You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3.1 KiB
3.1 KiB
Nginx setup
Set up reverse proxy in mailcow
- https://mailcow.github.io/mailcow-dockerized-docs/firststeps-rp/
vim /opt/mailcow-dockerized/mailcow.conf
HTTP_BIND=127.0.0.1
HTTP_PORT=8080
HTTPS_BIND=127.0.0.1
HTTPS_PORT=8443
./generate_config.sh
cp mailcow.conf_backup mailcow.conf
docker-compose up -d
docker run --name tmp-nginx-container -d nginx
docker cp tmp-nginx-container:/etc/nginx /opt/nginx/
docker rm -f tmp-nginx-container
vim /opt/nginx/nginx/conf.d/mailcow.conf
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name srv01.dreckbu.de autodiscover.* autoconfig.*;
return 301 https://$host$request_uri;
}
server {
listen 443;
listen [::]:443;
server_name srv01.dreckbu.de autodiscover.* autoconfig.*;
ssl on;
ssl_certificate /var/ssl/cert.pem;
ssl_certificate_key /var/ssl/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /Microsoft-Server-ActiveSync {
proxy_pass http://nginx-mailcow:8080/Microsoft-Server-ActiveSync;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 75;
proxy_send_timeout 3650;
proxy_read_timeout 3650;
proxy_buffers 64 256k;
client_body_buffer_size 512k;
client_max_body_size 0;
}
location / {
proxy_pass http://nginx-mailcow:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
}
set up main host for serving static html pages
vim /opt/nginx/nginx/conf.d/main.conf
# HTTP
server {
listen 80;
listen [::]:80;
server_name dreckbu.de www.dreckbu.de;
# enforce https
return 301 https://$server_name$request_uri;
}
# HTTPS
server {
listen 443;
listen [::]:443;
server_name dreckbu.de www.dreckbu.de;
ssl on;
ssl_certificate /var/ssl/cert.pem;
ssl_certificate_key /var/ssl/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
index index.php index.html index.htm;
location / {
root /var/www;
}
}
test the reverse proxy
-
docker run --name nginx-reverse-proxy -p 80:80 -p 443:443 --network mailcowdockerized_mailcow-network -v /opt/nginx/nginx:/etc/nginx:ro -v /opt/mailcow-dockerized/data/assets/ssl:/var/ssl -v /opt/nginx/www:/var/www -d nginx -
vim /opt/nginx/docker-compose.yml
version: "2"
networks:
mailcowdockerized_mailcow-network:
external: true
services:
nginx-reverse-proxy:
image: nginx
volumes:
- /opt/nginx/nginx:/etc/nginx:ro
- /opt/mailcow-dockerized/data/assets/ssl:/var/ssl
- /opt/nginx/www:/var/www
ports:
- "80:80"
- "443:443"
restart: always
networks:
- mailcowdockerized_mailcow-network