UPDATE 2019-06-23: Change /usr/lib/ to /usr/lib64/ (after upgrade to Gentoo profile 17.1)
UPDATE 2017-05-11: Use https, with Let’s Encrypt.
UPDATE 2014-07-23: Forgot to give nginx access to mailman archives. Stop using sudo. Use service.
UPDATE 2012-12-10: the process has been simplified now that bug #37429 is fixed.
This is how I installed Mailman in a Gentoo server, using Nginx as the web server and Exim as the MTA.
Mailman
By default Mailman runs with the Apache user and group. First step is to configure Mailman so it runs with the Nginx user and group. To do so edit /etc/make.conf and add these lines:
/etc/make.conf MAILMAN_CGIUID="nginx" MAILMAN_CGIGID="nginx"
Now you can go ahead and emerge Mailman. Next comes to configure it.
Edit /etc/mailman/mm_cfg.py (replace the url and email hosts by yours):
/etc/mailman/mm_cfg.py DEFAULT_URL_HOST = 'mailman.example.com' DEFAULT_EMAIL_HOST = 'example.com' # https DEFAULT_URL_PATTERN = 'https://%s/mailman/' PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s' # Let Mailman know that the MTA (Exim) needs no aliases setting MTA = None
As the mailman user (add the cron jobs, create the site password, and add the main list):
# su - mailman mailman $ crontab cron/crontab.in mailman $ bin/mmsitepass mailman $ bin/newlist mailman
Run mailman:
# rc-update add mailman default # service mailman start
Nginx
The Mailman web interface works with the CGI interface. To get it working with Nginx start by emerging spawn-fcgi and fcgiwrap:
# emerge spawn-fcgi fcgiwrap
Create the configuration file and edit it:
# cd /etc/conf.d # cp spawn-fcgi spawn-fcgi.fcgiwrap
These are the changes to the configuration file:
/etc/conf.d/spawn-fcgi.fcgiwrap FCGI_SOCKET=/run/fcgiwrap.sock FCGI_ADDRESS= FCGI_PORT= FCGI_PROGRAM=/usr/sbin/fcgiwrap FCGI_USER=nginx FCGI_GROUP=nginx
Now start the daemon:
# cd /etc/init.d # ln -s spawn-fcgi spawn-fcgi.fcgiwrap # rc-update add spawn-fcgi.fcgiwrap default # service spawn-fcgi.fcgiwrap start
Now add the Nginx server configuration:
/etc/nginx/mailman.conf
server {
listen 80;
server_name mailman.example.com;
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name mailman.example.com;
root /usr/lib64/mailman/cgi-bin;
ssl_certificate /etc/letsencrypt/live/mailman.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mailman.example.com/privkey.pem;
# Redirect
location / {
rewrite ^ /mailman/listinfo permanent;
}
location ~ ^/mailman(/[^/]*)(/.*)?$ {
fastcgi_split_path_info ^/mailman/([^/]*)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$1;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass unix:/run/fcgiwrap.sock-1;
}
location /mailman-icons {
alias /usr/lib64/mailman/icons;
}
location /pipermail {
alias /var/lib/mailman/archives/public;
}
}
Include the file into the main Nginx configuration file:
/etc/nginx/nginx.conf include mailman.conf;
Add nginx to the mailman group, so it has access rights to the archive:
# gpasswd -a nginx mailman
And restart Nginx:
# service nginx restart
Exim
There is very good documentation on running Mailman with Exim: Using Exim 4 and Mailman 2.1 together.
The only thing I found missing from the docs is a reference to the mailman-loop address. Add an alias for mailman-loop to a routable address, edit the /etc/mail/aliases file, for example:
/etc/mail/aliases mailman-loop: root
Leave a Reply
You must be logged in to post a comment.