1 Topic by digitalbit

  • digitalbit
  • Member
  • Offline
  • Registered: 2012-05-23
  • Posts: 69

Topic: Changing iredmail services alias to virtual hosts

==== ==== - iRedMail version: 0.8.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.3
- Related log if you're reporting an issue:
====

Hello everyone !

Iredmail delivers the encrypted services as alias:

www.domain.com/mail (email)
www.domain.com/iredmail (admin management)
www.domain.com/phpmyadmin/ (DB management)
wwww.domain.com/awstats/awstats.pl?config=web (statistics)

... all with SSL connections (443 port) configured in /etc/httpd/conf.d/ssl.conf as alias !
All of them are sub domains from www.domain.com !


I need to make this names available :

mail.domain.com
webmail.domain.com
iredmain.domain.com
phpmyadmin.domain.com
awstats.domains.com
 
I already registered all in my DNS!!

The question is when I edit roundcubemail.conf as this :

----------------------------------------------------------------------------------------------------
NameVirtualHost *:443

<VirtualHost *:443>
  ServerAdmin administrator@domain.pt
  DocumentRoot /var/www/roundcubemail
  ServerName mail.domain.pt
  ServerAlias webmail.domain.pt

  <Directory "/var/www/roundcubemail">
      Options -Indexes IncludesNOEXEC FollowSymLinks
      AllowOverride All
      Order allow,deny
      Allow from all
  </Directory>

  SSLEngine on
  SSLProtocol all -SSLv2
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
  SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
  SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key
  SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0


# Logging
  ErrorLog /var/log/httpd/roundcubemail-error-log
  CustomLog /var/log/httpd/roundcubemail-acces-log combined
</VirtualHost>
----------------------------------------------------------------------------------------------------

... all standard iredmail alias (mail/iredadmin/phpmyadmin/ etc ...) quit working! sad


How can I have both working ? for example:

www.domain.com/mail     and    mail.domain.com ?

... or if I enable apache virtual hosting for this services, all alias became deprecated ?

All help are welcome ! smile

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Changing iredmail services alias to virtual hosts

Any related error log in Apache log file?

3 Reply by digitalbit

  • digitalbit
  • Member
  • Offline
  • Registered: 2012-05-23
  • Posts: 69

Re: Changing iredmail services alias to virtual hosts

Not much !

But ... is it possible to have both working ? Alias and Vhost ?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Changing iredmail services alias to virtual hosts

Of course alias work with virtual host. I suggest you make virtual host work first.

5 Reply by digitalbit

  • digitalbit
  • Member
  • Offline
  • Registered: 2012-05-23
  • Posts: 69

Re: Changing iredmail services alias to virtual hosts

If you say so ... let's make it work smile

Setting my /etc/httpd/conf.d/roubcubemail.conf as this:

----------------------------------------------------------------------------------------------------------------
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin


<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/roundcubemail
   ServerName mail.domain.pt
   ServerAlias webmail.domain.pt

   <Directory "/var/www/roundcubemail">
      Options -Indexes IncludesNOEXEC FollowSymLinks
      AllowOverride All
      Order allow,deny
      Allow from all
   </Directory>

   ErrorLog logs/ssl_error_log
   TransferLog logs/ssl_access_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

#CustomLog logs/ssl_request_log \
#          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


# Logging
  ErrorLog /var/log/httpd/roundcubemail-error-log
  CustomLog /var/log/httpd/roundcubemail-acces-log combined

</VirtualHost>
-----------------------------------------------------------------------------------------------------------

.... then disable your ssl.conf (installation default)!

# service httpd restart

type URL [https://mail.domain.pt]

Works perfect !! smile

now !! adding and enabling your default ssl.conf with <VirtualHost _default_:443> Alias /mail "/var/www/roundcubemail/" .....

# service httpd restart

type URL [https://www.domain.pt/mail] .... and NOT working sad

Any ideas ?!

6 Reply by digitalbit

  • digitalbit
  • Member
  • Offline
  • Registered: 2012-05-23
  • Posts: 69

Re: Changing iredmail services alias to virtual hosts

Problem solved and closed !

Got the code for everyone smile

Add this 2 lines in /etc/httpd/conf/httpd.conf
--------------------------------------------
NameVirtualHost *:443
NameVirtualHost *:80
---------------------------------------------

in /etc/httpd/conf.d/set up this files

SSL.CONF
---------------------------------------------------------------------------------------------------------------------
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
---------------------------------------------------------------------------------------------------------------------



ROUNDCUBEMAIL.CONF
---------------------------------------------------------------------------------------------------------------------
######### HTTP://WWW.DOMAIN.PT/MAIL  80 #########

Alias /mail "/var/www/roundcubemail/"



######### HTTP://WWW.DOMAIN.PT/MAIL  443 #########

<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName www.domain.pt
   ServerAlias domain.pt

   Alias /mail "/var/www/roundcubemail/"

   <Directory "/var/www/roundcubemail">
     Options -Indexes FollowSymlinks MultiViews
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>

   ErrorLog logs/ssl_error_mail2_log
   TransferLog logs/ssl_access_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
   </Files>

   <Directory "/var/www/cgi-bin">
      SSLOptions +StdEnvVars
   </Directory>

   setEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

   CustomLog logs/ssl_request_mail2_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

######### HTTP://MAIL.DOMAIN.PT  80 #########

<VirtualHost *:80>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName mail.domain.pt
   ServerAlias webmail.domain.pt

   Alias / "/var/www/roundcubemail/"

   <Directory "/var/www/roundcubemail">
     Options -Indexes FollowSymlinks MultiViews
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>

</VirtualHost>


######### HTTP://MAIL.DOMAIN.PT  443 #########

<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName mail.domain.pt
   ServerAlias webmail.domain.pt

   Alias / "/var/www/roundcubemail/"

   <Directory "/var/www/roundcubemail">
     Options -Indexes FollowSymlinks MultiViews
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>

   ErrorLog logs/ssl_error_mail1_log
   TransferLog logs/ssl_access_mail1_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
   </Files>

   <Directory "/var/www/cgi-bin">
      SSLOptions +StdEnvVars
   </Directory>

   setEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

   CustomLog logs/ssl_request_mail1_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
---------------------------------------------------------------------------------------------------------------------


PHPMYADMIN.CONF
---------------------------------------------------------------------------------------------------------------------
####### http://domain.pt/phpmyadmin  80 #######
Alias /phpmyadmin "/var/www/phpmyadmin/"

<Directory /var/www/phpmyadmin/>
#pulls out to https
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

   Options -Indexes FollowSymlinks MultiViews
   AllowOverride All
   Options FollowSymLinks
    Order allow,deny
    Allow from all
</Directory>


####### dbadmin.domain.pt  443 #######

<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName dbadmin.domain.pt

   Alias / "/var/www/phpmyadmin/"

   <Directory "/var/www/phpmyadmin/">
     Options -Indexes FollowSymlinks MultiViews
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>


   ErrorLog logs/ssl_error_phpmyadmin_log
   TransferLog logs/ssl_access_phpmyadmin_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
   </Files>

   <Directory "/var/www/cgi-bin">
      SSLOptions +StdEnvVars
   </Directory>

setEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

   CustomLog logs/ssl_request_phpmyadmin_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
---------------------------------------------------------------------------------------------------------------------



IREDADMIN.CONF
---------------------------------------------------------------------------------------------------------------------
WSGISocketPrefix /var/run/wsgi
WSGIDaemonProcess iredadmin user=iredadmin threads=15
WSGIProcessGroup iredadmin

AddType text/html .py

Alias /iredadmin/static "/var/www/iredadmin/static/"
WSGIScriptAlias /iredadmin "/var/www/iredadmin/iredadmin.py/"

<Directory /var/www/iredadmin/>
#pulls out to https
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

   Options -Indexes FollowSymlinks MultiViews
   AllowOverride All
     Order allow,deny
     Allow from all
</Directory>


<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName admin.domain.pt

   Alias /static "/var/www/iredadmin/static/"
   WSGIScriptAlias / /var/www/iredadmin/iredadmin.py/

   <Directory /var/www/iredadmin/>
     Options -Indexes FollowSymlinks MultiViews
     AllowOverride All
     Order allow,deny
     Allow from all
   </Directory>

   ErrorLog logs/ssl_error_iredadmin_log
   TransferLog logs/ssl_access_iredadmin_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
   </Files>

   <Directory "/var/www/cgi-bin">
      SSLOptions +StdEnvVars
   </Directory>

   setEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

   CustomLog logs/ssl_request_iredadmin_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
---------------------------------------------------------------------------------------------------------------------


AWSTATS.CONF
---------------------------------------------------------------------------------------------------------------------

Alias /awstats/icon "/var/www/awstats/icon/"
ScriptAlias /awstats "/var/www/awstats/"


<Directory /var/www/awstats/>
    DirectoryIndex awstats.pl
    Options +ExecCGI
    Order allow,deny
    allow from all

    AuthName "Authorization Required"
    AuthType Basic

    AuthMYSQLEnable On
    AuthMySQLHost 127.0.0.1
    AuthMySQLPort 3306
    AuthMySQLUser vmail
    AuthMySQLPassword vPv5qi7hpwN1048vf9QUA8uEM5t10p
    AuthMySQLDB vmail
    AuthMySQLUserTable admin
    AuthMySQLNameField username
    AuthMySQLPasswordField password
    Require valid-user
</Directory>



<VirtualHost *:443>
   ServerAdmin administrator@domain.pt
   DocumentRoot /var/www/
   ServerName stats.domain.pt

   Alias /awstats/icon "/var/www/awstats/icon/"
   Alias /awstats/css "/var/www/awstats/css/"
   Alias /awstats/js "/var/www/awstats/js/"
   Alias /awstats/classes "/var/www/awstats/classes/"

   ScriptAlias / "/var/www/awstats/"

   <Directory "/var/www/awstats/">
     DirectoryIndex awstats.pl
     Options +ExecCGI
     Order allow,deny
     allow from all

     AuthName "Authorization Required"
     AuthType Basic

     AuthMYSQLEnable On
     AuthMySQLHost 127.0.0.1
     AuthMySQLPort 3306
     AuthMySQLUser vmail
     AuthMySQLPassword vPv5qi7hpwN1048vf9QUA8uEM5t10p
     AuthMySQLDB vmail
     AuthMySQLUserTable admin
     AuthMySQLNameField username
     AuthMySQLPasswordField password
     Require valid-user
   </Directory>


   ErrorLog logs/ssl_error_awstats_log
   TransferLog logs/ssl_access_awstats_log
   LogLevel warn
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
   SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
   SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key

   <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
   </Files>

   <Directory "/var/www/cgi-bin">
      SSLOptions +StdEnvVars
   </Directory>

setEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

   CustomLog logs/ssl_request_awstats_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
---------------------------------------------------------------------------------------------------------------------

With this you can have both working !!

for example:
www.domain.com/mail     and    mail.domain.com wink

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Changing iredmail services alias to virtual hosts

Thanks for your sharing.