5df8a24c84
server_tokens off in default settings ( #4073 )
...
Co-authored-by: Maximilian Leith <accounts.maximilan@leith.de>
2021-04-26 13:20:23 +02:00
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI
2021-02-16 16:38:28 +01:00
666d344322
[Web] Remove XMPP site when disabling XMPP
2021-02-14 21:33:43 +01:00
9407b55661
[PHP-FPM] Fix fastcgi timeouts
2020-12-26 10:19:52 +01:00
8e15c56330
[SOGo] Increase timeout for SOGo to prevent failure on uploads
2020-11-25 16:11:02 +01:00
93ac0d3864
Update site-defaults.conf ( #3780 )
2020-09-27 12:38:40 +02:00
ba0b6963c7
Revert "Update site-defaults.conf ( #3778 )" ( #3779 )
...
This reverts commit b8ec9ad536
2020-09-26 22:53:53 +02:00
b8ec9ad536
Update site-defaults.conf ( #3778 )
2020-09-26 22:15:43 +02:00
c31d0cee86
[Nginx] Refresh cipher suites ( #3669 )
...
Also turn ssl_prefer_server_ciphers off.
"The cipher suites are all strong and so we allow the client to choose, as they will know best if they have support for hardware-accelerated AES" - https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
2020-09-24 07:30:09 +02:00
06c8f140b5
[Nginx] Mark script not executable
2020-07-14 13:24:37 +02:00
4cd51017a7
[Nginx] Mark script executable
2020-07-14 13:20:50 +02:00
d931083e0e
[SOGo] Disable EAS when SKIP_SOGO=y
2020-07-14 13:16:26 +02:00
ad8acefb96
[SOGo] Disable EAS when SKIP_SOGO=y
2020-07-14 13:13:32 +02:00
5fe9de0500
[API] Removed api_blueprint docs and use swagger ( #3595 )
...
* [NGINX] Removed api docs location
* [WEB] Removed api_blueprint api docs
* [WEB] Added openapi/swagger api viewer
* [WEB] Added openapi.yaml with api docs
* [WEB] Added request body for create app password endpoint
* [Web] Updated types in openapi.yaml
* [Web] Only define API docs auth header once
* [Web] Added 401 api response to docs
2020-06-07 20:46:17 +02:00
84d205d728
[Nginx] Drop X-Powered-By via fastcgi_hide_header
2020-05-06 20:14:34 +02:00
a4e5400f67
[Nginx] Add proxy_send_timeout and proxy_read_timeout of 300 to /SOGo
2020-02-19 21:40:45 +01:00
0e6dfdd0fe
[Nginx] Catch case-insensitive /sogo$ request and redirect to /SOGo
2019-12-02 10:55:17 +01:00
9257fa90d4
[Nginx] Fix 301 to SOGo
2019-11-28 19:14:23 +01:00
ce15dda990
[Nginx] Redirect /S|sogo* to /SOGo
2019-11-28 15:08:11 +01:00
cc1bf5d426
deliver CSS and JS as external request
2019-10-20 21:25:58 +02:00
f2b552c00d
Fix custom http redirects with TLS-SNI
...
Disable http listener for SNI ssl hosts in nginx. This allows the use of the following config again:
https://mailcow.github.io/mailcow-dockerized-docs/u_e-80_to_443/
However that documentation page should still be updated: https://github.com/mailcow/mailcow-dockerized-docs/pull/175/commits
2019-10-20 20:24:16 +02:00
05e7c95829
[SSL] fix wildcard compare for non-bash shell
2019-10-20 17:02:54 +02:00
dcd50b2245
[SSL] restore old nginx templates. fix possible issues with custom nginx sites
2019-10-20 16:41:53 +02:00
84c5f43438
[SSL] re-add nginx site.conf
2019-10-19 12:49:23 +02:00
2e35da6816
[SSL] create individual domain certificates, add SNI configs for Postfix/Dovecot/Nginx
2019-10-19 12:48:56 +02:00
a606f60b54
[Nginx] Modify site to catch failed logins to /rspamd
2019-10-12 13:16:49 +02:00
1580e4b2a5
[Nginx, SOGo] Adjustments for EAS
2019-10-06 10:12:46 +02:00
6ab1304579
[Nginx] Make api docs browsable using /api and /api/ uri
2019-10-03 11:27:44 +02:00
7c43e2e120
[Nginx] Fix nginx config for API docs
2019-10-03 11:19:17 +02:00
5cf74f6b85
[NGINX] Make API docs accessible using /api/
2019-10-02 22:13:47 +02:00
9b7668d912
[Nginx] Custom 502
2019-09-24 06:53:13 +02:00
fae34b8a89
I'm an idiot
2019-04-01 22:52:45 +02:00
bb12ce9edc
[Nginx] Fix site when ALLOW_ADMIN_EMAIL_LOGIN=y and reverse proxy is used, fixes #2489
2019-04-01 22:46:13 +02:00
a110378000
always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled
2019-02-27 23:06:19 +01:00
38911034c3
Don't break DAV
2019-02-26 22:13:37 +01:00
dd6d253ac0
add random masterpass for sogo admin login
...
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
57312ad605
[Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change
...
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
2019-02-25 00:00:32 +01:00
9a9079baa5
Update sogo.auth_request.template.sh
2019-02-23 22:29:14 +01:00
0c8f217f49
Update sogo.auth_request.template.sh
...
Don't want to split hairs! Just consistency. :)
2019-02-23 22:20:09 +01:00
cac67db203
add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins
2019-02-23 17:59:18 +01:00
5efdf71120
[Nginx] Add qhandler rewrite
...
[Web] Move theme header include, fixes #2267
2019-02-06 10:14:56 +01:00
c06e4c81cf
Enable TLSv1.3 finally
...
With Alpine 3.9 https://pkgs.alpinelinux.org/package/v3.9/main/x86/openssl we got OpenSSL 1.1.1a.
With https://github.com/docker-library/official-images/pull/5377 it was merged into the Nginx upstream image and thus Nginx was built with it.
2019-02-01 01:04:13 +01:00
6ad8798d5c
[Nginx] Compress some files, don't compress proxy answers
2019-01-31 17:07:49 +01:00
14901eed64
[Nginx] Remove broken locations
2019-01-31 15:58:35 +01:00
60f9968134
[Nginx] Add compression, change expires
2019-01-31 15:45:57 +01:00
e84dec3b56
[SOGo] Revert self-built SOGo
2018-12-21 19:54:32 +01:00
534e83a218
[Nginx] New WebServerResources path
2018-12-19 09:37:07 +01:00
e6625501e7
[Nginx] Remove Strict-Transport-Security for subdomains (prevented autoconfig from working without TLS)
2018-11-12 09:53:18 +01:00
83a5eda762
Merge pull request #1434 from apoc4lyps/master
...
hardening http headers
2018-10-15 22:48:50 +02:00
c08149adef
[SOGo] EAS changes, larger timeout
2018-10-05 11:12:55 +02:00
Maximilian
andryyy
mcmufffin
Jellyfrog
Timo N
tinect
Marcel Hofer
Marcel Hofer
Marcel Hofer
Tobias "Knight" S
André