I'm trying to move my mailman3 web interface from example.com/mailman3 to just lists.example.com like this site. I am not having luck with the apache configuration. I've tried below but I just get a 403:
<VirtualHost *:80>
ServerAdmin admin@example.com
ServerName lists.example.com
ServerAlias www.lists.example.com
<Directory "/var/lib/mailman3/web/static">
Require all granted
</Directory>
<IfModule mod_proxy_uwsgi.c>
ProxyPass /favicon.ico !
ProxyPass /static !
ProxyPass / unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost
</IfModule></VirtualHost>
Alias /favicon.ico /var/lib/mailman3/web/static/postorius/img/favicon.ico Alias /static /var/lib/mailman3/web/static
Mail Person writes:
I'm trying to move my mailman3 web interface from example.com/mailman3 to just lists.example.com like this site. I am not having luck with the apache configuration. I've tried below but I just get a 403:
Apache typically runs as www-data or some such user, while Mailman resources are typically owned by mailman, lists, or list (depending on distribution and administrator whim). Does the webserver have the appropriate permissions to access /var/lib/mailman3/web/static? Perhaps when uwsgi forks it changes effective uid, in which case it needs to have access.
Mark may have better ideas.
<VirtualHost *:80>
ServerAdmin admin@example.com ServerName lists.example.com ServerAlias www.lists.example.com
<Directory "/var/lib/mailman3/web/static"> Require all granted </Directory>
<IfModule mod_proxy_uwsgi.c> ProxyPass /favicon.ico ! ProxyPass /static ! ProxyPass / unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost </IfModule>
</VirtualHost>
Alias /favicon.ico /var/lib/mailman3/web/static/postorius/img/favicon.ico Alias /static /var/lib/mailman3/web/static
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
I don't think it's a permission issue since I can get the web interface to work on example.com/mailman3 - it's just I can't get it over to the subdomain. I think it's an Apache configuration thing, I'm just not great with Apache configs enough to know.
On 7/25/22 11:32, Mail Person wrote:
I'm trying to move my mailman3 web interface from example.com/mailman3 to just lists.example.com like this site. I am not having luck with the apache configuration. I've tried below but I just get a 403:
What's in your apache error.log and your Django log?
Do you have your subdomain listed in ALLOWED_HOSTS in your Django settings?
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
The Apache Error Log says:
authz_core:error] [pid 90530] [client 50.200.240.158:50063] AH01630: client denied by server configuration: /var/lib/mailman3/web/static/index.php
So seems to be a permissions issue, but www-data owns that folder and subdirectories.
For the django settings (mailman-web.py) it is set to allow all hosts:
ALLOWED_HOSTS = [ #"localhost", # Archiving API from Mailman, keep it. # "lists.your-domain.org", # Add here all production URLs you may have. '*' ]
No errors in the mailma3-web.log
On a whim I tried to load the SSL certificates for lists.example.com to see if maybe it was causing the issue. Now when navigating to lists.example.com we got a ProxyError:
Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request
Reason: DNS lookup failure for: localhostpostorius
On 7/26/22 10:47, Mail Person wrote:
The Apache Error Log says:
authz_core:error] [pid 90530] [client 50.200.240.158:50063] AH01630: client denied by server configuration: /var/lib/mailman3/web/static/index.php
Interesting. You have
<Directory "/var/lib/mailman3/web/static">
Require all granted
</Directory>
I do note that your
Alias /static /var/lib/mailman3/web/static
is outside the VirtualHost definition. You might try moving it inside. I don't know if that will help, but it may.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Ok, progress with tinkering some. Using the below configuration I can manually navigate to lists.example.com/mailman3/postorius/lists/ and all is working fine. If I go to lists.example.com/mailman3 it for some reason redirects to lists.example.com/mailman/postorius/lists/ which generates a 404. Going to lists.example.com also hits a 404.
So closer, but not perfect. Any ideas?
The current, sort of working config:
<VirtualHost *:80>
ServerAdmin admin@example.com ServerName lists.example.com ServerAlias www.lists.example.com Alias /mailman3/favicon.ico /var/lib/mailman3/web/static/postorius/img/favicon.ico Alias /mailman3/static /var/lib/mailman3/web/static
<Directory "/var/lib/mailman3/web/static"> Require all granted
</Directory>
<IfModule mod_proxy_uwsgi.c> ProxyPass /mailman3/favicon.ico ! ProxyPass /mailman3/static ! ProxyPass /mailman3 unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost </IfModule>
RewriteEngine on RewriteCond %{SERVER_NAME} =lists.example.com [OR] RewriteCond %{SERVER_NAME} =www.lists.example.com RewriteRule ^ https://%%7BSERVER_NAME%7D%%7BREQUEST_URI%7D [END,NE,R=permanent]
</VirtualHost>
On 7/26/22 14:20, Mail Person wrote:
Ok, progress with tinkering some. Using the below configuration I can manually navigate to lists.example.com/mailman3/postorius/lists/ and all is working fine. If I go to lists.example.com/mailman3 it for some reason redirects to lists.example.com/mailman/postorius/lists/ which generates a 404.
This is a uWSGI issue.
ProxyPass /mailman3 unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost
Others have found that changing this to
ProxyPass /mailman3/ unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost/
fixes it. Note the added slashes after mailman3 and localhost. See
this thread
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/U...
Going to lists.example.com also hits a 404.
Here
RewriteEngine on RewriteCond %{SERVER_NAME} =lists.example.com [OR] RewriteCond %{SERVER_NAME} =www.lists.example.com RewriteRule ^ https://%%7BSERVER_NAME%7D%%7BREQUEST_URI%7D [END,NE,R=permanent]
You're redirecting http to https, but have you defined a VirtualHost for port 443? Just copy your <VirtualHost *:80> block to a <VirtualHost *:443> block.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
So adding the slashes did not fix, but I did get a workaround to work from the other thread:
ProxyPass /mailman3 unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost ProxyPass /mailman unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost
Now makes it so that lists.example.com/mailman3 works sort of correctly. Weirdly enough, however, it redirects to lists.example.com/mailman/postorius/lists/ rather than */mailman3/*
AND, if you go to lists.example.com/mailman it errors out with a 404 but redirects to
lists.example.com/mailma
So somehow a letter is getting deleted for some reason.
On 7/26/22 15:29, Mail Person wrote:
So adding the slashes did not fix, but I did get a workaround to work from the other thread:
ProxyPass /mailman3 unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost ProxyPass /mailman unix:/run/mailman3-web/uwsgi.sock|uwsgi://localhost
Now makes it so that lists.example.com/mailman3 works sort of correctly. Weirdly enough, however, it redirects to lists.example.com/mailman/postorius/lists/ rather than */mailman3/*
AND, if you go to lists.example.com/mailman it errors out with a 404 but redirects to
lists.example.com/mailma
So somehow a letter is getting deleted for some reason.
This is a known issue with some versions of uWSGI. The only information I have is in the thread at https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/U...
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Mail Person -
Mark Sapiro -
Stephen J. Turnbull