From d13396fb2d8086be617762751f7a0a5a8e060cd0 Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Thu, 17 May 2018 10:10:13 +0200
Subject: [PATCH] Adjust vhost configuration.

---
 install_mailman.sh | 65 ++++++++++++++++++++++++++++++++++++----------
 1 file changed, 52 insertions(+), 13 deletions(-)

diff --git a/install_mailman.sh b/install_mailman.sh
index 5e8101f..1b4f287 100755
--- a/install_mailman.sh
+++ b/install_mailman.sh
@@ -2,7 +2,7 @@
 
 ## - Default values - not necessarily needed
 ## -
-_MAILMAN_VERSION=2.1.16
+_MAILMAN_VERSION=2.1.26
 
 _MAILMAN_USER=mailman
 _MAILMAN_ADMIN_EMAIL="admin@initiativenserver.de"
@@ -14,13 +14,6 @@ _WEBSERVER_ADMIN_EMAIL="admin@initiativenserver.de"
 
 _REQUIRED_DEB_PACKAGES="python python-dev python-dnspython"
 
-## - Domains, die von Malman verwaltet werden sollen
-## -
-## - fqn-domain1|ipv4-domain1|ipv6-domain1|vhost-dir [fqn-domain2|ipv4-domain2|ipv6domain2|vhost-dir] .. 
-## -
-_DOMAINS="lists.aktionsbuendnis-brandenburg.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts
-          lists.initiativenserver.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts"
-
 
 _SSL_CERT_AKTIONSBUENDNIS="/var/lib/dehydrated/certs/lists.aktionsbuendnis-brandenburg.de/fullchain.pem"
 _SSL_KEY_AKTIONSBUENDNIS="/var/lib/dehydrated/certs/lists.aktionsbuendnis-brandenburg.de/privkey.pem"
@@ -28,6 +21,15 @@ _SSL_KEY_AKTIONSBUENDNIS="/var/lib/dehydrated/certs/lists.aktionsbuendnis-brande
 _SSL_CERT_INITIATIVENSERVER="/var/lib/dehydrated/certs/lists.initiativenserver.de/fullchain.pem"
 _SSL_KEY_INITIATIVENSERVER="/var/lib/dehydrated/certs/lists.initiativenserver.de/privkey.pem"
 
+## - Domains, die von Malman verwaltet werden sollen
+## -
+## - fqn-domain1|ipv4-domain1|ipv6-domain1|vhost-dir [fqn-domain2|ipv4-domain2|ipv6domain2|vhost-dir] .. 
+## -
+
+_DOMAINS="lists.aktionsbuendnis-brandenburg.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts|${_SSL_CERT_AKTIONSBUENDNIS}|${_SSL_KEY_AKTIONSBUENDNIS}
+          lists.initiativenserver.de|83.223.86.117|2a01:30:0:13:2c5:48ff:feee:f21d|/usr/local/apache2/conf/vhosts|${_SSL_CERT_INITIATIVENSERVER}|${_SSL_KEY_INITIATIVENSERVER}"
+
+
 ## -
 ## - Ende: Default values
 
@@ -383,6 +385,8 @@ if [ "$MAILMAN_DOMAINS" = "$_MAILMAN_DOMAINS" ]; then
       _ipv4=`echo $_val | cut -d'|' -f2`
       _ipv6=`echo $_val | cut -d'|' -f3`
       _vhost_dir=`echo $_val | cut -d'|' -f4`
+      _ssl_cert=`echo $_val | cut -d'|' -f5`
+      _ssl_key=`echo $_val | cut -d'|' -f6`
 
       echo ""
       echo ""
@@ -420,7 +424,15 @@ if [ "$MAILMAN_DOMAINS" = "$_MAILMAN_DOMAINS" ]; then
          vhost_dir="/etc/apache2/sites-available"
       fi
 
-      WEBSERVER_DOMAINS="$WEBSERVER_DOMAINS ${_domain}|${ipv4}|${ipv6}|${vhost_dir}"
+      echo ""
+      echononl "SSL Certificate location for \"$_domain\" [$_ssl_cert]: "
+      read ssl_cert
+
+      echo ""
+      echononl "SSL Key location for \"$_domain\" [$_ssl_key]: "
+      read ssl_key
+
+      WEBSERVER_DOMAINS="$WEBSERVER_DOMAINS ${_domain}|${ipv4}|${ipv6}|${vhost_dir}|${ssl_cert}|${ssl_key}"
 
    done
 
@@ -471,7 +483,15 @@ else
          vhost_dir="/etc/apache2/sites-available"
       fi
 
-      WEBSERVER_DOMAINS="$WEBSERVER_DOMAINS ${_val}|${ipv4}|${ipv6}|${vhost_dir}"
+      echo ""
+      echononl "SSL Certificate location for \"$_val\" : "
+      read ssl_cert
+
+      echo ""
+      echononl "SSL Key location for \"$_val\" : "
+      read ssl_key
+
+      WEBSERVER_DOMAINS="$WEBSERVER_DOMAINS ${_val}|${ipv4}|${ipv6}|${vhost_dir}|${ssl_cert}|${ssl_key}"
 
   done
 
@@ -1299,6 +1319,8 @@ for domain in $WEBSERVER_DOMAINS ; do
    ipv4="`echo $domain | cut -d '|' -f2`"
    ipv6="`echo $domain | cut -d '|' -f3`"
    vhost_dir="`echo $domain | cut -d '|' -f4`"
+   ssl_cert=`echo $domain | cut -d'|' -f5`
+   ssl_key=`echo $domain | cut -d'|' -f6`
 
    if apachectl -v | grep version | grep -e "Apache/2.4" > /dev/null 2>1 ; then
       _allow_from="Require all granted"
@@ -1361,17 +1383,34 @@ for domain in $WEBSERVER_DOMAINS ; do
       $_allow_from
    </Directory>
 
+   ScriptAlias /admin $_link/cgi-bin/admin
+   ScriptAlias /admindb $_link/cgi-bin/admindb
+   ScriptAlias /confirm $_link/cgi-bin/confirm
+   ScriptAlias /create $_link/cgi-bin/create
+   ScriptAlias /edithtml $_link/cgi-bin/edithtml
+   ScriptAlias /listinfo $_link/cgi-bin/listinfo
+   ScriptAlias /options $_link/cgi-bin/options
+   ScriptAlias /private $_link/cgi-bin/private
+   ScriptAlias /rmlist $_link/cgi-bin/rmlist
+   ScriptAlias /roster $_link/cgi-bin/roster
+   ScriptAlias /subscribe $_link/cgi-bin/subscribe
    ScriptAlias /mailman/ $_link/cgi-bin/
    <Directory $_link/cgi-bin/>
       Options ExecCGI
-      $_allow_from
+      Require all granted
    </Directory>
 
+   #ScriptAlias /mailman/ $_link/cgi-bin/
+   #<Directory $_link/cgi-bin/>
+   #   Options ExecCGI
+   #   $_allow_from
+   #</Directory>
+
    SSLEngine on
 
 
-   SSLCertificateFile    $_SSL_CERT_AKTIONSBUENDNIS
-   SSLCertificateKeyFile $_SSL_KEY_AKTIONSBUENDNIS
+   SSLCertificateFile    $ssl_cert
+   SSLCertificateKeyFile $ssl_key
 
    ErrorLog /var/log/apache2/$hostname-error.log
    CustomLog /var/log/apache2/$hostname-access.log combined