install/mailman
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Further adjustment for initiativenserver.

Browse Source
This commit is contained in:
Christoph
2018-05-17 00:51:29 +02:00
parent 655527018f
commit a2be5db483
1 changed files with 11 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
install_mailman.sh
View File

@@ -21,6 +21,13 @@ _REQUIRED_DEB_PACKAGES="python python-dev python-dnspython"
_DOMAINS="lists.aktionsbuendnis-brandenburg.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts
lists.initiativenserver.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts"
_SSL_CERT_AKTIONSBUENDNIS="/var/lib/dehydrated/certs/lists.aktionsbuendnis-brandenburg.de/fullchain.pem"
_SSL_KEY_AKTIONSBUENDNIS="/var/lib/dehydrated/certs/lists.aktionsbuendnis-brandenburg.de/privkey.pem"
_SSL_CERT_INITIATIVENSERVER="/var/lib/dehydrated/certs/lists.initiativenserver.de/fullchain.pem"
_SSL_KEY_INITIATIVENSERVER="/var/lib/dehydrated/certs/lists.initiativenserver.de/privkey.pem"
## -
## - Ende: Default values
@@ -1321,7 +1328,7 @@ for domain in $WEBSERVER_DOMAINS ; do
# -- $hostname -- #
<VirtualHost $ipv4:80>
<VirtualHost $ipv4:80 [$ipv6]:80>
ServerAdmin $WEBSERVER_ADMIN_EMAIL
@@ -1333,7 +1340,7 @@ for domain in $WEBSERVER_DOMAINS ; do
</VirtualHost>
<VirtualHost $ipv4:443>
<VirtualHost $ipv4:443 [$ipv6]:443>
ServerAdmin $WEBSERVER_ADMIN_EMAIL
@@ -1362,76 +1369,9 @@ for domain in $WEBSERVER_DOMAINS ; do
SSLEngine on
## - don't support weak ciphers
SSLProtocol ALL -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
#SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:RC4-SHA:HIGH:!MD5:!aNULL:!EDH
SSLCertificateFile /usr/local/apache2/conf/lists.aktionsbuendnis-brandenburg.crt
SSLCertificateKeyFile /usr/local/apache2/conf/lists.aktionsbuendnis-brandenburg.key
SSLCertificateChainFile /usr/local/apache2/conf/SSL123_CA_Bundle.pem
ErrorLog /var/log/apache2/$hostname-error.log
CustomLog /var/log/apache2/$hostname-access.log combined
</VirtualHost>
## ------
## - IPv6
## ------
<VirtualHost [$ipv6]:80>
ServerAdmin $WEBSERVER_ADMIN_EMAIL
ServerName $hostname
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost [$ipv6]:443>
ServerAdmin $WEBSERVER_ADMIN_EMAIL
ServerName $hostname
RewriteEngine on
RewriteCond %{HTTPS} =on
RewriteRule ^/$ https://%{SERVER_NAME}/mailman/listinfo [R=301,L]
<Directory $_link/archives/public/>
AddDefaultCharset Off
</Directory>
Alias /pipermail/ $_link/archives/public/
Alias /icons/ $_link/icons/
<Directory $_link/icons/>
$_allow_from
</Directory>
ScriptAlias /mailman/ $_link/cgi-bin/
<Directory $_link/cgi-bin/>
Options ExecCGI
$_allow_from
</Directory>
SSLEngine on
## - don't support weak ciphers
SSLProtocol ALL -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
#SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:RC4-SHA:HIGH:!MD5:!aNULL:!EDH
SSLCertificateFile /usr/local/apache2/conf/lists.aktionsbuendnis-brandenburg.crt
SSLCertificateKeyFile /usr/local/apache2/conf/lists.aktionsbuendnis-brandenburg.key
SSLCertificateChainFile /usr/local/apache2/conf/SSL123_CA_Bundle.pem
SSLCertificateFile $_SSL_CERT_AKTIONSBUENDNIS
SSLCertificateKeyFile $_SSL_KEY_AKTIONSBUENDNIS
ErrorLog /var/log/apache2/$hostname-error.log
CustomLog /var/log/apache2/$hostname-access.log combined