April 1, 2025
12:17 p.m.
Hello to all:
I believe that the community should consider mailman3 with ssl a "standard configuration". Feels like most admins would like Let's Encrypt certs and ssl secured access.
Thank you very much. Thread is closed. You can see in a previous post that I had an error in my /etc/apache2/sites-available/systemdatabase.ca-le-ssl.conf
I think the "standard config" is supposed to avoid unix sockets. But I had something about sockets that has since been removed. You are all superheroes.
<IfModule mod_ssl.c> <VirtualHost *:80> ServerName systemdatabase.ca
Redirect permanent / https://systemdatabase.ca/
DocumentRoot /var/www/html/systemdatabase.ca/
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
ServerAdmin pjbondi@systemdatabase.com
ServerName systemdatabase.ca
ServerAlias www.systemdatabase.ca
DocumentRoot /var/www/html/systemdatabase.ca/
ErrorLog ${APACHE_LOG_DIR}/systemdatabase.ca_error.log
CustomLog ${APACHE_LOG_DIR}/systemdatabase.ca_access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/systemdatabase.ca-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/systemdatabase.ca-0001/privkey.pem
Alias /static/ /opt/mailman/web/static/
<Directory "/opt/mailman/web/static/">
Require all granted
</Directory>
<IfModule mod_headers.c>
RequestHeader unset X-Forwarded-Proto
<If "%{HTTPS} =~ /on/">
RequestHeader set X-Forwarded-Proto "https"
</If>
</IfModule>
<IfModule mod_proxy.c>
ProxyPreserveHost On
ProxyPass "/postorius" "http://127.0.0.1:8000/postorius"
ProxyPass "/hyperkitty" "http://127.0.0.1:8000/hyperkitty"
ProxyPass "/accounts" "http://127.0.0.1:8000/accounts"
ProxyPass "/admin" "http://127.0.0.1:8000/admin"
ProxyPass "/user-profile" "http://127.0.0.1:8000/user-profile"
ProxyPass "/mailman3" "http://127.0.0.1:8000/mailman3"
ProxyPass "/archives" "http://127.0.0.1:8000/archives"
ProxyPassMatch "^/$" "http://127.0.0.1:8000/mailman3"
</IfModule>
</VirtualHost></IfModule>