Configure Nginx On Separate Server For Zimbra Webmail
My http/https configuration using centos and nginx from the EPEL repo is as follows:
/etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name rproxy.yourdomain.co.uk;
## use when niginx listens on a nonstandard port - the port in the rewrite
## rule needs to be the port nginx is actually listening on.
#rewrite ^(.*) https://rproxy.yourdomain.co.uk:80$1 permanent;
access_log /var/www/rproxy.yourdomain.co.uk/log/nginx.access.log;
error_log /var/www/rproxy.yourdomain.co.uk/log/nginx_error.log debug;
location / {
proxy_pass http://192.168.xx.x:81;
proxy_redirect default;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen 443;
server_name rproxy.yourdomain.co.uk;
## use when niginx listens on a nonstandard port - the port in the rewrite
## rule needs to be the port nginx is actually listening on.
#rewrite ^(.*) https://rproxy.yourdomain.co.uk:443$1 permanent;
ssl on;
ssl_certificate /etc/pki/tls/certs/ca.crt;
ssl_certificate_key /etc/pki/tls/private/ca.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
access_log /var/www/rproxy.yourdomain.co.uk/log/nginx.access.log;
error_log /var/www/rproxy.yourdomain.co.uk/log/nginx_error.log debug;
location / {
proxy_pass https://192.168.xx.x:444;
proxy_redirect default;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
include /etc/nginx/conf.d/*.conf;
}
/etc/nginx/conf.d/proxy.conf
## $proxy_port setting string is needed when
## nginx is listening on a nonstandard port
#proxy_set_header Host $host:$proxy_port;
#proxy_set_header X-Real-IP $remote_addr:$proxy_port;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for:$proxy_port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
client_header_buffer_size 64k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 16k;
proxy_buffers 32 16k;
proxy_busy_buffers_size 64k;
The link below gives the full details of my centos and nginx configuration:
http://www.zen212739.zen.co.uk/centos5-5/pub-centos-rproxy-nginx-install.txt
I only use one domain for webmail access, but adding another domain to this nginx config should not be too difficult.
Using nginx for an imap proxy is a little more difficult so set up. I am still looking into this myself.
Smtp traffic needs a store and forward mail server. A separate postfix setup would probably be a better option.
I set up a intel atom based centos xen server with a few vm's to essentially the same thing that you are attempting to do.
Related videos on Youtube
alphadogg
Alphadogg loves macrame, scrapbooking and tearing flesh off forest creatures while pack hunting.
Updated on September 18, 2022Comments
-
alphadogg almost 2 years
How do I properly configure a server with nginx to front for a Zimbra server with multiple domains?
I run a small SOHO network. I NAT/port forwarding on my Comcast router to get traffic to my handful of servers.
I setup a server with Zimbra, call it host1.internal.local. The server currently has two domains, call them domain1.com and domain2.com. Both offer webmail access at webmail.domain1.com and webmail.domain2.com.
I have a separate server with nginx. I want to configure nginx to reverse proxy, such that I can direct all HTTP/HTTPS, and send webmail traffic via matched host address/headers to the Zimbra server. If possible, I'd like to know how to map IMAP, POP and SMTP traffic too.
How would I do this?