Mark Sapiro wrote:
But whatever is listening on port 8001 is apparently not Mailman's rest server. What does ps -fww 14080 or whatever PID is currently listening on port 8001 show.
UID PID PPID C STIME TTY STAT TIME CMD list 15972 15963 0 Aug11 ? Sl 0:13 /usr/bin/python3 /usr/lib/mailman3/bin/runner -C /etc/mailman3/mailman.cfg --runner=rest:0:1
OK. Perhaps instead you should have uid: list gid: list in your uwsgi configuration if you don't already.
Tried that while also switching mailman3-web.service to list:list, exactly the same error. Also, I have /run/mailman3-web/uwsgi.sock owned by list:list now instead of www-data:www-data. What the logs say:
*** Starting uWSGI 2.0.18-debian (64bit) on [Thu Aug 12 08:46:37 2021] *** compiled with version: 8.2.0 on 10 February 2019 02:42:46 os: Linux-4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) nodename: mail machine: x86_64 clock source: unix pcre jit disabled detected number of CPU cores: 2 current working directory: / detected binary path: /usr/bin/uwsgi-core chdir() to /usr/share/mailman3-web your processes number limit is 3831 your memory page size is 4096 bytes detected max file descriptor number: 1024 lock engine: pthread robust mutexes thunder lock: disabled (you can enable it with --thunder-lock) error removing unix socket, unlink(): Permission denied [core/socket.c line 198] bind(): Address already in use [core/socket.c line 230]
Not sure if that means the two directories need to be owned by list, currently they are owned by root
I'm not familiar enough with this form of ProxyPass using sockets to understand what the localhost:8001 does in this context, but uwsgi should not be doing anything with port 8001. In a configuration using TCP, it would listen on port 8000. Port 8001 is where Mailman's REST API server listens. uwsgi should receive connects in your case via the unix socket and then pass them to Django via the application in wsgi.py Also, you may want other paths proxied to uwsgi, namely at least some of hyperkitty, postorius, archives, accounts, admin and user-profile.
Ok, I removed that port again, now it's exctly like in the automatically generated config file. And you mean like
<IfModule mod_proxy_uwsgi.c> ProxyPass /mailman3/favicon.ico ! ProxyPass /mailman3/static ! ProxyPass /mailman3 unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /hyperkitty unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /postorius unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /admin unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /archives unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /accounts unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ ProxyPass /user-profile unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/ </IfModule>
These should be 'list', not 'www-data'. That's your permissions issue on settings.py