|
|
@ -19,6 +19,7 @@ http {
|
|
|
|
server_tokens off;
|
|
|
|
server_tokens off;
|
|
|
|
absolute_redirect off;
|
|
|
|
absolute_redirect off;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Main HTTP server
|
|
|
|
server {
|
|
|
|
server {
|
|
|
|
# Always listen over HTTP
|
|
|
|
# Always listen over HTTP
|
|
|
|
listen 80;
|
|
|
|
listen 80;
|
|
|
@ -83,11 +84,20 @@ http {
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Forwarding authentication server
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
|
|
|
listen 127.0.0.1:8000;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
location /internal {
|
|
|
|
|
|
|
|
proxy_pass http://admin;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
mail {
|
|
|
|
mail {
|
|
|
|
server_name {{ HOSTNAMES.split(",")[0] }};
|
|
|
|
server_name {{ HOSTNAMES.split(",")[0] }};
|
|
|
|
auth_http http://{{ ADMIN_ADDRESS }}/internal/nginx;
|
|
|
|
auth_http http://127.0.0.1:8000/internal/nginx;
|
|
|
|
proxy_pass_error_message on;
|
|
|
|
proxy_pass_error_message on;
|
|
|
|
|
|
|
|
|
|
|
|
{% if TLS and not TLS_ERROR %}
|
|
|
|
{% if TLS and not TLS_ERROR %}
|
|
|
@ -132,18 +142,20 @@ mail {
|
|
|
|
imap_auth plain;
|
|
|
|
imap_auth plain;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
{% if TLS %}
|
|
|
|
|
|
|
|
server {
|
|
|
|
server {
|
|
|
|
listen 465 ssl;
|
|
|
|
listen 587;
|
|
|
|
listen [::]:465 ssl;
|
|
|
|
listen [::]:587;
|
|
|
|
|
|
|
|
{% if TLS %}
|
|
|
|
|
|
|
|
starttls only;
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
protocol smtp;
|
|
|
|
protocol smtp;
|
|
|
|
smtp_auth plain;
|
|
|
|
smtp_auth plain;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% if TLS %}
|
|
|
|
server {
|
|
|
|
server {
|
|
|
|
listen 587;
|
|
|
|
listen 465 ssl;
|
|
|
|
listen [::]:587;
|
|
|
|
listen [::]:465 ssl;
|
|
|
|
starttls only;
|
|
|
|
|
|
|
|
protocol smtp;
|
|
|
|
protocol smtp;
|
|
|
|
smtp_auth plain;
|
|
|
|
smtp_auth plain;
|
|
|
|
}
|
|
|
|
}
|
|
|
|