.NumericPasswordValidator', - }, -] - -# Internationalization -# https://docs.djangoproject.com/en/1.8/topics/i18n/ - -LANGUAGE_CODE = 'en-us' - -TIME_ZONE = 'UTC' - -USE_I18N = True - -USE_L10N = True - -USE_TZ = True - - # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/1.8/howto/static-files/ -# Absolute path to the directory static files should be collected to. -# Don't put anything in this directory yourself; store your static files -# in apps' "static/" subdirectories and in STATICFILES_DIRS. -# Example: "/var/www/example.com/static/" -STATIC_ROOT = os.path.join(BASE_DIR, 'static') - -# URL prefix for static files. -# Example: "http://example.com/static/", "http://static.example.com/" -STATIC_URL = '/static/' - # Additional locations of static files STATICFILES_DIRS = ( # Put strings here, like "/home/html/static" or "C:/www/django/static". # Always use forward slashes, even on Windows. # Don't forget to use absolute paths, not relative paths. BASE_DIR + '/static-openSUSE/', - -) - -# List of finder classes that know how to find static files in -# various locations. -STATICFILES_FINDERS = ( - 'django.contrib.staticfiles.finders.FileSystemFinder', - 'django.contrib.staticfiles.finders.AppDirectoriesFinder', - # 'django.contrib.staticfiles.finders.DefaultStorageFinder', - 'compressor.finders.CompressorFinder', ) -# Django 1.6+ defaults to a JSON serializer, but it won't work with -# django-openid, see -# https://bugs.launchpad.net/django-openid-auth/+bug/1252826 -SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer' - - -LOGIN_URL = 'account_login' -LOGIN_REDIRECT_URL = 'list_index' -LOGOUT_URL = 'account_logout' - - # If you enable internal authentication, this is the address that the emails # will appear to be coming from. Make sure you set a valid domain name, # otherwise the emails may get rejected. @@ -278,228 +150,39 @@ DEFAULT_FROM_EMAIL = 'mailing-lists@opensuse.org' # SERVER_EMAIL = 'root@your-domain.org' SERVER_EMAIL = 'admin@opensuse.org' -# Change this when you have a real email backend EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST = 'localhost' EMAIL_PORT = 25 -# EMAIL_HOST_USER = -# EMAIL_HOST_PASSWORD = - -# Compatibility with Bootstrap 3 -from django.contrib.messages import constants as messages # flake8: noqa -MESSAGE_TAGS = { - messages.ERROR: 'danger' -} - -# -# Social auth -# -AUTHENTICATION_BACKENDS = ( - 'django.contrib.auth.backends.ModelBackend', - 'allauth.account.auth_backends.AuthenticationBackend', -) - -# Django Allauth -ACCOUNT_AUTHENTICATION_METHOD = "username_email" -ACCOUNT_EMAIL_REQUIRED = True -ACCOUNT_EMAIL_VERIFICATION = "mandatory" -# You probably want https in production, but this is a dev setup file -ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https" -ACCOUNT_UNIQUE_EMAIL = True # Disable local signup ACCOUNT_ADAPTER = "django_fedora_nosignup.NoLocalSignUpAdapter" SOCIALACCOUNT_ADAPTER = "django_fedora_nosignup.SignUpEnabledSocialAdapter" -SOCIALACCOUNT_PROVIDERS = { - 'openid': { - 'SERVERS': [ - dict(id='yahoo', - name='Yahoo', - openid_url='http://me.yahoo.com'), - ], - }, - 'google': { - 'SCOPE': ['profile', 'email'], - 'AUTH_PARAMS': {'access_type': 'online'}, - }, - 'facebook': { - 'METHOD': 'oauth2', - 'SCOPE': ['email'], - 'FIELDS': [ - 'email', - 'name', - 'first_name', - 'last_name', - 'locale', - 'timezone', - ], - 'VERSION': 'v2.4', - }, -} - # # Gravatar -# https://github.com/twaddington/django-gravatar # -# Gravatar base url. GRAVATAR_URL = 'http://cdn.libravatar.org/' -# Gravatar base secure https url. GRAVATAR_SECURE_URL = 'https://seccdn.libravatar.org/' -# Gravatar size in pixels. GRAVATAR_DEFAULT_SIZE = '80' -# An image url or one of the following: 'mm', 'identicon', 'monsterid', -# 'wavatar', 'retro'. GRAVATAR_DEFAULT_IMAGE = 'mm' -# One of the following: 'g', 'pg', 'r', 'x'. GRAVATAR_DEFAULT_RATING = 'g' -# True to use https by default, False for plain http. GRAVATAR_DEFAULT_SECURE = True # -# django-compressor -# https://pypi.python.org/pypi/django_compressor -# -COMPRESS_PRECOMPILERS = ( - ('text/less', 'lessc {infile} {outfile}'), - ('text/x-scss', 'sassc -t compressed {infile} {outfile}'), - ('text/x-sass', 'sassc -t compressed {infile} {outfile}'), -) -# On a production setup, setting COMPRESS_OFFLINE to True will bring a -# significant performance improvement, as CSS files will not need to be -# recompiled on each requests. It means running an additional "compress" -# management command after each code upgrade. -# http://django-compressor.readthedocs.io/en/latest/usage/#offline-compression -# COMPRESS_OFFLINE = True - -# Needed for debug mode -# INTERNAL_IPS = ('127.0.0.1',) - - -# # Full-text search engine # HAYSTACK_CONNECTIONS = { 'default': { - #'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine', - #'PATH': os.path.join(BASE_DIR, "fulltext_index"), - # You can also use the Xapian engine, it's faster and more accurate, - # but requires another library. - # http://django-haystack.readthedocs.io/en/v2.4.1/installing_search_engines.html#xapian - # Example configuration for Xapian: 'ENGINE': 'xapian_backend.XapianEngine' }, } - -# -# Asynchronous tasks -# -Q_CLUSTER = { - 'timeout': 300, - 'save_limit': 100, - 'orm': 'default', -} - - -# A sample logging configuration. The only tangible logging -# performed by this configuration is to send an email to -# the site admins on every HTTP 500 error when DEBUG=False. -# See http://docs.djangoproject.com/en/dev/topics/logging for -# more details on how to customize your logging configuration. -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'filters': { - 'require_debug_false': { - '()': 'django.utils.log.RequireDebugFalse' - } - }, - 'handlers': { - 'mail_admins': { - 'level': 'ERROR', - 'filters': ['require_debug_false'], - 'class': 'django.utils.log.AdminEmailHandler' - }, - 'file':{ - 'level': 'INFO', - #'class': 'logging.handlers.RotatingFileHandler', - 'class': 'logging.handlers.WatchedFileHandler', - 'filename': os.path.join(BASE_DIR, 'logs', 'mailmansuite.log'), - 'formatter': 'verbose', - }, - 'console': { - 'class': 'logging.StreamHandler', - 'formatter': 'simple', - }, - }, - 'loggers': { - 'django.request': { - 'handlers': ['mail_admins', 'file'], - 'level': 'ERROR', - 'propagate': True, - }, - 'django': { - 'handlers': ['file'], - 'level': 'ERROR', - 'propagate': True, - }, - 'hyperkitty': { - 'handlers': ['file'], - 'level': 'DEBUG', - 'propagate': True, - }, - 'postorius': { - 'handlers': ['console', 'file'], - 'level': 'INFO', - }, - }, - 'formatters': { - 'verbose': { - 'format': '%(levelname)s %(asctime)s %(process)d %(name)s %(message)s' - }, - 'simple': { - 'format': '%(levelname)s %(message)s' - }, - }, - #'root': { - # 'handlers': ['file'], - # 'level': 'INFO', - #}, -} - - # Using the cache infrastructure can significantly improve performance on a # production setup. This is an example with a local Memcached server. -CACHES = { - 'default': { - 'BACKEND': 'django.core.cache.backends.memcached.PyLibMCCache', - 'LOCATION': '127.0.0.1:11211', - } -} - - -# When DEBUG is True, don't actually send emails to the SMTP server, just store -# them in a directory. This way you won't accidentally spam your mailing-lists -# while you're fiddling with the code. -if DEBUG == True: - EMAIL_BACKEND = 'django.core.mail.backends.filebased.EmailBackend' - EMAIL_FILE_PATH = os.path.join(BASE_DIR, 'emails') - - -# -# HyperKitty-specific -# - -# Only display mailing-lists from the same virtual host as the webserver -FILTER_VHOST = False - - -POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost:80' - - -try: - from settings_local import * -except ImportError: - pass +# CACHES = { +# 'default': { +# 'BACKEND': 'django.core.cache.backends.memcached.PyLibMCCache', +# 'LOCATION': '127.0.0.1:11211', +# } +# } diff --git a/salt/profile/mailman3/files/uwsgi.ini b/salt/profile/mailman3/files/uwsgi.ini index 5c1e4b3..b15f707 100644 --- a/salt/profile/mailman3/files/uwsgi.ini +++ b/salt/profile/mailman3/files/uwsgi.ini @@ -2,7 +2,7 @@ # [uwsgi] # Port on which uwsgi will be listening. -uwsgi-socket = 0.0.0.0:80 +uwsgi-socket = 127.0.0.1:80 # Move to the directory wher the django files are. chdir = /var/lib/mailman_webui diff --git a/salt/profile/mailman3/init.sls b/salt/profile/mailman3/init.sls index 0e2c57d..d79db65 100644 --- a/salt/profile/mailman3/init.sls +++ b/salt/profile/mailman3/init.sls @@ -1,3 +1,7 @@ +include: + - profile.mailman3.mailman + - profile.mailman3.config + mailman_service: service.running: - name: mailman diff --git a/salt/role/mailman3.sls b/salt/role/mailman3.sls index 47b3963..a2c0bd1 100644 --- a/salt/role/mailman3.sls +++ b/salt/role/mailman3.sls @@ -1,4 +1,2 @@ include: - - profile.mailman3.mailman - - profile.mailman3.config - - profile.mailman3.init + - profile.mailman3