Last active
June 18, 2024 13:37
-
-
Save enoch85/573dac9005f0c8f1b826cc22e520e0ae to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# nginx@nginx:~$ cat /etc/nginx/sites-available/outlook.conf | |
server { | |
listen 192.168.128.2:80; | |
server_name yourdomain.com; | |
return 301 https://yourdomain.com$request_uri; | |
} | |
server { | |
listen 192.168.128.2:443; | |
server_name yourdomain.com; | |
set $exchange2016 https://192.168.128.112:443; | |
# Redirect from "/" to "/owa" by default | |
rewrite ^/$ https://yourdomain.com/owa permanent; | |
# Enable SSL | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; | |
ssl_session_timeout 5m; | |
# Set global proxy settings | |
proxy_pass_request_headers on; | |
proxy_read_timeout 360; | |
proxy_pass_header Date; | |
proxy_pass_header Server; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# RPC Exchange 2010 (https://gist.github.com/taddev/7275873#gistcomment-3555437) | |
# proxy_set_header Authorization $http_authorization; | |
# proxy_pass_header Authorization; | |
location ~* ^/owa { proxy_pass $exchange2016; } | |
location ~* ^/Microsoft-Server-ActiveSync { proxy_pass $exchange2016; } | |
location ~* ^/ecp { proxy_pass $exchange2016; } | |
location ~* ^/Rpc { proxy_pass $exchange2016; } | |
#location ~* ^/mailarchiver { proxy_pass https://mailarchiver.local; } | |
error_log /var/log/nginx/owa-ssl-error.log; | |
access_log /var/log/nginx/owa-ssl-access.log; | |
} | |
server { | |
listen 192.168.128.2:443; | |
server_name autodiscover.yourdomain.com; | |
# Enable SSL | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/autodiscover.yourdomain.com/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/autodiscover.yourdomain.com/privkey.pem; | |
ssl_session_timeout 5m; | |
# Set global proxy settings | |
proxy_pass_request_headers on; | |
proxy_read_timeout 360; | |
proxy_pass_header Date; | |
proxy_pass_header Server; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# RPC Exchange 2010 (https://gist.github.com/taddev/7275873#gistcomment-3555437) | |
# proxy_set_header Authorization $http_authorization; | |
# proxy_pass_header Authorization; | |
location ~* ^/Autodiscover { proxy_pass $exchange2016; } | |
error_log /var/log/nginx/owa-ssl-error.log; | |
access_log /var/log/nginx/owa-ssl-access.log; | |
} |
@kokosik8998 192.168.128.2
is the proxy server.
@kokosik8998
192.168.128.2
is the proxy server.
Thank you!
Any idea about certificate based authentication?
Add ssl_verify_client on and ssl_client_certificate, but got blank/empty page...
Hi, mi nginx server have nextcloud, openoffice and in another server have exchange. I put this and other scripts to get connectivity with SSL, but the problem it´s the same. Can't communicate with 443 and/or getting SSL cert. What it's worng ? I have the needed ports open (like 80, 443, 584, 110, 143, etc).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@enoch85 Hi Daniel, thank you for this article!
I tried your config on my exchange and couldn't get it up ...
In your config 192.168.128.2 is exchange server and $exchange2016 on 192.168.128.112 also?