mailman3: Add missing trailing slash for the /static/ path

The code isn't vulnerable to nginx alias traversal[1][2], nevertheless it should only match /static/ and not e.g. /staticfoobar. [1] d94f18a7 ("Fix nginx alias traversal") [2] https://github.com/yandex/gixy/blob/641060d6355fbb5bd71695928a2bf14a9bcb8bf2/docs/en/plugins/aliastraversal.md Fixes: 9294828f ("Setup mailman3 server")

mailman3: Add missing trailing slash for the /static/ path
89c5e1af · Kristian Klausen · c9df10e4 · 89c5e1af
Verified Commit 89c5e1af authored 2 years ago by Kristian Klausen
--- a/roles/mailman3/templates/nginx.d.conf.j2
+++ b/roles/mailman3/templates/nginx.d.conf.j2
@@ -10,8 +10,8 @@ server {
    access_log   /var/log/nginx/{{ lists_domain }}/access.log.json json_main;
    error_log    /var/log/nginx/{{ lists_domain }}/error.log;

-    location /static {
-      alias /var/lib/mailman-web/static;
+    location /static/ {
+      alias /var/lib/mailman-web/static/;
    }

    # include uwsgi_params