Mailman: update the mailman-hyperkitty conf file

And use the mailman_url variable, and set some permissions.

roles/mailman/templates/settings.py.j2

@@ -21,6 +21,7 @@ ADMINS = (
 # Hosts/domain names that are valid for this site; required if DEBUG is False
 # See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
 ALLOWED_HOSTS = [
+    "{{ mailman_url }}",
     ".fedoraproject.org",
     "discuss.arquillian.org",
     "localhost", # Archiving API from Mailman
@@ -29,9 +30,7 @@ ALLOWED_HOSTS = [
 # And for BrowserID too, see
 # http://django-browserid.rtfd.org/page/user/settings.html#django.conf.settings.BROWSERID_AUDIENCES
 BROWSERID_AUDIENCES = [
-    "https://lists.fedoraproject.org",
-    "https://lists.stg.fedoraproject.org",
-    "https://lists-dev.cloud.fedoraproject.org",
+    "https://{{ mailman_url }}",
 ]
 
 # Mailman API credentials
@@ -109,7 +108,7 @@ DATABASES = {
 USE_X_FORWARDED_HOST = True
 # In the Fedora infra, requests are systematically redirected to HTTPS, so put
 # something always true here:
-SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SERVER', 'lists.fedoraproject.org')
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SERVER', '{{ mailman_url }}')
 
 # Internationalization
 # https://docs.djangoproject.com/en/1.6/topics/i18n/