paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Nginx] Allow SOGo SSO

master
andryyy 2021-06-23 14:12:14 +02:00
parent 1cedef173f
commit 3045bcf49d
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
data/conf/nginx/includes/site-defaults.conf
View File

@ -150,7 +150,6 @@
try_files /autoconfig.php =404; try_files /autoconfig.php =404;
} }
# auth_request endpoint if ALLOW_ADMIN_EMAIL_LOGIN is set
location /sogo-auth-verify { location /sogo-auth-verify {
internal; internal;
proxy_set_header X-Original-URI $request_uri; proxy_set_header X-Original-URI $request_uri;
@ -162,7 +161,7 @@
} }
location ^~ /Microsoft-Server-ActiveSync { location ^~ /Microsoft-Server-ActiveSync {
include /etc/nginx/conf.d/sogo_proxy_auth.active; include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo_eas.active; include /etc/nginx/conf.d/sogo_eas.active;
proxy_connect_timeout 75; proxy_connect_timeout 75;
proxy_send_timeout 3600; proxy_send_timeout 3600;
@ -177,7 +176,7 @@
location ^~ /SOGo { location ^~ /SOGo {
location ~* ^/SOGo/so/.*\.(xml|js|html|xhtml)$ { location ~* ^/SOGo/so/.*\.(xml|js|html|xhtml)$ {
include /etc/nginx/conf.d/sogo_proxy_auth.active; include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo.active; include /etc/nginx/conf.d/sogo.active;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -191,7 +190,7 @@
add_header Content-Type text/plain; add_header Content-Type text/plain;
break; break;
} }
include /etc/nginx/conf.d/sogo_proxy_auth.active; include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo.active; include /etc/nginx/conf.d/sogo.active;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

6
data/conf/nginx/templates/sogo.auth_request.template.sh → data/conf/nginx/includes/sogo_proxy_auth.conf
View File

@ -1,10 +1,8 @@
if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then auth_request /sogo-auth-verify;
echo 'auth_request /sogo-auth-verify;
auth_request_set $user $upstream_http_x_user; auth_request_set $user $upstream_http_x_user;
auth_request_set $auth $upstream_http_x_auth; auth_request_set $auth $upstream_http_x_auth;
auth_request_set $auth_type $upstream_http_x_auth_type; auth_request_set $auth_type $upstream_http_x_auth_type;
proxy_set_header x-webobjects-remote-user "$user"; proxy_set_header x-webobjects-remote-user "$user";
proxy_set_header Authorization "$auth"; proxy_set_header Authorization "$auth";
proxy_set_header x-webobjects-auth-type "$auth_type"; proxy_set_header x-webobjects-auth-type "$auth_type";
'
fi