Because someone will ask this question another day, let me post this here,
hoping the person who finds it will figure out the rest.
nano /etc/nginx/conf.d/mail.example.org.conf (or
/etc/nginx/sites-available/mail.example.org.conf and then symlinking to
sites-enabled)
<CUT>
server {
server_name mail.example.org;
root /usr/lib/GNUstep/SOGo/WebServerResources/;
error_log /var/log/nginx/sogo_error.log;
access_log /var/log/nginx/sogo_access.log;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/mail.example.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.example.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_trusted_certificate /etc/letsencrypt/live/mail.example.org/chain.pem
;
ssl_stapling on;
ssl_stapling_verify on;
location = / {
rewrite ^ https://$server_name/SOGo/;
allow all;
}
location = /principals/ {
rewrite ^ https://$server_name/SOGo/dav;
allow all;
}
location ^~/SOGo/ {
proxy_pass "http://127.0.0.1:20000";;
proxy_redirect "http://127.0.0.1:20000"; default;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header x-webobjects-server-protocol HTTP/1.1;
proxy_set_header x-webobjects-remote-host 127.0.0.1;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $scheme://$host;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
client_max_body_size 100m;
client_body_buffer_size 128k;
break;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
location
^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$
{
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
}
server {
server_name mail.example.org;
listen 80;
error_log /var/log/nginx/sogo_error.log;
access_log /var/log/nginx/sogo_access.log;
if ($host = mail.example.org) {
return 301 https://$host$request_uri;
}
}
</CUT>
>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]
