Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
wiki:mail:mailing-lists [2020/06/27 18:16] 127.0.0.1 modification externe |
wiki:mail:mailing-lists [2021/04/06 19:06] (Version actuelle) seberus [Informations complémentaires] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
===== Mailing-lists ===== | ===== Mailing-lists ===== | ||
- | ==== Mailman | + | ==== Mailman3 |
- | Nous utilisons **Mailman** pour gérer les listes | + | Le système de mailing-list de MiNET se nomme mailman3. |
+ | Son interface | ||
- | Il y a aussi un **Postfix** avec une configuration de base, pour assurer la réception et l' | + | ==== Installation ==== |
- | Quelques emplacements utiles: | + | La CT listes contenant mailman3 utilise les services suivants que l'on va expliciter dans le cadre d'une installation. |
- | | + | **postfix** |
- | | + | |
- | | + | |
- | === Migration | + | Le service postfix ne sert qu'à assurer le relai entre le serveur SMTP de MiNET et mailman. |
+ | Installons postfix : | ||
+ | <code bash> | ||
+ | apt-get install postfix | ||
+ | </ | ||
- | Pour dump les données d'une ML: | + | Sa configuration est située dans "/ |
+ | Elle doit être la suivante | ||
- | < | + | < |
+ | # appending .domain is the MUA's job. | ||
+ | append_dot_mydomain = no | ||
- | === Installation === | + | readme_directory |
- | == Paquets à installer | + | myhostname |
+ | mydestination | ||
+ | # | ||
+ | relayhost | ||
+ | mynetworks = 127.0.0.0/8 192.168.102.26 192.168.102.25 | ||
+ | mailbox_size_limit = 0 | ||
+ | # Nécessaire pour mailman | ||
+ | recipient_delimiter = + | ||
+ | inet_interfaces = localhost <ip de la CT> | ||
+ | alias_database = hash:/ | ||
+ | relay_domains = hash:/ | ||
+ | mailman_destination_recipient_limit = 1 | ||
+ | inet_protocols = ipv4 | ||
+ | compatibility_level = 2 | ||
+ | transport_maps = | ||
+ | hash:/ | ||
+ | local_recipient_maps = | ||
+ | hash:/ | ||
+ | relay_domains = | ||
+ | hash:/ | ||
+ | </ | ||
- | Comme indiqué au dessus, mailman a besoin d'un serveur apache | + | Attention : la base de données des aliases est très importante car tous les noms des ML sont notés dedans |
+ | mailman3 est censé écrire dedans | ||
- | < | + | **mailman3** |
- | apt-get install | + | |
+ | On peut installer mailman3 de la manière suivante (la plus simple) : | ||
+ | |||
+ | < | ||
+ | apt-get install | ||
</ | </ | ||
- | == Configurer mailman == | + | Voilà quelques liens utiles pour mailman3 : |
- | La première chose à faire est de créer un mot de passe pour l' | + | - / |
- | < | + | - /etc/ |
- | mmsitepass < | + | |
- | mmsitepass -c < | + | |
- | </code> | + | |
- | Pour que l' | + | Vous pouvez utiliser la configuration suivante pour mailman : |
- | < | + | < |
- | newlist mailman | + | # Copyright (C) 2008-2017 by the Free Software Foundation, Inc. |
- | | + | # |
- | | + | # This file is part of GNU Mailman. |
- | </code> | + | # |
+ | # GNU Mailman is free software: you can redistribute it and/or modify it under | ||
+ | # the terms of the GNU General Public License as published by the Free | ||
+ | # Software Foundation, either version 3 of the License, or (at your option) | ||
+ | # any later version. | ||
+ | # | ||
+ | # GNU Mailman is distributed in the hope that it will be useful, but WITHOUT | ||
+ | # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
+ | # FITNESS FOR A PARTICULAR PURPOSE. | ||
+ | # more details. | ||
+ | # | ||
+ | # You should have received a copy of the GNU General Public License along with | ||
+ | # GNU Mailman. | ||
- | Attention, il n'y a pas de confirmation pour le mot de passe. | + | # This file contains the Debian configuration for mailman. |
+ | # formats under the lazr.config regime to define all system configuration | ||
+ | # options. | ||
- | Cette commande va générer une liste d' | ||
- | < | + | [mailman] |
- | # mailman mailing list | + | # This address is the "site owner" |
- | mailman: | + | # delivered to a human, but which can't be delivered to a list owner (e.g. a |
- | mailman-admin: | + | # bounce from a list owner), will be sent to this address. |
- | mailman-bounces: | + | # a human. |
- | mailman-confirm: | + | site_owner: webmaster@listes.minet.net |
- | mailman-join: | + | |
- | mailman-leave: | + | |
- | mailman-owner: " | + | |
- | mailman-request: | + | |
- | mailman-subscribe: " | + | |
- | mailman-unsubscribe: | + | |
- | </ | + | |
- | Il faut coller cette liste dans ''/ | + | # This is the local-part of an email address used in the From field whenever a |
- | <code> | + | # message comes from some entity to which there is no natural reply recipient. |
- | newaliases | + | # Mailman will append |
+ | # address must not bounce and it must not point to a Mailman process. | ||
+ | noreply_address: | ||
+ | |||
+ | # The default language for this server. | ||
+ | default_language: | ||
+ | |||
+ | # Membership tests for posting purposes are usually performed by looking at a | ||
+ | # set of headers, passing the test if any of their values match a member of | ||
+ | # the list. Headers are checked in the order given in this variable. | ||
+ | # value From_ means to use the envelope sender. | ||
+ | # insensitive. | ||
+ | sender_headers: | ||
+ | |||
+ | # Mail command processor will ignore mail command lines after designated max. | ||
+ | email_commands_max_lines: | ||
+ | |||
+ | # Default length of time a pending request is live before it is evicted from | ||
+ | # the pending database. | ||
+ | pending_request_life: | ||
+ | |||
+ | # How long should files be saved before they are evicted from the cache? | ||
+ | cache_life: 7d | ||
+ | |||
+ | # A callable to run with no arguments early in the initialization process. | ||
+ | # This runs before database initialization. | ||
+ | pre_hook: | ||
+ | |||
+ | # A callable to run with no arguments late in the initialization process. | ||
+ | # This runs after adapters are initialized. | ||
+ | post_hook: | ||
+ | |||
+ | # Which paths.* file system layout to use. | ||
+ | # You should not change this variable. | ||
+ | layout: debian | ||
+ | |||
+ | # Can MIME filtered messages be preserved by list owners? | ||
+ | filtered_messages_are_preservable: | ||
+ | |||
+ | # How should text/html parts be converted to text/plain when the mailing list | ||
+ | # is set to convert HTML to plaintext? | ||
+ | # where the substitution variable $filename is filled in by Mailman, and | ||
+ | # contains the path to the temporary file that the command should read from. | ||
+ | # The command should print the converted text to stdout. | ||
+ | html_to_plain_text_command: | ||
+ | |||
+ | # Specify what characters are allowed in list names. | ||
+ | # the class [-_.+=!$*{}~0-9a-z] matched case insensitively are never allowed, | ||
+ | # but this specifies a subset as the only allowable characters. | ||
+ | # a valid character class regexp or the effect on list creation is | ||
+ | # unpredictable. | ||
+ | listname_chars: | ||
+ | |||
+ | |||
+ | [shell] | ||
+ | # `mailman shell` (also `withlist`) gives you an interactive prompt that you | ||
+ | # can use to interact with an initialized and configured Mailman system. | ||
+ | # --help for more information. | ||
+ | # aspects of this interactive shell. | ||
+ | |||
+ | # Customize the interpreter prompt. | ||
+ | prompt: >>> | ||
+ | |||
+ | # Banner to show on startup. | ||
+ | banner: Welcome to the GNU Mailman shell | ||
+ | |||
+ | # Use IPython as the shell, which must be found on the system. | ||
+ | # are `no`, `yes`, and `debug` where the latter is equivalent to `yes` except | ||
+ | # that any import errors will be displayed to stderr. | ||
+ | use_ipython: | ||
+ | |||
+ | # Set this to allow for command line history if readline is available. | ||
+ | # can be as simple as $var_dir/ | ||
+ | history_file: | ||
+ | |||
+ | |||
+ | [paths.debian] | ||
+ | # Important directories for Mailman operation. | ||
+ | # different layouts can be supported. | ||
+ | # be different from a FHS layout. | ||
+ | # often just setting that will do the right thing for all the other paths. | ||
+ | # You might also have to set spool_dir though. | ||
+ | # | ||
+ | # Substitutions are allowed, but must be of the form $var where ' | ||
+ | # configuration variable in the paths.* section. | ||
+ | # recursively until no more $-variables are present. | ||
+ | # expansion loops! | ||
+ | # | ||
+ | # This is the root of the directory structure that Mailman will use to store | ||
+ | # its run-time data. | ||
+ | var_dir: / | ||
+ | # This is where the Mailman queue files directories will be created. | ||
+ | queue_dir: $var_dir/ | ||
+ | # This is the directory containing the Mailman ' | ||
+ | # if set to the string ' | ||
+ | # the ' | ||
+ | bin_dir: / | ||
+ | # All list-specific data. | ||
+ | list_data_dir: | ||
+ | # Directory where log files go. | ||
+ | log_dir: / | ||
+ | # Directory for system-wide locks. | ||
+ | lock_dir: $var_dir/ | ||
+ | # Directory for system-wide data. | ||
+ | data_dir: $var_dir/ | ||
+ | # Cache files. | ||
+ | cache_dir: $var_dir/ | ||
+ | # Directory for configuration files and such. | ||
+ | etc_dir: | ||
+ | # Directory containing Mailman plugins. | ||
+ | ext_dir: $var_dir/ | ||
+ | # Directory where the default IMessageStore puts its messages. | ||
+ | messages_dir: | ||
+ | # Directory for archive backends to store their messages in. Archivers should | ||
+ | # create a subdirectory in here to store their files. | ||
+ | archive_dir: | ||
+ | # Root directory for site-specific template override files. | ||
+ | template_dir: | ||
+ | # There are also a number of paths to specific file locations that can be | ||
+ | # defined. | ||
+ | # or be one of the directories created by Mailman as per above. | ||
+ | # | ||
+ | # This is where PID file for the master runner is stored. | ||
+ | pid_file: / | ||
+ | # Lock file. | ||
+ | lock_file: $lock_dir/ | ||
+ | |||
+ | |||
+ | [database] | ||
+ | # The class implementing the IDatabase. | ||
+ | class: mailman.database.sqlite.SQLiteDatabase | ||
+ | #class: mailman.database.mysql.MySQLDatabase | ||
+ | #class: mailman.database.postgresql.PostgreSQLDatabase | ||
+ | |||
+ | # Use this to set the Storm database engine URL. You generally have one | ||
+ | # primary database connection for all of Mailman. | ||
+ | # will store their data in this database, although external rosters may access | ||
+ | # other databases in their own way. This string supports standard | ||
+ | # 'configuration' | ||
+ | url: sqlite:/// | ||
+ | #url: mysql+pymysql:// | ||
+ | #url: postgres:// | ||
+ | |||
+ | debug: no | ||
+ | |||
+ | |||
+ | [logging.debian] | ||
+ | # This defines various log settings. | ||
+ | # | ||
+ | # - level -- Overrides the default level; this may be any of the | ||
+ | # standard Python logging levels, case insensitive. | ||
+ | # - format | ||
+ | # - datefmt | ||
+ | # - path -- Overrides the default logger path. This may be a relative | ||
+ | # path name, in which case it is relative to Mailman' | ||
+ | # or it may be an absolute path name. You cannot change the | ||
+ | # handler class that will be used. | ||
+ | # - propagate -- Boolean specifying whether to propagate log message from this | ||
+ | # logger to the root " | ||
+ | # settings for the root logger. | ||
+ | # | ||
+ | # In this section, you can define defaults for all loggers, which will be | ||
+ | # prefixed by ' | ||
+ | # loggers. | ||
+ | # | ||
+ | # - archiver | ||
+ | # - bounce | ||
+ | # - config | ||
+ | # - database | ||
+ | # - debug | ||
+ | # - error | ||
+ | # - fromusenet | ||
+ | # - http -- Internal wsgi-based web interface | ||
+ | # - locks | ||
+ | # - mischief | ||
+ | # - runner | ||
+ | # - smtp -- Successful SMTP activity | ||
+ | # - smtp-failure | ||
+ | # - subscribe | ||
+ | # - vette | ||
+ | format: %(asctime)s (%(process)d) %(message)s | ||
+ | datefmt: %b %d %H:%M:%S %Y | ||
+ | propagate: no | ||
+ | level: info | ||
+ | path: mailman.log | ||
+ | |||
+ | [webservice] | ||
+ | # The hostname at which admin web service resources are exposed. | ||
+ | hostname: localhost | ||
+ | |||
+ | # The port at which the admin web service resources are exposed. | ||
+ | port: 8001 | ||
+ | |||
+ | # Whether or not requests to the web service are secured through SSL. | ||
+ | use_https: no | ||
+ | |||
+ | # Whether or not to show tracebacks in an HTTP response for a request that | ||
+ | # raised an exception. | ||
+ | show_tracebacks: | ||
+ | |||
+ | # The API version number for the current (highest) API. | ||
+ | api_version: | ||
+ | |||
+ | # The administrative username. | ||
+ | admin_user: restadmin | ||
+ | |||
+ | # The administrative password. | ||
+ | admin_pass: | ||
+ | |||
+ | [mta] | ||
+ | # The class defining the interface to the incoming mail transport agent. | ||
+ | #incoming: mailman.mta.exim4.LMTP | ||
+ | incoming: mailman.mta.postfix.LMTP | ||
+ | |||
+ | # The callable implementing delivery to the outgoing mail transport agent. | ||
+ | # This must accept three arguments, the mailing list, the message, and the | ||
+ | # message metadata dictionary. | ||
+ | outgoing: mailman.mta.deliver.deliver | ||
+ | |||
+ | # How to connect to the outgoing MTA. If smtp_user and smtp_pass is given, | ||
+ | # then Mailman will attempt to log into the MTA when making a new connection. | ||
+ | smtp_host: localhost | ||
+ | smtp_port: 25 | ||
+ | smtp_user: | ||
+ | smtp_pass: | ||
+ | |||
+ | # Where the LMTP server listens for connections. | ||
+ | # localhost for Postfix integration, | ||
+ | # (e.g. not / | ||
+ | lmtp_host: 127.0.0.1 | ||
+ | lmtp_port: 8024 | ||
+ | |||
+ | # Where can we find the mail server specific configuration file? The path can | ||
+ | # be either a file system path or a Python import path. If the value starts | ||
+ | # with python: then it is a Python import path, otherwise it is a file system | ||
+ | # path. File system paths must be absolute since no guarantees are made about | ||
+ | # the current working directory. | ||
+ | # .cfg, which the file must end with. | ||
+ | # | ||
+ | configuration: | ||
+ | |||
+ | [archiver.hyperkitty] | ||
+ | class: mailman_hyperkitty.Archiver | ||
+ | enable: yes | ||
+ | configuration: | ||
</ | </ | ||
- | == Configurer apache == | + | A cette étape vous pouvez créer des mailing-list et les manipuler, mais ce n'est pas très pratique car il faut être connecté sur la CT et manipuler en python/ |
+ | |||
+ | **postorius & hyperkitty** | ||
- | Une configuration pour apache est fournie avec mailman. Elle se trouve dans ''/ | + | Installons désormais l'interface graphique de mailman3. |
+ | Celle-ci est composée de deux parties distinctes : postorius pour la gestion des listes et hyperkitty pour l' | ||
- | Il suffit de mettre un lien symbolique vers ce fichier dans ''/ | + | Installons les packets : |
<code bash> | <code bash> | ||
- | cd / | + | apt-get install mailman3-web |
- | ln -s / | + | |
- | / | + | |
</ | </ | ||
- | Vous pouvez accéder à l' | + | Les configurations sont dans le dossier "/ |
- | NB: Le fichier de configuration par défaut à changer et pour joindre le site http:// | + | Voici les config utilisées |
- | == Configurer postfix == | + | settings_local.py |
- | Il faut d'abord modifier | + | <code bash> |
+ | # This file is imported by the Mailman Suite. It is used to override | ||
+ | # the default settings from / | ||
+ | |||
+ | # SECURITY WARNING: keep the secret key used in production secret! | ||
+ | SECRET_KEY = '< | ||
+ | |||
+ | ADMINS = ( | ||
+ | ('Mailman Suite Admin', | ||
+ | ) | ||
+ | |||
+ | # Hosts/domain names that are valid for this site; required if DEBUG is False | ||
+ | # See https://docs.djangoproject.com/ | ||
+ | # Set to '*' | ||
+ | # is meant to run behind a webserver reverse proxy anyway. | ||
+ | ALLOWED_HOSTS = [ | ||
+ | #" | ||
+ | # " | ||
+ | # Add here all production URLs you may have. | ||
+ | ' | ||
+ | ] | ||
+ | |||
+ | # Mailman API credentials | ||
+ | MAILMAN_REST_API_URL = ' | ||
+ | MAILMAN_REST_API_USER = ' | ||
+ | MAILMAN_REST_API_PASS = ' | ||
+ | MAILMAN_ARCHIVER_KEY = ' | ||
+ | MAILMAN_ARCHIVER_FROM = (' | ||
+ | |||
+ | # Application definition | ||
+ | |||
+ | INSTALLED_APPS = ( | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | # Uncomment the next line to enable the admin: | ||
+ | ' | ||
+ | # Uncomment the next line to enable admin documentation: | ||
+ | # ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | ) | ||
+ | |||
+ | |||
+ | # Database | ||
+ | # https:// | ||
+ | |||
+ | DATABASES = { | ||
+ | ' | ||
+ | # Use ' | ||
+ | ' | ||
+ | #' | ||
+ | #' | ||
+ | # DB name or path to database file if using sqlite3. | ||
+ | ' | ||
+ | # The following settings are not used with sqlite3: | ||
+ | ' | ||
+ | ' | ||
+ | # HOST: empty for localhost through domain sockets or ' | ||
+ | # localhost through TCP. | ||
+ | ' | ||
+ | # PORT: set to empty string for default. | ||
+ | ' | ||
+ | # OPTIONS: Extra parameters to use when connecting to the database. | ||
+ | ' | ||
+ | # Set sql_mode to ' | ||
+ | # https:// | ||
+ | # | ||
+ | #' | ||
+ | }, | ||
+ | } | ||
+ | } | ||
+ | |||
+ | |||
+ | # If you're behind a proxy, use the X-Forwarded-Host header | ||
+ | # See https:// | ||
+ | USE_X_FORWARDED_HOST = True | ||
+ | |||
+ | # And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER | ||
+ | # https:// | ||
+ | # SECURE_PROXY_SSL_HEADER = (' | ||
+ | # SECURE_PROXY_SSL_HEADER = (' | ||
+ | |||
+ | # Other security settings | ||
+ | # SECURE_SSL_REDIRECT = True | ||
+ | # If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT | ||
+ | # contains at least this line: | ||
+ | # SECURE_REDIRECT_EXEMPT = [ | ||
+ | # " | ||
+ | # ] | ||
+ | # SESSION_COOKIE_SECURE = True | ||
+ | # SECURE_CONTENT_TYPE_NOSNIFF = True | ||
+ | # SECURE_BROWSER_XSS_FILTER = True | ||
+ | # CSRF_COOKIE_SECURE = True | ||
+ | # CSRF_COOKIE_HTTPONLY = True | ||
+ | # X_FRAME_OPTIONS = ' | ||
+ | |||
+ | |||
+ | # Internationalization | ||
+ | # https:// | ||
+ | |||
+ | LANGUAGE_CODE = ' | ||
+ | |||
+ | TIME_ZONE = ' | ||
+ | |||
+ | USE_I18N = True | ||
+ | USE_L10N = True | ||
+ | USE_TZ = True | ||
+ | |||
+ | |||
+ | # Set default domain for email addresses. | ||
+ | EMAILNAME = ' | ||
+ | |||
+ | # If you enable internal authentication, | ||
+ | # will appear to be coming from. Make sure you set a valid domain name, | ||
+ | # otherwise the emails may get rejected. | ||
+ | # https:// | ||
+ | # DEFAULT_FROM_EMAIL = " | ||
+ | DEFAULT_FROM_EMAIL = ' | ||
+ | |||
+ | # If you enable email reporting for error messages, this is where those emails | ||
+ | # will appear to be coming from. Make sure you set a valid domain name, | ||
+ | # otherwise the emails may get rejected. | ||
+ | # https:// | ||
+ | # SERVER_EMAIL = ' | ||
+ | SERVER_EMAIL = ' | ||
+ | |||
+ | |||
+ | # Django Allauth | ||
+ | ACCOUNT_DEFAULT_HTTP_PROTOCOL = " | ||
+ | |||
+ | |||
+ | # | ||
+ | # Social auth | ||
+ | # | ||
+ | SOCIALACCOUNT_PROVIDERS = { | ||
+ | #' | ||
+ | # ' | ||
+ | # dict(id=' | ||
+ | # | ||
+ | # | ||
+ | # ], | ||
+ | #}, | ||
+ | #' | ||
+ | # ' | ||
+ | # ' | ||
+ | #}, | ||
+ | #' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ], | ||
+ | # ' | ||
+ | #}, | ||
+ | } | ||
+ | |||
+ | # On a production setup, setting COMPRESS_OFFLINE to True will bring a | ||
+ | # significant performance improvement, | ||
+ | # recompiled on each requests. It means running an additional " | ||
+ | # management command after each code upgrade. | ||
+ | # http:// | ||
+ | COMPRESS_OFFLINE = True | ||
- | <code python> | + | POSTORIUS_TEMPLATE_BASE_URL |
- | MTA = 'postfix' | + | |
</ | </ | ||
- | Pour le reste de la configuration de Postfix, rendez-vous dans ''/ | + | settings.py |
<code bash> | <code bash> | ||
- | myorigin = /etc/ | + | # -*- coding: utf-8 -*- |
+ | # Copyright (C) 1998-2016 by the Free Software Foundation, Inc. | ||
+ | # | ||
+ | # This file is part of Mailman Suite. | ||
+ | # | ||
+ | # Mailman Suite is free sofware: you can redistribute it and/or modify it | ||
+ | # under the terms of the GNU General Public License as published by the Free | ||
+ | # Software Foundation, either version 3 of the License, or (at your option) | ||
+ | # any later version. | ||
+ | # | ||
+ | # Mailman Suite is distributed in the hope that it will be useful, but | ||
+ | # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | ||
+ | # or FITNESS FOR A PARTICULAR PURPOSE. | ||
+ | # for more details. | ||
- | # appending .domain is the MUA's job. | + | # You should have received a copy of the GNU General Public License along |
- | append_dot_mydomain = no | + | # with Mailman Suite. If not, see < |
+ | """ | ||
+ | Django Settings for Mailman Suite (hyperkitty + postorius) | ||
- | readme_directory = no | + | For more information on this file, see |
+ | https:// | ||
- | myhostname = listes.minet.net | + | For the full list of settings and their values, see |
- | alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases | + | https://docs.djangoproject.com/en/1.8/ref/settings/ |
- | alias_database = hash:/ | + | """ |
- | mydestination = listes, listes.minet.net, | + | |
- | relayhost = mx.minet.net: | + | |
- | mynetworks = 127.0.0.0/8 192.168.102.25 192.168.102.26 | + | |
- | mailbox_size_limit = 0 | + | |
- | # Nécessaire pour mailman | + | # Build paths inside the project like this: os.path.join(BASE_DIR, |
- | recipient_delimiter = + | + | import os |
- | inet_interfaces | + | BASE_DIR |
- | mailman_destination_recipient_limit | + | # SECURITY WARNING: keep the secret key used in production secret! |
+ | SECRET_KEY = '< | ||
+ | |||
+ | # SECURITY WARNING: don't run with debug turned on in production! | ||
+ | DEBUG = False | ||
+ | |||
+ | ADMINS = ( | ||
+ | | ||
+ | ) | ||
+ | |||
+ | SITE_ID | ||
+ | |||
+ | # Hosts/ | ||
+ | # See https:// | ||
+ | ALLOWED_HOSTS = [ | ||
+ | " | ||
+ | # " | ||
+ | # Add here all production URLs you may have. | ||
+ | ] | ||
+ | |||
+ | # Mailman API credentials | ||
+ | MAILMAN_REST_API_URL = ' | ||
+ | MAILMAN_REST_API_USER = ' | ||
+ | MAILMAN_REST_API_PASS = ' | ||
+ | MAILMAN_ARCHIVER_KEY = "< | ||
+ | MAILMAN_ARCHIVER_FROM = (' | ||
+ | |||
+ | # Application definition | ||
+ | |||
+ | INSTALLED_APPS = ( | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | # Uncomment the next line to enable the admin: | ||
+ | ' | ||
+ | # Uncomment the next line to enable admin documentation: | ||
+ | # ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | #' | ||
+ | ) | ||
+ | |||
+ | |||
+ | MIDDLEWARE = ( | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ) | ||
+ | |||
+ | ROOT_URLCONF = ' | ||
+ | |||
+ | |||
+ | TEMPLATES = [ | ||
+ | { | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ], | ||
+ | }, | ||
+ | }, | ||
+ | ] | ||
+ | |||
+ | WSGI_APPLICATION = ' | ||
+ | |||
+ | |||
+ | # Database | ||
+ | # https:// | ||
+ | |||
+ | DATABASES = { | ||
+ | ' | ||
+ | # Use ' | ||
+ | ' | ||
+ | # DB name or path to database file if using sqlite3. | ||
+ | ' | ||
+ | # The following settings are not used with sqlite3: | ||
+ | ' | ||
+ | ' | ||
+ | # HOST: empty for localhost through domain sockets or ' | ||
+ | # localhost through TCP. | ||
+ | ' | ||
+ | # PORT: set to empty string for default. | ||
+ | ' | ||
+ | } | ||
+ | } | ||
+ | |||
+ | |||
+ | # If you're behind a proxy, use the X-Forwarded-Host header | ||
+ | # See https:// | ||
+ | USE_X_FORWARDED_HOST = True | ||
+ | |||
+ | # And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER | ||
+ | # https:// | ||
+ | # SECURE_PROXY_SSL_HEADER = (' | ||
+ | # SECURE_PROXY_SSL_HEADER = (' | ||
+ | |||
+ | # Other security settings | ||
+ | # SECURE_SSL_REDIRECT = True | ||
+ | # If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT | ||
+ | # contains at least this line: | ||
+ | # SECURE_REDIRECT_EXEMPT = [ | ||
+ | # " | ||
+ | # ] | ||
+ | # SESSION_COOKIE_SECURE = True | ||
+ | # SECURE_CONTENT_TYPE_NOSNIFF = True | ||
+ | # SECURE_BROWSER_XSS_FILTER = True | ||
+ | # CSRF_COOKIE_SECURE = True | ||
+ | # CSRF_COOKIE_HTTPONLY = True | ||
+ | # X_FRAME_OPTIONS = ' | ||
+ | |||
+ | |||
+ | # Password validation | ||
+ | # https:// | ||
+ | |||
+ | AUTH_PASSWORD_VALIDATORS = [ | ||
+ | { | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | { | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | { | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | { | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ] | ||
+ | |||
+ | # Internationalization | ||
+ | # https:// | ||
+ | |||
+ | LANGUAGE_CODE = ' | ||
+ | |||
+ | TIME_ZONE = ' | ||
+ | |||
+ | USE_I18N = True | ||
+ | |||
+ | USE_L10N = True | ||
+ | |||
+ | USE_TZ = True | ||
+ | |||
+ | |||
+ | # Static files (CSS, JavaScript, Images) | ||
+ | # https:// | ||
+ | |||
+ | # Absolute path to the directory static files should be collected to. | ||
+ | # Don't put anything in this directory yourself; store your static files | ||
+ | # in apps' " | ||
+ | # Example: "/ | ||
+ | STATIC_ROOT = '/ | ||
+ | |||
+ | # URL prefix for static files. | ||
+ | # Example: " | ||
+ | STATIC_URL = '/ | ||
+ | |||
+ | # Additional locations of static files | ||
+ | STATICFILES_DIRS = ( | ||
+ | # Put strings here, like "/ | ||
+ | # Always use forward slashes, even on Windows. | ||
+ | # Don't forget to use absolute paths, not relative paths. | ||
+ | # BASE_DIR + '/ | ||
+ | ) | ||
+ | |||
+ | # List of finder classes that know how to find static files in | ||
+ | # various locations. | ||
+ | STATICFILES_FINDERS = ( | ||
+ | ' | ||
+ | ' | ||
+ | # ' | ||
+ | ' | ||
+ | ) | ||
+ | |||
+ | # Django 1.6+ defaults to a JSON serializer, but it won't work with | ||
+ | # django-openid, | ||
+ | # https:// | ||
+ | SESSION_SERIALIZER = ' | ||
+ | |||
+ | |||
+ | LOGIN_URL = ' | ||
+ | LOGIN_REDIRECT_URL = ' | ||
+ | LOGOUT_URL = ' | ||
+ | |||
+ | HOSTNAME = ' | ||
+ | |||
+ | # If you enable internal authentication, | ||
+ | # will appear to be coming from. Make sure you set a valid domain name, | ||
+ | # otherwise the emails may get rejected. | ||
+ | # https:// | ||
+ | # DEFAULT_FROM_EMAIL = " | ||
+ | DEFAULT_FROM_EMAIL = ' | ||
+ | |||
+ | # If you enable email reporting for error messages, this is where those emails | ||
+ | # will appear to be coming from. Make sure you set a valid domain name, | ||
+ | # otherwise the emails may get rejected. | ||
+ | # https:// | ||
+ | # SERVER_EMAIL = ' | ||
+ | SERVER_EMAIL = ' | ||
+ | |||
+ | # Change this when you have a real email backend | ||
+ | EMAIL_BACKEND = ' | ||
+ | |||
+ | # Compatibility with Bootstrap 3 | ||
+ | from django.contrib.messages import constants as messages | ||
+ | MESSAGE_TAGS = { | ||
+ | messages.ERROR: | ||
+ | } | ||
+ | |||
+ | |||
+ | # | ||
+ | # Social auth | ||
+ | # | ||
+ | AUTHENTICATION_BACKENDS = ( | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ) | ||
+ | AUTH_LDAP_SERVER_URI = " | ||
+ | AUTH_LDAP_BIND_DN = "< | ||
+ | AUTH_LDAP_BIND_PASSWORD = "< | ||
+ | |||
+ | UTH_LDAP_START_TLS = False | ||
+ | |||
+ | AUTH_LDAP_USER_ATTR_MAP = {" | ||
+ | |||
+ | import ldap | ||
+ | from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion | ||
+ | AUTH_LDAP_USER_SEARCH = LDAPSearchUnion( | ||
+ | LDAPSearch(" | ||
+ | ) | ||
+ | |||
+ | |||
+ | |||
+ | # depending on your group type, use one of the following: | ||
+ | |||
+ | # from django_auth_ldap.config import PosixGroupType | ||
+ | # AUTH_LDAP_GROUP_TYPE = PosixGroupType() | ||
+ | |||
+ | # or: | ||
+ | |||
+ | |||
+ | |||
+ | import ldap | ||
+ | from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion | ||
+ | |||
+ | |||
+ | # depending on your group type, use one of the following: | ||
+ | |||
+ | # from django_auth_ldap.config import PosixGroupType | ||
+ | # AUTH_LDAP_GROUP_TYPE = PosixGroupType() | ||
+ | # AUTH_LDAP_GROUP_SEARCH = LDAPSearch(" | ||
+ | |||
+ | # or: | ||
+ | |||
+ | from django_auth_ldap.config import GroupOfUniqueNamesType | ||
+ | |||
+ | # Django Allauth | ||
+ | ACCOUNT_AUTHENTICATION_METHOD = " | ||
+ | ACCOUNT_EMAIL_REQUIRED = True | ||
+ | ACCOUNT_EMAIL_VERIFICATION = " | ||
+ | # You probably want https in production, but this is a dev setup file | ||
+ | ACCOUNT_DEFAULT_HTTP_PROTOCOL = " | ||
+ | ACCOUNT_UNIQUE_EMAIL | ||
+ | |||
+ | SOCIALACCOUNT_PROVIDERS = { | ||
+ | #' | ||
+ | # ' | ||
+ | # dict(id=' | ||
+ | # | ||
+ | # | ||
+ | # ], | ||
+ | #}, | ||
+ | #' | ||
+ | # ' | ||
+ | # ' | ||
+ | #}, | ||
+ | #' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ], | ||
+ | # ' | ||
+ | #}, | ||
+ | } | ||
+ | |||
+ | |||
+ | # | ||
+ | # Gravatar | ||
+ | # https:// | ||
+ | # | ||
+ | # Gravatar base url. | ||
+ | # GRAVATAR_URL = ' | ||
+ | # Gravatar base secure https url. | ||
+ | # GRAVATAR_SECURE_URL = ' | ||
+ | # Gravatar size in pixels. | ||
+ | # GRAVATAR_DEFAULT_SIZE = ' | ||
+ | # An image url or one of the following: ' | ||
+ | # ' | ||
+ | # GRAVATAR_DEFAULT_IMAGE = ' | ||
+ | # One of the following: ' | ||
+ | # GRAVATAR_DEFAULT_RATING = ' | ||
+ | # True to use https by default, False for plain http. | ||
+ | # GRAVATAR_DEFAULT_SECURE = True | ||
+ | |||
+ | # | ||
+ | # django-compressor | ||
+ | # https:// | ||
+ | # | ||
+ | COMPRESS_PRECOMPILERS = ( | ||
+ | | ||
+ | | ||
+ | | ||
+ | ) | ||
+ | # On a production setup, setting COMPRESS_OFFLINE to True will bring a | ||
+ | # significant performance improvement, | ||
+ | # recompiled on each requests. It means running an additional " | ||
+ | # management command after each code upgrade. | ||
+ | # http:// | ||
+ | # COMPRESS_OFFLINE = True | ||
+ | |||
+ | # Needed for debug mode | ||
+ | # INTERNAL_IPS = (' | ||
+ | |||
+ | |||
+ | # | ||
+ | # Full-text search engine | ||
+ | # | ||
+ | HAYSTACK_CONNECTIONS = { | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | # You can also use the Xapian engine, it's faster and more accurate, | ||
+ | # but requires another library. | ||
+ | # http:// | ||
+ | # Example configuration for Xapian: | ||
+ | #' | ||
+ | }, | ||
+ | } | ||
+ | |||
+ | |||
+ | # | ||
+ | # Asynchronous tasks | ||
+ | # | ||
+ | Q_CLUSTER = { | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | } | ||
+ | |||
+ | |||
+ | # A sample logging configuration. The only tangible logging | ||
+ | # performed by this configuration is to send an email to | ||
+ | # the site admins on every HTTP 500 error when DEBUG=False. | ||
+ | # See http:// | ||
+ | # more details on how to customize your logging configuration. | ||
+ | LOGGING = { | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | } | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | #' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | } | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | }, | ||
+ | #' | ||
+ | # ' | ||
+ | # ' | ||
+ | #}, | ||
+ | } | ||
+ | |||
+ | |||
+ | # Using the cache infrastructure can significantly improve performance on a | ||
+ | # production setup. This is an example with a local Memcached server. | ||
+ | #CACHES = { | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # } | ||
+ | #} | ||
+ | |||
+ | |||
+ | # | ||
+ | # HyperKitty-specific | ||
+ | # | ||
+ | |||
+ | # Only display mailing-lists from the same virtual host as the webserver | ||
+ | FILTER_VHOST = False | ||
+ | |||
+ | |||
+ | POSTORIUS_TEMPLATE_BASE_URL = ' | ||
+ | |||
+ | |||
+ | try: | ||
+ | from settings_local import * | ||
+ | except ImportError: | ||
+ | pass | ||
</ | </ | ||
- | < | + | Une fois ces configurations effectuées, |
- | / | + | En théorie vous avez juste à copier l' |
+ | |||
+ | ==== Initialisation ==== | ||
+ | |||
+ | Démarrez les services. | ||
+ | |||
+ | < | ||
+ | service postfix start | ||
+ | service mailman3 start | ||
+ | service mailman3-web start | ||
</ | </ | ||
- | Et on redémarre le tout : | + | Une fois cela fait, nous allons pouvoir créer votre premier compte administrateur. |
- | < | + | |
- | /etc/init.d/postfix restart | + | Rendez-vous dans /usr/share/mailman3-web : vous y trouverez un script " |
- | /etc/init.d/mailman start | + | Dans notre cas : |
+ | |||
+ | <code bash> | ||
+ | python3 createsuperuser | ||
</ | </ | ||
- | === Gestion des mailing lists === | + | Suivez ensuite les étapes. |
- | En plus de l'interface Web, il est possible de gérer les listes en ligne de commande. | + | Vous pourrez grâce à la BDD mailman3-web nommer quelqu'un superuser sur son compte LDAP par exemple. (cela doit se transmettre entre présidents par exemple) |
- | Pour supprimer | + | Vous pouvez alors vous connecter, valider votre email et gérer les mailing-list. |
- | Sur la machine, | + | En théorie à ce niveau tout fonctionne. |
- | < | + | |
- | rmlist lenomdelaliste | + | ==== Informations complémentaires ==== |
+ | |||
+ | **Authentification LDAP** | ||
+ | |||
+ | Vous avez configuré avec les configurations proposées | ||
+ | Tout user peut également s' | ||
+ | |||
+ | **Archives HyperKitty** | ||
+ | |||
+ | La synchro entre postorius et hyperkitty peut être capricieuse. | ||
+ | Au cas où vous voudriez passer des archives | ||
+ | Pour supprimer proprement des archives hyperkitty en python | ||
+ | < | ||
+ | from hyperkitty.models import MailingList | ||
+ | ml = MailingList.objects.get(name=" | ||
+ | ml.delete() | ||
</ | </ | ||
- | === Générer | + | mailman3, mailman3-web et hyperkitty se synchronisent via des cron' donc si il y a des problèmes vous pouvez les lancer manuellement. |
- | Ci-joint un petit script en python qui permet de récupérer des infos sur les listes. Par exemple, pour générer les statistiques des envois sur les 7 derniers mois, utiliser en root : | ||
<code bash> | <code bash> | ||
- | python stats_listes.py 7 | + | python3 manage.py runjobs < |
</ | </ | ||
- | === Libérer de l'espace disque === | + | Si le souci n'est toujours pas résolu : |
- | Mailman a une fâcheuse tendance à stocker des archives, y compris pour les listes privées. | ||
- | La commande ci-dessous permet de vider les messages et les fichiers attachés sur les listes privées datant de plus de 30 jours. | ||
<code bash> | <code bash> | ||
- | find / | + | python3 manage.py sync_mailman |
</ | </ | ||
+ | |||
+ | Ce qui " | ||
+ | |||
+ | Et si enfin ça ne passe pas, on peut mettre à jour l' | ||
+ | <code bash> | ||
+ | python3 manage.py update_index | ||
+ | </ | ||
+ | |||
+ | Sinon il faut chercher côté DB et logs. (et documentation bien sûr !) | ||
+ | |||
+ | **Gestion de son compte user** | ||
+ | |||
+ | Tout user d'une ML peut se co sur le site, consulter les archives de tous ses abonnements et se désabonner ou tout simplement décider de ne plus recevoir les mails sans se désabonner. | ||
+ | Pour cela il suffit de se connecter puis cliquer sur son pseudo en haut à droite, ensuite " | ||
+ | |||
+ | Vous pouvez aussi lier un autre e-mail sur votre compte, il faut juste aller dans " | ||
+ | |||
+ | ==== Mailing-List par bâtiments ==== | ||
+ | |||
+ | Dans le but de pouvoir communiquer directement avec les adhérents, des mailing-list spécifiques sont en place. Chacune est liée à un bâtiment. Exemple : u1@listes.minet.net | ||
+ | |||
+ | Toutes les nuits un jobs jenkins est lancé et exécute le programme cron_mailing.sh situé dans / | ||
+ | |||
+ | Ce programme synchronise les ML avec la DB fdpsql. Il vire les adhérents dont la cotisation est expirée et ajoute ceux actifs dans leurs bâtiments respectifs. | ||
+ | |||
+ | Il existe également une ML adherents@listes.minet.net qui recense ces 7 listes de bâtiments. Toutes ces ML sont soumises à approbation d'un owner pour utilisation : soit le président soit le respo. comm. | ||
+ | |||
+ |