# System Configs iptables_extra_public_tcp_ports: - 25 - 80 - 443 - 465 letsencrypt_certs: lists-opendev-org-main: - "{{ inventory_hostname }}" - lists.opendev.org - lists.airshipit.org - lists.katacontainers.io - lists.openinfra.dev - lists.openstack.org - lists.starlingx.io - lists.zuul-ci.org borg_backup_excludes_extra: # db is backed up in dumps, don't capture live files - /var/lib/mailman/database # backed up by streaming backup - /var/backups/mailman-mariadb # Can regenerate indexes from source email files - /var/lib/mailman/web-data/fulltext_index # Exim Configs exim_queue_interval: '1m' exim_queue_run_max: '50' exim_smtp_accept_max: '100' exim_smtp_accept_max_per_host: '10' exim_routers: - mailman_verp_router: | {% raw -%} driver = dnslookup condition = ${if or{{eq{$sender_host_address}{127.0.0.1}}\ {eq{$sender_host_address}{::1}}}{yes}{no}} {% endraw %} domains = !+local_domains ignore_target_hosts = <; 0.0.0.0; \ 127.0.0.0/8; \ ::1/128;fe80::/10;fe \ c0::/10;ff00::/8 senders = "*-bounces@*" transport = mailman_verp_smtp - dnslookup: '{{ exim_dnslookup_router }}' - system_aliases: '{{ exim_system_aliases_router }}' - domain_aliases: | driver = redirect allow_fail allow_defer data = ${lookup{$local_part@$domain}lsearch{/etc/aliases.domain}} file_transport = address_file pipe_transport = address_pipe - localuser: '{{ exim_localuser_router }}' - mailman_router: | driver = accept domains = {{ mm_domains }} local_part_suffix = -admin : \ -bounces : -bounces+* : \ -confirm : -confirm+* : \ -join : -leave : \ -owner : -request : \ -subscribe : -unsubscribe local_part_suffix_optional require_files = /var/lib/mailman/core/var/lists/${local_part}.${domain} transport = mailman_transport exim_transports: - mailman_transport: | debug_print = "Email for mailman" driver = smtp protocol = lmtp allow_localhost hosts = localhost port = 8024 rcpt_include_affixes = true - mailman_verp_smtp: | driver = smtp headers_add = Errors-To: ${return_path} headers_remove = Errors-To max_rcpt = 1 return_path = ${local_part:$return_path}+$local_part=$domain@${domain:$return_path} # Mailman Configs mailman_multihost: true mm_domains: 'lists.openstack.org:lists.zuul-ci.org:lists.airshipit.org:lists.starlingx.io:lists.opendev.org:lists.openinfra.dev:lists.katacontainers.io' exim_local_domains: "@:{{ mm_domains }}" exim_enable_spf: true exim_aliases: root: "{{ ','.join(listadmins|default([])) }}" interop-wg: openstack-discuss openstack: openstack-discuss openstack-dev: openstack-discuss openstack-infra: openstack-discuss openstack-operators: openstack-discuss openstack-security: openstack-discuss openstack-sigs: openstack-discuss openstack-tc: openstack-discuss user-committee: openstack-discuss airship-discuss-owner: spam community-owner: spam edge-computing-owner: spam foundation-board-confidential-owner: spam foundation-board-owner: spam foundation-owner: spam legal-discuss-owner: spam mailman-owner: spam marketing-owner: spam openstack-announce-owner: spam openstack-docs-owner: spam openstack-fr-owner: spam openstack-i18n-owner: spam openstack-infra-owner: spam openstack-ko-owner: spam openstack-qa-owner: spam product-wg-owner: spam user-committee-owner: spam spam: ':fail: delivery temporarily disabled due to ongoing spam flood' # This is the local username for mailman processes, but it does not send nor # need to receive messages. mailman: ':blackhole: this address does not accept email' # TODO It would be better to bypass verification for postorius@listdomain # and set a :fail: rule for anyone trying to send email to this addr. # But that requires updating our main exim config so that needs more thought. postorius: ':blackhole: outgoing email only from this address' exim_domain_aliases: community@lists.openstack.org: community@lists.openinfra.dev edge-computing@lists.openstack.org: edge-computing@lists.opendev.org foundation@lists.openstack.org: foundation@lists.openinfra.dev foundation-board@lists.openstack.org: foundation-board@lists.openinfra.dev foundation-board-confidential@lists.openstack.org: foundation-board-confidential@lists.openinfra.dev goldmembers@lists.openstack.org: goldmembers@lists.openinfra.dev marketing@lists.openstack.org: marketing@lists.openinfra.dev staff@lists.openstack.org: staff@lists.openinfra.dev summit-programming-committee@lists.openinfra.dev: summit-track-chairs@lists.openinfra.dev summitsponsors@lists.openstack.org: summitsponsors@lists.openinfra.dev openinfralabs@lists.opendev.org: ':fail: this mailing list is not in use' mailman_sites: # First entry in this list is the primary web domain - listdomain: lists.opendev.org install_languages: ['en'] lists: - name: computing-force-network description: 'Organizing efforts around Computing Force Network related area' owner: 'niujie@outlook.com' - name: edge-computing description: 'Organizing efforts around the edge-computing focus area.' owner: 'ildiko@openinfra.dev' - name: floss-mooc description: 'Discussions & Coordination around the FLOSS MOOC being collaboratively developed here: https://gitlab.com/mooc-floss/mooc-floss' owner: 'knelson@openinfra.dev' - name: nbmp-discuss description: 'Collaborating on Network Based Media Processing related platform and infrastructure systems usage and development.' owner: 'ildiko@openstack.org' - name: openinfralabs description: 'No longer active' owner: 'mnaser@vexxhost.com' - name: rust-vmm description: 'Collaborating on Rust-based virtual machine monitors.' owner: 'claire@openstack.org' - name: rustyk8s description: 'Collaborating on Rust-based Kubernetes API.' owner: 'allison@lohutok.net' - name: service-announce description: 'Announcement list for OpenDev services.' owner: 'cboylan@sapwetik.org' - name: service-discuss description: 'Discussion list for OpenDev services.' owner: 'cboylan@sapwetik.org' - name: service-incident description: 'Private list for OpenDev incident coordination.' owner: 'cboylan@sapwetik.org' private: true - listdomain: lists.zuul-ci.org install_languages: ['en'] lists: - name: zuul-announce description: 'Announcements of Zuul releases and other important information.' owner: 'corvus@inaugust.com' - name: zuul-discuss description: 'Discussion of Zuul usage and development.' owner: 'corvus@inaugust.com' - name: zuul-jobs-failures description: 'Gets notifications about zuul-jobs periodic job failures.' owner: 'corvus@inaugust.com' - listdomain: lists.airshipit.org install_languages: ['en'] lists: - name: airship-announce description: 'Announcements of Airship releases and other important information.' owner: 'jonathan@openstack.org' - name: airship-discuss description: 'Discussion of Airship usage and development.' owner: 'jonathan@openstack.org' - name: airship-embargo-notice description: 'Embargoed security vulnerability announcements for Airship consumers.' owner: 'andrew.walters@att.com' private: true - name: airship-job-failures description: 'Notification messages for failures from CICD jobs.' owner: 'roman.gorshunov@att.com' - name: airship-security description: 'Public Airship security advisories.' owner: 'andrew.walters@att.com' - listdomain: lists.katacontainers.io install_languages: ['en'] lists: - name: embargo-notice description: 'Announcements of embargoed notices for the Kata Containers project' owner: 'jonathan@openstack.org' private: true - name: kata-dev description: 'Kata Containers Development Mailing List (not for usage questions)' owner: 'jonathan@openstack.org' - name: kata-hypervisor description: 'Discussion of security and virtualization targeted at container use cases' owner: 'jonathan@openstack.org' - listdomain: lists.openinfra.dev install_languages: ['en'] lists: - name: asia-advisory-board description: 'Private coordination within the OpenInfra Asia Advisory Board.' owner: 'wes@openinfra.dev' private: true - name: community description: 'The OpenInfra Community team is the main contact point for anybody running a local OpenInfra Group.' owner: 'allison@openinfra.dev' - name: europe-advisory-board description: 'Private coordination within the OpenInfra EU Advisory Board.' owner: 'wes@openinfra.dev' private: true - name: foundation description: 'General discussion list for activities of the OpenInfra Foundation' owner: 'jonathan@openinfra.dev' - name: foundation-board description: 'OpenInfra Foundation Board of Directors' owner: 'jonathan@openinfra.dev' - name: foundation-board-confidential description: 'OpenInfra Foundation Board of Directors' owner: 'jonathan@openinfra.dev' private: true - name: goldmembers description: 'The discussion list for Gold Members of the OpenInfra Foundation' owner: 'jonathan@openinfra.dev' private: true - name: marketing description: 'The OpenInfra Marketing list is the meant to facilitate discussion and best practice sharing among marketers and event organizers in the OpenInfra community.' owner: 'allison@openinfra.dev' - name: nordix description: 'Discussion and coordination of Nordix environment' owner: 'robert.tomczyk@est.tech' - name: openinfra-asia description: 'Discussion related to the OpenInfra Asia hub.' owner: 'wes@openinfra.dev' - name: openinfra-europe description: 'Discussion related to the OpenInfra EU hub.' owner: 'wes@openinfra.dev' - name: staff description: 'Private list for OpenInfra Foundation staff members' owner: 'mark@openinfra.dev' private: true - name: summit-track-chairs description: 'OpenInfra Summit track chair communications' owner: 'erin@openinfra.dev' private: true - name: summitsponsors description: 'Coordination among OpenInfra Summit event sponsors' owner: 'erin@openinfra.dev' private: true - listdomain: lists.starlingx.io install_languages: ['en'] lists: - name: starlingx-announce description: 'Announcements of StarlingX releases and other important information.' owner: 'jonathan@openstack.org' - name: starlingx-discuss description: 'Discussion of StarlingX usage and development.' owner: 'jonathan@openstack.org' - listdomain: lists.openstack.org install_languages: ['de', 'fr', 'it', 'ko', 'ru', 'vi', 'zh_TW'] lists: - name: embargo-notice description: 'Announcements to stakeholders for embargoed security vulnerabilities.' owner: 'fungi@yuggoth.org' private: true - name: legal-discuss description: 'Discussions on legal matters related to the project' owner: 'thierry@openinfra.dev' - name: openstack-announce description: 'Key announcements about OpenStack & Security advisories' owner: 'fungi@yuggoth.org' - name: openstack-discuss description: 'Discussion of OpenStack usage and development.' owner: 'fungi@yuggoth.org' - name: openstack-es description: 'Lista de correo acerca de OpenStack en español' owner: 'flavio@redhat.com' - name: openstack-fr description: 'List of the OpenStack french user group' owner: 'erwan@erwan.com' - name: openstack-hpc description: 'High-Performance Computing OpenStack List' owner: 'brian.schott@nimbisservices.com' - name: openstack-i18n description: 'List of the OpenStack Internationalization team.' owner: 'guoyingc@cn.ibm.com' - name: openstack-it description: 'Discussioni su OpenStack in italiano' owner: 'stefano@openstack.org' - name: openstack-ko description: 'OpenStack Korea Community Discussions in Korean (오픈스택 한국 커뮤니티 메일링리스트)' owner: 'ianyrchoi@gmail.com' - name: openstack-mentoring description: 'List to coordinate interactions between mentors and mentees of the OpenStack mentoring program. Also for questions about the mentoring program (i.e. how to get involved, how it works, etc.' owner: 'amy@demarco.com' - name: openstack-stable-maint description: 'A mailing list for the OpenStack Stable Branch test reports.' owner: 'tony@bakeyournoodle.com' - name: openstack-zh description: 'OpenStack社区中文讨论群组' owner: 'yeluaiesec@gmail.com' - name: release-announce description: 'Announcement of official OpenStack releases.' owner: 'thierry@openstack.org' - name: release-job-failures description: 'Notification messages for failures from release-related build jobs.' owner: 'doug@doughellmann.com'