WIP mailman3 setup

whatwg · Dec 17, 2017 · 213da82 · 213da82
1 parent 9924c01
commit 213da82
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 0 deletions.
diff --git a/debian/listing/00-nginx-conf b/debian/listing/00-nginx-conf
@@ -0,0 +1,12 @@
+#!/bin/bash -e
+
+apt-get install nginx
+rm -f /etc/nginx/sites-enabled/*
+cp nginx/conf/* /etc/nginx/conf.d/
+
+mkdir -p /var/www/http/.well-known/acme-challenge/
+chown -R deploy:deploy /var/www
+rm -rf /var/www/html
+
+nginx -t
+nginx -s reload
diff --git a/debian/listing/01-certbot b/debian/listing/01-certbot
@@ -0,0 +1,9 @@
+#!/bin/bash -e
+
+apt-get install certbot
+
+for domain in `cat DOMAINS`; do
+    certbot certonly -n --agree-tos --webroot -m admin@whatwg.org -d $domain -w /var/www/http
+done
+
+# TODO: reload nginx when certs are updated
diff --git a/debian/listing/02-nginx-sites b/debian/listing/02-nginx-sites
@@ -0,0 +1,7 @@
+#!/bin/bash -e
+
+rm -f /etc/nginx/sites-enabled/*
+cp nginx/sites/* /etc/nginx/sites-enabled/
+
+nginx -t
+nginx -s reload
diff --git a/debian/listing/03-mailman b/debian/listing/03-mailman
@@ -0,0 +1,20 @@
+#!/bin/bash -e
+
+# http://docs.mailman3.org/en/latest/prodsetup.html
+
+apt-get install python-pip python3-pip
+apt-get install ruby-sass
+pip2 install whoosh # Django's settings.py changes not needed
+pip3 install mailman
+pip2 install postorius
+pip2 install hyperkitty
+pip2 install django
+
+#adduser --gecos "" --disabled-password mailmanuser
+#touch /etc/mailman.cfg
+#adduser --gecos "" --disabled-password djangouser
+cd /home/djangouser
+sudo -u djangouser git clone https://gitlab.com/mailman/mailman-suite.git
+cd mailman-suite/mailman-suite_project/
+sudo -u djangouser python2 manage.py migrate
+sudo -u djangouser python2 manage.py collectstatic
diff --git a/debian/listing/DOMAINS b/debian/listing/DOMAINS
@@ -0,0 +1 @@
+lists.whatwg.org
diff --git a/debian/listing/nginx/conf/http.conf b/debian/listing/nginx/conf/http.conf
@@ -0,0 +1,11 @@
+server {
+  root /var/www/http;
+
+  location ^~ /.well-known/acme-challenge/ {
+    default_type application/jose+json;
+  }
+
+  location / {
+    return 301 https://$host$request_uri;
+  }
+}
diff --git a/debian/listing/nginx/sites/listing.whatwg.org.conf b/debian/listing/nginx/sites/listing.whatwg.org.conf
@@ -0,0 +1,17 @@
+server {
+  listen 443 ssl http2 default_server;
+  ssl_certificate /etc/letsencrypt/live/lists.foolip.org/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/lists.foolip.org/privkey.pem;
+
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+
+  server_name lists.foolip.org;
+
+  location / {
+    proxy_pass http://localhost:8000;
+  }
+
+  location /static/ {
+    alias /home/djangouser/mailman-suite/mailman-suite_project/static/;
+  }
+}