Trang chủ Khám phá Trợ giúp
Đăng nhập
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: a41bb55c83
Branches Tags
mailcow-dockeri...
/
data
/
conf
/
nginx
/
nginx.conf.j2

nginx.conf.j2 4.4 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. user  nginx;
    2. 

  2. worker_processes  auto;
    3. 

  3. 

  4. error_log  /var/log/nginx/error.log notice;
    5. 

  5. pid        /var/run/nginx.pid;
    6. 

  6. 

  7. 

  8. events {
    9. 

  9.     worker_connections  1024;
    10. 

  10. }
    11. 

  11. 

  12. 

  13. http {
    14. 

  14.     include /etc/nginx/mime.types;
    15. 

  15.     default_type  application/octet-stream;
    16. 

  16. 

  17.     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    18. 

  18.                       '$status $body_bytes_sent "$http_referer" '
    19. 

  19.                       '"$http_user_agent" "$http_x_forwarded_for"';
    20. 

  20. 

  21.     access_log  /var/log/nginx/access.log  main;
    22. 

  22. 

  23.     sendfile        on;
    24. 

  24.     #tcp_nopush     on;
    25. 

  25. 

  26.     keepalive_timeout  65;
    27. 

  27. 

  28.     #gzip  on;
    29. 

  29. 

  30.     # map-size.conf:
    31. 

  31.     map_hash_max_size 256;
    32. 

  32.     map_hash_bucket_size 256;
    33. 

  33. 

  34.     # site.conf:
    35. 

  35.     proxy_cache_path /tmp levels=1:2 keys_zone=sogo:10m inactive=24h  max_size=1g;
    36. 

  36.     server_names_hash_max_size 512;
    37. 

  37.     server_names_hash_bucket_size 128;
    38. 

  38. 

  39.     map $http_x_forwarded_proto $client_req_scheme {
    40. 

  40.         default $scheme;
    41. 

  41.         https https;
    42. 

  42.     }
    43. 

  43. 

  44.     # Default
    45. 

  45.     server {
    46. 

  46.         listen 127.0.0.1:65510; # sogo-auth verify internal
    47. 

  47.         listen {{ HTTP_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%};
    48. 

  48.         listen [::]:{{ HTTP_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%};
    49. 

  49.         listen {{ HTTPS_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%} ssl;
    50. 

  50.         listen [::]:{{ HTTPS_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%} ssl;
    51. 

  51.         http2 on;
    52. 

  52. 

  53.         ssl_certificate /etc/ssl/mail/cert.pem;
    54. 

  54.         ssl_certificate_key /etc/ssl/mail/key.pem;
    55. 

  55. 

  56.         server_name {{ MAILCOW_HOSTNAME }} autodiscover.* autoconfig.* {{ ADDITIONAL_SERVER_NAMES }};
    57. 

  57. 

  58.         include /etc/nginx/includes/sites-default.conf;
    59. 

  59.     }
    60. 

  60. 

  61.     # rspamd dynmaps:
    62. 

  62.     server {
    63. 

  63.         listen 8081;
    64. 

  64.         listen [::]:8081;
    65. 

  65.         index index.php index.html;
    66. 

  66.         server_name _;
    67. 

  67.         error_log  /var/log/nginx/error.log;
    68. 

  68.         access_log /var/log/nginx/access.log;
    69. 

  69.         root /dynmaps;
    70. 

  70. 

  71.         location ~ \.php$ {
    72. 

  72.             try_files $uri =404;
    73. 

  73.             fastcgi_split_path_info ^(.+\.php)(/.+)$;
    74. 

  74.             fastcgi_pass {{ PHPFPMHOST }}:9001;
    75. 

  75.             fastcgi_index index.php;
    76. 

  76.             include fastcgi_params;
    77. 

  77.             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    78. 

  78.             fastcgi_param PATH_INFO $fastcgi_path_info;
    79. 

  79.         }
    80. 

  80.     }
    81. 

  81. 

  82.     # rspamd meta_exporter:
    83. 

  83.     server {
    84. 

  84.         listen 9081;
    85. 

  85.         index index.php index.html;
    86. 

  86.         server_name _;
    87. 

  87.         error_log  /var/log/nginx/error.log;
    88. 

  88.         access_log /var/log/nginx/access.log;
    89. 

  89.         root /meta_exporter;
    90. 

  90.         client_max_body_size 10M;
    91. 

  91.         location ~ \.php$ {
    92. 

  92.             client_max_body_size 10M;
    93. 

  93.             try_files $uri =404;
    94. 

  94.             fastcgi_split_path_info ^(.+\.php)(/.+)$;
    95. 

  95.             fastcgi_pass {{ PHPFPMHOST }}:9001;
    96. 

  96.             fastcgi_index pipe.php;
    97. 

  97.             include fastcgi_params;
    98. 

  98.             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    99. 

  99.             fastcgi_param PATH_INFO $fastcgi_path_info;
    100. 

  100.         }
    101. 

  101.     }
    102. 

  102. 

  103.     server {
    104. 

  104.         listen 9082 ssl http2;
    105. 

  105. 

  106.         ssl_certificate /etc/ssl/mail/cert.pem;
    107. 

  107.         ssl_certificate_key /etc/ssl/mail/key.pem;
    108. 

  108. 

  109.         index mailcowauth.php;
    110. 

  110.         server_name _;
    111. 

  111.         error_log  /var/log/nginx/error.log;
    112. 

  112.         access_log /var/log/nginx/access.log;
    113. 

  113.         root /mailcowauth;
    114. 

  114.         client_max_body_size 10M;
    115. 

  115.         location ~ \.php$ {
    116. 

  116.             client_max_body_size 10M;
    117. 

  117.             try_files $uri =404;
    118. 

  118.             fastcgi_split_path_info ^(.+\.php)(/.+)$;
    119. 

  119.             fastcgi_pass phpfpm:9001;
    120. 

  120.             include fastcgi_params;
    121. 

  121.             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    122. 

  122.             fastcgi_param PATH_INFO $fastcgi_path_info;
    123. 

  123.         }
    124. 

  124.     }
    125. 

  125. 

  126.     {% for cert in valid_cert_dirs %}
    127. 

  127.     server {
    128. 

  128.         listen {{ HTTP_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%};
    129. 

  129.         listen [::]:{{ HTTP_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%};
    130. 

  130.         listen {{ HTTPS_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%} ssl;
    131. 

  131.         listen [::]:{{ HTTPS_PORT }}{% if NGINX_USE_PROXY_PROTOCOL %} proxy_protocol{%endif%} ssl;
    132. 

  132.         http2 on;
    133. 

  133. 

  134.         ssl_certificate {{ cert.cert_path }}cert.pem;
    135. 

  135.         ssl_certificate_key {{ cert.cert_path }}key.pem;
    136. 

  136. 

  137.         server_name {{ cert.domains }};
    138. 

  138. 

  139.         include /etc/nginx/includes/sites-default.conf;
    140. 

  140.     }
    141. 

  141.     {% endfor %}
    142. 

  142. }
    143.