1 Topic by derrickr (edited by derrickr 2018-07-31 21:58:00)

  • derrickr
  • Member
  • Offline
  • Registered: 2018-05-25
  • Posts: 12

Topic: Install and restrict access to myWebApp

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
======== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8 MARIADB edition.
- Linux/BSD distribution name and version: Ubuntu 18.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====


Hi,

I'm trying to install 'mywebapp' onto my iRedMail server, but am having a number of issues:

1.    I initially installed 'mywebapp' under /'var/www/html' but I couldn't get the server to actually serve it, until I found that iRedMail, etc is installed under '/opt/www/' - Tried that, still didn't work.

2.    I then looked at '/var/log/nginx/error.log' and saw this: [error] 17700#17700: *21 "/opt/www/roundcubemail/mywebapp/index.php" is not found (2: No such file or directory),

    Of course, moving 'mywebapp' under '/opt/www/roundcube/' worked, but that dosen't seem right - especially since I want to restrict access to it (e.g. just like Apache .htaccess).

3.    Resigning myself to having to use that location I then tried to add directory access restriction to '/opt/www/roundcube/mywebapp', but still can't get that to work.

Questions:
1.    Why is iRedMail (and RoundCube) installed under '/opt/www' instead of '/var/www'? Maybe to obfuscate?

2.    Why won't 'mywebapp' work under '/opt/www'? Why do I have to use '/opt/www/roundcube/'?

3.    How can I restrict access to 'mywebapp'? Been trying 'auth_basic_user_file', but no luck.


Ideally, I'd like to install 'mywebapp' in the root web server directory, but the above is confusing.

I've only just started using Nginx as a result of not having the option to use Apache after recently installing iRedMail (which I've read only provides Nginx now).

I'm fairly sure my above issues are down to my lack of Nginx experience, but I've read many articles / forum posts to the point where I now have to put up my hand and ask for help.

I'd really appreciate it if someone could please bullet the process to install 'mywebapp' (whatever web application one might choose).

Thanks,

Derrick

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Install and restrict access to myWebApp

Question: Do you use Roundcube as homepage of website (https://<your-server>/) instead of sub-directory (https://<your-server>/mail/)?

iRedMail puts Roundcube under /var/www/roundcubemail/ (and other web applications under /var/www/ too), and default website is /var/www/html/ (this is default path on Debian/Ubuntu). It seems you're running Roundcube as homepage of website, in this case, you need to put mywebapp to /var/www/, then add `location ` directive for mywebapp in Nginx, the point is, it must be loaded BEFORE Roundcube's `location` directive.

3 Reply by derrickr

  • derrickr
  • Member
  • Offline
  • Registered: 2018-05-25
  • Posts: 12

Re: Install and restrict access to myWebApp

Yes, Roundcube has been configured as the homepage of website (https://<domain-name>/)

I can see that Roundcube has a symbolic link from its installation in '/opt/www/roundcubemail-1.3.6' to '/opt/www/roundcube' which is accessed via the above stated, https://<domain-name>/

Similarly, iRedAdmin has s symbolic link from its installation in '/opt/www/iredadmin-0.9.1' to '/opt/www/iredadmin' and is accessed via https://<domain-name>/iredadmin

Adminer is installed in '/opt'www/adminer/' which is accessed via https://<domain-name>/adminer

Also, iRedAdmin and Adminer both sucessfully use auth_basic to restrict their access.

I also have a number of entries in '/var/www/vhosts' configured so some of my other domains can collect their webmail via:

    webmail.main-domain.com
    webmail.2nd-domain.com
    webmail.3rd-domain.com


Finally, I've noticed that iRedAdmin and Adminer do not have their own .conf file in '/etc/nginx/sites-available/', but do have a template file in '/etc/nginx/templates/'. I therefore tried to create a very simple template file (for mywebapp), but am still getting the 404 error for mywebapp.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Install and restrict access to myWebApp

derrickr wrote:

I therefore tried to create a very simple template file (for mywebapp), but am still getting the 404 error for mywebapp.

As mentioned in my previous reply: Since you use Roundcube as homepage, you need to make sure the template file for mywebapp is loaded BEFORE Roundcube in Nginx.

5 Reply by derrickr

  • derrickr
  • Member
  • Offline
  • Registered: 2018-05-25
  • Posts: 12

Re: Install and restrict access to myWebApp

Apologies, I do not know how to "make sure the template file for mywebapp is loaded BEFORE Roundcube in Nginx".

I admit, I'm no expert when it comes to mail servers and this has been a huge learning curve for me, but if you'd please be able to explain how to "make sure the template file for mywebapp is loaded BEFORE Roundcube in Nginx", I'd greatly appreciate it.

Encouragement coffee already bought :-)

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Install and restrict access to myWebApp

There's "include" directive in nginx config files like /etc/nginx/sites-enabled/00-default-ssl.conf, Nginx loads extra config files specified by 'include' in order. so you need config like this:

server {
    ... omit other lines here ...
    include /etc/nginx/templates/mywebapp.tmpl;
    ...
    include /etc/nginx/templates/roundcube-subdomain.tmpl;
    ...
}