Monitor changes in the mailing list settings
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
Max Mehl f036fb55bb
ignore generated files
4 months ago
.reuse Initial commit 1 year ago
LICENSES Initial commit 1 year ago
.drone.yml Add CI check for REUSE compliance 1 year ago
.gitignore ignore generated files 4 months ago
LICENSE Initial commit 1 year ago
README.md ignore generated files 4 months ago
check.py Add --dry-run argument 8 months ago
config.cfg.dist Change default email settings 11 months ago
export.py Fix issue with PATH 11 months ago
hosts REUSE compliance 11 months ago
playbook.yml REUSE compliance 11 months ago
update_ref_file.py add space between key and value for password 4 months ago
utils.py Make sure mailing list properties are left stripped 8 months ago

README.md

Mailman settings monitoring

REUSE status

Goal

The goal is to ensure that the FSFE's mailing list sensitive settings are properly configured.

How it works?

It works in three steps:

  • export.py export the sensitive part of the mailing lists configuration to a machine and human readable format
  • update_ref_file.py.py uses the mailman configuration to update our mailing list reference file (expected configuration)
  • check.py compare the actual configuration to the expected configuration, stored in the internal repository. Each difference triggers an email to the mailing list administrators and a CC email address. It also verifies the password

The sensitive attributes of a mailing list are:

  • private_roster
  • subscribe_policy

Details about those attributes can be found here.

and:

  • archive
  • archive_privat

Details about those attributes can be found here.

How it use it?

Requirements

The scripts use python 3 and two libraries:

  • yaml (to store the mailing list configuration)
  • requests (to get the expected mailing list configuration from git)

You can install them on Debian with the packages python3-yaml and python3-requests.

The export.py scripts needs a custom mailman script in your PATH. Download it from here.

Configuration

The check.py script uses a configuration file. Move config.cfg.dist to config.cfg and change the values according to your setup.

Run

Once the requirements are satisfied and the configuration file is ready, run the export.py script and redirect its output to a file (this must be done directly on the mailman server):

python3 export.py > actual_config

Then run the update_ref_file.py script:

python3 update_ref_file.py > output

output can be considered as the current state of the mailman configuration.

Then run the check.py script:

python3 check.py

Deployment with Ansible

Once you have adjusted the settings in config.cfg, you can use the Ansible playbook to deploy the script to a remote mailman server