Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-19.09] port new Mailman & Postorius & Hyperkitty NixOS module from master #68500

Merged
merged 7 commits into from Sep 14, 2019
Merged

[release-19.09] port new Mailman & Postorius & Hyperkitty NixOS module from master #68500

merged 7 commits into from Sep 14, 2019

Conversation

peti
Copy link
Member

@peti peti commented Sep 11, 2019
edited

Merged to master in #67951.

A simple Apache configuration for running Postorious and Hyperkitty looks as follows:

httpd = let webRoot = config.services.mailman.webRoot; in {
  enable = true;
  adminAddr = "postmaster@example.org";
  hostName = "lists.example.org";
  logPerVirtualHost = true;
  extraModules = [ { name = "wsgi"; path = "${pkgs.apacheHttpdPackages.mod_wsgi3}/modules/mod_wsgi.so"; } ];
  extraConfig = ''                                                                                                                                                                                                  
    WSGISocketPrefix /run/httpd/wsgi                                                                                                                                                                                
    WSGIDaemonProcess mailman threads=25 home=/var/lib/mailman-web python-path=${webRoot}:${
      lib.makeSearchPath pkgs.python3.sitePackages
        pkgs.python3Packages.mailman-web.requiredPythonModules
    }                                                                       
  '';
  virtualHosts = [
    { hostName = "lists.example.org";
      documentRoot = config.security.acme.certs."lists.example.org".webroot;
      extraConfig = ''                                                                                                                                                                                              
        <Directory "${config.security.acme.certs."lists.example.org".webroot}">                                                                                                                                     
          Options -Indexes                                                                                                                                                                                          
        </Directory>                                                                                                                                                                                                
        RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://lists.example.org$0                                                                                                                    
                                                                                                                                                                                                                    
      '';
    }
    { hostName = "lists.example.org";
      enableSSL = true;
      sslServerCert = "/var/lib/acme/lists.example.org/fullchain.pem";
      sslServerKey = "/var/lib/acme/lists.example.org/key.pem";
      servedDirs = [ { dir = "/var/lib/mailman-web/static"; urlPath = "/static"; } ];
      extraConfig = ''                                                                                                                                                                                              
        <Directory "${webRoot}">                                                                                                                                                                                    
          <Files wsgi.py>                                                                                                                                                                                           
            Require all granted                                                                                                                                                                                     
          </Files>                                                                                                                                                                                                  
          WSGIProcessGroup mailman                                                                                                                                                                                  
        </Directory>                                                                                                                                                                                                
        WSGIScriptAlias / ${webRoot}/wsgi.py                                                                                                                                                                        
      '';
    }
    { hostName = "localhost";
      servedDirs = [ { dir = "/var/lib/postorius/static"; urlPath = "/static"; } ];
      extraConfig = ''                                                                                                                                                                                              
        <Directory "${webRoot}">                                                                                                                                                                                    
          <Files wsgi.py>                                                                                                                                                                                           
            Require ip 127.0.0.1                                                                                                                                                                                    
            Require all granted                                                                                                                                                                                     
          </Files>                                                                                                                                                                                                  
          WSGIProcessGroup mailman                                                                                                                                                                                  
        </Directory>                                                                                                                                                                                                
        WSGIScriptAlias / ${webRoot}/wsgi.py                                                                                                                                                                        
      '';
    }
  ];
};

@peti
nixos/mailman: add support for the Mailman Web UI (Postorius & Hyperk…
420efa4 
…itty)

(cherry picked from commit 72c7ba5)
@peti
python-mailman-web: turn these Djando configuration files into a make…
ff141ec 
…-shift Python library

Suggested in NixOS#67951 (comment).

(cherry picked from commit 86f8895)
@peti
nixos/mailman: httpd.services requires mailman-web in the systemd sense
4d7224d 
When mailman-web restarts, it removes the generated "static" directory. This
breaks a currently running httpd process, which needs a re-start, too, to
obtain a new handle for the newly generated path.

(cherry picked from commit 0cc37b3)
@peti
nixos/mailman: clean up our variable names
37034c8 
(cherry picked from commit 1cb5cff)
@peti
nixos/mailman: create "mailman" executable as a proper wrapper script
7493c36 
(cherry picked from commit a7941fe)
@peti
nixos/mailman: properly wrap the mailman-web script
d29476f 
(cherry picked from commit d0dba96)
@peti peti requested a review from FRidh as a code owner September 11, 2019 13:43
@peti peti changed the title Port new Mailman & Postorius & Hyperkitty NixOS module from master. [release-19.09] port new Mailman & Postorius & Hyperkitty NixOS module from master Sep 11, 2019
@peti peti added this to the 19.09 milestone Sep 11, 2019
@peti peti merged commit 4b342f6 into NixOS:release-19.09 Sep 14, 2019
@peti peti deleted the t/mailman branch December 16, 2019 18:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FRidh FRidh Awaiting requested review from FRidh FRidh is a code owner

Assignees
No one assigned
Labels
6.topic: nixos 6.topic: python 8.has: module (update) 8.has: package (new) 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10
Projects
None yet
Milestone
19.09
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@peti @alyssais