# Sets up our iRedAdmin website for usage. server { # By default we listen on all ips including ipv6 on port 443. We only respond to the server name here. listen [::]:443; server_name iredadmin.debian.test; # Our logs files. access_log /var/log/nginx/iredmail-access.log; error_log /var/log/nginx/iredmail-error.log; # Startup SSL using iRedMails certs. ssl on; ssl_certificate /etc/ssl/certs/iRedMail_CA.pem; ssl_certificate_key /etc/ssl/private/iRedMail.key; ssl_session_timeout 5m; # Alias's our /static to the static location iredadmin location /static { alias /usr/share/apache2/iredadmin/static/;} # This passes through all other requests to the pyhton service. location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://127.0.0.1:7878/; } } server { # By default we listen on all ips including ipv6 on port 443. We only respond to the server name here. # If you have a default ssl website already comment out the next line and uncomment the one after.. listen [::]:443 default ssl; #listen 443 ssl; server_name mail.debian.test; # Our logs files. access_log /var/log/nginx/iredmail-access.log; error_log /var/log/nginx/iredmail-error.log; # Startup SSL using iRedMails certs. # If you made the ssl change above you will need to make this one to enable ssl. # ssl on; ssl_certificate /etc/ssl/certs/iRedMail_CA.pem; ssl_certificate_key /etc/ssl/private/iRedMail.key; ssl_session_timeout 5m; # We specify our root location to roundcubemail. root /usr/share/apache2/roundcubemail/; index index.html index.php; # Aliasing some locations of static files. location /iredadmin/static { alias /usr/share/apache2/iredadmin/static/;} location /static { alias /usr/share/apache2/iredadmin/static/;} location /awstats/icon { alias /usr/share/awstats/icon/;} location /awstatsicon { alias /usr/share/awstats/icon/;} # This allows webmail and roundcube as aliases to /mail/. The root is redirected to /mail. rewrite ^/roundcubemail /mail/ permanent; rewrite ^/webmail /mail/ permanent; rewrite ^/$ /mail/ permanent; # This doesn't work yet, but maybe someday will be able to run the admin service. # location /iredadmin # { # rewrite ^/intenral/(.*) /$1 break; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_pass http://127.0.0.1:7878/; # } # This is used to create a comparision to Apaches ability to alias that works with dynamic scripts. location ~ /mail(.*)\.php($|/) { include fastcgi_params; fastcgi_pass unix:/var/run/fpm-iredmail.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/apache2/roundcubemail$1.php; fastcgi_param SERVER_NAME $http_host; fastcgi_ignore_client_abort on; fastcgi_intercept_errors off; } location ~/mail(.*) { autoindex on; alias /usr/share/apache2/roundcubemail$1; } # Our phpMyAdmin service. Comment this section out if you don't want public access to it. location ~ /phpmyadmin(.*)\.php($|/) { include fastcgi_params; fastcgi_pass unix:/var/run/fpm-iredmail.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/phpmyadmin$1.php; fastcgi_param SERVER_NAME $http_host; fastcgi_param HTTPS on; fastcgi_param HTTP_SCHEME https; fastcgi_ignore_client_abort on; fastcgi_intercept_errors off; port_in_redirect off; } location ~/phpmyadmin(.*) { autoindex on; alias /usr/share/phpmyadmin$1; } } # This redirects all port 80 requests to 443 like magic. server { listen [::]:80; server_name iredadmin.debian.test mail.debian.test; rewrite ^(.*) https://$server_name$1 permanent; } server { listen [::]:80; server_name mail.debian.test; rewrite ^(.*) https://$server_name$1 permanent; }