From 7ca0d96bf684c7d9ff14568d2c9da138d9e96d56 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 7 Mar 2017 21:44:51 +0100
Subject: [PATCH] Fix Nginx proxy pass

---
 docs/first_steps.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/docs/first_steps.md b/docs/first_steps.md
index 03dd5065..7f2def80 100644
--- a/docs/first_steps.md
+++ b/docs/first_steps.md
@@ -13,17 +13,17 @@ mailcow uses 3 domain names that should be covered by your new certificate:
 This is just an example of how to obtain certificates with certbot. There are several methods!
 
 1\. Get the certbot client:
-```
+``` bash
 wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
 ```
 
 2\. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx:
-```
+``` bash
 docker-compose restart nginx-mailcow
 ```
 
 3\. Request the certificate with the webroot method:
-```
+``` bash
 cd /path/to/git/clone/mailcow-dockerized
 source mailcow.conf
 certbot certonly \
@@ -37,7 +37,7 @@ certbot certonly \
 ```
     
 4\. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
-```
+``` bash
 mv data/assets/ssl/cert.{pem,pem.backup}
 mv data/assets/ssl/key.{pem,pem.backup}
 ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem
@@ -77,7 +77,7 @@ You don't need to change the Nginx site that comes with mailcow: dockerized.
 mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI.
 
 1\. Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example:
-```
+``` bash
 HTTP_BIND=127.0.0.1
 HTTP_PORT=8080
 HTTPS_PORT=127.0.0.1
@@ -89,7 +89,7 @@ Recreate affected containers by running `docker-compose up -d`.
 2\. Configure your local webserver as reverse proxy:
 
 ### Apache 2.4
-```
+``` apache
 <VirtualHost *:443>
     ServerName mail.example.org
     ServerAlias autodiscover.example.org
@@ -123,8 +123,8 @@ server {
     [...]
     your-ssl-configuration-here
     location / {
-        proxy_pass http://127.0.0.1:8080;
-        proxy_set_header Host $host;
+        proxy_pass http://127.0.0.1:8080/;
+        proxy_redirect http://127.0.0.1:8080/ $scheme://$host:$server_port/;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;