c06e4c81cf
Enable TLSv1.3 finally
...
With Alpine 3.9 https://pkgs.alpinelinux.org/package/v3.9/main/x86/openssl we got OpenSSL 1.1.1a.
With https://github.com/docker-library/official-images/pull/5377 it was merged into the Nginx upstream image and thus Nginx was built with it.
2019-02-01 01:04:13 +01:00
6ad8798d5c
[Nginx] Compress some files, don't compress proxy answers
2019-01-31 17:07:49 +01:00
14901eed64
[Nginx] Remove broken locations
2019-01-31 15:58:35 +01:00
60f9968134
[Nginx] Add compression, change expires
2019-01-31 15:45:57 +01:00
e84dec3b56
[SOGo] Revert self-built SOGo
2018-12-21 19:54:32 +01:00
534e83a218
[Nginx] New WebServerResources path
2018-12-19 09:37:07 +01:00
e6625501e7
[Nginx] Remove Strict-Transport-Security for subdomains (prevented autoconfig from working without TLS)
2018-11-12 09:53:18 +01:00
83a5eda762
Merge pull request #1434 from apoc4lyps/master
...
hardening http headers
2018-10-15 22:48:50 +02:00
c08149adef
[SOGo] EAS changes, larger timeout
2018-10-05 11:12:55 +02:00
2f18eb5ad0
[Nginx] Avoid php extensions, use rewrite
2018-10-04 14:34:00 +02:00
ea4a26eabf
[Nginx] Use SOGo web resources from local mount
2018-09-09 09:51:37 +02:00
cf56be1843
set Referrer-Policy to strict-origin
2018-08-06 09:24:34 +02:00
66d1bc12c0
[Nginx] Set client_max_body_size = 0
2018-08-05 22:37:07 +02:00
e79429beef
[PHP-FPM, Nginx] Move some PHP parameters from Nginx to FPM configuration file
2018-06-10 14:31:24 +02:00
918343865e
hardening http headers
2018-05-28 12:28:23 +02:00
ef6644df34
[PHP-FPM] Delete old pool files
...
[Nginx] Remove dev code
2018-04-26 13:57:23 +02:00
7181ee4658
[Rspamd] Apply ratelimit against authenticated user instead of envelope from
...
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
2018-04-26 13:56:07 +02:00
8a7664f7d5
[Nginx] Add larger map bucket size, fixes 1112
2018-03-01 07:28:06 +01:00
63002cbb74
[Nginx] Reduce config duplication
...
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.
[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
2018-02-15 21:23:07 +01:00
e186e350ef
[Nginx] Fixes #1033
2018-02-14 09:09:17 +01:00
993c998716
Merge pull request #995 from Alireza2n/master
...
SOGO & Rspamd interface: adding "expire" header to static files, allowing browser to be able to cache them
2018-02-14 07:50:22 +01:00
943598f705
[Nginx] Fix EAS...
2018-02-13 09:12:54 +01:00
63f7e5930d
[Nginx] Fix EAS
2018-02-13 09:07:44 +01:00
74c804b9a3
[SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006
2018-02-12 21:32:49 +01:00
e5031accbb
[Nginx] Remove auto-redirect to not break rp
2018-02-09 09:59:35 +01:00
3a1e7b4ee1
[Nginx] Pass args when redirecting to https
2018-02-09 09:11:59 +01:00
781a5eb69a
Added expires directive and map to nginx, allowing browser to cache SOGO JS,CSS,WOFF files.
2018-02-02 18:38:18 +03:30
1b898b1c7b
Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files.
2018-02-02 17:46:49 +03:30
64fbc73582
Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files.
2018-02-02 17:42:19 +03:30
70ac65d794
[Nginx] Fix IPv6 subnet, only rewrite to HTTPS when request is not internal
2018-02-01 13:36:01 +01:00
67ddc710a7
[Nginx] Set real IP from internal networks
2018-01-24 08:36:19 +01:00
83fb8c0fd8
[Nginx] Use names instead of IPs
2018-01-21 14:59:45 +01:00
ae56c3b59e
Fix quarantaine
2017-12-11 10:44:46 +01:00
a3e966696f
[Nginx] Revert to site splitting
2017-10-12 08:37:48 +02:00
c5054ae7ed
[Watchdog] Ignore null name in jq
...
[Nginx] Merge sites
[Scripts] Nextcloud helper script (testing!)
2017-10-11 22:56:22 +02:00
874aac3c5e
[Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx)
2017-10-08 22:57:34 +02:00
c731a18f66
Preliminary support for Outlook 2016’s autodiscover.json
2017-09-26 22:11:01 +02:00
f0df390d12
[Nginx] Stricter TLS settings
2017-09-14 13:34:07 +02:00
92e6c9daae
[Nginx] Fix SSL temp.
2017-09-11 17:37:25 +02:00
b2b9731020
a little bit of security
...
Hide the version of NGINX, block XSS and more...
inspired by : https://gist.github.com/plentz/6737338
2017-09-09 23:10:36 +07:00
e5faee9037
[Nginx] Disable client_max_body_size
2017-08-09 10:17:32 +02:00
aabcf65c69
[Nginx] Set server_names_hash_bucket_size 64
2017-07-30 21:39:35 +02:00
ba3fc47d5f
Fix autodiscover, thanks to K2rool!
2017-06-15 23:03:10 +02:00
83cb686e33
Fix fix for Apple dav....
2017-06-14 23:17:31 +02:00
495bf05fb8
Fix for Apple autoconfiguration (dav)
2017-06-14 23:14:41 +02:00
e99fa9433e
Fix dav url detection for apple
2017-06-14 23:10:50 +02:00
e15795e112
Enable http2
2017-06-06 21:59:27 +02:00
e159eb7522
Fix listener
2017-05-29 21:48:41 +02:00
813207c694
Listen on internal IPv6
2017-05-25 10:59:57 +02:00
466b8137e5
Add log_helper to Rspamd, add IPv6 for http maps in Nginx, make Bind listen on v6 and add acl for internal network
2017-05-23 22:23:34 +02:00
Tobias "Knight" S
andryyy
André
apoc4lyps
Kristian Klausen
Alireza
Michael Kuron
JOduMonT