From 50eb49ab713f19dffbfb10fcac8e40457f6587b1 Mon Sep 17 00:00:00 2001 From: andryyy Date: Tue, 28 Feb 2017 14:27:19 +0100 Subject: [PATCH] Better autodiscover/autoconfig config in Nginx, add new ignores --- .gitignore | 1 + data/conf/nginx/site.conf | 42 +++++++++++++++++++++++++++++++-------- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 40c3247f..cc72e8da 100644 --- a/.gitignore +++ b/.gitignore @@ -5,4 +5,5 @@ mailcow.conf mailcow.conf_backup data/conf/nginx/listen_ssl.active data/conf/nginx/listen_plain.active +data/conf/nginx/server_name.active data/web/inc/vars.local.inc.php diff --git a/data/conf/nginx/site.conf b/data/conf/nginx/site.conf index 67e73aed..d724b4f2 100644 --- a/data/conf/nginx/site.conf +++ b/data/conf/nginx/site.conf @@ -18,6 +18,11 @@ server { access_log /var/log/nginx/access.log; root /web; + location ^~ /.well-known/acme-challenge/ { + allow all; + default_type "text/plain"; + } + # If behind reverse proxy, forwards the correct IP set_real_ip_from 172.22.1.1; real_ip_header X-Forwarded-For; @@ -58,12 +63,20 @@ server { deny all; } - if ($host ~* autodiscover\.(.*)) { - rewrite ^(.*) /autodiscover.php last; + location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass phpfpm:9000; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files /autodiscover.php =404; } - if ($host ~* autoconfig\.(.*)) { - rewrite ^(.*) /autoconfig.php last; + location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass phpfpm:9000; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files /autoconfig.php =404; } location ^~ /Microsoft-Server-ActiveSync { @@ -153,6 +166,11 @@ server { access_log /var/log/nginx/access.log; root /web; + location ^~ /.well-known/acme-challenge/ { + allow all; + default_type "text/plain"; + } + # If behind reverse proxy, forwards the correct IP set_real_ip_from 172.22.1.1; real_ip_header X-Forwarded-For; @@ -193,12 +211,20 @@ server { deny all; } - if ($host ~* autodiscover\.(.*)) { - rewrite ^(.*) /autodiscover.php last; + location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass phpfpm:9000; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files /autodiscover.php =404; } - if ($host ~* autoconfig\.(.*)) { - rewrite ^(.*) /autoconfig.php last; + location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass phpfpm:9000; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files /autoconfig.php =404; } location ^~ /Microsoft-Server-ActiveSync {