Skip to content
/ sympa Public

Use Ansible to configure a Sympa mailing list server

License

Notifications You must be signed in to change notification settings

stuvusIT/sympa

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

sympa

This is an Ansible role which sets up a Sympa mailing list manager.

Requirements

Debian stretch or Ubuntu server. MySQL/MariaDB or PostgreSQL database options. Database manager can be previously installed in the host (default) or optionnally installed by the role itself. Webserver for Sympa should be configured elsewhere.

Role Variables

For the full documentation see https://sympa-community.github.io/, this role was tested with Sympa Version 6.2.16 (Debian stretch sympa package).

List Templates

sympa_template_lists is a list of templates to be defined. For contents see the template list sympa documentation. Each entry consists of the following and will lead to a folder beeing created, containing comment.tt2 and config.tt2, beeing created in /etc/sympa/create_list_templates/ with the name attribute as folder name,:

Name Required/Default Description
name ✔️ Name for the folder for the template
config ✔️ Content to be written to the config.tt2 file
comment ✔️ Content to be written to the comment.tt2 file

Datasources

sympa_data_sources is a list of data sources to be defined. For contents see the data source sympa documentation. Each entry consists of the following and will lead to a file with the ending incl beeing created in /etc/sympa/data_sources/:

Name Required/Default Description
name ✔️ Filename for the data source
content ✔️ Content to be written to the data source file

Alias manager

sympa_alias_manager is the path to the alias manager executable. If the sympa_ldap_alias_entry variable is defined it will be written to /etc/sympa/ldap_alias_entry.tt2. If the sympa_ldap_alias_manager_conf variable is defined it will be written to /etc/sympa/ldap_alias_manager.conf, and can contain the following values:

Name Required/Default Description
host ✔️ Host url of the LDAP server.
bind_dn ✔️ bind dn of the user to be used.
bind_pwd ✔️ Password of the user.
base_dn ✔️ Base Dn of the LDAP tree.
mail_attribute mailRoutingAddress Attribute used to write to.
ssl false Enable or disable ssl
queue_transport sympa Name of the normal transport.
bouncequeue_transport sympabounce Name of the transport when a mail bounces.

Auth Variables

sympa_auth is list of auth methods used in order. Each entry consists of the following:

Name Required/Default Description
name ✔️ Name of the auth option like ldap, user_table
options ✔️ Dict of options for the auth method

Example

sympa_auth:
- name: ldap
options:
  host: ldap.example.com:636
  timeout: 20
  suffix: yoursuffix
  bind_dn: yourbinddn
  bind_password: yourpw
  use_tls: ldaps
  ca_verify: none
  get_dn_by_uid_filter: "(uid=[sender])"
  email_attribute: mail
  scope: sub
  authentication_info_url: https://example.com
- name: user_table
options:
  regexp: ".*"

Topic Variables

List of topics under the key sympa_topics. Each list entry contains the following:

Name Required/Default Description
path ✔️ Path of the category
title ✔️ Title of the category

Example

sympa_topics:
- path: art
title: Art
- path: art/expressionism
title: Expressionism

Database manager

Name Required/Default Description
sympa_db_type mysql Choice of database manager. MySQL or PostgreSQL. mysql and Pg values are acceptable, but deprecated. Other database options are not managed.
sympa_install_db_package False Whether the db manager is installed previously (False) or the role installs it (True)

Sympa Variables

Name Required/Default Description
sympa_domain ✔️ Main robot hostname
sympa_listmaster ✔️ List of email address to promote to listmaster
sympa_wwsympa_url ✔️ URL of main Web page
sympa_email ✖️ Local part of sympa email address
sympa_db_password ✔️ Password for the database connection
sympa_db_name sympa Name of the database
sympa_db_host localhost Hostname of the database server
sympa_db_port 3306 Port of the database server
sympa_db_user sympa User for the database connection
sympa_lang en Default language (one of supported languages)#supported_lang ca,cs,de,el,es,et,en-US,fr,fi,hu,it,ja,ko,nl,nb,oc,pl,pt-BR,ru,sv,tr,vi,zh-CN,zh-TW
sympa_logo_html_definition ✖️ HTML snippet to place logo in upper left corner
sympa_gecos SYMPA Gecos for service mail sent by Sympa itself.
sympa_process_archive False Store distributed messages into archive
sympa_max_wrong_password 19 Amount of wrong password tries
sympa_static_content_path /var/lib/sympa/static_content Directory for storing static contents
sympa_static_content_url /static-sympa URL mapped with the sympa_static_content_path directory
sympa_syslog LOCAL1 Syslog facility for sympa
sympa_log_level 0 Log verbosity 0: normal, 2,3,4: for debug
sympa_log_socket_type unix Communication mode with syslogd (unix,inet)
sympa_sendmail /usr/bin/sendmail Path to the MTA (sendmail, postfix, exim or qmail) should point to a sendmail-compatible binary (eg: a binary named "sendmail" is distributed with Postfix)
sympa_maxsmtp 40 Max. number of Sendmail processes (launched by Sympa) running
sympa_log_smtp False
sympa_use_blacklist [ send, create_list ] List of operations for which blacklist filter is applied . An empty list will disable the feature.
sympa_max_size 5242880 Default maximum size (in bytes) for messages (can be re-defined for each list)
sympa_sendmail_nrcpt 25 Maximum number of recipients per call to Sendmail. The nrcpt_by_domain.conf file allows a different tuning per destination domain.
sympa_sendmail_avg 10 Max. number of different domains per call to Sendmail
sympa_rfc2369_header_fields [help, subscribe, unsubscribe, post, owner, archive ] Specify which rfc2369 mailing list headers to add
sympa_remove_headers [ X-Sympa-To, X-Family-To, Return-Receipt-To, Precedence, X-Sequence, Disposition, Notification-To, Sender ] Specify header fields to be removed before message distribution
sympa_reject_mail_from_automates_feature True Reject mail from automates (crontab, etc) sent to a list?
sympa_packet_priority 5 Default priority for a packet to be sent by bulk.
sympa_bulk_fork_threshold 1 Minimum number of packets in database before the bulk forks to increase sending rate
sympa_bulk_max_count 3 Max number of bulks that will run on the same server
sympa_bulk_lazytime 600 The number of seconds a slave bulk will remain running without processing a message before it spontaneously dies.
sympa_bulk_sleep 1 The number of seconds a bulk sleeps between starting a new loop if it didn't find a message to send.
sympa_bulk_wait_to_fork 10 Number of seconds a master bulk waits between two packets number checks.
sympa_default_max_list_members 0 Default limit for the number of subscribers per list (0 means no limit)
sympa_spool /var/spool/sympa Directory containing various specialized spools
sympa_queue /var/spool/sympa/msg Directory for message incoming spool
sympa_queuemod /var/spool/sympa/moderation Directory for moderation spool
sympa_queuedigest /var/spool/sympa/digest Directory for digest spool
sympa_queueauth /var/spool/sympa/auth Directory for authentication spool
sympa_queueoutgoing /var/spool/sympa/outgoing Directory for archive spool
sympa_queuesubscribe /var/spool/sympa/subscribe Directory for subscription spool
sympa_queuetopic /var/spool/sympa/topic Directory for topic spool
sympa_queuebounce /var/spool/sympa/bounce Directory for bounce incoming spool
sympa_queuetask /var/spool/sympa/task Directory for task spool
sympa_queueautomatic /var/spool/sympa/automatic Directory for automatic list creation spool
sympa_queuebulk /var/spool/sympa/bulk Directory for message outgoing spool
sympa_viewmail_dir /var/spool/sympa/viewmail Directory containing HTML file generated by MHonArc while displaying messages other than archives
sympa_welcome_return_path owner Welcome message return-path ( unique,owner ) If set to unique, new subcriber is removed if welcome message bounce
sympa_remind_return_path owner Remind message return-path ( unique, owner ) If set to unique, subcriber is removed if remind message bounce, use with care
sympa_bounce_path /var/lib/sympa/bounce Directory for storing bounces Better if not in a critical partition
sympa_expire_bounce daily Task name for expiration of old bounces
sympa_bounce_warn_rate 30 Bouncing email rate for warn list owner
sympa_bounce_halt_rate 50 Bouncing email rate for halt the list (not implemented)
sympa_cache_list_config none Use of binary version of the list config structure on disk (none, binary_file)
sympa_sympa_priority 1 Sympa commands priority
sympa_request_priority 0
sympa_owner_priority 9
sympa_default_list_priority 5 Default priority for list messages
sympa_parsed_family_files [message.footer, message.header, message.footer.mome, message.header.mime, info ] list of files that will be parsed by Sympa when instantiating a family (no space allowed in file names)
sympa_dkim_feature False
sympa_dkim_add_signature_to [ robot, list ] Insert a DKIM signature to message from the robot, from the list or both
sympa_dkim_signature_apply_on [md5_authenticated_messages, smime_authenticated_messages, dkim_authenticated_messages, editor_validated_messages ] Type of message that gets a DKIM signature added before distribution to subscribers. It is a list of the following keywords: "md5_authenticated_messages", "smime_authenticated_messages", "dkim_authenticated_messages", "editor_validated_messages".
sympa_dkim_private_key_path /etc/ssl/dkim_private.key Location of the file where DKIM private key is stored
sympa_dkim_signer_domain ✖️ The "d=" tag as defined in rfc 4871, default is virtual host domain name
sympa_dkim_selector ✖️ The selector
sympa_dkim_signer_identity ✖️ The "i=" tag as defined in rfc 4871, default is null
sympa_antivirus_path ✖️ Path to the antivirus scanner engine supported antivirus: Clam AntiVirus/clamscan & clamdscan, McAfee/uvscan, Fsecure/fsav, Sophos, AVP and Trend Micro/VirusWall
sympa_antivirus_args ✖️ Antivirus plugin command argument
sympa_antispam_tag_header_name X-Spam-Status If a spam filter (like spamassassin or j-chkmail) add a smtp headers to tag spams, name of this header (example X-Spam-Status)
sympa_antispam_tag_header_spam_regexp ✖️ Regexp applied on this header to verify message is a spam (example Yes)
sympa_antispam_tag_header_ham_regexp ✖️ Regexp applied on this header to verify message is NOT a spam (example No)
sympa_spam_status ✖️ Messages are supposed to be filtered by an antispam that add one more headers to messages. This parameter is used to select a special scenario in order to decide the message spam status: ham, spam or unsure. This parameter replace antispam_tag_header_name, antispam_tag_header_spam_regexp and antispam_tag_header_ham_regexp.
sympa_arc_path /var/lib/sympa/arc Directory for storing HTML archives
sympa_default_index thrd Default index organization when entering the web archive: either threaded or in chronological order
sympa_cookie_expire 0 HTTP cookies lifetime
sympa_cookie_domain localhost HTTP cookies validity domain
sympa_cookie_refresh 60 Average interval to refresh HTTP session ID.
sympa_custom_archiver ✖️ Activates a custom archiver to use instead of MHonArc. The value of this parameter is the absolute path on the file system to the script of the custom archiver.
sympa_default_home home Type of main Web page ( lists, home )
sympa_edit_list owner
sympa_ldap_force_canonical_email 1 When using LDAP authentication, if the identifier provided by the user was a valid email, if this parameter is set to false, then the provided email will be used to authenticate the user. Otherwise, use of the first email returned by the LDAP server will be used.
sympa_review_page_size 25 Default number of lines of the array displaying users in the review page
sympa_web_page_title Mailing lists service Title of main Web page
sympa_show_default_templates false Show or hide the default list templates
sympa_template_lists [] List of templates to be defined.
sympa_data_sources false List of data sources to be defined.
sympa_sendmail_aliases If set, will put the sendmail_aliases statement with the given value in the sympa conf and therefore configure the senmail_aliases file sympa uses.
sympa_alias_manager `` Path to the alias manager executable.
sympa_ldap_alias_entry `` Multiline string, written to /etc/sympa/ldap_alias_entry.tt2.
sympa_ldap_alias_manager_conf `` Dict containing alias manager config attributes
sympa_auth [{ name: "user:table", options: {regexp: ".*"}}] List of auth methods used in order.
sympa_fcgi_socket_user www-data Owner of the fastcgi socket file for wwsympa. This should be the user the webserver is running as.

License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Author Information