Bring mailman configuration under chef with XSRF protection

[chef.git] / cookbooks / mailman / recipes / default.rb

diff --git a/cookbooks/mailman/recipes/default.rb b/cookbooks/mailman/recipes/default.rb
index 171979208d0337bab103236392959cb05473f8d5..8588c5bea425bea94ef2f3fbadf81845a127759b 100644 (file)
--- a/cookbooks/mailman/recipes/default.rb
+++ b/cookbooks/mailman/recipes/default.rb
@@ -17,10 +17,22 @@
 # limitations under the License.
 #
 
+require "securerandom"
+
 include_recipe "apache::ssl"
 
 package "mailman"
 
+node.set_unless[:mailman][:subscribe_form_secret] = SecureRandom.base64(48)
+
+template "/etc/mailman/mm_cfg.py" do
+  source "mm_cfg.py.erb"
+  user "root"
+  group "root"
+  mode 0644
+  notifies :restart, "service[mailman]"
+end
+
 service "mailman" do
   action [:enable, :start]
   supports :restart => true, :reload => true