# Mailman (3) ## Parameters and defaults All configuration is to be placed inside the `mailman` dict. ``` # mail address for the site owner site_owner: changeme@example.com # domain used for lists default_domain: example.com # all settings regarding the mailman api api: # settings for listen addresses hostname: localhost port: 8001 # api version to use, only "3.1" was tested version: "3.1" # api account setting admin: # should not be changed name: restadmin pw: "{{ lookup('password', '/dev/null length=32') }}" # webinterface settings web: # django secret key secretkey: "{{ lookup('password', '/dev/null length=128') }}" # activate remote auth in django remote_user: False # enable signup signup: True # allow users to change their password change_pw: True # dict with ldap settings or "False" to disable ldap: False # Ldap server url. Can be ldap:// or ldaps:// # url: "ldaps://example.com" # enable account and list membership sync. Membership sync musst be explicitly configured per list # sync: true # use a bind user to connect to the ldap. If it is not specified, sync will not work. # bind_dn: "cn=mailman,ou=system,dc=example,dc=com" # bind_password: "{{ lookup('passwordstore', '/dev/null length=64 nosymbols=true') }}" # LDAP Search to find all groups. See https://django-auth-ldap.readthedocs.io/en/latest/ # group_search: 'LDAPSearch("ou=groups,dc=example,dc=com", ldap.SCOPE_ONELEVEL, "(objectClass=groupOfUniqueNames)")' # group_type: 'GroupOfUniqueNamesType()' # a search that musst return **all** users and select the attribute containing the user name. Only used for ldap sync # user_search_all_name: 'LDAPSearch("ou=users,dc=example,dc=com", ldap.SCOPE_ONELEVEL, "(&(objectClass=posixAccount)(memberOf=cn=service_mailman_access,ou=groups,dc=example,dc=com))", ["uid"])' # see https://django-auth-ldap.readthedocs.io/en/latest/ # user_filter: 'uid=%(user)s,ou=users,dc=example,dc=com' # optionaly set a ca cert or other connection settings # options: "{ ldap.OPT_X_TLS_CACERTFILE: '/etc/ssl/myfancy.ca', ldap.OPT_X_TLS_REQUIRE_CERT: True, ldap.OPT_X_TLS_NEWCTX: 0 }" # map django roles # mappings: # "is_active": "cn=service_mailman_access,ou=groups,dc=example,dc=com" # "is_staff": "cn=service_mailman_admin,ou=groups,dc=example,dc=com" # "is_superuser": "cn=service_mailman_admin,ou=groups,dc=example,dc=com" # group_require: "cn=service_mailman_access,ou=groups,dc=example,dc=com" # logged in session timeout in seconds session_timeout: 3600 # hypperkitty settings archiver: # api key key: "{{ lookup('password', '/dev/null length=128') }}" # default settings used for all lists list_defaults: # Mailman settings to set for this list. See https://docs.mailman3.org/projects/mailmanclient/en/latest/_modules/mailmanclient/restobjects/settings.html#Settings settings: {} # ldap sync settings ldap: member: # enable syncing for this role type enabled: False # basedn to search dn: "ou=users,dc=example,dc=com" # ldap filter to use filter: "(&(objectClass=posixAccount)(memberOf=cn=my_fancy_list,ou=groups,dc=example,dc=com))" # attribute to read the user name from username_attr: "uid" moderator: # see **member** description owner: # see **member** description # Mailing lists to setup. The key is the list name, the value the per list settings lists: {} # 'list@example.com': { # See https://docs.mailman3.org/projects/mailmanclient/en/latest/_modules/mailmanclient/restobjects/settings.html#Settings # settings: { # 'description': 'foobar', # } # See description in **list_defaults** # ldap: {..} # } ```