mailinabox/conf/nginx.conf

## NOTE: This file is automatically generated by Mail-in-a-Box.
##       Do not edit this file. It will be replaced each time
##       Mail-in-a-Box needs up update the web configuration.

# Redirect all HTTP to HTTPS.
server {
	listen 80;
	listen [::]:80;

	server_name $HOSTNAME;
	root /tmp/invalid-path-nothing-here;
	rewrite ^/(.*)$ https://$HOSTNAME/$1 permanent;
}

# The secure HTTPS server.
server {
	listen 443 ssl;

	server_name $HOSTNAME;

	ssl_certificate $SSL_CERTIFICATE;
	ssl_certificate_key $SSL_KEY;
	include /etc/nginx/nginx-ssl.conf;

	# Expose this directory as static files.
	root $ROOT;
	index index.html index.htm;

	# ownCloud configuration
	# TODO: we should support owncloud to be loaded from www root, but for now we dont :-)
	client_max_body_size 10G; # set max upload size
	fastcgi_buffers 64 4K;

	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}

	error_page 403 /owncloud/core/templates/403.php;
	error_page 404 /owncloud/core/templates/404.php;

	rewrite ^/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
	rewrite ^/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
	rewrite ^/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;
	rewrite ^/owncloud$ /owncloud/ redirect;
	rewrite ^/owncloud/$ /owncloud/index.php;

	location /owncloud/ {
		index index.php;
		alias /usr/local/lib/owncloud/;
	}

	location ~ ^/owncloud/(.+?\.php)/? {
		fastcgi_split_path_info ^/owncloud/(.+?\.php)(/?.*)$;
		set $path_info $fastcgi_path_info;
#		try_files $fastcgi_script_name = 404;
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$fastcgi_script_name;
		fastcgi_param PATH_INFO $path_info;
		fastcgi_param HTTPS on;
		fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name;
		fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
	}

	location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
		deny all;
	}

	# Optional: set long EXPIRES header on static assets
	location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
		expires 30d;
		# Optional: Don't log access to assets
		access_log off;
	}

	# Webfinger configuration.
	# TODO: fix this for owncloud: http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_others.html
	location = /.well-known/webfinger {
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php;
		fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
	}

	# Microsoft Exchange autodiscover.xml for email
	location /autodiscover/autodiscover.xml {
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php;
		fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
	}

	# Z-Push (Microsoft Exchange ActiveSync)
	location /Microsoft-Server-ActiveSync {
	        include /etc/nginx/fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;
		fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
	}

	# ADDITIONAL DIRECTIVES HERE
}
when adding/removing mail addresses also update nginx's config 2014-07-06 12:16:50 +00:00			`## NOTE: This file is automatically generated by Mail-in-a-Box.`
			`## Do not edit this file. It will be replaced each time`
			`## Mail-in-a-Box needs up update the web configuration.`

redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00			`# Redirect all HTTP to HTTPS.`
preliminary script for nginx 2013-09-01 14:24:49 +00:00			`server {`
			`listen 80;`
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`listen [::]:80;`
preliminary script for nginx 2013-09-01 14:24:49 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`server_name $HOSTNAME;`
redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00			`root /tmp/invalid-path-nothing-here;`
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`rewrite ^/(.*)$ https://$HOSTNAME/$1 permanent;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`}`

			`# The secure HTTPS server.`
			`server {`
			`listen 443 ssl;`
preliminary script for nginx 2013-09-01 14:24:49 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`server_name $HOSTNAME;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`ssl_certificate $SSL_CERTIFICATE;`
			`ssl_certificate_key $SSL_KEY;`
update to @konklone's latest nginx SSL configuration recommendations 2014-04-18 00:27:52 +00:00			`include /etc/nginx/nginx-ssl.conf;`
apply @konklone's nginx https: recommendations from https://gist.github.com/konklone/6532544 2013-09-14 14:11:47 +00:00
redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00			`# Expose this directory as static files.`
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`root $ROOT;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`index index.html index.htm;`

initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`# ownCloud configuration`
			`# TODO: we should support owncloud to be loaded from www root, but for now we dont :-)`
			`client_max_body_size 10G; # set max upload size`
white spaces argh. 2014-08-11 14:30:39 +00:00			`fastcgi_buffers 64 4K;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
white spaces argh. 2014-08-11 14:30:39 +00:00			`location = /robots.txt {`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`allow all;`
white spaces argh. 2014-08-11 14:30:39 +00:00			`log_not_found off;`
			`access_log off;`
			`}`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
white spaces argh. 2014-08-11 14:30:39 +00:00			`error_page 403 /owncloud/core/templates/403.php;`
			`error_page 404 /owncloud/core/templates/404.php;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
white spaces argh. 2014-08-11 14:30:39 +00:00			`rewrite ^/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;`
			`rewrite ^/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;`
			`rewrite ^/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;`
			`rewrite ^/owncloud$ /owncloud/ redirect;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`rewrite ^/owncloud/$ /owncloud/index.php;`

			`location /owncloud/ {`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`index index.php;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`alias /usr/local/lib/owncloud/;`
update to Roundcube 1.0.1 2014-07-08 00:37:53 +00:00			`}`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
attempting to fix broken static files etc 2014-08-11 16:46:39 +00:00			`location ~ ^/owncloud/(.+?\.php)/? {`
			`fastcgi_split_path_info ^/owncloud/(.+?\.php)(/?.*)$;`
			`set $path_info $fastcgi_path_info;`
			`# try_files $fastcgi_script_name = 404;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`include fastcgi_params;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$fastcgi_script_name;`
attempting to fix broken static files etc 2014-08-11 16:46:39 +00:00			`fastcgi_param PATH_INFO $path_info;`
			`fastcgi_param HTTPS on;`
			`fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;`
			`}`
preliminary script for nginx 2013-09-01 14:24:49 +00:00
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`location ~ ^/(data\|config\|\.ht\|db_structure\.xml\|README) {`
white spaces argh. 2014-08-11 14:30:39 +00:00			`deny all;`
			`}`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
			`# Optional: set long EXPIRES header on static assets`
white spaces argh. 2014-08-11 14:30:39 +00:00			`location ~* ^.+\.(jpg\|jpeg\|gif\|bmp\|ico\|png\|css\|js\|swf)$ {`
			`expires 30d;`
			`# Optional: Don't log access to assets`
			`access_log off;`
			`}`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
preliminary support for webfinger It just echos back the subject given to it. 2014-06-20 01:54:59 +00:00			`# Webfinger configuration.`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00			`# TODO: fix this for owncloud: http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_others.html`
preliminary support for webfinger It just echos back the subject given to it. 2014-06-20 01:54:59 +00:00			`location = /.well-known/webfinger {`
			`include fastcgi_params;`
obviously put our stuff in /usr/local and not /usr 2014-06-21 16:35:00 +00:00			`fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php;`
preliminary support for webfinger It just echos back the subject given to it. 2014-06-20 01:54:59 +00:00			`fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;`
			`}`
new nginx configuration yaml file to allow proxying of whole domains elsewhere 2014-07-09 12:31:32 +00:00
z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00			`# Microsoft Exchange autodiscover.xml for email`
			`location /autodiscover/autodiscover.xml {`
			`include fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php;`
			`fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;`
			`}`

			`# Z-Push (Microsoft Exchange ActiveSync)`
			`location /Microsoft-Server-ActiveSync {`
			`include /etc/nginx/fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;`
			`fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;`
			`}`

new nginx configuration yaml file to allow proxying of whole domains elsewhere 2014-07-09 12:31:32 +00:00			`# ADDITIONAL DIRECTIVES HERE`
preliminary script for nginx 2013-09-01 14:24:49 +00:00			`}`