From 938c5e611b8776ea74b2a6b4cc1134f494699c88 Mon Sep 17 00:00:00 2001 From: Luke Murphy Date: Mon, 30 Sep 2019 15:50:17 +0200 Subject: [PATCH] Full pass after a new installation --- README.md | 34 +++--- check_process.default | 3 +- conf/mailman-hyperkitty.cfg | 19 +--- conf/mailman-web.py | 112 +------------------- conf/mailman.cfg | 202 ------------------------------------ conf/nginx.conf | 2 +- manifest.json | 8 ++ scripts/backup | 2 + scripts/change_url | 2 +- scripts/install | 13 ++- scripts/upgrade | 2 +- 11 files changed, 50 insertions(+), 349 deletions(-) diff --git a/README.md b/README.md index e312b85..bfa371a 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,10 @@ **Experimental.** +Please review the [issues list](https://github.com/YunoHost-Apps/mailman3_ynh/issues) before choosing to install this application. + +There is also a [community forum thread](https://forum.yunohost.org/t/community-app-mailman3-free-software-for-managing-electronic-mail-discussion-and-e-newsletter-lists/9077/2) for this application. + ## Overview This is GNU Mailman, a mailing list management system distributed under the terms of the GNU General Public License (GPL) version 3 or later. Mailman is written in Python which is available for all platforms that Mailman is supported on, including GNU/Linux and most other Unix-like operating systems (e.g. Solaris, *BSD, MacOSX, etc.). @@ -48,7 +52,7 @@ You should then attempt to log in with this user account in the web UI. Once you You'll need to log in as administrator and visit the `/admin/site/site`. -If you're Mailman3 is setup on `myyunohost.org` then that would be the following: +If you're Mailman3 is setup on `https://myyunohost.org` then that would be the following: > https://myyunohost.org/admin/site/site @@ -82,23 +86,25 @@ This is unfortunately a manual step at this point because the package remains ex Postfix relies on using SMTP which should be configured in your `/etc/postfix/main.cf`. +You should make sure that you have outgoing mail working before getting started with Mailman 3. + ## General Configuration -Mailman3 is made up of 3 moving parts: +Mailman 3 or "The Mailman Suite" is made up of 5 moving parts. See the following documentation for more: -* Mailman3 Core: https://mailman.readthedocs.io -* Postorious: https://postorius.readthedocs.io -* Hyperkitty: https://hyperkitty.readthedocs.io - -There is also documentation for "the suite" which is all the parts together: - -* https://docs.mailman3.org +> http://docs.mailman3.org/en/latest/index.html#the-mailman-suite On your YunoHost, all the configuration files you need to worry about are in: * `/etc/mailman3/` +* `/usr/share/mailman3-web/` -It is important to note that this package makes use of the [mailman3-full](http://docs.mailman3.org/en/latest/prodsetup.html#distribution-packages) Debian package contained in the Debian Stretch backports repository. +The services you need to manage can be checked with: + +* `systemctl status mailman3` +* `systemctl status mailman3-web` + +It is important to note that this package makes use of the [mailman3-full](http://docs.mailman3.org/en/latest/prodsetup.html#distribution-packages) Debian package contained in the Debian Stretch backports repository. The default installation assumes the use of a SQLite3 database but the installation script overrides this and uses a PostgreSQL database instead. Finally, you also configure things through the Django web admin available at `/admin/`. @@ -106,7 +112,7 @@ Finally, you also configure things through the Django web admin available at `/a #### Multi-users support -* No LDAP support +* No LDAP support yet (apparently under development) * Users can also just sign up themselves to manage details * Users can use mailing lists without signing up @@ -117,10 +123,10 @@ Finally, you also configure things through the Django web admin available at `/a ## Limitations -* Migrating from Mailman 2.X is not supported. This is a manual and - experimental process. Please see [the documentation](https://docs.mailman3.org/en/latest/migration.html). +* Migrating from Mailman 2.X is not officially supported, sorry. However, there is a manual and + which details an experimental process. Please see [the documentation](https://docs.mailman3.org/en/latest/migration.html). -* Mailman3 must be configured to use a root domain (myyunohost.org and not myyunohost.org/mailman3). +* Mailman3 must be configured to use a root domain (https://myyunohost.org and not https://myyunohost.org/mailman3). * You must have a HTTPS certificate installed on the root domain. diff --git a/check_process.default b/check_process.default index 8fb1384..ffaa2b3 100644 --- a/check_process.default +++ b/check_process.default @@ -1,6 +1,7 @@ ;; Test complet ; Manifest domain="domain.tld" (DOMAIN) + domain_ip="192.168.1.1" is_public=1 (PUBLIC|public=1|private=0) ; Checks pkg_linter=1 @@ -23,4 +24,4 @@ Notification=none ;;; Upgrade options ; commit=CommitHash name=Name and date of the commit. - manifest_arg=domain=DOMAIN&is_public=1 + manifest_arg=domain=DOMAIN&domain_ip='192.168.1.1'&is_public=1 diff --git a/conf/mailman-hyperkitty.cfg b/conf/mailman-hyperkitty.cfg index 83e3e43..eb7eb7a 100644 --- a/conf/mailman-hyperkitty.cfg +++ b/conf/mailman-hyperkitty.cfg @@ -1,20 +1,3 @@ -# This is the mailman extension configuration file to enable HyperKitty as an -# archiver. Remember to add the following lines in the mailman.cfg file: -# -# [archiver.hyperkitty] -# class: mailman_hyperkitty.Archiver -# enable: yes -# configuration: /etc/mailman3/mailman-hyperkitty.cfg -# - [general] - -# This is your HyperKitty installation, preferably on the localhost. This -# address will be used by Mailman to forward incoming emails to HyperKitty -# for archiving. It does not need to be publicly available, in fact it's -# better if it is not. -base_url: http://localhost/hyperkitty/ - -# Shared API key, must be the identical to the value in HyperKitty's -# settings. +base_url: https://__DOMAIN__/hyperkitty api_key: __ARCHIVER_KEY__ diff --git a/conf/mailman-web.py b/conf/mailman-web.py index 12a075a..fc189a4 100644 --- a/conf/mailman-web.py +++ b/conf/mailman-web.py @@ -1,32 +1,16 @@ -# This file is imported by the Mailman Suite. It is used to override -# the default settings from /usr/share/mailman3-web/settings.py. - -# SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = '__SECRET_KEY__' ADMINS = ( ('Mailman Suite Admin', 'root@__DOMAIN__'), ) -# Hosts/domain names that are valid for this site; required if DEBUG is False -# See https://docs.djangoproject.com/en/1.8/ref/settings/#allowed-hosts -# Set to '*' per default in the Deian package to allow all hostnames. Mailman3 -# is meant to run behind a webserver reverse proxy anyway. -ALLOWED_HOSTS = [ - #"localhost", # Archiving API from Mailman, keep it. - # "lists.your-domain.org", - # Add here all production URLs you may have. - '*' -] +ALLOWED_HOSTS = ['*'] -# Mailman API credentials MAILMAN_REST_API_URL = 'http://localhost:__PORT_WEB__' MAILMAN_REST_API_USER = '__REST_API_ADMIN_USER__' MAILMAN_REST_API_PASS = '__REST_API_ADMIN_PWD__' MAILMAN_ARCHIVER_KEY = '__ARCHIVER_KEY__' -MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '__DOMAIN__') - -# Application definition +MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '__DOMAIN_IP__') INSTALLED_APPS = ( 'hyperkitty', @@ -49,62 +33,29 @@ INSTALLED_APPS = ( 'allauth', 'allauth.account', 'allauth.socialaccount', - 'django_mailman3.lib.auth.fedora', - #'allauth.socialaccount.providers.openid', - #'allauth.socialaccount.providers.github', - #'allauth.socialaccount.providers.gitlab', - #'allauth.socialaccount.providers.google', - #'allauth.socialaccount.providers.facebook', - #'allauth.socialaccount.providers.twitter', - #'allauth.socialaccount.providers.stackexchange', ) -# Database -# https://docs.djangoproject.com/en/1.8/ref/settings/#databases - DATABASES = { 'default': { - # Use 'sqlite3', 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. - #'ENGINE': 'django.db.backends.sqlite3', 'ENGINE': 'django.db.backends.postgresql_psycopg2', - #'ENGINE': 'django.db.backends.mysql', - # DB name or path to database file if using sqlite3. 'NAME': '__DB_NAME__', - # The following settings are not used with sqlite3: 'USER': '__DB_USER__', 'PASSWORD': '__DB_PWD__', - # HOST: empty for localhost through domain sockets or '127.0.0.1' for - # localhost through TCP. 'HOST': '', - # PORT: set to empty string for default. 'PORT': '', - # OPTIONS: Extra parameters to use when connecting to the database. 'OPTIONS': { - # Set sql_mode to 'STRICT_TRANS_TABLES' for MySQL. See - # https://docs.djangoproject.com/en/1.11/ref/ - # databases/#setting-sql-mode - #'init_command': "SET sql_mode='STRICT_TRANS_TABLES'", }, } } -# If you're behind a proxy, use the X-Forwarded-Host header -# See https://docs.djangoproject.com/en/1.8/ref/settings/#use-x-forwarded-host USE_X_FORWARDED_HOST = True - -# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER -# https://docs.djangoproject.com/en/1.8/ref/settings/#secure-proxy-ssl-header SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SCHEME', 'https') - -# Other security settings SECURE_SSL_REDIRECT = True -# If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT -# contains at least this line: SECURE_REDIRECT_EXEMPT = [ - "archives/api/mailman/.*", # Request from Mailman. + "archives/api/mailman/.*", ] SESSION_COOKIE_SECURE = True SECURE_CONTENT_TYPE_NOSNIFF = True @@ -113,76 +64,21 @@ CSRF_COOKIE_SECURE = True CSRF_COOKIE_HTTPONLY = True X_FRAME_OPTIONS = 'DENY' - -# Internationalization -# https://docs.djangoproject.com/en/1.8/topics/i18n/ - LANGUAGE_CODE = 'en-us' - TIME_ZONE = 'UTC' - USE_I18N = True USE_L10N = True USE_TZ = True - -# Set default domain for email addresses. EMAILNAME = '__DOMAIN__' - -# If you enable internal authentication, this is the address that the emails -# will appear to be coming from. Make sure you set a valid domain name, -# otherwise the emails may get rejected. -# https://docs.djangoproject.com/en/1.8/ref/settings/#default-from-email -# DEFAULT_FROM_EMAIL = "mailing-lists@you-domain.org" DEFAULT_FROM_EMAIL = 'postorius@{}'.format(EMAILNAME) - -# If you enable email reporting for error messages, this is where those emails -# will appear to be coming from. Make sure you set a valid domain name, -# otherwise the emails may get rejected. -# https://docs.djangoproject.com/en/1.8/ref/settings/#std:setting-SERVER_EMAIL -# SERVER_EMAIL = 'root@your-domain.org' SERVER_EMAIL = 'root@{}'.format(EMAILNAME) - -# Django Allauth ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https" - -# -# Social auth -# SOCIALACCOUNT_PROVIDERS = { - #'openid': { - # 'SERVERS': [ - # dict(id='yahoo', - # name='Yahoo', - # openid_url='http://me.yahoo.com'), - # ], - #}, - #'google': { - # 'SCOPE': ['profile', 'email'], - # 'AUTH_PARAMS': {'access_type': 'online'}, - #}, - #'facebook': { - # 'METHOD': 'oauth2', - # 'SCOPE': ['email'], - # 'FIELDS': [ - # 'email', - # 'name', - # 'first_name', - # 'last_name', - # 'locale', - # 'timezone', - # ], - # 'VERSION': 'v2.4', - #}, } -# On a production setup, setting COMPRESS_OFFLINE to True will bring a -# significant performance improvement, as CSS files will not need to be -# recompiled on each requests. It means running an additional "compress" -# management command after each code upgrade. -# http://django-compressor.readthedocs.io/en/latest/usage/#offline-compression COMPRESS_OFFLINE = True -POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost/' +POSTORIUS_TEMPLATE_BASE_URL = 'https://__DOMAIN__' diff --git a/conf/mailman.cfg b/conf/mailman.cfg index b756ff7..477a3f6 100644 --- a/conf/mailman.cfg +++ b/conf/mailman.cfg @@ -1,214 +1,47 @@ -# Copyright (C) 2008-2017 by the Free Software Foundation, Inc. -# -# This file is part of GNU Mailman. -# -# GNU Mailman is free software: you can redistribute it and/or modify it under -# the terms of the GNU General Public License as published by the Free -# Software Foundation, either version 3 of the License, or (at your option) -# any later version. -# -# GNU Mailman is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -# more details. -# -# You should have received a copy of the GNU General Public License along with -# GNU Mailman. If not, see . - -# This file contains the Debian configuration for mailman. It uses ini-style -# formats under the lazr.config regime to define all system configuration -# options. See for details. - - [mailman] -# This address is the "site owner" address. Certain messages which must be -# delivered to a human, but which can't be delivered to a list owner (e.g. a -# bounce from a list owner), will be sent to this address. It should point to -# a human. site_owner: root@__DOMAIN__ - -# This is the local-part of an email address used in the From field whenever a -# message comes from some entity to which there is no natural reply recipient. -# Mailman will append '@' and the host name of the list involved. This -# address must not bounce and it must not point to a Mailman process. noreply_address: noreply - -# The default language for this server. default_language: en - -# Membership tests for posting purposes are usually performed by looking at a -# set of headers, passing the test if any of their values match a member of -# the list. Headers are checked in the order given in this variable. The -# value From_ means to use the envelope sender. Field names are case -# insensitive. This is a space separate list of headers. sender_headers: from from_ reply-to sender - -# Mail command processor will ignore mail command lines after designated max. email_commands_max_lines: 10 - -# Default length of time a pending request is live before it is evicted from -# the pending database. pending_request_life: 3d - -# How long should files be saved before they are evicted from the cache? cache_life: 7d - -# A callable to run with no arguments early in the initialization process. -# This runs before database initialization. pre_hook: - -# A callable to run with no arguments late in the initialization process. -# This runs after adapters are initialized. post_hook: - -# Which paths.* file system layout to use. -# You should not change this variable. layout: debian - -# Can MIME filtered messages be preserved by list owners? filtered_messages_are_preservable: no - -# How should text/html parts be converted to text/plain when the mailing list -# is set to convert HTML to plaintext? This names a command to be called, -# where the substitution variable $filename is filled in by Mailman, and -# contains the path to the temporary file that the command should read from. -# The command should print the converted text to stdout. html_to_plain_text_command: /usr/bin/lynx -dump $filename - -# Specify what characters are allowed in list names. Characters outside of -# the class [-_.+=!$*{}~0-9a-z] matched case insensitively are never allowed, -# but this specifies a subset as the only allowable characters. This must be -# a valid character class regexp or the effect on list creation is -# unpredictable. listname_chars: [-_.0-9a-z] - [shell] -# `mailman shell` (also `withlist`) gives you an interactive prompt that you -# can use to interact with an initialized and configured Mailman system. Use -# --help for more information. This section allows you to configure certain -# aspects of this interactive shell. - -# Customize the interpreter prompt. prompt: >>> - -# Banner to show on startup. banner: Welcome to the GNU Mailman shell - -# Use IPython as the shell, which must be found on the system. Valid values -# are `no`, `yes`, and `debug` where the latter is equivalent to `yes` except -# that any import errors will be displayed to stderr. use_ipython: no - -# Set this to allow for command line history if readline is available. This -# can be as simple as $var_dir/history.py to put the file in the var directory. history_file: - [paths.debian] -# Important directories for Mailman operation. These are defined here so that -# different layouts can be supported. For example, a developer layout would -# be different from a FHS layout. Most paths are based off the var_dir, and -# often just setting that will do the right thing for all the other paths. -# You might also have to set spool_dir though. -# -# Substitutions are allowed, but must be of the form $var where 'var' names a -# configuration variable in the paths.* section. Substitutions are expanded -# recursively until no more $-variables are present. Beware of infinite -# expansion loops! -# -# This is the root of the directory structure that Mailman will use to store -# its run-time data. var_dir: /var/lib/mailman3 -# This is where the Mailman queue files directories will be created. queue_dir: $var_dir/queue -# This is the directory containing the Mailman 'runner' and 'master' commands -# if set to the string '$argv', it will be taken as the directory containing -# the 'mailman' command. bin_dir: /usr/lib/mailman3/bin -# All list-specific data. list_data_dir: $var_dir/lists -# Directory where log files go. log_dir: /var/log/mailman3 -# Directory for system-wide locks. lock_dir: $var_dir/locks -# Directory for system-wide data. data_dir: $var_dir/data -# Cache files. cache_dir: $var_dir/cache -# Directory for configuration files and such. etc_dir: /etc/mailman3 -# Directory containing Mailman plugins. ext_dir: $var_dir/ext -# Directory where the default IMessageStore puts its messages. messages_dir: $var_dir/messages -# Directory for archive backends to store their messages in. Archivers should -# create a subdirectory in here to store their files. archive_dir: $var_dir/archives -# Root directory for site-specific template override files. template_dir: $var_dir/templates -# There are also a number of paths to specific file locations that can be -# defined. For these, the directory containing the file must already exist, -# or be one of the directories created by Mailman as per above. -# -# This is where PID file for the master runner is stored. pid_file: /run/mailman3/master.pid -# Lock file. lock_file: $lock_dir/master.lck - [database] -# The class implementing the IDatabase. -#class: mailman.database.sqlite.SQLiteDatabase -#class: mailman.database.mysql.MySQLDatabase class: mailman.database.postgresql.PostgreSQLDatabase - -# Use this to set the Storm database engine URL. You generally have one -# primary database connection for all of Mailman. List data and most rosters -# will store their data in this database, although external rosters may access -# other databases in their own way. This string supports standard -# 'configuration' substitutions. -#url: sqlite:///$DATA_DIR/mailman.db -#url: mysql+pymysql://mailman3:mmpass@localhost/mailman3?charset=utf8&use_unicode=1 url: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__ - debug: no - [logging.debian] -# This defines various log settings. The options available are: -# -# - level -- Overrides the default level; this may be any of the -# standard Python logging levels, case insensitive. -# - format -- Overrides the default format string -# - datefmt -- Overrides the default date format string -# - path -- Overrides the default logger path. This may be a relative -# path name, in which case it is relative to Mailman's LOG_DIR, -# or it may be an absolute path name. You cannot change the -# handler class that will be used. -# - propagate -- Boolean specifying whether to propagate log message from this -# logger to the root "mailman" logger. You cannot override -# settings for the root logger. -# -# In this section, you can define defaults for all loggers, which will be -# prefixed by 'mailman.'. Use subsections to override settings for specific -# loggers. The names of the available loggers are: -# -# - archiver -- All archiver output -# - bounce -- All bounce processing logs go here -# - config -- Configuration issues -# - database -- Database logging (SQLAlchemy and Alembic) -# - debug -- Only used for development -# - error -- All exceptions go to this log -# - fromusenet -- Information related to the Usenet to Mailman gateway -# - http -- Internal wsgi-based web interface -# - locks -- Lock state changes -# - mischief -- Various types of hostile activity -# - runner -- Runner process start/stops -# - smtp -- Successful SMTP activity -# - smtp-failure -- Unsuccessful SMTP activity -# - subscribe -- Information about leaves/joins -# - vette -- Message vetting information format: %(asctime)s (%(process)d) %(message)s datefmt: %b %d %H:%M:%S %Y propagate: no @@ -216,58 +49,23 @@ level: info path: mailman.log [webservice] -# The hostname at which admin web service resources are exposed. hostname: localhost - -# The port at which the admin web service resources are exposed. port: __PORT_WEB__ - -# Whether or not requests to the web service are secured through SSL. use_https: no - -# Whether or not to show tracebacks in an HTTP response for a request that -# raised an exception. show_tracebacks: yes - -# The API version number for the current (highest) API. api_version: 3.1 - -# The administrative username. admin_user: __REST_API_ADMIN_USER__ - -# The administrative password. admin_pass: __REST_API_ADMIN_PWD__ [mta] -# The class defining the interface to the incoming mail transport agent. -#incoming: mailman.mta.exim4.LMTP incoming: mailman.mta.postfix.LMTP - -# The callable implementing delivery to the outgoing mail transport agent. -# This must accept three arguments, the mailing list, the message, and the -# message metadata dictionary. outgoing: mailman.mta.deliver.deliver - -# How to connect to the outgoing MTA. If smtp_user and smtp_pass is given, -# then Mailman will attempt to log into the MTA when making a new connection. smtp_host: localhost smtp_port: 25 smtp_user: smtp_pass: - -# Where the LMTP server listens for connections. Use 127.0.0.1 instead of -# localhost for Postfix integration, because Postfix only consults DNS -# (e.g. not /etc/hosts). lmtp_host: 127.0.0.1 lmtp_port: 8024 - -# Where can we find the mail server specific configuration file? The path can -# be either a file system path or a Python import path. If the value starts -# with python: then it is a Python import path, otherwise it is a file system -# path. File system paths must be absolute since no guarantees are made about -# the current working directory. Python paths should not include the trailing -# .cfg, which the file must end with. -#configuration: python:mailman.config.exim4 configuration: python:mailman.config.postfix [archiver.hyperkitty] diff --git a/conf/nginx.conf b/conf/nginx.conf index a70ee39..de08d50 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,6 +1,6 @@ location / { - uwsgi_pass unix:/run/mailman3-web/uwsgi.sock; include /etc/nginx/uwsgi_params; + uwsgi_pass unix:/run/mailman3-web/uwsgi.sock; include conf.d/yunohost_panel.conf.inc; } diff --git a/manifest.json b/manifest.json index 1f6be62..77890b4 100644 --- a/manifest.json +++ b/manifest.json @@ -33,6 +33,14 @@ }, "example": "myyunohost.org" }, + { + "name": "domain_ip", + "type": "string", + "ask": { + "en": "Specify the IP address of your domain" + }, + "example": "192.168.24.6" + }, { "name": "is_public", "type": "boolean", diff --git a/scripts/backup b/scripts/backup index e1df657..c3e545c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,5 +1,7 @@ #!/bin/bash +# TODO(decentral1se) + #================================================= # GENERIC START #================================================= diff --git a/scripts/change_url b/scripts/change_url index e1d21d7..c7e9ab4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,3 +1,3 @@ #!/bin/bash -# TODO +# TODO(decentral1se) diff --git a/scripts/install b/scripts/install index 96d16bd..e023a0a 100755 --- a/scripts/install +++ b/scripts/install @@ -28,6 +28,7 @@ app=$YNH_APP_INSTANCE_NAME app_web="mailman3_web" domain=$YNH_APP_ARG_DOMAIN +domain_ip=$YNH_APP_ARG_DOMAIN_IP is_public=$YNH_APP_ARG_IS_PUBLIC #================================================= @@ -47,6 +48,7 @@ test ! -e /etc/mailman3 || ynh_die --message="Mailman3 is already installed?" ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=domain_ip --value=$domain_ip ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=path --value="/" @@ -148,17 +150,19 @@ ynh_replace_string --match_string="__REST_API_ADMIN_USER__" --replace_string="$r ynh_replace_string --match_string="__REST_API_ADMIN_PWD__" --replace_string="$rest_api_admin_pwd" --target_file="/etc/mailman3/mailman.cfg" # hyperkitty configuration -archiver_key=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +archiver_key=$(head -n32 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c32) ynh_app_setting_set --app=$app --key=archiver_key --value="$archiver_key" cp -f ../conf/mailman-hyperkitty.cfg /etc/mailman3/mailman-hyperkitty.cfg +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="/etc/mailman3/mailman-hyperkitty.cfg" ynh_replace_string --match_string="__ARCHIVER_KEY__" --replace_string="$archiver_key" --target_file="/etc/mailman3/mailman-hyperkitty.cfg" -# mailman3 web configuration -secret_key=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +# mailman3-web configuration +secret_key=$(head -n64 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c64) ynh_app_setting_set --app=$app --key=secret_key --value="$secret_key" cp -f ../conf/mailman-web.py /etc/mailman3/mailman-web.py ynh_replace_string --match_string="__SECRET_KEY__" --replace_string="$secret_key" --target_file="/etc/mailman3/mailman-web.py" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="/etc/mailman3/mailman-web.py" +ynh_replace_string --match_string="__DOMAIN_IP__" --replace_string="$domain_ip" --target_file="/etc/mailman3/mailman-web.py" ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="/etc/mailman3/mailman-web.py" ynh_replace_string --match_string="__REST_API_ADMIN_USER__" --replace_string="$rest_api_admin" --target_file="/etc/mailman3/mailman-web.py" ynh_replace_string --match_string="__REST_API_ADMIN_PWD__" --replace_string="$rest_api_admin_pwd" --target_file="/etc/mailman3/mailman-web.py" @@ -182,6 +186,8 @@ cd /usr/share/mailman3-web && python3 manage.py migrate || ynh_die --message="Ma ynh_script_progression --message="Storing configuration checksum..." --weight=1 ynh_store_file_checksum --file=/etc/mailman3/mailman.cfg +ynh_store_file_checksum --file=/etc/mailman3/mailman-hyperkitty.cfg +ynh_store_file_checksum --file=/etc/mailman3/mailman-web.cfg #================================================= # GENERIC FINALIZATION @@ -190,6 +196,7 @@ ynh_store_file_checksum --file=/etc/mailman3/mailman.cfg #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= + ynh_script_progression --message="Advertising services in admin panel..." --weight=3 yunohost service add "$app" diff --git a/scripts/upgrade b/scripts/upgrade index 1aa3c5b..be7a862 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,4 +1,4 @@ #!/bin/bash -# TODO +# TODO(decentral1se) # Also, see https://github.com/YunoHost-Apps/mailman3_ynh/issues/2