Config fuer lists dazu
This commit is contained in:
parent
a9fac907d5
commit
b94cb009ad
12
inventories/chaosknoten/host_vars/lists.yaml
Normal file
12
inventories/chaosknoten/host_vars/lists.yaml
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/compose/compose.yaml') }}"
|
||||||
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
||||||
|
certbot__version_spec: ""
|
||||||
|
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
|
||||||
|
certbot__certificate_domains:
|
||||||
|
- "lists.hamburg.ccc.de"
|
||||||
|
|
||||||
|
nginx__version_spec: ""
|
||||||
|
nginx__configurations:
|
||||||
|
- name: lists.hamburg.ccc.de
|
||||||
|
content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf') }}"
|
|
@ -6,6 +6,18 @@ all:
|
||||||
ansible_host: cloud-intern.hamburg.ccc.de
|
ansible_host: cloud-intern.hamburg.ccc.de
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||||
|
keycloak:
|
||||||
|
ansible_host: keycloak-intern.hamburg.ccc.de
|
||||||
|
ansible_user: chaos
|
||||||
|
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||||
|
lists:
|
||||||
|
ansible_host: lists.hamburg.ccc.de
|
||||||
|
ansible_port: 42666
|
||||||
|
ansible_user: chaos
|
||||||
|
onlyoffice:
|
||||||
|
ansible_host: onlyoffice-intern.hamburg.ccc.de
|
||||||
|
ansible_user: chaos
|
||||||
|
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||||
pad:
|
pad:
|
||||||
ansible_host: pad-intern.hamburg.ccc.de
|
ansible_host: pad-intern.hamburg.ccc.de
|
||||||
ansible_port: 42666
|
ansible_port: 42666
|
||||||
|
@ -15,22 +27,15 @@ all:
|
||||||
ansible_host: public-reverse-proxy.hamburg.ccc.de
|
ansible_host: public-reverse-proxy.hamburg.ccc.de
|
||||||
ansible_port: 42666
|
ansible_port: 42666
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
keycloak:
|
|
||||||
ansible_host: keycloak-intern.hamburg.ccc.de
|
|
||||||
ansible_user: chaos
|
|
||||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
|
||||||
wiki:
|
wiki:
|
||||||
ansible_host: wiki-intern.hamburg.ccc.de
|
ansible_host: wiki-intern.hamburg.ccc.de
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
||||||
onlyoffice:
|
|
||||||
ansible_host: onlyoffice-intern.hamburg.ccc.de
|
|
||||||
ansible_user: chaos
|
|
||||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666
|
|
||||||
docker_compose_hosts:
|
docker_compose_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
pad:
|
pad:
|
||||||
keycloak:
|
keycloak:
|
||||||
|
lists:
|
||||||
onlyoffice:
|
onlyoffice:
|
||||||
nextcloud_hosts:
|
nextcloud_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
|
@ -40,6 +45,7 @@ all:
|
||||||
pad:
|
pad:
|
||||||
public-reverse-proxy:
|
public-reverse-proxy:
|
||||||
keycloak:
|
keycloak:
|
||||||
|
lists:
|
||||||
wiki:
|
wiki:
|
||||||
onlyoffice:
|
onlyoffice:
|
||||||
public_reverse_proxy_hosts:
|
public_reverse_proxy_hosts:
|
||||||
|
@ -53,6 +59,7 @@ all:
|
||||||
hosts:
|
hosts:
|
||||||
pad:
|
pad:
|
||||||
keycloak:
|
keycloak:
|
||||||
|
lists:
|
||||||
wiki:
|
wiki:
|
||||||
onlyoffice:
|
onlyoffice:
|
||||||
infrastructure_authorized_keys_hosts:
|
infrastructure_authorized_keys_hosts:
|
||||||
|
|
|
@ -0,0 +1,73 @@
|
||||||
|
version: '2'
|
||||||
|
|
||||||
|
services:
|
||||||
|
mailman-core:
|
||||||
|
restart: unless-stopped
|
||||||
|
image: maxking/mailman-core:0.4 # Use a specific version tag (tag latest is not published)
|
||||||
|
container_name: mailman-core
|
||||||
|
hostname: mailman-core
|
||||||
|
volumes:
|
||||||
|
- /opt/mailman/core:/opt/mailman/
|
||||||
|
stop_grace_period: 30s
|
||||||
|
links:
|
||||||
|
- database:database
|
||||||
|
depends_on:
|
||||||
|
- database
|
||||||
|
environment:
|
||||||
|
- DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
|
||||||
|
- DATABASE_TYPE=postgres
|
||||||
|
- DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
|
||||||
|
- HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
|
||||||
|
- MTA=postfix
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:8001:8001" # API
|
||||||
|
- "127.0.0.1:8024:8024" # LMTP - incoming emails
|
||||||
|
networks:
|
||||||
|
mailman:
|
||||||
|
|
||||||
|
mailman-web:
|
||||||
|
restart: unless-stopped
|
||||||
|
image: maxking/mailman-web:0.4 # Use a specific version tag (tag latest is not published)
|
||||||
|
container_name: mailman-web
|
||||||
|
hostname: mailman-web
|
||||||
|
depends_on:
|
||||||
|
- database
|
||||||
|
links:
|
||||||
|
- mailman-core:mailman-core
|
||||||
|
- database:database
|
||||||
|
volumes:
|
||||||
|
- /opt/mailman/web:/opt/mailman-web-data
|
||||||
|
environment:
|
||||||
|
- DATABASE_TYPE=postgres
|
||||||
|
- DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
|
||||||
|
- HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
|
||||||
|
- SERVE_FROM_DOMAIN=lists.hamburg.ccc.de
|
||||||
|
- SECRET_KEY=ugfknEYBaFVc62R1jlIjnkizQaqr7tSt
|
||||||
|
- MAILMAN_ADMIN_USER=ccchh-admin
|
||||||
|
- MAILMAN_ADMIN_EMAIL=tony@cowtest.hamburg.ccc.de
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:8000:8000" # HTTP
|
||||||
|
- "127.0.0.1:8080:8080" # uwsgi
|
||||||
|
networks:
|
||||||
|
mailman:
|
||||||
|
|
||||||
|
database:
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- POSTGRES_DB=mailmandb
|
||||||
|
- POSTGRES_USER=mailman
|
||||||
|
- POSTGRES_PASSWORD=wvQjbMRnwFuxGEPz
|
||||||
|
image: postgres:11-alpine
|
||||||
|
volumes:
|
||||||
|
- /opt/mailman/database:/var/lib/postgresql/data
|
||||||
|
networks:
|
||||||
|
mailman:
|
||||||
|
|
||||||
|
networks:
|
||||||
|
mailman:
|
||||||
|
driver: bridge
|
||||||
|
ipam:
|
||||||
|
driver: default
|
||||||
|
config:
|
||||||
|
-
|
||||||
|
subnet: 172.19.199.0/24
|
|
@ -0,0 +1,26 @@
|
||||||
|
server {
|
||||||
|
root /var/www/html;
|
||||||
|
server_name lists.hamburg.ccc.de; # managed by Certbot
|
||||||
|
|
||||||
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/lists.hamburg.ccc.de/privkey.pem; # managed by Certbot
|
||||||
|
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||||||
|
ssl_trusted_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/chain.pem;
|
||||||
|
|
||||||
|
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
|
||||||
|
location /static {
|
||||||
|
alias /opt/mailman/web/static;
|
||||||
|
autoindex off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
uwsgi_pass localhost:8080;
|
||||||
|
include uwsgi_params;
|
||||||
|
uwsgi_read_timeout 300;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue