Mailman: Difference between revisions

(11 intermediate revisions by 6 users not shown)

Line 1:

[https://www.list.org/ Mailman] is free software for managing electronic mail discussion and e-newsletter lists. Mailman and its web interface can be configured using the corresponding NixOS module.

This article extends the documentation in [https://nixos.org/manual/nixos/stable/#module-services-mailman NixOS manual].

__TOC__

= Running Mailman on NixOS =

~~Requires at least NixOS 20.03; the <code>services.mailman</code> module in NixOS 19.09 is insufficient.~~

This example includes:

Line 26:

Line 28:

enable = true;

relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"];

sslCert = config.security.acme.certs.${MAILMAN_HOST}.directory + "/full.pem";

sslKey = config.security.acme.certs.${MAILMAN_HOST}.directory + "/key.pem";

config = {

transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];

Line 37:

Line 41:

webUser = config.services.uwsgi.user;

hyperkitty.enable = true;

# Have mailman talk directly to hyperkitty, bypassing nginx:

hyperkitty.baseUrl = "http://localhost:33141/hyperkitty/";

webHosts = [MAILMAN_HOST];

};

Line 65:

Line 71:

}; [ mailman-web ]

);

# uwsgi protocol socket for nginx

socket = "127.0.0.1:33140";

# http socket for mailman core to reach the hyperkitty API directly

http-socket = "127.0.0.1:33141";

wsgi-file = "${config.services.mailman.webRoot}/mailman_web/wsgi.py";

chdir = "/var/lib/mailman-web";

Line 79:

Line 88:

services.nginx = {

enable = true;

recommendedGzipSettings = true;

recommendedProxySettings = true;

recommendedTlsSettings = true;

virtualHosts.${MAILMAN_HOST} = {

enableACME = true;

forceSSL = true;

locations."/static/".alias = "/var/lib/mailman-web/static/";

# If you're coming from Mailman 2, you might want these redirects:

# locations."~ ^/(?:pipermail|private)/([a-z-]+)/".return = "303 https://${MAILMAN_HOST}/hyperkitty/list/$1.${MAILMAN_HOST}/";

# locations."~ ^/(?:listadmin)/([a-z-]+)".return = "303 https://${MAILMAN_HOST}/postorius/lists/$1.${MAILMAN_HOST}/settings/";

# locations."~ ^/(?:listinfo|options)/([a-z-]+)".return = "303 https://${MAILMAN_HOST}/postorius/lists/$1.${MAILMAN_HOST}/";

# locations."/create".return = "301 https://${MAILMAN_HOST}/postorius/lists/new";

locations."/".extraConfig = ''

uwsgi_pass 127.0.0.1:33140;

Line 91:

Line 107:

};

networking.firewall.allowedTCPPorts = [ 80 443 ];

networking.firewall.allowedTCPPorts = [ 25 80 443 ];

}

</syntaxhighlight>

Line 127:

Line 143:

=== Social logins ===

Mailman 3 uses [https://~~django-~~allauth.~~readthedocs.io~~/ django-allauth] to allow logins via many external auth providers, such as GitHub and Google. To enable these we need to update our Django settings and add some per-provider specifics in the admin UI.

Mailman 3 uses [https://docs.allauth.org/en/latest/ django-allauth] to allow logins via many external auth providers, such as GitHub and Google. To enable these we need to update our Django settings and add some per-provider specifics in the admin UI.

In this example we're just adding GitHub, but there are [https://~~django-~~allauth.~~readthedocs.io~~/en/latest/providers~~.html~~ lots of other providers] available.

In this example we're just adding GitHub, but there are [https://docs.allauth.org/en/latest/socialaccount/providers/ lots of other providers] available.

* Add to your <code>configuration.nix</code> and run <code>nixos-rebuild switch</code>:

Line 149:

Line 165:

Now you should be able to login to your mailman site with GitHub, and see your account's connections at <code>https://<your_mailman_hostname>/accounts/social/connections/</code>

[[Category:Mail Server]]

[[Category:Server]]

[[Category:Web Applications]]

[[Category:Django]]

[[Category:NixOS Manual]]

@@ Line 1: / Line 1: @@
+[https://www.list.org/ Mailman] is free software for managing electronic mail discussion and e-newsletter lists. Mailman and its web interface can be configured using the corresponding NixOS module.
+This article extends the documentation in [https://nixos.org/manual/nixos/stable/#module-services-mailman NixOS manual].
 __TOC__
 = Running Mailman on NixOS =
-Requires at least NixOS 20.03; the <code>services.mailman</code> module in NixOS 19.09 is insufficient.
 This example includes:
@@ Line 26: / Line 28: @@
      enable = true;
      relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"];
+    sslCert = config.security.acme.certs.${MAILMAN_HOST}.directory + "/full.pem";
+    sslKey = config.security.acme.certs.${MAILMAN_HOST}.directory + "/key.pem";
      config = {
        transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];
@@ Line 37: / Line 41: @@
      webUser = config.services.uwsgi.user;
      hyperkitty.enable = true;
+    # Have mailman talk directly to hyperkitty, bypassing nginx:
+    hyperkitty.baseUrl = "http://localhost:33141/hyperkitty/";
      webHosts = [MAILMAN_HOST];
    };
@@ Line 65: / Line 71: @@
          }; [ mailman-web ]
        );
+      # uwsgi protocol socket for nginx
        socket = "127.0.0.1:33140";
+      # http socket for mailman core to reach the hyperkitty API directly
+      http-socket = "127.0.0.1:33141";
        wsgi-file = "${config.services.mailman.webRoot}/mailman_web/wsgi.py";
        chdir = "/var/lib/mailman-web";
@@ Line 79: / Line 88: @@
    services.nginx = {
      enable = true;
+    recommendedGzipSettings = true;
      recommendedProxySettings = true;
+    recommendedTlsSettings = true;
      virtualHosts.${MAILMAN_HOST} = {
        enableACME = true;
        forceSSL = true;
        locations."/static/".alias = "/var/lib/mailman-web/static/";
+      # If you're coming from Mailman 2, you might want these redirects:
+      # locations."~ ^/(?:pipermail|private)/([a-z-]+)/".return = "303 https://${MAILMAN_HOST}/hyperkitty/list/$1.${MAILMAN_HOST}/";
+      # locations."~ ^/(?:listadmin)/([a-z-]+)".return = "303 https://${MAILMAN_HOST}/postorius/lists/$1.${MAILMAN_HOST}/settings/";
+      # locations."~ ^/(?:listinfo|options)/([a-z-]+)".return = "303 https://${MAILMAN_HOST}/postorius/lists/$1.${MAILMAN_HOST}/";
+      # locations."/create".return = "301 https://${MAILMAN_HOST}/postorius/lists/new";
        locations."/".extraConfig = ''
          uwsgi_pass 127.0.0.1:33140;
@@ Line 91: / Line 107: @@
    };
-   networking.firewall.allowedTCPPorts = [ 80 443 ];
+   networking.firewall.allowedTCPPorts = [ 25 80 443 ];
 }
 </syntaxhighlight>
@@ Line 127: / Line 143: @@
 === Social logins ===
-Mailman 3 uses [https://django-allauth.readthedocs.io/ django-allauth] to allow logins via many external auth providers, such as GitHub and Google.  To enable these we need to update our Django settings and add some per-provider specifics in the admin UI.
+Mailman 3 uses [https://docs.allauth.org/en/latest/ django-allauth] to allow logins via many external auth providers, such as GitHub and Google.  To enable these we need to update our Django settings and add some per-provider specifics in the admin UI.
-In this example we're just adding GitHub, but there are [https://django-allauth.readthedocs.io/en/latest/providers.html lots of other providers] available.
+In this example we're just adding GitHub, but there are [https://docs.allauth.org/en/latest/socialaccount/providers/ lots of other providers] available.
 * Add to your <code>configuration.nix</code> and run <code>nixos-rebuild switch</code>:
@@ Line 149: / Line 165: @@
 Now you should be able to login to your mailman site with GitHub, and see your account's connections at <code>https://<your_mailman_hostname>/accounts/social/connections/</code>
+[[Category:Mail Server]]
+[[Category:Server]]
+[[Category:Web Applications]]
+[[Category:Django]]
+[[Category:NixOS Manual]]