Update u_e-nginx.md

Dieser Commit ist enthalten in:
André Peters 2021-07-19 09:39:43 +02:00 committet von GitHub
Ursprung 901d00554c
Commit 88a240885a
Es konnte kein GPG-SchlĂĽssel zu dieser Signatur gefunden werden
GPG-SchlĂĽssel-ID: 4AEE18F83AFDEB23

Datei anzeigen

@ -1,11 +1,19 @@
## SSL
Please see [Advanced SSL](https://mailcow.github.io/mailcow-dockerized-docs/firststeps-ssl/) and explicitly check `ADDITIONAL_SERVER_NAMES` for SSL configuration.
Please do not add ADDITIONAL_SERVER_NAMES when you plan to use a different web root.
## New site
To create persistent (over updates) sites hosted by mailcow: dockerized, a new site configuration must be placed inside `data/conf/nginx/`: To create persistent (over updates) sites hosted by mailcow: dockerized, a new site configuration must be placed inside `data/conf/nginx/`:
A good template to begin with:
``` ```
nano data/conf/nginx/my_custom_site.conf nano data/conf/nginx/my_custom_site.conf
``` ```
A good template to begin with:
``` hl_lines="16" ``` hl_lines="16"
server { server {
ssl_certificate /etc/ssl/mail/cert.pem; ssl_certificate /etc/ssl/mail/cert.pem;
@ -19,15 +27,20 @@ server {
ssl_session_tickets off; ssl_session_tickets off;
index index.php index.html; index index.php index.html;
client_max_body_size 0; client_max_body_size 0;
# Location: data/web
root /web; root /web;
# Location: data/web/mysite.com
#root /web/mysite.com
include /etc/nginx/conf.d/listen_plain.active; include /etc/nginx/conf.d/listen_plain.active;
include /etc/nginx/conf.d/listen_ssl.active; include /etc/nginx/conf.d/listen_ssl.active;
server_name mysite.example.org; server_name mysite.example.org;
server_tokens off; server_tokens off;
# This allows acme to be validated even with a different web root
location ^~ /.well-known/acme-challenge/ { location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain"; default_type "text/plain";
rewrite /.well-known/acme-challenge/(.*) /$1 break;
root /web/.well-known/acme-challenge/;
} }
if ($scheme = http) { if ($scheme = http) {
@ -36,8 +49,14 @@ server {
} }
``` ```
## New site with proxy to a remote location
Another example with a reverse proxy configuration: Another example with a reverse proxy configuration:
```
nano data/conf/nginx/my_custom_site.conf
```
``` hl_lines="16 28" ``` hl_lines="16 28"
server { server {
ssl_certificate /etc/ssl/mail/cert.pem; ssl_certificate /etc/ssl/mail/cert.pem;
@ -77,8 +96,9 @@ server {
} }
``` ```
## Config expansion in mailcows Nginx
The filename is not important, as long as the filename carries a .conf extension. The filename used for a new site is not important, as long as the filename carries a .conf extension.
It is also possible to extend the configuration of the default file `site.conf` file: It is also possible to extend the configuration of the default file `site.conf` file:
@ -86,7 +106,7 @@ It is also possible to extend the configuration of the default file `site.conf`
nano data/conf/nginx/site.my_content.custom nano data/conf/nginx/site.my_content.custom
``` ```
This filename does not need to have a ".conf" extension, but follows the pattern `site.*.custom`, where `*` is a custom name. This filename does not need to have a ".conf" extension but follows the pattern `site.*.custom`, where `*` is a custom name.
If PHP is to be included in a custom site, please use the PHP-FPM listener on phpfpm:9002 or create a new listener in `data/conf/phpfpm/php-fpm.d/pools.conf`. If PHP is to be included in a custom site, please use the PHP-FPM listener on phpfpm:9002 or create a new listener in `data/conf/phpfpm/php-fpm.d/pools.conf`.
@ -96,3 +116,4 @@ Restart Nginx (and PHP-FPM, if a new listener was created):
docker-compose restart nginx-mailcow docker-compose restart nginx-mailcow
docker-compose restart php-fpm-mailcow docker-compose restart php-fpm-mailcow
``` ```