nickslowinski/mailcow-dockerized-docs
1
0
Fork 0
Code Issues Pull-Requests Projekte Releases Pakete Wiki Aktivität

modernized nginx reverse proxy example

Quellcode durchsuchen
Dieser Commit ist enthalten in:
Alexandre 2020-04-23 02:24:57 -04:00
Ursprung cd3de1749f
Commit 7275ca8f77
2 geänderte Dateien mit 19 neuen und 14 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Diff-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

15
docs/firststeps-rp.md
Datei anzeigen

@ -93,7 +93,7 @@ Let's Encrypt will follow our rewrite, certificate requests will work fine.
**Take care of highlighted lines.** **Take care of highlighted lines.**
``` hl_lines="4 10 12 13 18 32" ``` hl_lines="4 10 12 13 23 37"
server { server {
listen 80 default_server; listen 80 default_server;
listen [::]:80 default_server; listen [::]:80 default_server;
@ -101,14 +101,19 @@ server {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
server { server {
listen 443 ssl; listen 443 ssl http2;
listen [::]:443 ssl; listen [::]:443 ssl http2;
server_name CHANGE_TO_MAILCOW_HOSTNAME autodiscover.* autoconfig.*; server_name CHANGE_TO_MAILCOW_HOSTNAME autodiscover.* autoconfig.*;
ssl_certificate MAILCOW_PATH/data/assets/ssl/cert.pem; ssl_certificate MAILCOW_PATH/data/assets/ssl/cert.pem;
ssl_certificate_key MAILCOW_PATH/data/assets/ssl/key.pem; ssl_certificate_key MAILCOW_PATH/data/assets/ssl/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_session_timeout 1d;
ssl_ciphers HIGH:!aNULL:!MD5; ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location /Microsoft-Server-ActiveSync { location /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync; proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;