Config fuer lists dazu
This commit is contained in:
parent
a9fac907d5
commit
b94cb009ad
4 changed files with 126 additions and 8 deletions
12
inventories/chaosknoten/host_vars/lists.yaml
Normal file
12
inventories/chaosknoten/host_vars/lists.yaml
Normal file
|
@ -0,0 +1,12 @@
|
|||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/compose/compose.yaml') }}"
|
||||
docker_compose__configuration_files: [ ]
|
||||
|
||||
certbot__version_spec: ""
|
||||
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
|
||||
certbot__certificate_domains:
|
||||
- "lists.hamburg.ccc.de"
|
||||
|
||||
nginx__version_spec: ""
|
||||
nginx__configurations:
|
||||
- name: lists.hamburg.ccc.de
|
||||
content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf') }}"
|
|
@ -6,6 +6,18 @@ all:
|
|||
ansible_host: cloud-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
keycloak:
|
||||
ansible_host: keycloak-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
lists:
|
||||
ansible_host: lists.hamburg.ccc.de
|
||||
ansible_port: 42666
|
||||
ansible_user: chaos
|
||||
onlyoffice:
|
||||
ansible_host: onlyoffice-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
pad:
|
||||
ansible_host: pad-intern.hamburg.ccc.de
|
||||
ansible_port: 42666
|
||||
|
@ -15,22 +27,15 @@ all:
|
|||
ansible_host: public-reverse-proxy.hamburg.ccc.de
|
||||
ansible_port: 42666
|
||||
ansible_user: chaos
|
||||
keycloak:
|
||||
ansible_host: keycloak-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
wiki:
|
||||
ansible_host: wiki-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
onlyoffice:
|
||||
ansible_host: onlyoffice-intern.hamburg.ccc.de
|
||||
ansible_user: chaos
|
||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||
docker_compose_hosts:
|
||||
hosts:
|
||||
pad:
|
||||
keycloak:
|
||||
lists:
|
||||
onlyoffice:
|
||||
nextcloud_hosts:
|
||||
hosts:
|
||||
|
@ -40,6 +45,7 @@ all:
|
|||
pad:
|
||||
public-reverse-proxy:
|
||||
keycloak:
|
||||
lists:
|
||||
wiki:
|
||||
onlyoffice:
|
||||
public_reverse_proxy_hosts:
|
||||
|
@ -53,6 +59,7 @@ all:
|
|||
hosts:
|
||||
pad:
|
||||
keycloak:
|
||||
lists:
|
||||
wiki:
|
||||
onlyoffice:
|
||||
infrastructure_authorized_keys_hosts:
|
||||
|
|
|
@ -0,0 +1,73 @@
|
|||
version: '2'
|
||||
|
||||
services:
|
||||
mailman-core:
|
||||
restart: unless-stopped
|
||||
image: maxking/mailman-core:0.4 # Use a specific version tag (tag latest is not published)
|
||||
container_name: mailman-core
|
||||
hostname: mailman-core
|
||||
volumes:
|
||||
- /opt/mailman/core:/opt/mailman/
|
||||
stop_grace_period: 30s
|
||||
links:
|
||||
- database:database
|
||||
depends_on:
|
||||
- database
|
||||
environment:
|
||||
- DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
|
||||
- DATABASE_TYPE=postgres
|
||||
- DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
|
||||
- HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
|
||||
- MTA=postfix
|
||||
ports:
|
||||
- "127.0.0.1:8001:8001" # API
|
||||
- "127.0.0.1:8024:8024" # LMTP - incoming emails
|
||||
networks:
|
||||
mailman:
|
||||
|
||||
mailman-web:
|
||||
restart: unless-stopped
|
||||
image: maxking/mailman-web:0.4 # Use a specific version tag (tag latest is not published)
|
||||
container_name: mailman-web
|
||||
hostname: mailman-web
|
||||
depends_on:
|
||||
- database
|
||||
links:
|
||||
- mailman-core:mailman-core
|
||||
- database:database
|
||||
volumes:
|
||||
- /opt/mailman/web:/opt/mailman-web-data
|
||||
environment:
|
||||
- DATABASE_TYPE=postgres
|
||||
- DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
|
||||
- HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
|
||||
- SERVE_FROM_DOMAIN=lists.hamburg.ccc.de
|
||||
- SECRET_KEY=ugfknEYBaFVc62R1jlIjnkizQaqr7tSt
|
||||
- MAILMAN_ADMIN_USER=ccchh-admin
|
||||
- MAILMAN_ADMIN_EMAIL=tony@cowtest.hamburg.ccc.de
|
||||
ports:
|
||||
- "127.0.0.1:8000:8000" # HTTP
|
||||
- "127.0.0.1:8080:8080" # uwsgi
|
||||
networks:
|
||||
mailman:
|
||||
|
||||
database:
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- POSTGRES_DB=mailmandb
|
||||
- POSTGRES_USER=mailman
|
||||
- POSTGRES_PASSWORD=wvQjbMRnwFuxGEPz
|
||||
image: postgres:11-alpine
|
||||
volumes:
|
||||
- /opt/mailman/database:/var/lib/postgresql/data
|
||||
networks:
|
||||
mailman:
|
||||
|
||||
networks:
|
||||
mailman:
|
||||
driver: bridge
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
-
|
||||
subnet: 172.19.199.0/24
|
|
@ -0,0 +1,26 @@
|
|||
server {
|
||||
root /var/www/html;
|
||||
server_name lists.hamburg.ccc.de; # managed by Certbot
|
||||
|
||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||
listen 443 ssl; # managed by Certbot
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/fullchain.pem; # managed by Certbot
|
||||
ssl_certificate_key /etc/letsencrypt/live/lists.hamburg.ccc.de/privkey.pem; # managed by Certbot
|
||||
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/chain.pem;
|
||||
|
||||
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
location /static {
|
||||
alias /opt/mailman/web/static;
|
||||
autoindex off;
|
||||
}
|
||||
|
||||
location / {
|
||||
uwsgi_pass localhost:8080;
|
||||
include uwsgi_params;
|
||||
uwsgi_read_timeout 300;
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue