Update README.md with setup instructions

README.md

@@ -1,3 +1,24 @@
 # mailman-podman-setup
 
-Mailman 3 setup using Podman Quadlets
+Mailman 3 setup using Podman Quadlets. Containers are supposed to run in rootless mode.
+# requirements
+- *Podman* version 4 or later
+- *pwgen* to generatore random secrets
+- an unprivileged user account to run the containers. A separate account (i.e. _mailman_ is not required, but recommended.)
+# installation
+1. Switch to the user account you want to use to run Mailman.
+1. In the user account's home directory, create the directory where the Systemd generator looks for quadlets.
+```$ mkdir -p ~mailman/.config/containers/systemd```
+1. Then copy the files from the *mailman/* subdirectory in this repository into the quadlet directory:
+```$ cp mailman/* ~mailman/.config/containers/systemd/```
+ 1. Now we have to generate some secrets which the various components use to talk to each other:
+```
+$ pwgen -1 32 | | podman secret create HYPERKITTY_API_KEY       -
+$ pwgen -1 32 | podman secret create MAILMAN_REST_PASSWORD    -
+$ pwgen -1 32 | podman secret create MAILMAN_WEB_SECRET_KEY   -
+```
+1. Now adapt the environment variable definitions in mailman-core.container and mailman-web.container to your needs. You may want to customize at least the variable *SERVE_FROM_DOMAIN*, which is set to lists.example.com by default.
+1. Finally run ```$ systemctl --user daemon-reload``` to trigger the systemd unit generator and start the services:
+```systemctl --user start mailman-core mailman-web```
+1. By default Systemd launches user services only when the user logs in. To create a user session when the system boots, enable the automatic user session creation on boot with the following command as root:
+```# systemctl enable-linger mailman```

mailman/database.container

@@ -0,0 +1,6 @@
+[Container]
+Environment=POSTGRES_DB=mailmandb POSTGRES_USER=mailman POSTGRES_PASSWORD=mailmanpass
+HostName=database
+Image=docker.io/postgres:14-alpine
+Network=mailman.network
+Volume=database.volume:/var/lib/postgresql/data

mailman/database.volume

@@ -0,0 +1,2 @@
+[Volume]
+VolumeName=database

mailman/mailman-core.container

@@ -0,0 +1,21 @@
+[Unit]
+Requires=database.service
+
+[Container]
+ContainerName=mailman-core
+Environment=DATABASE_URL=postgresql://mailman:mailmanpass@database/mailmandb
+Environment=DATABASE_TYPE=postgres 
+Environment=DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
+Environment=MTA=postfix
+Secret=MAILMAN_REST_PASSWORD,type=env
+Secret=HYPERKITTY_API_KEY,type=env
+HostName=mailman-core
+Image=docker.io/maxking/mailman-core:0.4
+Network=mailman.network
+PodmanArgs=--stop-timeout 30
+PublishPort=127.0.0.1:8001:8001
+PublishPort=127.0.0.1:8024:8024
+Volume=mailman-core.volume:/opt/mailman/
+
+[Service]
+Restart=always

mailman/mailman-core.volume

@@ -0,0 +1,2 @@
+[Volume]
+VolumeName=mailman-core

mailman/mailman-web.container

@@ -0,0 +1,20 @@
+[Unit]
+Requires=database.service
+
+[Container]
+ContainerName=mailman-web
+Environment=DATABASE_TYPE=postgres
+Environment=DATABASE_URL=postgresql://mailman:mailmanpass@database/mailmandb
+Environment=SERVE_FROM_DOMAIN=lists.example.com
+Secret=HYPERKITTY_API_KEY,type=env
+Secret=MAILMAN_WEB_SECRET_KEY,type=env,target=SECRET_KEY
+Secret=MAILMAN_REST_PASSWORD,type=env
+HostName=mailman-web
+Image=docker.io/maxking/mailman-web:0.4
+Network=mailman.network
+PublishPort=127.0.0.1:8000:8000
+PublishPort=127.0.0.1:8080:8080
+Volume=mailman-web.volume:/opt/mailman-web-data
+
+[Service]
+#Restart=always

mailman/mailman-web.volume

@@ -0,0 +1,2 @@
+[Volume]
+VolumeName=mailman-web

mailman/mailman.network

@@ -0,0 +1,2 @@
+[Network]
+Driver=bridge