Monitor changes in the mailing list settings
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
vincent 605aad365f
Add --dry-run argument
1 week ago
.reuse Initial commit 8 months ago
LICENSES Initial commit 8 months ago
.drone.yml Add CI check for REUSE compliance 8 months ago
.gitignore Add __pycache__ to .gitignore 7 months ago
LICENSE Initial commit 8 months ago
README.md Add REUSE badge 3 months ago
check.py Add --dry-run argument 1 week ago
config.cfg.dist Change default email settings 3 months ago
export.py Fix issue with PATH 4 months ago
hosts REUSE compliance 3 months ago
playbook.yml REUSE compliance 3 months ago
update_ref_file.py Rename parse_expecred_mailing_list_config -> uparse_expected_mailing_list_config 3 months ago
utils.py Make sure mailing list properties are left stripped 1 week ago

README.md

Mailman settings monitoring

REUSE status

Goal

The goal is to ensure that the FSFE's mailing list sensitive settings are properly configured.

How it works?

It works in three steps:

  • export.py export the sensitive part of the mailing lists configuration to a machine and human readable format
  • update_ref_file.py.py uses the mailman configuration to update our mailing list reference file (expected configuration)
  • check.py compare the actual configuration to the expected configuration, stored in the internal repository. Each difference triggers an email to the mailing list administrators and a CC email address. It also verifies the password

The sensitive attributes of a mailing list are:

  • private_roster
  • subscribe_policy

Details about those attributes can be found here.

and:

  • archive
  • archive_privat

Details about those attributes can be found here.

How it use it?

Requirements

The scripts use python 3 and two libraries:

  • yaml (to store the mailing list configuration)
  • requests (to get the expected mailing list configuration from git)

You can install them on Debian with the packages python3-yaml and python3-requests.

The export.py scripts needs a custom mailman script in your PATH. Download it from here.

Configuration

The check.py script uses a configuration file. Move config.cfg.dist to config.cfg and change the values according to your setup.

Run

Once the requirements are satisfied and the configuration file is ready, run the export.py script and redirect its output to a file (this must be done directly on the mailman server):

python3 export.py > actual_config.txt

Then run the update_ref_file.py script:

python3 update_ref_file.py > output

output can be considered as the current state of the mailman configuration.

Then run the check.py script:

python3 check.py

Deployment with Ansible

Once you have adjusted the settings in config.cfg, you can use the Ansible playbook to deploy the script to a remote mailman server