Hello,
I'm new to mailman3 and started to setup an instance from scratch per hand, but I'm struggeling running the peaces with the correct user/permissions.
I can't find anything regarding running this and that with that user in the docs, so I have the following:
virtualenv_dir: /opt/venvs/mailman3
Installed packages in venv:
- "Django>=1.11"
- "django-haystack"
- "libsass"
- "mailman==3.3.0"
- "mailmanclient"
- "mailman-hyperkitty==1.1.0"
- "postorius==1.3.0"
- "hyperkitty==1.3.0"
- "whoosh"
- "uwsgi"
I have installed the core stuff in /opt/mailman3/core, all is owned by user+group "mailman3":
root@host:/opt/mailman3# tree . ├── core │ ├── etc │ │ ├── hyperkitty.cfg │ │ ├── mailman.cfg │ │ └── uwsgi.ini │ ├── log │ │ ├── bounce.log │ │ ├── debug.log │ │ ├── mailman.log │ │ ├── plugins.log │ │ └── smtp.log │ └── var │ ├── archives │ │ └── hyperkitty │ │ └── spool │ │ ├── ... │ ├── cache │ ├── data │ │ ├── mailman.db │ │ ├── postfix_domains │ │ ├── postfix_domains.db │ │ ├── postfix_lmtp │ │ └── postfix_lmtp.db │ ├── lists │ │ └── admin.lists.... │ ├── locks │ ├── master.lck │ ├── master.lck|...|...|... │ ├── master.pid │ ├── message" │ │ ├── ... │ ├── queue │ │ ├── archive │ │ ├── bad │ │ ├── bounces │ │ ├── command │ │ ├── digest │ │ ├── in │ │ ├── nntp │ │ ├── out │ │ ├── pipeline │ │ ├── retry │ │ ├── shunt │ │ └── virgin │ └── templates
The django project is installed in /opt/mailman3/web, all is owned by user+group "nginx":
└── web └── project ├── db │ └── mailmansuite.db ├── emails ├── fulltext_index │ └── _MAIN_0.toc ├── logs │ ├── mailmansuite.log │ ├── uwsgi-error.log │ └── uwsgi.log ├── manage.py ├── __pycache__ │ ├── settings.cpython-35.pyc │ └── urls.cpython-35.pyc ├── run │ └── uwsgi.sock ├── settings.py ├── static ├── urls.py └── wsgi.py
The mailman3 core ist running with user+group "mailman3". And the uwsgi service is running as root with drops privileges to user+group "nginx".
Now, running the scheduled tasks (which run from user+group "nginx") for django I ran into permission problems, because the nginx user can't access/write to the needed files in /opt/mailman3/core/...
If anyone of you is able to read ansible tasks, this is how I set this up via ansible: https://github.com/freifunk-mwu/ansible-ffmwu/blob/mail/roles/service-bundle...
I would appreciate any hints how to run the different peaces of mailman3 with the correct user/groups/permissions.
Thanks in advance, Tobias