[Mailman-Users] Domain problem in post action on admindb formsfor multi-domain mailman

[Mark Sapiro]

Martin N Brampton wrote:
>
>The simplest and immediately effective (I've done it!) solution is the 
>hack to admindb.py.


I'm glad that's working for you. I'm not sure why this is an absolute
URL in the Mailman base. There are many things in Mailman that have
"always been that way", and since I don't know all the history, I
don't always know if they are just anachronisms or if their purpose is
still relevant.


>I also like the subdomain scheme (to avoid hacking mailman), except I 
>don't know how to implement it in mailman.  Would the "lists" be added 
>to the basic domain name by:
>
>DEFAULT_URL_PATTERN = 'http://lists.%s/'


No. What you need to do is make sure there is an entry like

addvirtualhost('lists.domain.tld', 'domain.tld')

for each domain.tld. There should already be one perhaps like

addvirtualhost('domain.tld', 'domain.tld') anyway. If there is, just
add 'lists.' to the first argument. If there isn't one, there should
have been so add it now.

Then you need to run

bin/withlist -l -r fix_url LISTNAME -u lists.domain.tld

where domain.tld is the domain of the list. You could create a simple
shell script to do this for all lists.



>and would that work across all the uses of URLs?  Would it be necessary 
>to knock off the "lists" in the primary domain of lists.example.com by:
>
>DEFAULT_URL_HOST   = 'example.com'
>
>so as to counteract the "lists" being added by DEFAULT_URL_PATTERN?  Or 
>would that have other ramifications?


No. If you add the 'lists.' to the hostnames in add_virtualhost, you
don't have to worry about the lists in the Mailman server's domain.
Presumably they are already accounted for with the existing
DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST and
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) and wouldn't
change.



>But I fear a problem then arises at my mailman server, because there is 
>a further redirect to the SSL version of the site (because I don't like 
>passwords being sent as plain text for anything that matters), and there 
>are liable to be problems with the SSL certificate if a variety of 
>domains are pointed into an SSL site.


Well part of this is handled by setting the scheme in
DEFAULT_URL_PATTERN to https, but the certificate issue is probably
going to be a deal breaker.


>So maybe I should reconsider reverse proxying!


Quite possibly so. That's beyond my area of expertise so others will
have to advise on that.

See the FAQs at <http://wiki.list.org/x/mIA9>,
<http://wiki.list.org/x/lYA9> and perhaps others for more detail on
add_virtualhost and fix_url.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan