flatten the "playbooks" directory for better structure

Because of how Ansible local relative search paths work, the global "files" and "templates" directories need to be next to the playbooks. However its not intuitive to look into the playbooks directory to find the files and templates for a host. Therefore flatten the playbooks directory to get rid of this confusing structure. Also see: https://docs.ansible.com/ansible/latest/playbook_guide/playbook_pathing.html#resolving-local-relative-paths
2024-12-02 00:48:19 +01:00 · 2024-12-02 00:48:19 +01:00 · abc738c9c2
commit abc738c9c2
parent fab4942852
147 changed files with 0 additions and 0 deletions
--- a/files/chaosknoten/configs/lists/compose/compose.yaml
+++ b/files/chaosknoten/configs/lists/compose/compose.yaml
@ -0,0 +1,72 @@
+services:
+  mailman-core:
+    restart: unless-stopped
+    image: maxking/mailman-core:0.5 # Use a specific version tag (tag latest is not published)
+    container_name: mailman-core
+    hostname: mailman-core
+    volumes:
+      - /opt/mailman/core:/opt/mailman/
+    stop_grace_period: 30s
+    links:
+      - database:database
+    depends_on:
+      - database
+    environment:
+      - DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
+      - DATABASE_TYPE=postgres
+      - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
+      - HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
+      - MTA=postfix
+    ports:
+      - "127.0.0.1:8001:8001" # API
+      - "127.0.0.1:8024:8024" # LMTP - incoming emails
+    networks:
+      mailman:
+
+  mailman-web:
+    restart: unless-stopped
+    image: maxking/mailman-web:0.5 # Use a specific version tag (tag latest is not published)
+    container_name: mailman-web
+    hostname: mailman-web
+    depends_on:
+      - database
+    links:
+      - mailman-core:mailman-core
+      - database:database
+    volumes:
+      - /opt/mailman/web:/opt/mailman-web-data
+    environment:
+      - DATABASE_TYPE=postgres
+      - DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
+      - "DJANGO_ALLOWED_HOSTS=lists.hamburg.ccc.de,lists.c3lingo.org"
+      - HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
+      - SERVE_FROM_DOMAIN=lists.hamburg.ccc.de
+      - SECRET_KEY=ugfknEYBaFVc62R1jlIjnkizQaqr7tSt
+      - MAILMAN_ADMIN_USER=ccchh-admin
+      - MAILMAN_ADMIN_EMAIL=tony@cowtest.hamburg.ccc.de
+    ports:
+      - "127.0.0.1:8000:8000" # HTTP
+      - "127.0.0.1:8080:8080" # uwsgi
+    networks:
+      mailman:
+
+  database:
+    restart: unless-stopped
+    environment:
+      - POSTGRES_DB=mailmandb
+      - POSTGRES_USER=mailman
+      - POSTGRES_PASSWORD=wvQjbMRnwFuxGEPz
+    image: postgres:12-alpine
+    volumes:
+      - /opt/mailman/database:/var/lib/postgresql/data
+    networks:
+      mailman:
+
+networks:
+  mailman:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        -
+          subnet: 172.19.199.0/24
--- a/files/chaosknoten/configs/lists/nginx/lists.c3lingo.org.conf
+++ b/files/chaosknoten/configs/lists/nginx/lists.c3lingo.org.conf
@ -0,0 +1,26 @@
+server {
+	root /var/www/html;
+    server_name lists.c3lingo.org; # managed by Certbot
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/lists.c3lingo.org/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lists.c3lingo.org/privkey.pem; # managed by Certbot
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/letsencrypt/live/lists.c3lingo.org/chain.pem;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    location /static {
+        alias /opt/mailman/web/static;
+        autoindex off;
+    }
+
+    location / {
+          uwsgi_pass localhost:8080;
+          include uwsgi_params;
+          uwsgi_read_timeout 300;
+    }
+}
--- a/files/chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf
+++ b/files/chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf
@ -0,0 +1,26 @@
+server {
+	root /var/www/html;
+    server_name lists.hamburg.ccc.de; # managed by Certbot
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lists.hamburg.ccc.de/privkey.pem; # managed by Certbot
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/chain.pem;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    location /static {
+        alias /opt/mailman/web/static;
+        autoindex off;
+    }
+
+    location / {
+          uwsgi_pass localhost:8080;
+          include uwsgi_params;
+          uwsgi_read_timeout 300;
+    }
+}