Move secrets to SOPS, add REST_USER

2026-05-16 13:06:19 +02:00 · 2026-05-16 13:06:19 +02:00 · a76f01aea7
commit a76f01aea7
parent cc5dfb3cf7
3 changed files with 17 additions and 12 deletions
--- a/resources/chaosknoten/lists/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/lists/docker_compose/compose.yaml.j2
@ -0,0 +1,75 @@
+services:
+  mailman-core:
+    restart: unless-stopped
+    image: docker.io/maxking/mailman-core:0.5 # Use a specific version tag (tag latest is not published)
+    container_name: mailman-core
+    hostname: mailman-core
+    volumes:
+      - /opt/mailman/core:/opt/mailman/
+    stop_grace_period: 30s
+    links:
+      - database:database
+    depends_on:
+      - database
+    environment:
+      - "DATABASE_URL=postgresql://mailman:{{ secret__lists__postgres_password }}@database/mailmandb"
+      - DATABASE_TYPE=postgres
+      - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
+      - HYPERKITTY_API_KEY={{ secret__lists__hyperkitty_api_key }}
+      - MTA=postfix
+      - MAILMAN_REST_USER=restuser
+      - MAILMAN_REST_PASSWORD={{ secret__lists__rest_password }}
+    ports:
+      - "127.0.0.1:8001:8001" # API
+      - "127.0.0.1:8024:8024" # LMTP - incoming emails
+    networks:
+      mailman:
+
+  mailman-web:
+    restart: unless-stopped
+    image: docker.io/maxking/mailman-web:0.5 # Use a specific version tag (tag latest is not published)
+    container_name: mailman-web
+    hostname: mailman-web
+    depends_on:
+      - database
+    links:
+      - mailman-core:mailman-core
+      - database:database
+    volumes:
+      - /opt/mailman/web:/opt/mailman-web-data
+      - ./configs/settings_local.py:/opt/mailman-web/settings_local.py
+      - ./files/templates:/opt/mailman-web/templates
+    environment:
+      - DATABASE_TYPE=postgres
+      - "DATABASE_URL=postgresql://mailman:{{ secret__lists__postgres_password }}@database/mailmandb"
+      - "DJANGO_ALLOWED_HOSTS=lists.hamburg.ccc.de,lists.c3lingo.org"
+      - HYPERKITTY_API_KEY={{ secret__lists__hyperkitty_api_key }}
+      - SERVE_FROM_DOMAIN=lists.hamburg.ccc.de
+      - SECRET_KEY={{ secret__lists__web_secret_key }}
+      - MAILMAN_ADMIN_USER=ccchh-admin
+      - MAILMAN_ADMIN_EMAIL=tony@cowtest.hamburg.ccc.de
+    ports:
+      - "127.0.0.1:8000:8000" # HTTP
+      - "127.0.0.1:8080:8080" # uwsgi
+    networks:
+      mailman:
+
+  database:
+    restart: unless-stopped
+    environment:
+      - POSTGRES_DB=mailmandb
+      - POSTGRES_USER=mailman
+      - "POSTGRES_PASSWORD={{ secret__lists__postgres_password }}"
+    image: docker.io/library/postgres:12-alpine
+    volumes:
+      - /opt/mailman/database:/var/lib/postgresql/data
+    networks:
+      mailman:
+
+networks:
+  mailman:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.19.199.0/24