ServerName {{ mailman_listdomain }} ErrorLog ${APACHE_LOG_DIR}/{{ mailman_listdomain }}-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/{{ mailman_listdomain }}-access.log combined DocumentRoot /var/www RewriteEngine on # TODO(fungi): convert this vhost into a blanket redirect to HTTPS when ready RewriteRule ^/$ /cgi-bin/mailman/listinfo [R] # We can find mailman here: ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/ # And the public archives: Alias /pipermail/ /var/lib/mailman/archives/public/ # Logos: Alias /images/mailman/ /usr/share/images/mailman/ # Use this if you don't want the "cgi-bin" component in your URL: # In case you want to access mailman through a shorter URL you should enable # this: #ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/ # In this case you need to set the DEFAULT_URL_PATTERN in # /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie # authentication code to work. Note that you need to change the base # URL for all the already-created lists as well. AllowOverride None Options ExecCGI AddHandler cgi-script .cgi Order allow,deny Allow from all = 2.4> Require all granted Options FollowSymlinks AllowOverride None Order allow,deny Allow from all = 2.4> Require all granted AllowOverride None Order allow,deny Allow from all = 2.4> Require all granted ServerName {{ mailman_listdomain }} ServerAdmin webmaster@openstack.org ErrorLog ${APACHE_LOG_DIR}/{{ mailman_listdomain }}-ssl-error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/{{ mailman_listdomain }}-ssl-access.log combined SSLEngine on SSLProtocol All -SSLv2 -SSLv3 # Note: this list should ensure ciphers that provide forward secrecy SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP SSLHonorCipherOrder on SSLCertificateFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.cer SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer RewriteEngine on RewriteRule ^/$ /cgi-bin/mailman/listinfo [R] ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/ Alias /pipermail/ /var/lib/mailman/archives/public/ Alias /images/mailman/ /usr/share/images/mailman/ AllowOverride None Options ExecCGI AddHandler cgi-script .cgi Order allow,deny Allow from all Require all granted Options FollowSymlinks AllowOverride None Order allow,deny Allow from all Require all granted AllowOverride None Order allow,deny Allow from all Require all granted