default.rb 2.77 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103


package 'mailman'

template '/etc/mailman/mm_cfg.py' do
  owner 'root'
  group 'mailman'
  mode 0644
  notifies :restart, 'service[mailman]'
end

execute 'create-meta-list' do
  admin = node['config']['lists_admin']
  password = SecureRandom.random_number.to_s

  command "sudo -u mailman /usr/lib/mailman/bin/newlist --quiet mailman #{admin} $(openssl rand -hex 6)"

  not_if { File.exists?('/var/lib/mailman/lists/mailman') }
  notifies :restart, 'service[mailman]'
end

service 'mailman' do
  action :enable
  supports :restart => true
end

execute 'postfix:config' do
  command [
    "postconf relay_domains=#{node['config']['lists_hostname']}",
    "postconf transport_maps=hash:/etc/postfix/transport",
  ].join(' && ')
  notifies :reload, 'service[postfix]'
end

execute 'postfix:interfaces' do
  command "postconf inet_interfaces=\"$(cat /etc/hostname), localhost\""
  only_if { `postconf -h inet_interfaces`.strip == 'localhost' }
  notifies :restart, 'service[postfix]'
end

file '/etc/postfix/transport' do
  owner 'root'
  group 'root'
  mode  0644
  content "#{node['config']['lists_hostname']}  mailman:\n"
  notifies :run, 'execute[compile-postfix-transport]'
end

execute 'compile-postfix-transport' do
  command 'postmap /etc/postfix/transport'
  action :nothing
end

# FIXME remove this after 2015-05-01
file '/etc/postfix/postfix-to-mailman-centos.py' do
  action :delete
end

# Add mailman group to nginx user
execute 'nginx-mailman-group' do
  command "usermod -a -G mailman nginx"
end

cookbook_file '/usr/lib/mailman/bin/postfix-to-mailman.py' do
  owner 'root'
  group 'root'
  mode 0755
end

#######################################################################
# SELinux: allow Postfix pipe process to write to Mailman data
#######################################################################
cookbook_file '/etc/selinux/local/spb_postfix_mailman.te' do
  notifies :run, 'execute[selinux-postfix-mailman]'
end
execute 'selinux-postfix-mailman' do
  command 'selinux-install-module /etc/selinux/local/spb_postfix_mailman.te'
  action :nothing
end
#######################################################################

cookbook_file '/etc/cron.d/mailman-spb' do
  owner 'root'
  group 'root'
  mode 0644
end

execute 'postfix:disable-send-emails' do
  command "postconf 'default_transport = fs_mail'"
  only_if "#{node['config']['disable_send_emails']}"
end

execute 'postfix:enable-send-emails' do
  command "postconf 'default_transport = smtp'"
  not_if "#{node['config']['disable_send_emails']}"
end

cookbook_file '/etc/postfix/master.cf' do
  notifies :reload, 'service[postfix]'
end

execute 'set-mailman-default-list' do
  command "printf 'mlist.archive = False\nmlist.archive_private = 1' > /tmp/set_mailman_list && \
  sudo /usr/lib/mailman/bin/config_list -i /tmp/set_mailman_list mailman"
end