Config Horde + Nginx

Configurer Nginx avec Horde Groupware

/usr/local/etc/nginx/conf.d/groupware.conf

server {
		listen       80;
		listen       443 ssl;
		server_name webmail.domain.tld;
		
		# global HTTP handler
			if ($scheme = http) {
				return 301 https://webmail.domain.tld$request_uri;
			}
		server_name_in_redirect off;		
		fastcgi_send_timeout 120;
		fastcgi_read_timeout 120;
		fastcgi_ignore_client_abort on;
		
		## SSL settings
		ssl_certificate /usr/local/etc/nginx/certifcats/1_webmail.domain.tld_bundle.crt;
		ssl_certificate_key /usr/local/etc/nginx/certifcats/webmail.domain.tld.key;
		ssl_session_timeout  5m;		
		ssl_ciphers  HIGH:!aNULL:!MD5;
		ssl_prefer_server_ciphers  on;		
		# optional: see https://www.owasp.org/index.php/List_of_useful_HTTP_headers
		add_header                          strict-transport-security "max-age=31536000";
		add_header                          x-frame-options           "sameorigin";
		add_header                          x-xss-protection          "1; mode=block";
		add_header                          x-content-type-options    "nosniff";
		
		access_log /var/log/nginx/mail.access_log;
		error_log /var/log/nginx/mail.error_log info;
		
		root /usr/local/www/horde/;
		index index.php;
		
		location / {
			try_files   $uri $uri/ /rampage.php?$args;
		}		
		location ~ [^/]\.php(/|$) {
			fastcgi_split_path_info ^(.+?\.php)(/.*)$;
				if (!-f $document_root$fastcgi_script_name) {
				return 404;			
			}
			fastcgi_pass unix:/var/run/php-fpm.sock;
			include fastcgi_params;
			fastcgi_index index.php;
		}			
		
        # ***  Ruud Baart *** support for activesync
        # works for me with Outlook 2013 and Android 5.0.1
		
        location /Microsoft-Server-ActiveSync {
            alias /usr/local/www/horde/rpc.php;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php-fpm.sock;
            include fastcgi_params;
			fastcgi_read_timeout 300s;
			# set client body size to 24M #
			client_max_body_size 24m;
        }
        location /autodiscover/autodiscover.xml {
            alias /usr/local/www/horde/rpc.php;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php-fpm.sock;
            include fastcgi_params;
        }
        location /Autodiscover/Autodiscover.xml {
            alias /usr/local/www/horde/rpc.php;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php-fpm.sock;
            include fastcgi_params;
         } 
        location ^~ /static/ {
            expires                     4w;
            add_header                  Cache-Control public;
        } 
        location ^~ /themes/ {
            expires                     4w;
            add_header                  Cache-Control public;
        } 
        location ^~ /services/ajax.php {
            fastcgi_split_path_info     ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php-fpm.sock;
            include fastcgi_params;
	    # set client body size to 24M #
	    client_max_body_size 24m;
        }     
		
	# Ne pas mentionner dans le logs les fichiers robots.txt, humans.txt, favicon.ico
		location = /robots.txt  { access_log off; log_not_found off; }
		location = /humans.txt  { access_log off; log_not_found off; }
		location = /favicon.ico { access_log off; log_not_found off; }
 
	# Interdit l'accès aux fichiers cachés
		location ~ /\. { access_log off; log_not_found off; deny all; }
}

• Précédent