paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,269 Commits
1 Branch
0 Tags
32 MiB
Commit Graph

67 Commits (1404fc50f42c3379db06f446a51cd164bd2eb22d)

Author SHA1 Message Date
André Peters 83a5eda762
Merge pull request #1434 from apoc4lyps/master 
hardening http headers
 2018-10-15 22:48:50 +02:00
André c08149adef [SOGo] EAS changes, larger timeout 2018-10-05 11:12:55 +02:00
André 2f18eb5ad0 [Nginx] Avoid php extensions, use rewrite 2018-10-04 14:34:00 +02:00
André ea4a26eabf [Nginx] Use SOGo web resources from local mount 2018-09-09 09:51:37 +02:00
apoc4lyps cf56be1843
set Referrer-Policy to strict-origin 2018-08-06 09:24:34 +02:00
André 66d1bc12c0 [Nginx] Set client_max_body_size = 0 2018-08-05 22:37:07 +02:00
André e79429beef [PHP-FPM, Nginx] Move some PHP parameters from Nginx to FPM configuration file 2018-06-10 14:31:24 +02:00
apoc4lyps 918343865e
hardening http headers 2018-05-28 12:28:23 +02:00
André ef6644df34 [PHP-FPM] Delete old pool files 
[Nginx] Remove dev code
 2018-04-26 13:57:23 +02:00
André 7181ee4658 [Rspamd] Apply ratelimit against authenticated user instead of envelope from 
[PHP-FPM] Create PHP-FPM listeners 9001 (system) and 9002 (web), drop 9000
[Rspamd] Parse quarantine messages as utf8
[Rspamd] Use new schema for Rspamd bayes hashes and expire them in Redis
[SOGo] Change default logo
[SOGo] Use different keyserver by default in Dockerfile
[Rspamd] Add bad ASN list (disabled by default)
[Watchdog] Change the way we check PHP-FPM, change SOGo check
[Nginx] Change ports according to new PHP-FPM listeners
[Update] Fix PHP-FPM ports for existing non-mailcow Nginx sites
 2018-04-26 13:56:07 +02:00
Kristian Klausen 63002cbb74 [Nginx] Reduce config duplication 
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.

[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
 2018-02-15 21:23:07 +01:00
André Peters e186e350ef [Nginx] Fixes #1033 2018-02-14 09:09:17 +01:00
André Peters 993c998716
Merge pull request #995 from Alireza2n/master 
SOGO & Rspamd interface: adding "expire" header to static files, allowing browser to be able to cache them
 2018-02-14 07:50:22 +01:00
André Peters 943598f705 [Nginx] Fix EAS... 2018-02-13 09:12:54 +01:00
André Peters 63f7e5930d [Nginx] Fix EAS 2018-02-13 09:07:44 +01:00
André Peters 74c804b9a3 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:32:49 +01:00
André Peters e5031accbb [Nginx] Remove auto-redirect to not break rp 2018-02-09 09:59:35 +01:00
André Peters 3a1e7b4ee1 [Nginx] Pass args when redirecting to https 2018-02-09 09:11:59 +01:00
Alireza 781a5eb69a Added expires directive and map to nginx, allowing browser to cache SOGO JS,CSS,WOFF files. 2018-02-02 18:38:18 +03:30
Alireza 1b898b1c7b Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:46:49 +03:30
Alireza 64fbc73582 Added expires directive and map to nginx, allowing browser to cache rspamd JS,CSS and image files. 2018-02-02 17:42:19 +03:30
andre.peters 70ac65d794 [Nginx] Fix IPv6 subnet, only rewrite to HTTPS when request is not internal 2018-02-01 13:36:01 +01:00
andre.peters 67ddc710a7 [Nginx] Set real IP from internal networks 2018-01-24 08:36:19 +01:00
andre.peters 83fb8c0fd8 [Nginx] Use names instead of IPs 2018-01-21 14:59:45 +01:00
André a3e966696f [Nginx] Revert to site splitting 2017-10-12 08:37:48 +02:00
andryyy c5054ae7ed [Watchdog] Ignore null name in jq 
[Nginx] Merge sites
[Scripts] Nextcloud helper script (testing!)
 2017-10-11 22:56:22 +02:00
andryyy 874aac3c5e [Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx) 2017-10-08 22:57:34 +02:00
Michael Kuron c731a18f66 Preliminary support for Outlook 2016’s autodiscover.json 2017-09-26 22:11:01 +02:00
andryyy f0df390d12 [Nginx] Stricter TLS settings 2017-09-14 13:34:07 +02:00
andryyy 92e6c9daae [Nginx] Fix SSL temp. 2017-09-11 17:37:25 +02:00
JOduMonT b2b9731020 a little bit of security 
Hide the version of NGINX, block XSS and more...

inspired by : https://gist.github.com/plentz/6737338
 2017-09-09 23:10:36 +07:00
andryyy e5faee9037 [Nginx] Disable client_max_body_size 2017-08-09 10:17:32 +02:00
andryyy aabcf65c69 [Nginx] Set server_names_hash_bucket_size 64 2017-07-30 21:39:35 +02:00
andryyy ba3fc47d5f Fix autodiscover, thanks to K2rool! 2017-06-15 23:03:10 +02:00
andryyy 83cb686e33 Fix fix for Apple dav.... 2017-06-14 23:17:31 +02:00
andryyy 495bf05fb8 Fix for Apple autoconfiguration (dav) 2017-06-14 23:14:41 +02:00
andryyy e99fa9433e Fix dav url detection for apple 2017-06-14 23:10:50 +02:00
andryyy edc41b48d1 Add map for scheme... 2017-05-03 22:26:10 +02:00
andryyy 2f0129539b Hopefully fix all Nginx reverse proxy issues, see documentation updates! 2017-05-03 18:05:13 +02:00
andryyy 8f213e8df9 Changes to api path 2017-04-29 16:36:41 +02:00
andryyy a03b36e0c3 Add object to Nginx api configuration 2017-04-26 23:37:55 +02:00
andryyy e4310cafb3 Revert RP changes 2017-04-25 10:49:38 +02:00
Michael Kuron d350c009b9 Fix login redirect behind reverse proxy 2017-04-20 19:53:56 +02:00
Michael Kuron 06e64c585c Fix CalDAV/CardDAV URLs displayed in SOGo web interface when used behind a reverse proxy 2017-04-18 20:24:43 +02:00
andryyy 8b7e3c718d API format changes 2017-03-28 11:51:31 +02:00
andryyy 50eb49ab71 Better autodiscover/autoconfig config in Nginx, add new ignores 2017-02-28 14:27:19 +01:00
andryyy 6d7c3423ba Change Nginx templates 2017-02-28 10:12:18 +01:00
andryyy 2fea636a01 Add Nginx HTTP listener 2017-02-28 10:02:02 +01:00
andryyy 26906caa07 Pass IP even if behind (second) reverse proxy, add new SOGo resource path 2017-02-23 16:05:42 +01:00
andryyy 8883960d5a Add mime types and full path to fcgi params 2017-02-08 19:11:25 +01:00