Skip to content

Instantly share code, notes, and snippets.

@cjdelisle

cjdelisle/mail.cjdns.fr.conf

Created September 5, 2023 17:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cjdelisle/bd49fb9052df0d9fd24c9019e4f64f9f to your computer and use it in GitHub Desktop.
Save cjdelisle/bd49fb9052df0d9fd24c9019e4f64f9f to your computer and use it in GitHub Desktop.
Download ZIP
mailcow reverse proxy nginx example
Raw
mail.cjdns.fr.conf
server {
listen [::]:80;
listen 80;
server_name mail.cjdns.fr;
access_log /var/log/nginx/http.mail.cjdns.fr.access.log;
error_log /var/log/nginx/http.mail.cjdns.fr.error.log info;
# Enables or disables emitting nginx version on error pages and in the "Server" response header field.
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/le_root/;
try_files $uri @fallback;
}
location @fallback {
proxy_pass http://192.168.222.1:10080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://192.168.222.1:10080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/certs/mycert.fullchain; # path to your cacert.pem
ssl_certificate_key /etc/nginx/certs/mycert.key; # path to your privkey.pem
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
access_log /var/log/nginx/https.mail.cjdns.fr.access.log;
error_log /var/log/nginx/https.mail.cjdns.fr.error.log info;
server_name mail.cjdns.fr;
server_tokens off;
location /.well-known/acme-challenge/ {
alias /var/www/le_root/.well-known/acme-challenge/;
}
location / {
proxy_pass https://192.168.222.1:10443;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment