FreeBSD 12.0-RELEASE-p1, mailman-2.1.29_5, postfix-3.3.2_1,1, nginx-1.14.2_3,2
Greetings. Could use help understanding two issues after migrating from Apache to nginx:
- All Mailman web pages load as expect except links from the admindb page (for pending moderator request), which redirect to localhost.
For example, for the admindb page for the list networktest-announce on the host lists.networktest.com, the link for "Click here to reload this page" goes here:
https://localhost/mailman/admindb/networktest-announce
Similar localhost links appear in admin emails about pending moderator requests.
I've pasted below snippets from mm_cfg.py and the Nginx config -- please let me know if you need other info.
I suspect the issue may be a lack of an Nginx location for admindb, but I'm not sure how to address that.
- Also on the admindb page, clicking the submit button to tend to pending requests triggers a warning in Firefox that the info is about to be submitted insecurely, even though the admindb URL begins with https:// - how to fix this?
Thanks in advance for troubleshooting clues on both points.
dn
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/' PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' PRIVATE_ARCHIVE_URL = '/mailman/private'
# Clear the Defaults.py VIRTUAL_HOSTS entry # VIRTUAL_HOSTS.clear()
# other vhosts omitted from following line POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'lists.networktest.com' ]
# other vhosts omitted after following line add_virtualhost('lists.networktest.com','lists.networktest.com')
DEB_LISTMASTER = 'postmaster@networktest.com'
ALLOW_FROM_IS_LIST = Yes
lists.networktest.com.conf in Nginx:
root@mail8:/usr/local/etc/nginx/vhosts # cat lists.networktest.com.conf
server { listen 80; server_name lists.networktest.com;
# Lets encrypt
location ^~ /.well-known/acme-challenge/ {
alias /usr/local/www/.well-known/acme-challenge/;
}
# Redirect other HTTP connections to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
access_log /var/log/lists.networktest.com.access.log;
error_log /var/log/lists.networktest.com.error.log;}
server {
listen 443;
server_name lists.networktest.com;
access_log /var/log/lists.networktest.com.access.log;
error_log /var/log/lists.networktest.com.error.log;
ssl on;
ssl_certificate /etc/ssl/certs/lists.networktest.com.pem;
ssl_certificate_key /etc/ssl/priv/lists.networktest.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /usr/local/mailman/cgi-bin;
location = / {
rewrite ^ /mailman/listinfo permanent;
}
location / {
rewrite ^ /mailman$uri;
}
location ~ ^/mailman(/[^/]*)(/.*)?$ {
fastcgi_split_path_info (^/mailman/[^/]*)(.*)$;
include fastcgi_params;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$2;
fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock;
}
location /images/mailman {
alias /usr/local/mailman/icons;
}
location /icons {
alias /usr/local/mailman/icons;
}
location /pipermail {
alias /usr/local/mailman/archives/public;
autoindex on;
}}