Mark Sapiro wrote:
You are in a better position to answer that than am I. What does sudo netstat -lntp show?
A lot. But since most of that isn't relevant here: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 20241/master tcp 0 0 127.0.0.1:8024 0.0.0.0:* LISTEN 14076/python3 tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 20241/master tcp 0 0 127.0.0.1:8001 0.0.0.0:* LISTEN 14080/python3 tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 20241/master tcp6 0 0 :::80 :::* LISTEN 13882/apache2 tcp6 0 0 :::465 :::* LISTEN 20241/master tcp6 0 0 :::25 :::* LISTEN 20241/master tcp6 0 0 :::443 :::* LISTEN 13882/apache2 tcp6 0 0 :::587 :::* LISTEN 20241/master
What does ps -fwwa|grep rest show?
root 15055 14843 0 12:58 pts/1 00:00:00 grep rest
So whatever it's supposed to find, it's not there
mailman3-web.service must also run as list.
I changed that. It didn't like it.
systemctl status mailman3-web.service ● mailman3-web.service - Mailman3-web uWSGI service Loaded: loaded (/lib/systemd/system/mailman3-web.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2021-08-11 13:05:39 CEST; 32s ago Docs: file:///usr/share/doc/mailman3-web/README.rst Process: 15570 ExecStart=/usr/bin/uwsgi --plugin python3 --ini /etc/mailman3/uwsgi.ini (code=exited, status=1/FAILURE) Main PID: 15570 (code=exited, status=1/FAILURE) Status: "initializing uWSGI"
Aug 11 13:05:39 mail systemd[1]: Starting Mailman3-web uWSGI service... Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Main process exited, code=exited, status=1/FAILURE Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Failed with result 'exit-code'. Aug 11 13:05:39 mail systemd[1]: Failed to start Mailman3-web uWSGI service. Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Service RestartSec=100ms expired, scheduling restart. Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Scheduled restart job, restart counter is at 5. Aug 11 13:05:39 mail systemd[1]: Stopped Mailman3-web uWSGI service. Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Start request repeated too quickly. Aug 11 13:05:39 mail systemd[1]: mailman3-web.service: Failed with result 'exit-code'. Aug 11 13:05:39 mail systemd[1]: Failed to start Mailman3-web uWSGI service.
So, what do you have in your apache config for proxying to uwsgi and what's your uwsgi configuration.
lists-ssl.conf: <VirtualHost *:443> ServerAdmin admin@domain.de ServerName lists.domain.de
Alias /mailman3/favicon.ico /var/lib/mailman3/web/static/postorius/img/favicon.ico
Alias /mailman3/static /var/lib/mailman3/web/static
<Directory "/var/lib/mailman3/web/static">
Require all granted
</Directory>
<IfModule mod_proxy_uwsgi.c>
ProxyPass /mailman3/favicon.ico !
ProxyPass /mailman3/static !
ProxyPass "/mailman3" "unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost:8001/"
</IfModule>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/ssl/certs/lists.domain.de.cert.pem
SSLCertificateKeyFile /etc/ssl/private/lists.domain.de.private.pem
SSLCertificateChainFile /etc/ssl/certs/dfnca.pem
SSLCACertificateFile /etc/ssl/certs/rwthcert.pem
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
Protocols h2 http/1.1
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256
SSLHonorCipherOrder off
#RewriteEngine on
#RewriteRule ^/$ https://lists.domain.de/listinfo
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
Header always set X-Frame-Options: "SAMEORIGIN"
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set Content-Security-Policy "default-src 'self' *.domain.de; script-src 'self' *.domain.de; connect-src 'self' *.domain.de; img-src 'self' *.domain.de; style-src 'self' 'unsafe-inline' *.domain.de; object-src 'self' *.domain.de; frame-src 'self' *.domain.de;"
Header always set Referrer-Policy "no-referrer-when-downgrade"</VirtualHost>
<VirtualHost *:80> RewriteEngine On RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] </VirtualHost>
I guess with uwsgi config you mean the /etc/mailman3/uwsgi.ini file? [uwsgi] # Port on which uwsgi will be listening. uwsgi-socket = /run/mailman3-web/uwsgi.sock
#Enable threading for python enable-threads = true
# Move to the directory wher the django files are. chdir = /usr/share/mailman3-web
# Use the wsgi file provided with the django project. wsgi-file = wsgi.py
# Setup default number of processes and threads per process. master = true process = 2 threads = 2
# Drop privielges and don't run as root. uid = www-data gid = www-data
plugins = python3
# Setup the django_q related worker processes. attach-daemon = python3 manage.py qcluster
# Setup hyperkitty's cron jobs. #unique-cron = -1 -1 -1 -1 -1 ./manage.py runjobs minutely #unique-cron = -15 -1 -1 -1 -1 ./manage.py runjobs quarter_hourly #unique-cron = 0 -1 -1 -1 -1 ./manage.py runjobs hourly #unique-cron = 0 0 -1 -1 -1 ./manage.py runjobs daily #unique-cron = 0 0 1 -1 -1 ./manage.py runjobs monthly #unique-cron = 0 0 -1 -1 0 ./manage.py runjobs weekly #unique-cron = 0 0 1 1 -1 ./manage.py runjobs yearly
# Setup the request log. #req-logger = file:/var/log/mailman3/web/mailman-web.log
# Log cron seperately. #logger = cron file:/var/log/mailman3/web/mailman-web-cron.log #log-route = cron uwsgi-cron
# Log qcluster commands seperately. #logger = qcluster file:/var/log/mailman3/web/mailman-web-qcluster.log #log-route = qcluster uwsgi-daemons
# Last log and it logs the rest of the stuff. #logger = file:/var/log/mailman3/web/mailman-web-error.log logto = /var/log/mailman3/web/mailman-web.log