|
|
|
@ -18,9 +18,16 @@ http {
|
|
|
|
keepalive_timeout 65;
|
|
|
|
keepalive_timeout 65;
|
|
|
|
server_tokens off;
|
|
|
|
server_tokens off;
|
|
|
|
absolute_redirect off;
|
|
|
|
absolute_redirect off;
|
|
|
|
|
|
|
|
resolver {{ RESOLVER }} valid=30s;
|
|
|
|
|
|
|
|
|
|
|
|
# Main HTTP server
|
|
|
|
# Main HTTP server
|
|
|
|
server {
|
|
|
|
server {
|
|
|
|
|
|
|
|
# Variables for proxifying
|
|
|
|
|
|
|
|
set $admin admin;
|
|
|
|
|
|
|
|
set $antispam antispam:11334;
|
|
|
|
|
|
|
|
set $webmail webmail;
|
|
|
|
|
|
|
|
set $webdav webdav:5232;
|
|
|
|
|
|
|
|
|
|
|
|
# Always listen over HTTP
|
|
|
|
# Always listen over HTTP
|
|
|
|
listen 80;
|
|
|
|
listen 80;
|
|
|
|
listen [::]:80;
|
|
|
|
listen [::]:80;
|
|
|
|
@ -44,7 +51,7 @@ http {
|
|
|
|
# In any case, enable the proxy for certbot if the flavor is letsencrypt
|
|
|
|
# In any case, enable the proxy for certbot if the flavor is letsencrypt
|
|
|
|
{% if TLS_FLAVOR == 'letsencrypt' %}
|
|
|
|
{% if TLS_FLAVOR == 'letsencrypt' %}
|
|
|
|
location ^~ /.well-known/acme-challenge/ {
|
|
|
|
location ^~ /.well-known/acme-challenge/ {
|
|
|
|
proxy_pass http://localhost:8008;
|
|
|
|
proxy_pass http://127.0.0.1:8008;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
@ -64,7 +71,8 @@ http {
|
|
|
|
location {{ WEB_WEBMAIL }} {
|
|
|
|
location {{ WEB_WEBMAIL }} {
|
|
|
|
rewrite ^({{ WEB_WEBMAIL }})$ $1/ permanent;
|
|
|
|
rewrite ^({{ WEB_WEBMAIL }})$ $1/ permanent;
|
|
|
|
rewrite ^{{ WEB_WEBMAIL }}/(.*) /$1 break;
|
|
|
|
rewrite ^{{ WEB_WEBMAIL }}/(.*) /$1 break;
|
|
|
|
proxy_pass http://webmail;
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
|
|
|
|
proxy_pass http://$webmail;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
@ -76,7 +84,8 @@ http {
|
|
|
|
location ~ {{ WEB_ADMIN }}/(ui|static) {
|
|
|
|
location ~ {{ WEB_ADMIN }}/(ui|static) {
|
|
|
|
rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
|
|
|
|
rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
|
|
|
|
proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
|
|
|
|
proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
|
|
|
|
proxy_pass http://admin;
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
|
|
|
|
proxy_pass http://$admin;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
location {{ WEB_ADMIN }}/antispam {
|
|
|
|
location {{ WEB_ADMIN }}/antispam {
|
|
|
|
@ -84,14 +93,14 @@ http {
|
|
|
|
auth_request /internal/auth/admin;
|
|
|
|
auth_request /internal/auth/admin;
|
|
|
|
proxy_set_header X-Real-IP "";
|
|
|
|
proxy_set_header X-Real-IP "";
|
|
|
|
proxy_set_header X-Forwarded-For "";
|
|
|
|
proxy_set_header X-Forwarded-For "";
|
|
|
|
proxy_pass http://antispam:11334;
|
|
|
|
proxy_pass http://$antispam;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
{% if WEBDAV != 'none' %}
|
|
|
|
{% if WEBDAV != 'none' %}
|
|
|
|
location /webdav {
|
|
|
|
location /webdav {
|
|
|
|
rewrite ^/webdav/(.*) /$1 break;
|
|
|
|
rewrite ^/webdav/(.*) /$1 break;
|
|
|
|
proxy_pass http://webdav:5232;
|
|
|
|
proxy_pass http://$webdav;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
@ -99,7 +108,7 @@ http {
|
|
|
|
location /internal {
|
|
|
|
location /internal {
|
|
|
|
internal;
|
|
|
|
internal;
|
|
|
|
|
|
|
|
|
|
|
|
proxy_pass http://admin;
|
|
|
|
proxy_pass http://$admin;
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -110,7 +119,7 @@ http {
|
|
|
|
listen 127.0.0.1:8000;
|
|
|
|
listen 127.0.0.1:8000;
|
|
|
|
|
|
|
|
|
|
|
|
location / {
|
|
|
|
location / {
|
|
|
|
proxy_pass http://admin/internal/;
|
|
|
|
proxy_pass http://$admin/internal/;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
kaiyou
8 years ago