mailinabox/conf/nginx.conf

## $HOSTNAME

# Redirect all HTTP to HTTPS.
server {
	listen 80;
	listen [::]:80;

	server_name $HOSTNAME;
	root /tmp/invalid-path-nothing-here;
	rewrite ^/(.*)$ https://$HOSTNAME/$1 permanent;
}

# The secure HTTPS server.
server {
	listen 443 ssl;

	server_name $HOSTNAME;

	ssl_certificate $SSL_CERTIFICATE;
	ssl_certificate_key $SSL_KEY;
	include /etc/nginx/nginx-ssl.conf;

	# Expose this directory as static files.
	root $ROOT;
	index index.html index.htm;

	# Roundcube Webmail configuration.
	rewrite ^/mail$ /mail/ redirect;
	rewrite ^/mail/$ /mail/index.php;
	location /mail/ {
		index index.php;
		alias /usr/local/lib/roundcubemail/;
	}
	location ~ /mail/config/.* {
		# A ~-style location is needed to give this precedence over the next block.
		return 403;
	}
	location ~ /mail/.*\.php {
		# note: ~ has precendence over a regular location block
		include fastcgi_params;
		fastcgi_split_path_info ^/mail(/.*)()$;
		fastcgi_index index.php;
		fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;
		fastcgi_pass php-fpm;
		client_max_body_size 20M;
	}

	# ownCloud configuration.
	rewrite ^/cloud$ /cloud/ redirect;
	rewrite ^/cloud/$ /cloud/index.php;
	rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
	location /cloud/ {
		alias /usr/local/lib/owncloud/;
		location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
			deny all;
	 	}
	}
	location ~ ^(/cloud)(/.+\.php)(/.*)?$ {
		# note: ~ has precendence over a regular location block
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
		fastcgi_param SCRIPT_NAME $1$2;
		fastcgi_param PATH_INFO $3;
		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
		fastcgi_pass php-fpm;
		error_page 403 /cloud/core/templates/403.php;
		error_page 404 /cloud/core/templates/404.php;
		client_max_body_size 1G;
		fastcgi_buffers 64 4K;
	}
	location ~ ^/((caldav|carddav|webdav).*)$ {
		# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
		# Properly proxying like this seems to work fine.
		proxy_pass https://$HOSTNAME/cloud/remote.php/$1;
	}
	rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
	rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
	rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
	rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;

	# Webfinger configuration.
	location = /.well-known/webfinger {
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php;
		fastcgi_pass php-fpm;
	}

	# Microsoft Exchange autodiscover.xml for email
	location /autodiscover/autodiscover.xml {
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php;
		fastcgi_pass php-fpm;
	}

	# Z-Push (Microsoft Exchange ActiveSync)
	location /Microsoft-Server-ActiveSync {
	        include /etc/nginx/fastcgi_params;
		fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;
		fastcgi_pass php-fpm;
	}

	# ADDITIONAL DIRECTIVES HERE
}
use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00			`## $HOSTNAME`
when adding/removing mail addresses also update nginx's config 2014-07-06 12:16:50 +00:00
redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00			`# Redirect all HTTP to HTTPS.`
preliminary script for nginx 2013-09-01 14:24:49 +00:00			`server {`
			`listen 80;`
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`listen [::]:80;`
preliminary script for nginx 2013-09-01 14:24:49 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`server_name $HOSTNAME;`
redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00			`root /tmp/invalid-path-nothing-here;`
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`rewrite ^/(.*)$ https://$HOSTNAME/$1 permanent;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`}`

			`# The secure HTTPS server.`
			`server {`
			`listen 443 ssl;`
preliminary script for nginx 2013-09-01 14:24:49 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`server_name $HOSTNAME;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00
manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:16:38 +00:00			`ssl_certificate $SSL_CERTIFICATE;`
			`ssl_certificate_key $SSL_KEY;`
update to @konklone's latest nginx SSL configuration recommendations 2014-04-18 00:27:52 +00:00			`include /etc/nginx/nginx-ssl.conf;`
apply @konklone's nginx https: recommendations from https://gist.github.com/konklone/6532544 2013-09-14 14:11:47 +00:00
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`# Expose this directory as static files.`
			`root $ROOT;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`index index.html index.htm;`

keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`# Roundcube Webmail configuration.`
			`rewrite ^/mail$ /mail/ redirect;`
			`rewrite ^/mail/$ /mail/index.php;`
			`location /mail/ {`
			`index index.php;`
			`alias /usr/local/lib/roundcubemail/;`
white spaces argh. 2014-08-11 14:30:39 +00:00			`}`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`location ~ /mail/config/.* {`
			`# A ~-style location is needed to give this precedence over the next block.`
			`return 403;`
owncloud properly working, but not in sub dir anymore 2014-08-11 18:17:38 +00:00			`}`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`location ~ /mail/.*\.php {`
			`# note: ~ has precendence over a regular location block`
			`include fastcgi_params;`
			`fastcgi_split_path_info ^/mail(/.*)()$;`
			`fastcgi_index index.php;`
			`fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;`
use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00			`fastcgi_pass php-fpm;`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`client_max_body_size 20M;`
update to Roundcube 1.0.1 2014-07-08 00:37:53 +00:00			`}`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`# ownCloud configuration.`
			`rewrite ^/cloud$ /cloud/ redirect;`
			`rewrite ^/cloud/$ /cloud/index.php;`
			`rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;`
			`location /cloud/ {`
			`alias /usr/local/lib/owncloud/;`
			`location ~ ^/(data\|config\|\.ht\|db_structure\.xml\|README) {`
			`deny all;`
			`}`
			`}`
			`location ~ ^(/cloud)(/.+\.php)(/.*)?$ {`
			`# note: ~ has precendence over a regular location block`
			`include fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;`
			`fastcgi_param SCRIPT_NAME $1$2;`
			`fastcgi_param PATH_INFO $3;`
use x-accel-redirect for faster larg file downloads 2014-08-12 13:11:33 +00:00			`fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;`
include_path to include php-libawl and use php-fpm instead of cgi 2014-08-11 21:41:38 +00:00			`fastcgi_pass php-fpm;`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`error_page 403 /cloud/core/templates/403.php;`
			`error_page 404 /cloud/core/templates/404.php;`
			`client_max_body_size 1G;`
			`fastcgi_buffers 64 4K;`
web and roundcube webmail 2013-09-07 20:53:25 +00:00			`}`
more owncloud configuration tweaks 2014-08-13 00:30:09 +00:00			`location ~ ^/((caldav\|carddav\|webdav).*)$ {`
			`# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.`
			`# Properly proxying like this seems to work fine.`
			`proxy_pass https://$HOSTNAME/cloud/remote.php/$1;`
			`}`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;`
			`rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;`
			`rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;`
			`rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;`
initial owncloud port, untested and unfinished 2014-08-11 14:24:29 +00:00
preliminary support for webfinger It just echos back the subject given to it. 2014-06-20 01:54:59 +00:00			`# Webfinger configuration.`
			`location = /.well-known/webfinger {`
			`include fastcgi_params;`
obviously put our stuff in /usr/local and not /usr 2014-06-21 16:35:00 +00:00			`fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php;`
use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00			`fastcgi_pass php-fpm;`
preliminary support for webfinger It just echos back the subject given to it. 2014-06-20 01:54:59 +00:00			`}`
new nginx configuration yaml file to allow proxying of whole domains elsewhere 2014-07-09 12:31:32 +00:00
z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00			`# Microsoft Exchange autodiscover.xml for email`
			`location /autodiscover/autodiscover.xml {`
			`include fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php;`
use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00			`fastcgi_pass php-fpm;`
z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00			`}`

			`# Z-Push (Microsoft Exchange ActiveSync)`
			`location /Microsoft-Server-ActiveSync {`
keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 11:36:40 +00:00			`include /etc/nginx/fastcgi_params;`
z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00			`fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;`
use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00			`fastcgi_pass php-fpm;`
z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00			`}`

new nginx configuration yaml file to allow proxying of whole domains elsewhere 2014-07-09 12:31:32 +00:00			`# ADDITIONAL DIRECTIVES HERE`
preliminary script for nginx 2013-09-01 14:24:49 +00:00			`}`