Awesome
Ansible Role: Sympa
Role to install Sympa. It doesn't support robots for now, this feature will be added later.
Supported platforms are:
- Arch Linux
- CentOS 7
- CentOS 8
- Debian 8 (Jessie)
- Debian 9 (Stretch)
- Debian 10 (Buster)
- Fedora 35
- Fedora 36
- openSUSE Leap 15
- Ubuntu 16 (Xenial)
- Ubuntu 18 (Bionic)
- Ubuntu 20 (Focal)
- Ubuntu 22 (Jammy)
Requirements
Local MTA. This is installed by most distributions.
Nginx needs to be installed before running the Sympa role, as the Nginx user is referred by the wwsympa service unit.
Integration
Exim
This role doesn't cover the installation of Exim. However, it is recommended to disable the newaliases wrapper:
sympa_config_aliases_program: none
Nginx
The Sympa role provides a snippet for Nginx in the variable sympa_web_nginx_snippet which can be included in a virtual host configuration file.
The FCGI settings can be adjusted with the variables sympa_web_nginx_read_timeout and sympa_web_nginx_fcgi_options.
With a lots of lists and a fresh WWSympa instance it takes a while to generate the list overview:
# raise FCGI timeout to 3 minutes
sympa_web_nginx_read_timeout: 180
Custom scenari
Custom scenari can be installed from files listed in the sympa_scenari variable:
sympa_scenari:
- scenari/visibility.identified
Included in the role are the following scenari:
- visibility.identified (#1140)
Privileges for editing list configuration
The privileges are listed in the configuration file /etc/sympa/edit_list.conf
.
You can override or add privileges through the variable sympa_edit_list_privileges:
sympa_edit_list_privileges:
- name: process_archive
roles:
- owner
- privileged_owner
privilege: hidden
That prevents owners to enable or disable archiving for a list.
The roles can also given as comma-separated list, e.g owner,privileged_owner
.
Inclusion of data sources
ODBC
In order to the necessary ODBC DBI driver, set the sympa_install_odbc_driver variable to "yes".
Variables
sympa_default_config_ttl
Default time interval between two scheduled synchronizations.
sympa_default_config_distribution_ttl
Default time interval to trigger a synchronization by an action, e.g. distributing an email.
Variables
The database configuration for Sympa is required.
Example:
sympa_database:
type: mysql
name: sympa
user: sympa
password: nevairbe
Listmaster
sympa_listmaster
This is either a list of listmasters or a single value for the listmaster.
If no value is provided, listmaster
will be joined with a @ to the
sympa_domain variable.
For example: listmaster@lists.example.com.
Installation
You can pick from different installation methods through the sympa_installation_method variable:
- *source*: install from tarball
- *package*: install from distribution package
- *repository*: install from Git repository
- *sync*: install from directory on the controller
- *none*: skip installation (only for special cases)
Default is source.
sympa_source_directory
Directory for the Sympa sources. The tarball will be also downloaded to this directory if source installation method is used.
sympa_installation_directory
Installation directory. Defaults to /usr/local/sympa
.
Build options
This applies to all installation methods except package:
sympa_build_options: setuid_fcgi: false setuid_queue: false
setuid_fcgi and setuid_queue determine whether the setuid flag is applied to the FCGI wrapper and the queue program, respectively.
There is no reason to apply these setuid flags, especially as setuid binaries are a security risk.
Source installation method
sympa_source_version
Sympa version, defaults to 6.2.72.
sympa_source_url
Sympa download location. The default value includes sympa_source_version, e.g. https://github.com/sympa-community/sympa/releases/download/6.2.70/sympa-6.2.72.tar.gz.
sympa_source_patches
List of patches which will be applied before building, e.g.:
sympa_source_patches:
- patches/soap-api-access-fix.diff
- patches/disable-setuid-1032.diff
Repository installation method
sympa_repository_url
Git repository, defaults to https://github.com/sympa-community/sympa.git.
sympa_repository_version
Git branch or tag, defaults to main
.
Sync installation method
sympa_sync_directory
Directory on the Ansible controller with the Sympa sources.
Aliases
sympa_config_sendmail_aliases
Location of the global file with the list aliases. Defaults to /etc/mail/sympa/aliases
.
sympa_config_aliases_program
Program to update the hash file for the aliases. Select postalias
for using
Sympa with Postfix MTA.
Database
Additional fields
Additional fields for the subscriber and user tables can be configured with the sympa_config_additional_subscriber_fields and sympa_config_additional_user_fields variables.
sympa_config_additional_subscriber_fields: unsubscribe_link
You have to create these fields separately, e.g.:
- name: Add unsubscribe_link field to subscriber table
postgresql_query:
db: sympa
query: 'ALTER TABLE subscriber_table ADD COLUMN IF NOT EXISTS
unsubscribe_link text'
become: yes
become_user: postgres
vars:
ansible_ssh_pipelining: true
Incoming messages
sympa_config_max_size
Maximum size of an incoming message in bytes.
Sympa's default is 5242880 (5 MB).
Privileges
sympa_config_create_list
Determines how can request or create a list. Default value is public_listmaster.
Change this to listmaster in order to prevent users to request a list:
sympa_config_create_list: listmaster
Accounts
allow_account_deletion
Whether to allow the user to delete its own account from the web interface. Default value is false.
sympa_allow_account_deletion: true
Languages
sympa_config_lang
Configures the default language:
sympa_config_lang: de
sympa_config_supported_lang
Configures the supported languages:
sympa_config_supported_lang: de,en_US
You can also use a list instead of a comma separated string.
Personalization
You can enable personalization for all lists with:
sympa_config_merge_feature: true
This is not recommended though unless all lists use that feature. You can enable it for individual lists in the list configuration.
WWSympa
sympa_web_domain
Set this variable if you use a different domain for the web interface than sympa_domain.
sympa_web_path
Path component of URL for the web interface without slash. Default is
sympa
.
sympa_web_fcgi_enabled
Whether WWSympa is enabled (default).
*sympa_web_fcgi_protocol
Protocol for WWSympa URL. Defaults to https
.
sympa_web_fcgi_instances
Number of FCGI instances (default: 5)
Recommended value for development instances is 2.
sympa_config_title
Title for the web interface.
SOAP
sympa_soap_fcgi_enabled
Whether SOAP is enabled (disabled by default).
sympa_soap_fcgi_protocol
Protocol for SOAP URL. Defaults to https
.
sympa_soap_fcgi_instances
Number of FCGI instances (default: 2)
Dependencies
None.
Example Playbook
- hosts: server
roles:
- { role: racke.sympa }
License
GPL2
Author Information
This role was created in 2020 by Stefan Hornburg (Racke).