From 73f0a5336af7702e5cebca5c11f2289f2e0e1a57 Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Wed, 25 Oct 2023 19:44:08 +0000 Subject: [PATCH] Merge production and test node mailman configs Now that the Mailman v3 migration is complete, we no longer need any divergence between the lists01 (production) and lists99 (test node) host vars, so put everything into the group vars file instead. Change-Id: If92943694e95ef261fbd254eff65a51d8d3f7ce5 --- doc/source/lists.rst | 2 +- inventory/service/group_vars/mailman3.yaml | 235 ++++++++++++++ .../host_vars/lists01.opendev.org.yaml | 234 -------------- .../files/host_vars/lists99.opendev.org.yaml | 295 ------------------ playbooks/zuul/run-base.yaml | 9 +- .../zuul/templates/group_vars/mailman.yaml.j2 | 3 - .../templates/group_vars/mailman3.yaml.j2 | 9 + zuul.d/infra-prod.yaml | 1 - zuul.d/system-config-run.yaml | 3 +- 9 files changed, 247 insertions(+), 544 deletions(-) delete mode 100644 inventory/service/host_vars/lists01.opendev.org.yaml delete mode 100644 playbooks/zuul/files/host_vars/lists99.opendev.org.yaml delete mode 100644 playbooks/zuul/templates/group_vars/mailman.yaml.j2 create mode 100644 playbooks/zuul/templates/group_vars/mailman3.yaml.j2 diff --git a/doc/source/lists.rst b/doc/source/lists.rst index e02abab0b2..742cdf6c64 100644 --- a/doc/source/lists.rst +++ b/doc/source/lists.rst @@ -31,7 +31,7 @@ Adding a List ============= A list may be added by adding it to the ``openstack-infra/system-config`` -repository in :git_file:`inventory/service/host_vars/lists01.opendev.org.yaml`. +repository in :git_file:`inventory/service/group_vars/mailman3.yaml`. For example: .. code-block:: yaml diff --git a/inventory/service/group_vars/mailman3.yaml b/inventory/service/group_vars/mailman3.yaml index e8a0ad3797..2c04d13f93 100644 --- a/inventory/service/group_vars/mailman3.yaml +++ b/inventory/service/group_vars/mailman3.yaml @@ -77,4 +77,239 @@ exim_transports: headers_remove = Errors-To max_rcpt = 1 return_path = ${local_part:$return_path}+$local_part=$domain@${domain:$return_path} +# Mailman Configs mailman_multihost: true +mm_domains: 'lists.openstack.org:lists.zuul-ci.org:lists.airshipit.org:lists.starlingx.io:lists.opendev.org:lists.openinfra.dev:lists.katacontainers.io' +exim_local_domains: "@:{{ mm_domains }}" +exim_enable_spf: true +exim_aliases: + root: "{{ ','.join(listadmins|default([])) }}" + interop-wg: openstack-discuss + openstack: openstack-discuss + openstack-dev: openstack-discuss + openstack-infra: openstack-discuss + openstack-operators: openstack-discuss + openstack-security: openstack-discuss + openstack-sigs: openstack-discuss + openstack-tc: openstack-discuss + user-committee: openstack-discuss + airship-discuss-owner: spam + community-owner: spam + edge-computing-owner: spam + foundation-board-confidential-owner: spam + foundation-board-owner: spam + foundation-owner: spam + legal-discuss-owner: spam + mailman-owner: spam + marketing-owner: spam + openstack-announce-owner: spam + openstack-docs-owner: spam + openstack-fr-owner: spam + openstack-i18n-owner: spam + openstack-infra-owner: spam + openstack-ko-owner: spam + openstack-qa-owner: spam + product-wg-owner: spam + user-committee-owner: spam + spam: ':fail: delivery temporarily disabled due to ongoing spam flood' + # This is the local username for mailman processes, but it does not send nor + # need to receive messages. + mailman: ':blackhole: this address does not accept email' + # TODO It would be better to bypass verification for postorius@listdomain + # and set a :fail: rule for anyone trying to send email to this addr. + # But that requires updating our main exim config so that needs more thought. + postorius: ':blackhole: outgoing email only from this address' +exim_domain_aliases: + community@lists.openstack.org: community@lists.openinfra.dev + edge-computing@lists.openstack.org: edge-computing@lists.opendev.org + foundation@lists.openstack.org: foundation@lists.openinfra.dev + foundation-board@lists.openstack.org: foundation-board@lists.openinfra.dev + foundation-board-confidential@lists.openstack.org: foundation-board-confidential@lists.openinfra.dev + goldmembers@lists.openstack.org: goldmembers@lists.openinfra.dev + marketing@lists.openstack.org: marketing@lists.openinfra.dev + staff@lists.openstack.org: staff@lists.openinfra.dev + summit-programming-committee@lists.openinfra.dev: summit-track-chairs@lists.openinfra.dev + summitsponsors@lists.openstack.org: summitsponsors@lists.openinfra.dev +mailman_sites: + # First entry in this list is the primary web domain + - listdomain: lists.opendev.org + install_languages: ['en'] + lists: + - name: computing-force-network + description: 'Organizing efforts around Computing Force Network related area' + owner: 'niujie@outlook.com' + - name: edge-computing + description: 'Organizing efforts around the edge-computing focus area.' + owner: 'ildiko@openinfra.dev' + - name: floss-mooc + description: 'Discussions & Coordination around the FLOSS MOOC being collaboratively developed here: https://gitlab.com/mooc-floss/mooc-floss' + owner: 'knelson@openinfra.dev' + - name: nbmp-discuss + description: 'Collaborating on Network Based Media Processing related platform and infrastructure systems usage and development.' + owner: 'ildiko@openstack.org' + - name: openinfralabs + description: 'Discussion of the OpenInfra Labs academic and research resource sharing effort' + owner: 'mnaser@vexxhost.com' + - name: rust-vmm + description: 'Collaborating on Rust-based virtual machine monitors.' + owner: 'claire@openstack.org' + - name: rustyk8s + description: 'Collaborating on Rust-based Kubernetes API.' + owner: 'allison@lohutok.net' + - name: service-announce + description: 'Announcement list for OpenDev services.' + owner: 'cboylan@sapwetik.org' + - name: service-discuss + description: 'Discussion list for OpenDev services.' + owner: 'cboylan@sapwetik.org' + - name: service-incident + description: 'Private list for OpenDev incident coordination.' + owner: 'cboylan@sapwetik.org' + private: true + - listdomain: lists.zuul-ci.org + install_languages: ['en'] + lists: + - name: zuul-announce + description: 'Announcements of Zuul releases and other important information.' + owner: 'corvus@inaugust.com' + - name: zuul-discuss + description: 'Discussion of Zuul usage and development.' + owner: 'corvus@inaugust.com' + - name: zuul-jobs-failures + description: 'Gets notifications about zuul-jobs periodic job failures.' + owner: 'corvus@inaugust.com' + - listdomain: lists.airshipit.org + install_languages: ['en'] + lists: + - name: airship-announce + description: 'Announcements of Airship releases and other important information.' + owner: 'jonathan@openstack.org' + - name: airship-discuss + description: 'Discussion of Airship usage and development.' + owner: 'jonathan@openstack.org' + - name: airship-embargo-notice + description: 'Embargoed security vulnerability announcements for Airship consumers.' + owner: 'andrew.walters@att.com' + private: true + - name: airship-job-failures + description: 'Notification messages for failures from CICD jobs.' + owner: 'roman.gorshunov@att.com' + - name: airship-security + description: 'Public Airship security advisories.' + owner: 'andrew.walters@att.com' + - listdomain: lists.katacontainers.io + install_languages: ['en'] + lists: + - name: embargo-notice + description: 'Announcements of embargoed notices for the Kata Containers project' + owner: 'jonathan@openstack.org' + private: true + - name: kata-dev + description: 'Kata Containers Development Mailing List (not for usage questions)' + owner: 'jonathan@openstack.org' + - name: kata-hypervisor + description: 'Discussion of security and virtualization targeted at container use cases' + owner: 'jonathan@openstack.org' + - listdomain: lists.openinfra.dev + install_languages: ['en'] + lists: + - name: community + description: 'The OpenInfra Community team is the main contact point for anybody running a local OpenInfra Group.' + owner: 'allison@openinfra.dev' + - name: europe-advisory-board + description: 'Private coordination within the OpenInfra EU Advisory Board.' + owner: 'wes@openinfra.dev' + private: true + - name: foundation + description: 'General discussion list for activities of the OpenInfra Foundation' + owner: 'jonathan@openinfra.dev' + - name: foundation-board + description: 'OpenInfra Foundation Board of Directors' + owner: 'jonathan@openinfra.dev' + - name: foundation-board-confidential + description: 'OpenInfra Foundation Board of Directors' + owner: 'jonathan@openinfra.dev' + private: true + - name: goldmembers + description: 'The discussion list for Gold Members of the OpenInfra Foundation' + owner: 'jonathan@openinfra.dev' + private: true + - name: marketing + description: 'The OpenInfra Marketing list is the meant to facilitate discussion and best practice sharing among marketers and event organizers in the OpenInfra community.' + owner: 'allison@openinfra.dev' + - name: nordix + description: 'Discussion and coordination of Nordix environment' + owner: 'robert.tomczyk@est.tech' + - name: openinfra-europe + description: 'Discussion related to the OpenInfra EU hub.' + owner: 'wes@openinfra.dev' + - name: staff + description: 'Private list for OpenInfra Foundation staff members' + owner: 'mark@openinfra.dev' + private: true + - name: summit-track-chairs + description: 'OpenInfra Summit track chair communications' + owner: 'erin@openinfra.dev' + private: true + - name: summitsponsors + description: 'Coordination among OpenInfra Summit event sponsors' + owner: 'erin@openinfra.dev' + private: true + - listdomain: lists.starlingx.io + install_languages: ['en'] + lists: + - name: starlingx-announce + description: 'Announcements of StarlingX releases and other important information.' + owner: 'jonathan@openstack.org' + - name: starlingx-discuss + description: 'Discussion of StarlingX usage and development.' + owner: 'jonathan@openstack.org' + - listdomain: lists.openstack.org + install_languages: ['de', 'fr', 'it', 'ko', 'ru', 'vi', 'zh_TW'] + lists: + - name: embargo-notice + description: 'Announcements to stakeholders for embargoed security vulnerabilities.' + owner: 'fungi@yuggoth.org' + private: true + - name: legal-discuss + description: 'Discussions on legal matters related to the project' + owner: 'thierry@openinfra.dev' + - name: openstack-announce + description: 'Key announcements about OpenStack & Security advisories' + owner: 'fungi@yuggoth.org' + - name: openstack-discuss + description: 'Discussion of OpenStack usage and development.' + owner: 'fungi@yuggoth.org' + - name: openstack-es + description: 'Lista de correo acerca de OpenStack en español' + owner: 'flavio@redhat.com' + - name: openstack-fr + description: 'List of the OpenStack french user group' + owner: 'erwan@erwan.com' + - name: openstack-hpc + description: 'High-Performance Computing OpenStack List' + owner: 'brian.schott@nimbisservices.com' + - name: openstack-i18n + description: 'List of the OpenStack Internationalization team.' + owner: 'guoyingc@cn.ibm.com' + - name: openstack-it + description: 'Discussioni su OpenStack in italiano' + owner: 'stefano@openstack.org' + - name: openstack-ko + description: 'OpenStack Korea Community Discussions in Korean (오픈스택 한국 커뮤니티 메일링리스트)' + owner: 'ianyrchoi@gmail.com' + - name: openstack-mentoring + description: 'List to coordinate interactions between mentors and mentees of the OpenStack mentoring program. Also for questions about the mentoring program (i.e. how to get involved, how it works, etc.' + owner: 'amy@demarco.com' + - name: openstack-stable-maint + description: 'A mailing list for the OpenStack Stable Branch test reports.' + owner: 'tony@bakeyournoodle.com' + - name: openstack-zh + description: 'OpenStack社区中文讨论群组' + owner: 'yeluaiesec@gmail.com' + - name: release-announce + description: 'Announcement of official OpenStack releases.' + owner: 'thierry@openstack.org' + - name: release-job-failures + description: 'Notification messages for failures from release-related build jobs.' + owner: 'doug@doughellmann.com' diff --git a/inventory/service/host_vars/lists01.opendev.org.yaml b/inventory/service/host_vars/lists01.opendev.org.yaml deleted file mode 100644 index 15ef6ac3f9..0000000000 --- a/inventory/service/host_vars/lists01.opendev.org.yaml +++ /dev/null @@ -1,234 +0,0 @@ -mm_domains: 'lists.openstack.org:lists.zuul-ci.org:lists.airshipit.org:lists.starlingx.io:lists.opendev.org:lists.openinfra.dev:lists.katacontainers.io' -exim_local_domains: "@:{{ mm_domains }}" -exim_enable_spf: true -exim_aliases: - root: "{{ ','.join(listadmins|default([])) }}" - interop-wg: openstack-discuss - openstack: openstack-discuss - openstack-dev: openstack-discuss - openstack-infra: openstack-discuss - openstack-operators: openstack-discuss - openstack-security: openstack-discuss - openstack-sigs: openstack-discuss - openstack-tc: openstack-discuss - user-committee: openstack-discuss - airship-discuss-owner: spam - community-owner: spam - edge-computing-owner: spam - foundation-board-confidential-owner: spam - foundation-board-owner: spam - foundation-owner: spam - legal-discuss-owner: spam - mailman-owner: spam - marketing-owner: spam - openstack-announce-owner: spam - openstack-docs-owner: spam - openstack-fr-owner: spam - openstack-i18n-owner: spam - openstack-infra-owner: spam - openstack-ko-owner: spam - openstack-qa-owner: spam - product-wg-owner: spam - user-committee-owner: spam - spam: ':fail: delivery temporarily disabled due to ongoing spam flood' - # This is the local username for mailman processes, but it does not send nor - # need to receive messages. - mailman: ':blackhole: this address does not accept email' - # TODO It would be better to bypass verification for postorius@listdomain - # and set a :fail: rule for anyone trying to send email to this addr. - # But that requires updating our main exim config so that needs more thought. - postorius: ':blackhole: outgoing email only from this address' -exim_domain_aliases: - community@lists.openstack.org: community@lists.openinfra.dev - edge-computing@lists.openstack.org: edge-computing@lists.opendev.org - foundation@lists.openstack.org: foundation@lists.openinfra.dev - foundation-board@lists.openstack.org: foundation-board@lists.openinfra.dev - foundation-board-confidential@lists.openstack.org: foundation-board-confidential@lists.openinfra.dev - goldmembers@lists.openstack.org: goldmembers@lists.openinfra.dev - marketing@lists.openstack.org: marketing@lists.openinfra.dev - staff@lists.openstack.org: staff@lists.openinfra.dev - summit-programming-committee@lists.openinfra.dev: summit-track-chairs@lists.openinfra.dev - summitsponsors@lists.openstack.org: summitsponsors@lists.openinfra.dev -mailman_sites: - # First entry in this list is the primary web domain - - listdomain: lists.opendev.org - install_languages: ['en'] - lists: - - name: computing-force-network - description: 'Organizing efforts around Computing Force Network related area' - owner: 'niujie@outlook.com' - - name: edge-computing - description: 'Organizing efforts around the edge-computing focus area.' - owner: 'ildiko@openinfra.dev' - - name: floss-mooc - description: 'Discussions & Coordination around the FLOSS MOOC being collaboratively developed here: https://gitlab.com/mooc-floss/mooc-floss' - owner: 'knelson@openinfra.dev' - - name: nbmp-discuss - description: 'Collaborating on Network Based Media Processing related platform and infrastructure systems usage and development.' - owner: 'ildiko@openstack.org' - - name: openinfralabs - description: 'Discussion of the OpenInfra Labs academic and research resource sharing effort' - owner: 'mnaser@vexxhost.com' - - name: rust-vmm - description: 'Collaborating on Rust-based virtual machine monitors.' - owner: 'claire@openstack.org' - - name: rustyk8s - description: 'Collaborating on Rust-based Kubernetes API.' - owner: 'allison@lohutok.net' - - name: service-announce - description: 'Announcement list for OpenDev services.' - owner: 'cboylan@sapwetik.org' - - name: service-discuss - description: 'Discussion list for OpenDev services.' - owner: 'cboylan@sapwetik.org' - - name: service-incident - description: 'Private list for OpenDev incident coordination.' - owner: 'cboylan@sapwetik.org' - private: true - - listdomain: lists.zuul-ci.org - install_languages: ['en'] - lists: - - name: zuul-announce - description: 'Announcements of Zuul releases and other important information.' - owner: 'corvus@inaugust.com' - - name: zuul-discuss - description: 'Discussion of Zuul usage and development.' - owner: 'corvus@inaugust.com' - - name: zuul-jobs-failures - description: 'Gets notifications about zuul-jobs periodic job failures.' - owner: 'corvus@inaugust.com' - - listdomain: lists.airshipit.org - install_languages: ['en'] - lists: - - name: airship-announce - description: 'Announcements of Airship releases and other important information.' - owner: 'jonathan@openstack.org' - - name: airship-discuss - description: 'Discussion of Airship usage and development.' - owner: 'jonathan@openstack.org' - - name: airship-embargo-notice - description: 'Embargoed security vulnerability announcements for Airship consumers.' - owner: 'andrew.walters@att.com' - private: true - - name: airship-job-failures - description: 'Notification messages for failures from CICD jobs.' - owner: 'roman.gorshunov@att.com' - - name: airship-security - description: 'Public Airship security advisories.' - owner: 'andrew.walters@att.com' - - listdomain: lists.katacontainers.io - install_languages: ['en'] - lists: - - name: embargo-notice - description: 'Announcements of embargoed notices for the Kata Containers project' - owner: 'jonathan@openstack.org' - private: true - - name: kata-dev - description: 'Kata Containers Development Mailing List (not for usage questions)' - owner: 'jonathan@openstack.org' - - name: kata-hypervisor - description: 'Discussion of security and virtualization targeted at container use cases' - owner: 'jonathan@openstack.org' - - listdomain: lists.openinfra.dev - install_languages: ['en'] - lists: - - name: community - description: 'The OpenInfra Community team is the main contact point for anybody running a local OpenInfra Group.' - owner: 'allison@openinfra.dev' - - name: europe-advisory-board - description: 'Private coordination within the OpenInfra EU Advisory Board.' - owner: 'wes@openinfra.dev' - private: true - - name: foundation - description: 'General discussion list for activities of the OpenInfra Foundation' - owner: 'jonathan@openinfra.dev' - - name: foundation-board - description: 'OpenInfra Foundation Board of Directors' - owner: 'jonathan@openinfra.dev' - - name: foundation-board-confidential - description: 'OpenInfra Foundation Board of Directors' - owner: 'jonathan@openinfra.dev' - private: true - - name: goldmembers - description: 'The discussion list for Gold Members of the OpenInfra Foundation' - owner: 'jonathan@openinfra.dev' - private: true - - name: marketing - description: 'The OpenInfra Marketing list is the meant to facilitate discussion and best practice sharing among marketers and event organizers in the OpenInfra community.' - owner: 'allison@openinfra.dev' - - name: nordix - description: 'Discussion and coordination of Nordix environment' - owner: 'robert.tomczyk@est.tech' - - name: openinfra-europe - description: 'Discussion related to the OpenInfra EU hub.' - owner: 'wes@openinfra.dev' - - name: staff - description: 'Private list for OpenInfra Foundation staff members' - owner: 'mark@openinfra.dev' - private: true - - name: summit-track-chairs - description: 'OpenInfra Summit track chair communications' - owner: 'erin@openinfra.dev' - private: true - - name: summitsponsors - description: 'Coordination among OpenInfra Summit event sponsors' - owner: 'erin@openinfra.dev' - private: true - - listdomain: lists.starlingx.io - install_languages: ['en'] - lists: - - name: starlingx-announce - description: 'Announcements of StarlingX releases and other important information.' - owner: 'jonathan@openstack.org' - - name: starlingx-discuss - description: 'Discussion of StarlingX usage and development.' - owner: 'jonathan@openstack.org' - - listdomain: lists.openstack.org - install_languages: ['de', 'fr', 'it', 'ko', 'ru', 'vi', 'zh_TW'] - lists: - - name: embargo-notice - description: 'Announcements to stakeholders for embargoed security vulnerabilities.' - owner: 'fungi@yuggoth.org' - private: true - - name: legal-discuss - description: 'Discussions on legal matters related to the project' - owner: 'thierry@openinfra.dev' - - name: openstack-announce - description: 'Key announcements about OpenStack & Security advisories' - owner: 'fungi@yuggoth.org' - - name: openstack-discuss - description: 'Discussion of OpenStack usage and development.' - owner: 'fungi@yuggoth.org' - - name: openstack-es - description: 'Lista de correo acerca de OpenStack en español' - owner: 'flavio@redhat.com' - - name: openstack-fr - description: 'List of the OpenStack french user group' - owner: 'erwan@erwan.com' - - name: openstack-hpc - description: 'High-Performance Computing OpenStack List' - owner: 'brian.schott@nimbisservices.com' - - name: openstack-i18n - description: 'List of the OpenStack Internationalization team.' - owner: 'guoyingc@cn.ibm.com' - - name: openstack-it - description: 'Discussioni su OpenStack in italiano' - owner: 'stefano@openstack.org' - - name: openstack-ko - description: 'OpenStack Korea Community Discussions in Korean (오픈스택 한국 커뮤니티 메일링리스트)' - owner: 'ianyrchoi@gmail.com' - - name: openstack-mentoring - description: 'List to coordinate interactions between mentors and mentees of the OpenStack mentoring program. Also for questions about the mentoring program (i.e. how to get involved, how it works, etc.' - owner: 'amy@demarco.com' - - name: openstack-stable-maint - description: 'A mailing list for the OpenStack Stable Branch test reports.' - owner: 'tony@bakeyournoodle.com' - - name: openstack-zh - description: 'OpenStack社区中文讨论群组' - owner: 'yeluaiesec@gmail.com' - - name: release-announce - description: 'Announcement of official OpenStack releases.' - owner: 'thierry@openstack.org' - - name: release-job-failures - description: 'Notification messages for failures from release-related build jobs.' - owner: 'doug@doughellmann.com' diff --git a/playbooks/zuul/files/host_vars/lists99.opendev.org.yaml b/playbooks/zuul/files/host_vars/lists99.opendev.org.yaml deleted file mode 100644 index 2351e029dd..0000000000 --- a/playbooks/zuul/files/host_vars/lists99.opendev.org.yaml +++ /dev/null @@ -1,295 +0,0 @@ -mailman_list_password: notarealpassword -mailman3_db_password: Eith5vii5beezohc -mailman3_db_root_password: eiloh9Edohngaeri -mailman3_hyperkitty_api_key: Thosai4Xomeque9e -mailman3_django_secret_key: ohki3ohWusai8tee -mailman3_rest_password: OhTo3doh5ohsuope -mailman3_admin_user: admin -mailman3_admin_email: infra-root@openstack.org -mailman3_admin_password: AeNie8vegeiquei1 -mm_domains: 'lists.openstack.org:lists.zuul-ci.org:lists.airshipit.org:lists.starlingx.io:lists.opendev.org:lists.openinfra.dev:lists.katacontainers.io' -exim_local_domains: "@:{{ mm_domains }}" -exim_enable_spf: true -exim_aliases: - root: "{{ ','.join(listadmins|default([])) }}" - interop-wg: openstack-discuss - openstack: openstack-discuss - openstack-dev: openstack-discuss - openstack-infra: openstack-discuss - openstack-operators: openstack-discuss - openstack-security: openstack-discuss - openstack-sigs: openstack-discuss - openstack-tc: openstack-discuss - user-committee: openstack-discuss - airship-discuss-owner: spam - community-owner: spam - edge-computing-owner: spam - foundation-board-confidential-owner: spam - foundation-board-owner: spam - foundation-owner: spam - legal-discuss-owner: spam - mailman-owner: spam - marketing-owner: spam - openstack-announce-owner: spam - openstack-docs-owner: spam - openstack-fr-owner: spam - openstack-i18n-owner: spam - openstack-infra-owner: spam - openstack-ko-owner: spam - openstack-qa-owner: spam - product-wg-owner: spam - user-committee-owner: spam - spam: ':fail: delivery temporarily disabled due to ongoing spam flood' - # This is the local username for mailman processes, but it does not send nor - # need to receive messages. - mailman: ':blackhole: this address does not accept email' - # TODO It would be better to bypass verification for postorius@listdomain - # and set a :fail: rule for anyone trying to send email to this addr. - # But that requires updating our main exim config so that needs more thought. - postorius: ':blackhole: outgoing email only from this address' -exim_domain_aliases: - community@lists.openstack.org: community@lists.openinfra.dev - edge-computing@lists.openstack.org: edge-computing@lists.opendev.org - foundation@lists.openstack.org: foundation@lists.openinfra.dev - foundation-board@lists.openstack.org: foundation-board@lists.openinfra.dev - foundation-board-confidential@lists.openstack.org: foundation-board-confidential@lists.openinfra.dev - goldmembers@lists.openstack.org: goldmembers@lists.openinfra.dev - marketing@lists.openstack.org: marketing@lists.openinfra.dev - staff@lists.openstack.org: staff@lists.openinfra.dev - summit-programming-committee@lists.openinfra.dev: summit-track-chairs@lists.openinfra.dev - summitsponsors@lists.openstack.org: summitsponsors@lists.openinfra.dev -exim_routers: - - mailman_verp_router: | - {% raw -%} - driver = dnslookup - condition = ${if or{{eq{$sender_host_address}{127.0.0.1}}\ - {eq{$sender_host_address}{::1}}}{yes}{no}} - {% endraw %} - domains = !+local_domains - ignore_target_hosts = <; 0.0.0.0; \ - 127.0.0.0/8; \ - ::1/128;fe80::/10;fe \ - c0::/10;ff00::/8 - senders = "*-bounces@*" - transport = mailman_verp_smtp - - dnslookup: '{{ exim_dnslookup_router }}' - - system_aliases: '{{ exim_system_aliases_router }}' - - domain_aliases: | - driver = redirect - allow_fail - allow_defer - data = ${lookup{$local_part@$domain}lsearch{/etc/aliases.domain}} - file_transport = address_file - pipe_transport = address_pipe - - localuser: '{{ exim_localuser_router }}' - - mailman_router: | - driver = accept - domains = {{ mm_domains }} - local_part_suffix = -admin : \ - -bounces : -bounces+* : \ - -confirm : -confirm+* : \ - -join : -leave : \ - -owner : -request : \ - -subscribe : -unsubscribe - local_part_suffix_optional - require_files = /var/lib/mailman/core/var/lists/${local_part}.${domain} - transport = mailman_transport -exim_transports: - - mailman_transport: | - debug_print = "Email for mailman" - driver = smtp - protocol = lmtp - allow_localhost - hosts = localhost - port = 8024 - rcpt_include_affixes = true - - mailman_verp_smtp: | - driver = smtp - headers_add = Errors-To: ${return_path} - headers_remove = Errors-To - max_rcpt = 1 - return_path = ${local_part:$return_path}+$local_part=$domain@${domain:$return_path} -mailman_multihost: true -mailman_sites: - # First entry in this list is the primary web domain - - listdomain: lists.opendev.org - install_languages: ['en'] - lists: - - name: computing-force-network - description: 'Organizing efforts around Computing Force Network related area' - owner: 'niujie@outlook.com' - - name: edge-computing - description: 'Organizing efforts around the edge-computing focus area.' - owner: 'ildiko@openinfra.dev' - - name: floss-mooc - description: 'Discussions & Coordination around the FLOSS MOOC being collaboratively developed here: https://gitlab.com/mooc-floss/mooc-floss' - owner: 'knelson@openinfra.dev' - - name: nbmp-discuss - description: 'Collaborating on Network Based Media Processing related platform and infrastructure systems usage and development.' - owner: 'ildiko@openstack.org' - - name: openinfralabs - description: 'Discussion of the OpenInfra Labs academic and research resource sharing effort' - owner: 'mnaser@vexxhost.com' - - name: rust-vmm - description: 'Collaborating on Rust-based virtual machine monitors.' - owner: 'claire@openstack.org' - - name: rustyk8s - description: 'Collaborating on Rust-based Kubernetes API.' - owner: 'allison@lohutok.net' - - name: service-announce - description: 'Announcement list for OpenDev services.' - owner: 'cboylan@sapwetik.org' - - name: service-discuss - description: 'Discussion list for OpenDev services.' - owner: 'cboylan@sapwetik.org' - - name: service-incident - description: 'Private list for OpenDev incident coordination.' - owner: 'cboylan@sapwetik.org' - private: true - - listdomain: lists.airshipit.org - install_languages: ['en'] - lists: - - name: airship-announce - description: 'Announcements of Airship releases and other important information.' - owner: 'jonathan@openstack.org' - - name: airship-discuss - description: 'Discussion of Airship usage and development.' - owner: 'jonathan@openstack.org' - - name: airship-embargo-notice - description: 'Embargoed security vulnerability announcements for Airship consumers.' - owner: 'andrew.walters@att.com' - private: true - - name: airship-job-failures - description: 'Notification messages for failures from CICD jobs.' - owner: 'roman.gorshunov@att.com' - - name: airship-security - description: 'Public Airship security advisories.' - owner: 'andrew.walters@att.com' - - listdomain: lists.katacontainers.io - install_languages: ['en'] - lists: - - name: embargo-notice - description: 'Announcements of embargoed notices for the Kata Containers project' - owner: 'jonathan@openstack.org' - private: true - - name: kata-dev - description: 'Kata Containers Development Mailing List (not for usage questions)' - owner: 'jonathan@openstack.org' - - name: kata-hypervisor - description: 'Discussion of security and virtualization targeted at container use cases' - owner: 'jonathan@openstack.org' - - listdomain: lists.openinfra.dev - install_languages: ['en'] - lists: - - name: community - description: 'The OpenInfra Community team is the main contact point for anybody running a local OpenInfra Group.' - owner: 'allison@openinfra.dev' - - name: europe-advisory-board - description: 'Private coordination within the OpenInfra EU Advisory Board.' - owner: 'wes@openinfra.dev' - private: true - - name: foundation - description: 'General discussion list for activities of the OpenInfra Foundation' - owner: 'jonathan@openinfra.dev' - - name: foundation-board - description: 'OpenInfra Foundation Board of Directors' - owner: 'jonathan@openinfra.dev' - - name: foundation-board-confidential - description: 'OpenInfra Foundation Board of Directors' - owner: 'jonathan@openinfra.dev' - private: true - - name: goldmembers - description: 'The discussion list for Gold Members of the OpenInfra Foundation' - owner: 'jonathan@openinfra.dev' - private: true - - name: marketing - description: 'The OpenInfra Marketing list is the meant to facilitate discussion and best practice sharing among marketers and event organizers in the OpenInfra community.' - owner: 'allison@openinfra.dev' - - name: nordix - description: 'Discussion and coordination of Nordix environment' - owner: 'robert.tomczyk@est.tech' - - name: openinfra-europe - description: 'Discussion related to the OpenInfra EU hub.' - owner: 'wes@openinfra.dev' - - name: staff - description: 'Private list for OpenInfra Foundation staff members' - owner: 'mark@openinfra.dev' - private: true - - name: summit-track-chairs - description: 'OpenInfra Summit track chair communications' - owner: 'erin@openinfra.dev' - private: true - - name: summitsponsors - description: 'Coordination among OpenInfra Summit event sponsors' - owner: 'erin@openinfra.dev' - private: true - - listdomain: lists.openstack.org - install_languages: ['de', 'fr', 'it', 'ko', 'ru', 'vi', 'zh_TW'] - lists: - - name: embargo-notice - description: 'Announcements to stakeholders for embargoed security vulnerabilities.' - owner: 'fungi@yuggoth.org' - private: true - - name: legal-discuss - description: 'Discussions on legal matters related to the project' - owner: 'thierry@openinfra.dev' - - name: openstack-announce - description: 'Key announcements about OpenStack & Security advisories' - owner: 'fungi@yuggoth.org' - - name: openstack-discuss - description: 'Discussion of OpenStack usage and development.' - owner: 'fungi@yuggoth.org' - - name: openstack-es - description: 'Lista de correo acerca de OpenStack en español' - owner: 'flavio@redhat.com' - - name: openstack-fr - description: 'List of the OpenStack french user group' - owner: 'erwan@erwan.com' - - name: openstack-hpc - description: 'High-Performance Computing OpenStack List' - owner: 'brian.schott@nimbisservices.com' - - name: openstack-i18n - description: 'List of the OpenStack Internationalization team.' - owner: 'guoyingc@cn.ibm.com' - - name: openstack-it - description: 'Discussioni su OpenStack in italiano' - owner: 'stefano@openstack.org' - - name: openstack-ko - description: 'OpenStack Korea Community Discussions in Korean (오픈스택 한국 커뮤니티 메일링리스트)' - owner: 'ianyrchoi@gmail.com' - - name: openstack-mentoring - description: 'List to coordinate interactions between mentors and mentees of the OpenStack mentoring program. Also for questions about the mentoring program (i.e. how to get involved, how it works, etc.' - owner: 'amy@demarco.com' - - name: openstack-stable-maint - description: 'A mailing list for the OpenStack Stable Branch test reports.' - owner: 'tony@bakeyournoodle.com' - - name: openstack-zh - description: 'OpenStack社区中文讨论群组' - owner: 'yeluaiesec@gmail.com' - - name: release-announce - description: 'Announcement of official OpenStack releases.' - owner: 'thierry@openstack.org' - - name: release-job-failures - description: 'Notification messages for failures from release-related build jobs.' - owner: 'doug@doughellmann.com' - - listdomain: lists.starlingx.io - install_languages: ['en'] - lists: - - name: starlingx-announce - description: 'Announcements of StarlingX releases and other important information.' - owner: 'jonathan@openstack.org' - - name: starlingx-discuss - description: 'Discussion of StarlingX usage and development.' - owner: 'jonathan@openstack.org' - - listdomain: lists.zuul-ci.org - install_languages: ['en'] - lists: - - name: zuul-announce - description: 'Announcements of Zuul releases and other important information.' - owner: 'corvus@inaugust.com' - - name: zuul-discuss - description: 'Discussion of Zuul usage and development.' - owner: 'corvus@inaugust.com' - - name: zuul-jobs-failures - description: 'Gets notifications about zuul-jobs periodic job failures.' - owner: 'ssbarnea@redhat.com' diff --git a/playbooks/zuul/run-base.yaml b/playbooks/zuul/run-base.yaml index 79bb71e67b..125f90b675 100644 --- a/playbooks/zuul/run-base.yaml +++ b/playbooks/zuul/run-base.yaml @@ -125,7 +125,7 @@ - group_vars/kerberos-kdc.yaml - group_vars/keycloak.yaml - group_vars/letsencrypt.yaml - - group_vars/mailman.yaml + - group_vars/mailman3.yaml - group_vars/meetpad.yaml - group_vars/jvb.yaml - group_vars/refstack.yaml @@ -150,13 +150,6 @@ - host_vars/paste99.opendev.org.yaml - host_vars/refstack01.openstack.org.yaml - host_vars/review99.opendev.org.yaml - - name: Write lists99 host_vars. - # This file is special because it has raw tags in it that we need to - # carry through. I can't figure out a better way to do that then copying - # it directly rather than treating it as a template. - copy: - src: "files/host_vars/lists99.opendev.org.yaml" - dest: "/etc/ansible/hosts/host_vars/lists99.opendev.org.yaml" - name: Display group membership command: ansible localhost -m debug -a 'var=groups' diff --git a/playbooks/zuul/templates/group_vars/mailman.yaml.j2 b/playbooks/zuul/templates/group_vars/mailman.yaml.j2 deleted file mode 100644 index ad906f1caf..0000000000 --- a/playbooks/zuul/templates/group_vars/mailman.yaml.j2 +++ /dev/null @@ -1,3 +0,0 @@ -mailman_block_ua: - - '=Mozilla/5.0 (compatible; FooBot/1.2; +http://example.com)' - - '=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/123.45 (KHTML, like Gecko) Chrome/1.0.0.0 Safari/999.99' diff --git a/playbooks/zuul/templates/group_vars/mailman3.yaml.j2 b/playbooks/zuul/templates/group_vars/mailman3.yaml.j2 new file mode 100644 index 0000000000..2e67f897ef --- /dev/null +++ b/playbooks/zuul/templates/group_vars/mailman3.yaml.j2 @@ -0,0 +1,9 @@ +mailman_list_password: notarealpassword +mailman3_db_password: Eith5vii5beezohc +mailman3_db_root_password: eiloh9Edohngaeri +mailman3_hyperkitty_api_key: Thosai4Xomeque9e +mailman3_django_secret_key: ohki3ohWusai8tee +mailman3_rest_password: OhTo3doh5ohsuope +mailman3_admin_user: admin +mailman3_admin_email: infra-root@openstack.org +mailman3_admin_password: AeNie8vegeiquei1 diff --git a/zuul.d/infra-prod.yaml b/zuul.d/infra-prod.yaml index e7fa25bd7a..251cd7ccf4 100644 --- a/zuul.d/infra-prod.yaml +++ b/zuul.d/infra-prod.yaml @@ -570,7 +570,6 @@ files: - docker/mailman - inventory/base - - inventory/service/host_vars/lists01.opendev.org.yaml - inventory/service/group_vars/mailman3.yaml - playbooks/roles/iptables/ - playbooks/roles/base/exim diff --git a/zuul.d/system-config-run.yaml b/zuul.d/system-config-run.yaml index 248cab0d33..f27b389af1 100644 --- a/zuul.d/system-config-run.yaml +++ b/zuul.d/system-config-run.yaml @@ -298,13 +298,12 @@ files: - docker/mailman - playbooks/bootstrap-bridge.yaml - - inventory/service/host_vars/lists01.opendev.org.yaml - inventory/service/group_vars/mailman3.yaml - playbooks/roles/base/exim - playbooks/roles/mailman3 - playbooks/service-lists3.yaml - playbooks/test-lists3.yaml - - playbooks/zuul/files/host_vars/lists99.opendev.org.yaml + - playbooks/zuul/templates/group_vars/mailman3.yaml.j2 - testinfra/test_lists_opendev_org.py vars: run_playbooks: