FreeBSD 12.0-RELEASE-p1, mailman-2.1.29_5, postfix-3.3.2_1,1, nginx-1.14.2_3,2
Greetings. Could use help understanding two issues after migrating from Apache to nginx:
- All Mailman web pages load as expect except links from the admindb page (for pending moderator request), which redirect to localhost.
For example, for the admindb page for the list networktest-announce on the host lists.networktest.com, the link for "Click here to reload this page" goes here:
https://localhost/mailman/admindb/networktest-announce
Similar localhost links appear in admin emails about pending moderator requests.
I've pasted below snippets from mm_cfg.py and the Nginx config -- please let me know if you need other info.
I suspect the issue may be a lack of an Nginx location for admindb, but I'm not sure how to address that.
- Also on the admindb page, clicking the submit button to tend to pending requests triggers a warning in Firefox that the info is about to be submitted insecurely, even though the admindb URL begins with https:// - how to fix this?
Thanks in advance for troubleshooting clues on both points.
dn
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/' PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' PRIVATE_ARCHIVE_URL = '/mailman/private'
# Clear the Defaults.py VIRTUAL_HOSTS entry # VIRTUAL_HOSTS.clear()
# other vhosts omitted from following line POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'lists.networktest.com' ]
# other vhosts omitted after following line add_virtualhost('lists.networktest.com','lists.networktest.com')
DEB_LISTMASTER = 'postmaster@networktest.com'
ALLOW_FROM_IS_LIST = Yes
lists.networktest.com.conf in Nginx:
root@mail8:/usr/local/etc/nginx/vhosts # cat lists.networktest.com.conf
server { listen 80; server_name lists.networktest.com;
# Lets encrypt
location ^~ /.well-known/acme-challenge/ {
alias /usr/local/www/.well-known/acme-challenge/;
}
# Redirect other HTTP connections to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
access_log /var/log/lists.networktest.com.access.log;
error_log /var/log/lists.networktest.com.error.log;}
server {
listen 443;
server_name lists.networktest.com;
access_log /var/log/lists.networktest.com.access.log;
error_log /var/log/lists.networktest.com.error.log;
ssl on;
ssl_certificate /etc/ssl/certs/lists.networktest.com.pem;
ssl_certificate_key /etc/ssl/priv/lists.networktest.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /usr/local/mailman/cgi-bin;
location = / {
rewrite ^ /mailman/listinfo permanent;
}
location / {
rewrite ^ /mailman$uri;
}
location ~ ^/mailman(/[^/]*)(/.*)?$ {
fastcgi_split_path_info (^/mailman/[^/]*)(.*)$;
include fastcgi_params;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$2;
fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock;
}
location /images/mailman {
alias /usr/local/mailman/icons;
}
location /icons {
alias /usr/local/mailman/icons;
}
location /pipermail {
alias /usr/local/mailman/archives/public;
autoindex on;
}}
On 1/3/19 2:18 PM, David Newman wrote:
FreeBSD 12.0-RELEASE-p1, mailman-2.1.29_5, postfix-3.3.2_1,1, nginx-1.14.2_3,2
Greetings. Could use help understanding two issues after migrating from Apache to nginx:
- All Mailman web pages load as expect except links from the admindb page (for pending moderator request), which redirect to localhost. ...
- Also on the admindb page, clicking the submit button to tend to pending requests triggers a warning in Firefox that the info is about to be submitted insecurely, even though the admindb URL begins with https:// - how to fix this?
I'm only answering the second issue here because it may also answer the first. The issue here is the action= URL in the form tag has an http (not https) scheme.
But, you have
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/'
This indicates you need to run fix_url to update existing lists with this information. See <https://wiki.list.org/x/4030616>.
If this doesn't fix the first issue too, let us know and we'll look further.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 1/4/19 12:19 PM, Mark Sapiro wrote:
On 1/3/19 2:18 PM, David Newman wrote:
FreeBSD 12.0-RELEASE-p1, mailman-2.1.29_5, postfix-3.3.2_1,1, nginx-1.14.2_3,2
Greetings. Could use help understanding two issues after migrating from Apache to nginx:
- All Mailman web pages load as expect except links from the admindb page (for pending moderator request), which redirect to localhost. ...
- Also on the admindb page, clicking the submit button to tend to pending requests triggers a warning in Firefox that the info is about to be submitted insecurely, even though the admindb URL begins with https:// - how to fix this?
I'm only answering the second issue here because it may also answer the first. The issue here is the action= URL in the form tag has an http (not https) scheme.
But, you have
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/'
This indicates you need to run fix_url to update existing lists with this information. See <https://wiki.list.org/x/4030616>.
If this doesn't fix the first issue too, let us know and we'll look further.
Actually, the localhost issue began _after_ I ran "bin/withlist -l -a -r fix_url" from the /usr/local/mailman directory and restarted the Mailman service.
Thanks in advance for further clues on getting both issues sorted out.
dn
On 1/4/19 4:40 PM, David Newman wrote:
Actually, the localhost issue began _after_ I ran "bin/withlist -l -a -r fix_url" from the /usr/local/mailman directory and restarted the Mailman service.
In your OP you said
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/' PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' PRIVATE_ARCHIVE_URL = '/mailman/private'
# Clear the Defaults.py VIRTUAL_HOSTS entry # VIRTUAL_HOSTS.clear()
# other vhosts omitted from following line POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'lists.networktest.com' ]
# other vhosts omitted after following line add_virtualhost('lists.networktest.com','lists.networktest.com')
DEB_LISTMASTER = 'postmaster at networktest.com'
ALLOW_FROM_IS_LIST = Yes
Absent from this is
DEFAULT_URL_HOST = 'lists.networktest.com' DEFAULT_EMAIL_HOST = 'lists.networktest.com'
If those are set to 'localhost' in Defaults.py, that could explain some of this.
However, you also have comments about "other vhosts omitted". If you actually have multiple vhosts, you can't run
bin/withlist -l -a -r fix_url
because that will set every list to whatever DEFAULT_URL_HOST is. You need to run
bin/withlist -l -r fix_url LISTNAME --urlhost=HOST_FOR_THAT_LIST
for each list.
What do you get from
for list in bin/list_lists --bare; do
echo $list
bin/dumpdb lists/$list/config.pck|grep \'web_page_url\'
done
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 1/4/19 5:10 PM, Mark Sapiro wrote:
On 1/4/19 4:40 PM, David Newman wrote:
Actually, the localhost issue began _after_ I ran "bin/withlist -l -a -r fix_url" from the /usr/local/mailman directory and restarted the Mailman service.
In your OP you said
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/' PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' PRIVATE_ARCHIVE_URL = '/mailman/private'
# Clear the Defaults.py VIRTUAL_HOSTS entry # VIRTUAL_HOSTS.clear()
# other vhosts omitted from following line POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'lists.networktest.com' ]
# other vhosts omitted after following line add_virtualhost('lists.networktest.com','lists.networktest.com')
DEB_LISTMASTER = 'postmaster at networktest.com'
ALLOW_FROM_IS_LIST = Yes
Absent from this is
DEFAULT_URL_HOST = 'lists.networktest.com' DEFAULT_EMAIL_HOST = 'lists.networktest.com'
If those are set to 'localhost' in Defaults.py, that could explain some of this.
However, you also have comments about "other vhosts omitted". If you actually have multiple vhosts, you can't run
bin/withlist -l -a -r fix_url
because that will set every list to whatever DEFAULT_URL_HOST is. You need to run
bin/withlist -l -r fix_url LISTNAME --urlhost=HOST_FOR_THAT_LIST
Yup. Sorry I missed this.
dn
for each list.
What do you get from
for list in
bin/list_lists --bare; do echo $list bin/dumpdb lists/$list/config.pck|grep \'web_page_url\' done
On 1/4/19 4:40 PM, David Newman wrote:
On 1/4/19 12:19 PM, Mark Sapiro wrote:
On 1/3/19 2:18 PM, David Newman wrote:
FreeBSD 12.0-RELEASE-p1, mailman-2.1.29_5, postfix-3.3.2_1,1, nginx-1.14.2_3,2
Greetings. Could use help understanding two issues after migrating from Apache to nginx:
- All Mailman web pages load as expect except links from the admindb page (for pending moderator request), which redirect to localhost. ...
- Also on the admindb page, clicking the submit button to tend to pending requests triggers a warning in Firefox that the info is about to be submitted insecurely, even though the admindb URL begins with https:// - how to fix this?
I'm only answering the second issue here because it may also answer the first. The issue here is the action= URL in the form tag has an http (not https) scheme.
But, you have
mm_cfg.py mods:
################################################## # Put YOUR site-specific settings below this line. MTA = 'Postfix' DEFAULT_URL_PATTERN = 'https://%s/mailman/'
This indicates you need to run fix_url to update existing lists with this information. See <https://wiki.list.org/x/4030616>.
If this doesn't fix the first issue too, let us know and we'll look further.
Actually, the localhost issue began _after_ I ran "bin/withlist -l -a -r fix_url" from the /usr/local/mailman directory and restarted the Mailman service.
Answering my own question: That command as written was a really bad idea.
There are multiple virtual hosts on this server, and no lists defined on the server's canonical hostname. Running fix_url without calling out each virtual host resulted in 'localhost' instead.
When I reran the command multiple times with the -u switch like this:
bin/withlist -l -r fix_url listname -u lists.vhost1.com bin/withlist -l -r fix_url listname -u lists.vhost2.com ... bin/withlist -l -r fix_url listname -u lists.vhostN.com
and restarted mailman, all was good with the world once again.
Moral: If you have virtual hosts, run fix_url multiple times and use the -u switch multiple times, once for each list and each virtual host.
Sorry for the waste of bandwidth.
dn
Thanks in advance for further clues on getting both issues sorted out.
dn
Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/dnewman%40networktest....
participants (2)
-
David Newman -
Mark Sapiro