summaryrefslogtreecommitdiffstats
path: root/roles/webmail/files/etc/nginx/sites-available/roundcube
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2013-12-15 23:46:29 +0100
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:51:26 +0200
commit7fe517c328906d0f962c3dc33d7bc773f2348bb4 (patch)
treed8e56323c10cd32952d5b473d4ee56d605375c7d /roles/webmail/files/etc/nginx/sites-available/roundcube
parent540779286a899dee846784a8ffd0fdab756ac1e3 (diff)
Configure the webmail.
Diffstat (limited to 'roles/webmail/files/etc/nginx/sites-available/roundcube')
-rw-r--r--roles/webmail/files/etc/nginx/sites-available/roundcube69
1 files changed, 69 insertions, 0 deletions
diff --git a/roles/webmail/files/etc/nginx/sites-available/roundcube b/roles/webmail/files/etc/nginx/sites-available/roundcube
new file mode 100644
index 0000000..72f5a40
--- /dev/null
+++ b/roles/webmail/files/etc/nginx/sites-available/roundcube
@@ -0,0 +1,69 @@
+server {
+
+ listen 80;
+ listen [::]:80 ipv6only=on;
+
+ server_name mail.fripost.org;
+
+ access_log /var/log/nginx/roundcube.access.log;
+ error_log /var/log/nginx/roundcube.error.log info;
+
+ return 301 https://$http_host$request_uri;
+}
+
+
+server {
+ listen 443;
+ listen [::]:443 ipv6only=on;
+
+ server_name mail.fripost.org;
+ root /var/lib/roundcube;
+
+ include ssl/config;
+ ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+ ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+
+ location = /favicon.ico {
+ root /usr/share/roundcube/skins/default/images;
+ log_not_found off;
+ access_log off;
+ expires max;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Deny all attempts to access hidden files, or files under hidden
+ # directories.
+ location ~ /\. { return 404; }
+
+ access_log /var/log/nginx/roundcube.access.log;
+ error_log /var/log/nginx/roundcube.error.log info;
+
+ index index.php;
+ location = /index.php {
+ include fastcgi/php;
+ include fastcgi/php-ssl;
+
+ # From /var/lib/roundcube/.htaccess
+ fastcgi_param PHP_VALUE "upload_max_filesize=25M
+ post_max_size=30M
+ memory_limit=64M
+ session.gc_maxlifetime=21600
+ session.gc_divisor=500
+ session.gc_probability=1";
+ fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root:/usr/share/roundcube:/etc/roundcube:/var/log/roundcube:/usr/share/php:/usr/share/misc/magic
+ upload_tmp_dir=$document_root/temp";
+ }
+
+ # Security rules
+ location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
+ return 404;
+ }
+ location ~ ^/(bin|SQL)/ {
+ return 404;
+ }
+}