cominfra/mail
cominfra/mail
8
0
Fork 0
Code Issues 8 Pull requests Activity

#83 webmail HTTP + #14 autoconfig

Browse source
This commit is contained in:
croax 2022-08-14 11:49:52 +02:00 committed by croax
parent 07ea083614
commit 4381fb19dc
2 changed files with 63 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
config/nginx/autoconfig.a-lec.org Normal file
View file

@ -0,0 +1,38 @@
# Configuration autoconfig.a-lec.org
server {
set_real_ip_from 192.169.0.1;
real_ip_header proxy_protocol;
ssi on;
ssi_last_modified on;
listen 444 ssl proxy_protocol;
listen [::]:443 ssl;
listen 80;
listen [::]:80;
# Important : PAS de HSTS ni redirection HTTPS
# Thunderbird fait une requête en clair (HTTP)
ssl_certificate /etc/letsencrypt/live/mail.a-lec.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mail.a-lec.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Add index.php to the list if you are using PHP
root /var/www/html/autoconfig;
server_name autoconfig.a-lec.org;
# Section dédiée mail, si un jour on souhaite délocaliser de cette VM
# le sous-domaine autoconfig et garder uniquement /mail
location /mail/ {
alias /var/www/html/autoconfig/mail/;
location ~* ^/mail/config-v1\.1\.xml(\?.*)$ {
try_files /var/www/html/autoconfig/mail/config-v1.1.xml =404;
}
}
}

46
config/nginx/default → config/nginx/mail.a-lec.org
View file

@ -19,32 +19,33 @@
# Default server configuration # Default server configuration
# #
server { server {
set_real_ip_from 192.169.1.1; set_real_ip_from 192.168.0.1;
real_ip_header proxy_protocol; real_ip_header proxy_protocol;
listen 443 ssl proxy_protocol; listen 444 ssl proxy_protocol;
listen [::]:443 ssl; listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/mail.a-lec.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mail.a-lec.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Add index.php to the list if you are using PHP ssl_certificate /etc/letsencrypt/live/mail.a-lec.org/fullchain.pem; # managed by Certbot
root /var/www/html/roundcube; ssl_certificate_key /etc/letsencrypt/live/mail.a-lec.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_name mail.a-lec.org; # Add index.php to the list if you are using PHP
root /var/www/html/roundcube;
client_max_body_size 100M; server_name mail.a-lec.org;
# Add index.php to the list if you are using PHP client_max_body_size 100M;
index index.html index.htm index.php;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
location / { location / {
# First attempt to serve request as file, then # First attempt to serve request as file, then
# as directory, then fall back to displaying a 404. # as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?q=$uri&$args; try_files $uri $uri/ /index.php?q=$uri&$args;
} }
# pass PHP scripts to FastCGI server # pass PHP scripts to FastCGI server
# #
@ -65,10 +66,13 @@ server {
} }
server { server {
listen 80; listen 80 proxy_protocol;
listen [::]:80; listen [::]:80;
server_name a-lec.org; set_real_ip_from 192.168.0.1;
real_ip_header proxy_protocol;
server_name mail.a-lec.org;
return 302 https://mail.a-lec.org$request_uri; return 302 https://mail.a-lec.org$request_uri;
} }