Monitor changes in the mailing list settings
Go to file
2025-01-15 10:48:07 +00:00
.reuse Initial commit 2019-10-23 19:03:03 +02:00
inventory@17eed5a998 Update inventory digest to 17eed5a 2025-01-15 00:26:08 +00:00
LICENSES Initial commit 2019-10-23 19:03:03 +02:00
.drone.yml add docs-centralizer CI job 2023-01-13 14:18:54 +01:00
.gitignore ignore generated files 2020-10-19 15:47:35 +02:00
.gitmodules Add inventory submodule 2022-12-15 11:53:34 +01:00
ansible.cfg Add inventory submodule 2022-12-15 11:53:34 +01:00
check.py Check if there are old messages in the moderation queues (#1) 2021-05-19 15:50:42 +00:00
config.cfg.dist Change default email settings 2020-03-17 08:44:46 +01:00
export.py Fix issue with PATH 2020-03-07 12:11:21 +01:00
hosts REUSE compliance 2020-03-09 17:52:51 +01:00
LICENSE Initial commit 2019-10-23 19:03:03 +02:00
playbook.yml REUSE compliance 2020-03-09 17:52:51 +01:00
README.md Add drone build badge 2024-06-06 13:55:34 +00:00
renovate.json update renovate 2023-11-05 18:50:55 +01:00
renovate.json.license Add license for renovate.json 2021-05-14 15:17:59 +02:00
update_ref_file.py add space between key and value for password 2020-10-19 15:47:12 +02:00
utils.py Catch IndexError 2022-12-15 11:47:55 +01:00

Mailman settings monitoring

in docs.fsfe.org Build Status REUSE status

Goal

The goal is to ensure that the FSFE's mailing list sensitive settings are properly configured.

How it works?

It works in three steps:

  • export.py export the sensitive part of the mailing lists configuration to a machine and human readable format
  • update_ref_file.py.py uses the mailman configuration to update our mailing list reference file (expected configuration)
  • check.py compare the actual configuration to the expected configuration, stored in the internal repository. Each difference triggers an email to the mailing list administrators and a CC email address. It also verifies the password

The sensitive attributes of a mailing list are:

  • private_roster
  • subscribe_policy

Details about those attributes can be found here.

and:

  • archive
  • archive_privat

Details about those attributes can be found here.

How it use it?

Requirements

The scripts use python 3 and two libraries:

  • yaml (to store the mailing list configuration)
  • requests (to get the expected mailing list configuration from git)

You can install them on Debian with the packages python3-yaml and python3-requests.

The export.py scripts needs a custom mailman script in your PATH. Download it from here.

Configuration

The check.py script uses a configuration file. Move config.cfg.dist to config.cfg and change the values according to your setup.

Run

Once the requirements are satisfied and the configuration file is ready, run the export.py script and redirect its output to a file (this must be done directly on the mailman server):

python3 export.py > actual_config

Then run the update_ref_file.py script:

python3 update_ref_file.py > output

output can be considered as the current state of the mailman configuration.

Then run the check.py script:

python3 check.py

Deployment with Ansible

Once you have adjusted the settings in config.cfg, you can use the Ansible playbook to deploy the script to a remote mailman server