Taking another run at packaging this thing

.env.sample

@@ -1,20 +1,20 @@
-APP=mailman3
+TYPE=mailman3
 
-DOMAIN=lists.autonomic.zone
+DOMAIN=lists.example.com
 LETS_ENCRYPT_ENV=production
 
 # mailman-core
 MTA=postfix
-SMTP_HOST=mail.autonomic.zone
+SMTP_HOST=mail.example.com
 SMTP_PORT=25
 
 # mailman-web
-DJANGO_ALLOWED_HOSTS=lists.autonomic.zone
-MAILMAN_ADMIN_EMAIL=helo@autonomic.zone
+DJANGO_ALLOWED_HOSTS=lists.example.com
+MAILMAN_ADMIN_EMAIL=helo@example.com
 MAILMAN_ADMIN_USER=autonomic
-SERVE_FROM_DOMAIN=lists.autonomic.zone
-SMTP_HOST=mail.autonomic.zone
-SMTP_HOST_USER=mailman@lists.autonomic.zone
+SERVE_FROM_DOMAIN=lists.example.com
+SMTP_HOST=mail.example.com
+SMTP_HOST_USER=mailman@lists.example.com
 SMTP_PORT=25
 SMTP_USE_TLS=True
 

abra.sh

@@ -1,2 +1,5 @@
 export CORE_ENTRYPOINT_CONF_VERSION=v1
+export MAILMAN_EXTRA_CFG_VERSION=v1
+export NGINX_CONF_VERSION=v1
+export SETTINGS_LOCAL_VERSION=v1
 export WEB_ENTRYPOINT_CONF_VERSION=v1

compose.yml

@@ -7,6 +7,8 @@ services:
     hostname: mailman-core
     volumes:
       - "core:/opt/mailman/"
+    networks:
+      - internal
     secrets:
       - db_password
       - hyperkitty_api_key
@@ -32,9 +34,20 @@ services:
         mode: 0555
     entrypoint: /usr/local/bin/docker-entrypoint-custom.sh
 
-  web:
+  mail:
+    image: "mailu/postfix:1.7"
+    networks:
+      - internal
+    volumes:
+      - "mailqueue:/queue"
+    healthcheck:
+      disable: true
+
+  front:
     image: "maxking/mailman-web:0.3"
     hostname: mailman-web
+    networks:
+      - internal
     volumes:
       - "web:/opt/mailman-web-data"
     secrets:
@@ -62,19 +75,33 @@ services:
         mode: 0555
     entrypoint: /usr/local/bin/docker-entrypoint-custom.sh
 
-  nginx: []
-
-  smtp:
-    image: "mailu/postfix:1.7"
-    volumes:
-      - "mailqueue:/queue"
-    healthcheck:
-      disable: true
+  web:
+    image: "nginx:1.20.0"
+    environment:
+      - DOMAIN
+      - STACK_NAME
+    configs:
+      - source: nginx_conf
+        target: /etc/nginx/nginx.conf
+    networks:
+      - proxy
+      - internal
+    deploy:
+      update_config:
+        failure_action: rollback
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
 
   db:
     image: "postgres:13-alpine"
     secrets:
       - db_password
+    networks:
+      - internal
     environment:
       POSTGRES_DB: mailman
       POSTGRES_USER: mailman
@@ -82,6 +109,11 @@ services:
     volumes:
       - "db:/var/lib/postgresql/data"
 
+networks:
+  internal:
+  proxy:
+    external: true
+
 volumes:
   core:
   web:
@@ -113,3 +145,15 @@ configs:
     name: ${STACK_NAME}_web_entrypoint_conf_${WEB_ENTRYPOINT_CONF_VERSION}
     file: entrypoint.web.sh.tmpl
     template_driver: golang
+  nginx_conf:
+    name: ${STACK_NAME}_nginx_conf_${NGINX_CONF_VERSION}
+    file: nginx.conf.tmpl
+    template_driver: golang
+  settings_local:
+    name: ${STACK_NAME}_settings_local_${SETTINGS_LOCAL_VERSION}
+    file: settings_local.py.tmpl
+    template_driver: golang
+  mailmain_extra_cfg:
+    name: ${STACK_NAME}_mailman_extra_cfg_${MAILMAN_EXTRA_CFG_VERSION}
+    file: mailman-extra.cfg.tmpl
+    template_driver: golang

nginx.conf.tmpl

@@ -0,0 +1,25 @@
+
+user www-data;
+
+events {
+  worker_connections 768;
+}
+
+http {
+  upstream webuwsgi {
+    server {{ env "STACK_NAME" }}_front:8080;
+  }
+
+  server_name {{ env "DOMAIN" }};
+
+  location / {
+    uwsgi_pass webuwsgi;
+    include uwsgi_params;
+    uwsgi_read_timeout 300;
+  }
+
+  location /static/ {
+    alias /opt/mailman/web/static/;
+    autoindex off;
+  }
+}