You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
mailu/nginx/conf/nginx.conf

87 lines
2.0 KiB
Nginx Configuration File

# Basic configuration
user nginx;
worker_processes 4;
error_log /dev/stderr info;
pid /var/run/nginx.pid;
load_module "modules/ngx_mail_module.so";
events {
worker_connections 1024;
}
http {
# Standard HTTP configuration with slight hardening
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
sendfile on;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
{% if TLS_FLAVOR != 'notls' %}
listen 443 ssl;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA';
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_certificate /certs/cert.pem;
ssl_certificate_key /certs/key.pem;
add_header Strict-Transport-Security max-age=15768000;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
{% endif %}
# Actual logic
{% if WEBMAIL != 'none' %}
location / {
return 301 $scheme://$host/webmail/;
}
location /webmail {
rewrite ^/webmail/(.*) /$1 break;
proxy_pass http://webmail;
}
{% endif %}
{% if ADMIN == 'true' %}
location /admin/ui {
rewrite ^/admin/(.*) /$1 break;
proxy_pass http://admin;
}
{% endif %}
{% if WEBDAV != 'none' %}
location /webdav {
rewrite ^/webdav/(.*) /$1 break;
proxy_pass http://webdav:5232;
}
{% endif %}
}
}
mail {
server_name {{ HOSTNAME }};
auth_http http://{{ ADMIN_ADDRESS }}/internal/nginx;
proxy_pass_error_message on;
server {
listen 25;
protocol smtp;
smtp_auth plain;
}
server {
listen 143;
protocol imap;
imap_auth plain;
}
}