diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml
index a98106c2cf..560666b1e4 100644
--- a/playbooks/groups/mailman.yml
+++ b/playbooks/groups/mailman.yml
@@ -109,6 +109,7 @@
     mailman_hyperkitty_db_pass: "{{ mailman_hk_db_pass }}"
     mailman_hyperkitty_cookie_key: "{{ mailman_hk_cookie_key }}"
     mailman_hyperkitty_archiver_key: "{{ mailman_hk_stg_archiver_key }}"
+    mailman_httpd_hostname: lists.stg.fedoraproject.org
     when: env == "staging"
   - {role: fedmsg/base,
      when: env != "staging"}
diff --git a/roles/mailman3/defaults/main.yml b/roles/mailman3/defaults/main.yml
index 64f5731c4f..04556dfe30 100644
--- a/roles/mailman3/defaults/main.yml
+++ b/roles/mailman3/defaults/main.yml
@@ -26,6 +26,7 @@ mailman_hyperkitty_admin_db_pass: changeme
 mailman_hyperkitty_db_pass: changeme
 mailman_hyperkitty_cookie_key: changeme
 mailman_hyperkitty_archiver_key: changeme
+mailman_gunicorn_workers: 4
 mailman_domains:
 - lists.example.com
 - lists.example.org
@@ -33,4 +34,4 @@ mailman_social_login: []
 
 # Apache configuration
 # Use mailman-web wsgi for mailman3
-wsgi_dir: /usr/lib/python3.9/site-packages/mailman_web
+mailman_httpd_hostname: lists.fedoraproject.org
diff --git a/roles/mailman3/handlers/main.yml b/roles/mailman3/handlers/main.yml
index 685b5fc917..980fe4f079 100644
--- a/roles/mailman3/handlers/main.yml
+++ b/roles/mailman3/handlers/main.yml
@@ -5,8 +5,14 @@
 - name: reload apache
   service: name=httpd state=reloaded
 
+- name: restart apache
+  service: name=httpd state=restarted
+
 - name: restart memcached
   service: name=memcached state=restarted
 
 - name: systemctl daemon-reload
   command: /usr/bin/systemctl daemon-reload
+
+- name: restart mailmanweb
+  service: name=maimanweb state restarted
diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
index 1b840faa6f..95ad76ecf3 100644
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@@ -2,91 +2,6 @@
 # Configuration for Mailman 3
 # PostgreSQL initialization must have been done already
 
-#
-# SELinux
-#
-- name: Set the SELinux policy for the fulltext index
-  community.general.sefcontext:
-    target: "{{ mailman_webui_basedir }}/fulltext_index(/.*)?"
-    setype: httpd_sys_rw_content_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: Set the SELinux policy for the static files directory
-  community.general.sefcontext:
-    target: "{{ mailman_webui_basedir }}/static(/.*)?"
-    setype: httpd_sys_content_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: Set the SELinux policy for the templates override directory
-  community.general.sefcontext:
-    target: "{{ mailman_webui_basedir }}/templates(/.*)?"
-    setype: httpd_sys_content_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: set the SELinux policy for the log directory
-  community.general.sefcontext:
-    target: "{{ mailman_log_directory }}(/.*)?"
-    setype: httpd_log_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: Set the SELinux policy for the generated postfix databases
-  community.general.sefcontext:
-    target: "{{ mailman_webui_basedir }}/var/data/postfix_.*"
-    setype: etc_aliases_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: Set the SELinux policy for the old static archives
-  community.general.sefcontext:
-    target: "{{ mailman_webui_basedir }}/old-archives/pipermail(/.*)?"
-    setype: httpd_sys_content_t
-    state: present
-  tags:
-    - mailman
-    - selinux
-
-- name: Allow Apache to remotely connect to PostgreSQL
-  ansible.posix.seboolean:
-    name: httpd_can_network_connect_db
-    state: yes
-    persistent: yes
-  tags:
-    - mailman
-    - selinux
-
-- name: Allow Apache to remotely connect to Mailman
-  ansible.posix.seboolean:
-    name: httpd_can_network_connect
-    state: yes
-    persistent: yes
-  tags:
-    - mailman
-    - selinux
-
-- name: Allow Apache to remotely connect to Memcached
-  ansible.posix.seboolean:
-    name: httpd_can_network_memcache
-    state: yes
-    persistent: yes
-  tags:
-    - mailman
-    - selinux
-
-
 - name: Install needed packages
   ansible.builtin.package:
     name: "{{item}}"
@@ -98,6 +13,7 @@
     - mailman3
     - memcached
     - postorius
+    - python3-gunicorn
     - python3-mailman-hyperkitty
     - python3-mailman-web
     - python3-mod_wsgi
@@ -207,19 +123,6 @@
   ansible.builtin.template:
     src: settings.py.j2
     dest: "{{ mailman_webui_confdir }}/settings.py"
-    owner: mailman
-    group: apache
-    mode: 0640
-  tags:
-    - config
-    - mailman
-  notify:
-    - reload apache
-
-- name: Install the hyperkitty/postorius httpd conf file
-  ansible.builtin.template:
-    src: apache.conf.j2
-    dest: /etc/httpd/conf.d/mailman-webui.conf
   tags:
     - config
     - mailman
@@ -230,8 +133,8 @@
   ansible.builtin.file:
     path: "{{ mailman_webui_basedir }}/fulltext_index"
     state: directory
-    owner: apache
-    group: apache
+    owner: mailman
+    group: mailman
     mode: 0755
   tags: mailman
 
@@ -280,7 +183,7 @@
     src: top.html
     dest: "{{ mailman_webui_basedir }}/templates/hyperkitty/top.html"
   notify:
-    - reload apache
+    - restart mailmanweb
   tags:
     - mailman
     - banner
@@ -399,6 +302,26 @@
   when:
     - static_root_dir is changed
 
+- name: Systemd unit to start postorius/hyperkitty through gunicorn
+  ansible.builtin.template:
+    src: mailmanweb.service.j2
+    dest: /etc/systemd/system/mailmanweb.service
+  register: mailmanweb_systemd
+  notify: restart mailmanweb
+  tags:
+    - mailman
+    - systemd
+
+- name: Enable the mailmanweb server
+  ansible.builtin.systemd:
+    name: mailmanweb
+    daemon-reload: "{% if mailmanweb_systemd is changed %}yes{% else %}no{% endif %}"
+    state: started
+    enabled: yes
+  tags:
+    - mailman
+    - systemd
+
 #
 # Scripts
 #
@@ -447,6 +370,29 @@
     - mailman
     - memcached
 
+# Httpd
+- name: Import needed httpd configurations
+  ansible.builtin.template:
+    src: "mailmanweb.conf.j2"
+    dest: "/etc/httpd/conf.d/mailmanweb.conf"
+  notify:
+    - reload apache
+  tags:
+    - config
+    - httpd
+    - mailman
+
+- name: Allow Apache to remotely connect to gunicorn
+  ansible.posix.seboolean:
+    name: httpd_can_network_connect
+    state: yes
+    persistent: yes
+  notify:
+    - restart apache
+  tags:
+    - mailman
+    - selinux
+
 # Start services
 - name: Start services
   ansible.builtin.systemd:
@@ -456,6 +402,7 @@
   with_items:
     - httpd
     - mailman3
+    - mailmanweb
     - postfix
     - webui-qcluster
     - webui-warm-up-cache
diff --git a/roles/mailman3/templates/apache.conf.j2 b/roles/mailman3/templates/apache.conf.j2
deleted file mode 100644
index cdf09069bb..0000000000
--- a/roles/mailman3/templates/apache.conf.j2
+++ /dev/null
@@ -1,43 +0,0 @@
-Alias /favicon.ico {{ mailman_webui_basedir }}/static/favicon.ico
-Alias /robots.txt  {{ mailman_webui_basedir }}/static/robots.txt
-Alias /static      {{ mailman_webui_basedir }}/static
-
-#ErrorLog /var/log/httpd/webui_error.log
-#CustomLog /var/log/httpd/webui_access.log combined
-
-WSGIScriptAlias / {{ wsgi_dir }}/wsgi.py
-WSGIDaemonProcess webui display-name=webui maximum-requests=1000 processes=4 threads=30 python-path={{ wsgi_dir }}
-WSGIProcessGroup webui
-WSGISocketPrefix run/wsgi
-WSGIRestrictStdout On
-WSGIRestrictSignal Off
-WSGIPythonOptimize 1
-
-<Directory "{{ wsgi_dir }}">
-    <Files wsgi.py>
-        Order deny,allow
-        Allow from all
-        Require all granted
-    </Files>
-</Directory>
-
-<Directory "{{ mailman_webui_basedir }}/static">
-    Order deny,allow
-    Allow from all
-    Require all granted
-</Directory>
-
-
-# Old static archives
-
-Alias /pipermail/ {{ mailman_webui_basedir }}/old-archives/pipermail/
-<Directory {{ mailman_webui_basedir }}/old-archives/pipermail>
-    Options FollowSymLinks
-    AllowOverride None
-    Require all granted
-    AddDefaultCharset Off
-</Directory>
-
-RedirectMatch ^/pipermail[/]*$ /
-RedirectMatch ^/mailman/listinfo/$ /
-RedirectMatch ^/mailman$ /
diff --git a/roles/mailman3/templates/mailmanweb.conf.j2 b/roles/mailman3/templates/mailmanweb.conf.j2
new file mode 100644
index 0000000000..795c3cab2e
--- /dev/null
+++ b/roles/mailman3/templates/mailmanweb.conf.j2
@@ -0,0 +1,12 @@
+<VirtualHost *:80>
+   ServerName {{ mailman_httpd_hostname }}
+   DocumentRoot /var/www/html/
+#   CustomLog logs/{{ mailman_httpd_hostname }}.log combined
+#   ErrorLog logs/{{ mailman_httpd_hostname }}_error.log
+
+   RewriteEngine On
+   RewriteCond $1 !^.well-known
+   RewriteCond %{HTTPS} !=on
+   RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+
+</VirtualHost>
diff --git a/roles/mailman3/templates/mailmanweb.service.j2 b/roles/mailman3/templates/mailmanweb.service.j2
new file mode 100644
index 0000000000..26dc05799a
--- /dev/null
+++ b/roles/mailman3/templates/mailmanweb.service.j2
@@ -0,0 +1,15 @@
+[Unit]
+Description= Mailman Web ui
+DefaultDependencies=no
+After=network.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=simple
+User=mailman
+Group=mailman
+WorkingDirectory=/etc/mailman3
+ExecStart=/usr/bin/gunicorn --workers={{ mailman_gunicorn_workers }} --forwarded-allow-ips="*" mailman_web.wsgi
+ExecStop=/bin/kill -s TERM $MAINPID