What is the best practice creating lists triggered by a another / second system?

Dear MM-Users,
after reading a lot in the projects documentation of mailman3 I am not sure how to set up a "connection" between another system/server (running a self-service portal for our users) and the mailman3 server (venv-installation) for creating lists (giving a list owner's email address and a customized list style, given by name).
On our old mailman-2.1 instance I used an ssh-tunnel and triggered the newlist-command with appropriate parameters. This seems a little bit outdated to me - nowadays... ;-)
So I read about the rest api of mailman3 and thought, I might give it a go... On the other hand the rest api should not be exposed externally (localhost-only) as said here: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/A... Running an nginx reverse proxy (and a firewall for the complete subnet) I am able to give dedicated access to the api but nevertheless I have no good feeling going this way...
So my question is: What would be the best way to trigger creation of lists using a second system?
Thank you for any suggestions!
Chris

- On 6/6/25 15:00, Christian Schneider wrote:
So I read about the rest api of mailman3 and thought, I might give it a go... On the other hand the rest api should not be exposed externally (localhost-only) as said here: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/A... Running an nginx reverse proxy (and a firewall for the complete subnet) I am able to give dedicated access to the api but nevertheless I have no good feeling going this way...
So my question is: What would be the best way to trigger creation of lists using a second system?
Keep the service running on localhost only and use (local) port forwarding via SSH from a trusted machine to access it, I'd wager. You can use a special user that is not allowed to spawn a full shell or execute commands for this.
Mihai

On 6/6/25 06:00, Christian Schneider wrote:
On our old mailman-2.1 instance I used an ssh-tunnel and triggered the newlist-command with appropriate parameters. This seems a little bit outdated to me - nowadays... ;-)
Mahai has given a good response at
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
but I don't think there is anything wrong with using an ssh-tunnel to
execute a mailman create
command.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Christian Schneider
-
Mark Sapiro
-
Mihai Moldovan