[Nginx] Allow SOGo SSO

data/conf/nginx/includes/site-defaults.conf

@@ -150,7 +150,6 @@
     try_files /autoconfig.php =404;
   }
 
-  # auth_request endpoint if ALLOW_ADMIN_EMAIL_LOGIN is set
   location /sogo-auth-verify {
     internal;
     proxy_set_header  X-Original-URI $request_uri;
@@ -162,7 +161,7 @@
   }
 
   location ^~ /Microsoft-Server-ActiveSync {
-    include /etc/nginx/conf.d/sogo_proxy_auth.active;
+    include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
     include /etc/nginx/conf.d/sogo_eas.active;
     proxy_connect_timeout 75;
     proxy_send_timeout 3600;
@@ -177,7 +176,7 @@
 
   location ^~ /SOGo {
     location ~* ^/SOGo/so/.*\.(xml|js|html|xhtml)$ {
-      include /etc/nginx/conf.d/sogo_proxy_auth.active;
+      include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
       include /etc/nginx/conf.d/sogo.active;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -191,7 +190,7 @@
       add_header Content-Type text/plain;
       break;
     }
-    include /etc/nginx/conf.d/sogo_proxy_auth.active;
+    include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
     include /etc/nginx/conf.d/sogo.active;
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

data/conf/nginx/templates/sogo.auth_request.template.sh → data/conf/nginx/includes/sogo_proxy_auth.conf

@@ -1,10 +1,8 @@
-if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
-    echo 'auth_request /sogo-auth-verify;
+auth_request /sogo-auth-verify;
 auth_request_set $user $upstream_http_x_user;
 auth_request_set $auth $upstream_http_x_auth;
 auth_request_set $auth_type $upstream_http_x_auth_type;
 proxy_set_header x-webobjects-remote-user "$user";
 proxy_set_header Authorization "$auth";
 proxy_set_header x-webobjects-auth-type "$auth_type";
-'
-fi
+