opendev/system-config
Code Issues Proposed changes
system-config/playbooks/roles/mailman-site/templates/mailman_multihost.vhost.j2
Jeremy Stanley 3858a0bc23 Move edge-computing ML to opendev Mailman site 
The edge-computing discussion list is not OpenStack-specific. It was
originally included on the lists.openstack.org site when we didn't
yet have a more neutral list hosting location. While we're in the
process of moving other non-OpenStack mailing lists off the
lists.openstack.org site, rehome this one to lists.opendev.org by
setting up address forwarding and Web redirects, and moving the
existing mailman list entry for it in our configuration.

Note that this should be a no-op when it merges, as the list move
will be handled manually while deployment is temporarily disabled
for the server.

Change-Id: If5207f0237bee1571924855b769a22d653964af7
2021-12-21 19:28:22 +00:00

120 lines
4.5 KiB
Django/Jinja
Raw Blame History

<VirtualHost *:80>
ServerName {{ mailman_site.listdomain }}
ErrorLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-access.log combined
DocumentRoot /var/www
RewriteEngine on
# TODO(fungi): convert this vhost into a blanket redirect to HTTPS when ready
RewriteRule ^/$ /cgi-bin/mailman/listinfo [R]
RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(community|foundation|foundation-board|foundation-board-confidential|goldmembers|marketing|staff|summitsponsors)(/.*|$) %{REQUEST_SCHEME}://lists.openinfra.dev/$1/$2$3 [last,redirect=permanent]
RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(edge-computing)(/.*|$) %{REQUEST_SCHEME}://lists.opendev.org/$1/$2$3 [last,redirect=permanent]
# We can find mailman here:
ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/
# And the public archives:
Alias /pipermail/ /srv/mailman/{{ mailman_site.name }}/archives/public/
# Logos:
Alias /images/mailman/ /usr/share/images/mailman/
# Use this if you don't want the "cgi-bin" component in your URL:
# In case you want to access mailman through a shorter URL you should enable
# this:
#ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
# In this case you need to set the DEFAULT_URL_PATTERN in
# /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie
# authentication code to work. Note that you need to change the base
# URL for all the already-created lists as well.
<Directory /usr/lib/cgi-bin/mailman/>
AllowOverride None
Options ExecCGI
AddHandler cgi-script .cgi
SetEnv HOST {{ mailman_site.listdomain }}
Order allow,deny
Allow from all
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
<Directory /srv/mailman/{{ mailman_site.name }}/archives/public/>
Options FollowSymlinks
AllowOverride None
Order allow,deny
Allow from all
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
<Directory /usr/share/images/mailman/>
AllowOverride None
Order allow,deny
Allow from all
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName {{ mailman_site.listdomain }}
ServerAdmin webmaster@openstack.org
ErrorLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-ssl-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-ssl-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
# Note: this list should ensure ciphers that provide forward secrecy
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
SSLHonorCipherOrder on
SSLCertificateFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.cer
SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key
SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer
RewriteEngine on
RewriteRule ^/$ /cgi-bin/mailman/listinfo [R]
RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(community|foundation|foundation-board|foundation-board-confidential|goldmembers|marketing|staff|summitsponsors)(/.*|$) %{REQUEST_SCHEME}://lists.openinfra.dev/$1/$2$3 [last,redirect=permanent]
RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(edge-computing)(/.*|$) %{REQUEST_SCHEME}://lists.opendev.org/$1/$2$3 [last,redirect=permanent]
ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/
Alias /pipermail/ /srv/mailman/{{ mailman_site.name }}/archives/public/
Alias /images/mailman/ /usr/share/images/mailman/
<Directory /usr/lib/cgi-bin/mailman/>
AllowOverride None
Options ExecCGI
AddHandler cgi-script .cgi
SetEnv HOST {{ mailman_site.listdomain }}
Order allow,deny
Allow from all
Require all granted
</Directory>
<Directory /srv/mailman/{{ mailman_site.name }}/archives/public/>
Options FollowSymlinks
AllowOverride None
Order allow,deny
Allow from all
Require all granted
</Directory>
<Directory /usr/share/images/mailman/>
AllowOverride None
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
View Git Blame Copy Permalink