[MM3-users] Mailman in EC2 / Docker -- working but HTTPS not serving static content

Hi again ... I got everything working thanks to Danil, Abhilash, and finally found a simple NGINX conf that worked, using WSGI. Cool.

Set up certificates using LetsEncrypt, used another conf to set up SSL, like the conf pasted below.

I edited nginx.conf so that it only takes server config from the nginx/conf.d/blahblah.conf below.

This works for HTTP, HTTPS works but it (apparently) is not serving static content. There are loads of how-tos to get this to work, but I've failed in all -- it seems to be the static path (I've not tried option using thttpd I've not tried as there is no easy install onto AQWS AMI and it seems like it's not specifically necessary.

I'm so close... so close...

server { listen 80 default_server; # listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm;

    server_name listman.iotcouncil.org.za;
    return 301 https://$server_name$request_uri;   #<< AUTO_REDIRECT HTTP TO HTTPS

# location / { # proxy_pass http://172.19.199.3:8000/; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Host $host; # proxy_set_header X-Forwarded-Server $host; # proxy_set_header X-Forwarded-Proto $scheme; # proxy_redirect off; # } # # location /static/ { # alias /var/spool/mailman-web/static/; # } # # location /robots.txt { # alias /var/spool/mailman-web/static/hyperkitty/robots.txt; # } # # location /favicon.ico { # alias /var/www/listorg/images/favicon.ico; # } # } server { listen 443 default_server; # listen [::]:443 default_server ipv6only=on;

    #root /usr/share/nginx/html;
    #index index.html index.htm;

    server_name listman.iotcouncil.org.za;

    ssl on;
    ssl_certificate /etc/letsencrypt/live/listman.iotcouncil.org.za/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/listman.iotcouncil.org.za/privkey.pem;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

    location / {
            proxy_pass http://172.19.199.3:8000/;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
    }

    location /static/ {
            alias /opt/mailman/web/static;
    }

    location /robots.txt {
            alias /var/spool/mailman-web/static/hyperkitty/robots.txt;
    }

    location /favicon.ico {
            alias /var/www/listorg/images/favicon.ico;
    }

}