ServerName {{ mailman_site.listdomain }} ErrorLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-access.log combined DocumentRoot /var/www RewriteEngine on # TODO(fungi): convert this vhost into a blanket redirect to HTTPS when ready RewriteRule ^/$ /cgi-bin/mailman/listinfo [R] # We can find mailman here: ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/ # And the public archives: Alias /pipermail/ /srv/mailman/{{ mailman_site.name }}/archives/public/ # Logos: Alias /images/mailman/ /usr/share/images/mailman/ # Use this if you don't want the "cgi-bin" component in your URL: # In case you want to access mailman through a shorter URL you should enable # this: #ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/ # In this case you need to set the DEFAULT_URL_PATTERN in # /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie # authentication code to work. Note that you need to change the base # URL for all the already-created lists as well. AllowOverride None Options ExecCGI AddHandler cgi-script .cgi SetEnv HOST {{ mailman_site.listdomain }} Order allow,deny Allow from all = 2.4> Require all granted Options FollowSymlinks AllowOverride None Order allow,deny Allow from all = 2.4> Require all granted AllowOverride None Order allow,deny Allow from all = 2.4> Require all granted ServerName {{ mailman_site.listdomain }} ServerAdmin webmaster@openstack.org ErrorLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-ssl-error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-ssl-access.log combined SSLEngine on SSLProtocol All -SSLv2 -SSLv3 # Note: this list should ensure ciphers that provide forward secrecy SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP SSLHonorCipherOrder on SSLCertificateFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.cer SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer RewriteEngine on RewriteRule ^/$ /cgi-bin/mailman/listinfo [R] ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/ Alias /pipermail/ /srv/mailman/{{ mailman_site.name }}/archives/public/ Alias /images/mailman/ /usr/share/images/mailman/ AllowOverride None Options ExecCGI AddHandler cgi-script .cgi SetEnv HOST {{ mailman_site.listdomain }} Order allow,deny Allow from all Require all granted Options FollowSymlinks AllowOverride None Order allow,deny Allow from all Require all granted AllowOverride None Order allow,deny Allow from all Require all granted