On Wed, 2021-12-29 at 09:21 -0800, Mark Sapiro wrote:
On 12/29/21 8:48 AM, William Oliver wrote:
[snip]
If you are following https://docs.mailman3.org/en/latest/install/virtualenv.html you have
location / { proxy_pass http://127.0.0.1:8000; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }in your nginx config and everything goes to uwsgi. What you want is to put those proxy directives in only the mailman locations as at https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/... and then configure your document root so other locations are served from there.
The problem was more stupid than one might imagine. My browser was caching so no matter what changes I made, it loaded domain/mailman/lists because that was what was cached. When I tinkered with things, I only changed whether or not mailman was loaded after that. I changed machines and used a different browser, and it started working fine. And it worked fine on my regular box once I cleared my browser's cache.
It turns out that nginx works like it's supposed to work. Go figure.
So, just to make things clear. Here was my goal:
www.domain.com <-- go to welcome page lists.domain.com <-- go to mailman
later, I'll install roundcube for mail.domain.com
This gives me two primary entries in nginx. I'll send www.domain.com to /var/www/html2 and lists.domain.com to /var/www/html (though mailmanweb will kick in before that).
Here's the /etc/nginx/sites-enabled file that works. The entry for location/ for the mailman section is different from the one you pointed to, but it is cut and pasted from one of the examples on that site. I can't find it right now, though -- but it works fine, and life is short.
Anyway, this works if you clear your browser's cache:
##### paths for www.exampledomain.com ##### #### just goes to /var/www/html2 #####
server {
root /var/www/html2;
index index.html index.htm index.nginx-debian.html;
server_name exampledomain.com, mail.exampledomain.com,www.exampledomain.com;
location /{# try_files $uri $uri/ =404; }
##### added 12/19
listen 443 ssl default_server; listen [::]:443 ssl default_server; ##########
ssl_certificate/etc/letsencrypt/live/exampledomain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/exampledomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
##### this for lists.exampledomain, that turns on mailman
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name lists.exampledomain.com;
location /{
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
#proxy_set_header X-Forwarded-For$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect off; }
location /static/ {
alias /opt/mailman/web/static/;
}##### added 12/19
listen 443 ssl ; listen [::]:443 ssl ;
##########
ssl_certificate /etc/letsencrypt/live/exampledomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key/etc/letsencrypt/live/exampledomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
###### Certbot stuff to force things to 443
server { if ($host = mail.exampledomain.com) { return 301 https://$host$request_uri; } # managed by Certbot
if ($host = www.exampledomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = lists.exampledomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name www.exampledomain.com lists.exampledomain.commail.exampledomain.com exampledomain.com; return 404; # managed by Certbot
}