|
|
|
@ -173,11 +173,15 @@ http {
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
location @sso_login {
|
|
|
|
|
return 302 /sso/login?url=$request_uri;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
{% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %}
|
|
|
|
|
location / {
|
|
|
|
|
expires $expires;
|
|
|
|
|
{% if WEBROOT_REDIRECT %}
|
|
|
|
|
try_files $uri {{ WEBROOT_REDIRECT }};
|
|
|
|
|
try_files $uri {{ WEBROOT_REDIRECT }}?homepage;
|
|
|
|
|
{% else %}
|
|
|
|
|
try_files $uri =404;
|
|
|
|
|
{% endif %}
|
|
|
|
@ -192,7 +196,7 @@ http {
|
|
|
|
|
{% endif %}
|
|
|
|
|
include /etc/nginx/proxy.conf;
|
|
|
|
|
auth_request /internal/auth/user;
|
|
|
|
|
error_page 403 @webmail_login;
|
|
|
|
|
error_page 403 @sso_login;
|
|
|
|
|
proxy_pass http://$webmail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -211,13 +215,9 @@ http {
|
|
|
|
|
auth_request_set $token $upstream_http_x_user_token;
|
|
|
|
|
proxy_set_header X-Remote-User $user;
|
|
|
|
|
proxy_set_header X-Remote-User-Token $token;
|
|
|
|
|
error_page 403 @webmail_login;
|
|
|
|
|
error_page 403 @sso_login;
|
|
|
|
|
proxy_pass http://$webmail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
location @webmail_login {
|
|
|
|
|
return 302 /sso/login?url=$request_uri;
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
{% if ADMIN %}
|
|
|
|
|
location {{ WEB_ADMIN }} {
|
|
|
|
@ -232,11 +232,7 @@ http {
|
|
|
|
|
proxy_set_header X-Real-IP "";
|
|
|
|
|
proxy_set_header X-Forwarded-For "";
|
|
|
|
|
proxy_pass http://$antispam;
|
|
|
|
|
error_page 403 @antispam_login;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
location @antispam_login {
|
|
|
|
|
return 302 /sso/login?url=$request_uri;
|
|
|
|
|
error_page 403 @sso_login;
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|