lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Do not expose the Web admin interface by default, fixes #40

Browse Source
master
Pierre Jaury 8 years ago
parent ec5a75f603
commit f07615c4a4
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File

3
.env
Unescape Escape View File

@ -42,6 +42,9 @@ FRONTEND=none
# Choose which webmail to run if any (values: roundcube, rainloop, none) # Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL=none WEBMAIL=none
# Expose the admin interface in publicly (values: yes, no)
EXPOSE_ADMIN=no
################################### ###################################
# Mail settings # Mail settings
################################### ###################################

10
nginx/nginx.conf
Unescape Escape View File

@ -10,6 +10,7 @@ events {
# Environment variables used in the configuration # Environment variables used in the configuration
env WEBMAIL; env WEBMAIL;
env EXPOSE_ADMIN;
http { http {
# Standard HTTP configuration with slight hardening # Standard HTTP configuration with slight hardening
@ -42,6 +43,7 @@ http {
# Load Lua variables # Load Lua variables
set_by_lua $webmail 'return os.getenv("WEBMAIL")'; set_by_lua $webmail 'return os.getenv("WEBMAIL")';
set_by_lua $expose_admin 'return os.getenv("EXPOSE_ADMIN")';
# Actual logic # Actual logic
@ -50,11 +52,19 @@ http {
proxy_pass http://webmail; proxy_pass http://webmail;
} }
if ($webmail = none) {
return 403; return 403;
} }
}
location /admin { location /admin {
if ($expose_admin = yes) {
proxy_pass http://admin; proxy_pass http://admin;
} }
if ($expose_admin != yes) {
return 403;
}
}
} }
} }

Write Preview
Loading…
Cancel
Save