On Jul 11, 2017, at 05:50 PM, Erin Test wrote:
All of that being said I'm missing something in getting my basic setup finalized. I have a web server (Apache) running and have installed mailman core. When I try to access the REST API I get some variation of connection refused depending on what I'm using (python command line, curl, etc). I'm feeling like apache doesn't know where to point port 8001, and I don't know what to tell it.
To supplement what Mark said, there are a few things to keep in mind with the REST API. First, you really don't need to put Apache in front of it, as Mailman Core already provides an HTTP server for the REST API [*].
Second, you definitely do *not* want to expose the REST API on the public internet. It's an administrative API so it has full access to you list server. It only provides very basic authentication and no user based authorization, so any process with the basic auth keys can do anything.
We have a *very* nascent project called Lemme which is geared toward a public facing authenticating REST proxy. While we have ideas for how it would work, we haven't had many resources available to work on it. Contributions of course would be greatly welcomed!
https://gitlab.com/mailman/lemme/blob/master/README.rst
Cheers, -Barry
[*] By default we use the stdlib simple wsgi server, which is convenient but makes no claims of being very performant. Hopefully for 3.2 I will switch to aiohttp, uvloop, or some other better performing substrate.