Topic: Nginx serving custom website

- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? download
- Linux/BSD distribution name and version: Ubuntu 18.04.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
I'm moving from my old webserver/mail-setup to iRedMail. So I'm trying to host a custom website with the nginx conifgured by iRedMail. Nothing special, just some static html/css/javascript.
While the site works perfectly on a default nginx on Ubuntu, it doesn't on my iRedMail server. No pic, no css is loaded, just the pure html-file.
The directory-structure of the site is very simple, too:
The css and the pics are accessible and shown if addressed directly in the browser.

My block-conifguration:
server {
    # Listen on ipv4
    listen 80;
    listen [::]:80;

    server_name <site>;

    root /var/www/<site>;
    index index.html;

    location / {
        try_files $uri /index.html;

No error-messages in the error-log.
What nginx-option is missing so the website will be shown correctly?


Re: Nginx serving custom website

Btw. the sites loades if I disable change back to the default-configuration of nginx.
But I didn't figured out the difference to the "iredmail"-configuration yet.


Re: Nginx serving custom website

After 2 days of searching I found it:
I had to comment
'add_header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'";'
I'm new to nginx so I don't know if this is a good idea ...


Re: Nginx serving custom website

Maybe you can request a free ssl cert from Let's Encrypt for your web host and try again?


Buy me a cup of coffee ($5) to support iRedMail:

buy me a cup of coffee


Re: Nginx serving custom website

I'll try it as soon the dns-entry for the site is updated internet-wide.

Meanwhile I learned a bit about that header. I commended the mensioned entry in again and added:
add_header Content-Security-Policy "default-src 'self';";
to the server-section of the custom block conifg. Now it works.