1 Topic by maxyca (edited by maxyca 2022-07-05 19:19:28)

  • maxyca
  • Member
  • Offline
  • Registered: 2020-05-17
  • Posts: 17

Topic: Can't login to SOGo (5.7, iRedMail 1.6.0)

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.0
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: Ubuntu 20.04.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
When I try to login to SOGo - Unhandled error response
In Chrome console - POST https://example.com/SOGo/connect 502 angular.js

In nginx error.log


2022/07/05 13:42:45 [error] 286938#286938: *101 upstream sent too big header while reading response header from upstream, client: 10.77.50.11, server: _, request: "POST /SOGo/connect HTTP/1.0", upstream: "http://127.0.0.1:20000/SOGo/connect", host: "example.com", referrer: "https://example.com/SOGo/"


I asked this question on the SOGo bug tracker, but there is no answered.
I really hope for your support!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,082

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

Did you upgrade iRedMail from an old release? If yes, please check this change:
https://docs.iredmail.org/upgrade.iredm … go-webmail

3 Reply by maxyca

  • maxyca
  • Member
  • Offline
  • Registered: 2020-05-17
  • Posts: 17

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

Yes, I have checked it.
I use nginx for reverse proxy on another web-server.
There is a config file:


```
server {
    listen 443 ssl;

    ssl_certificate /etc/letsencrypt/live/mail.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mail.example.com/privkey.pem;

    server_name mail.example.com;
     location / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           
            proxy_buffer_size          1024k;
            proxy_buffers              4 512k;
            proxy_busy_buffers_size    1024k;
            proxy_pass https://10.77.50.85/;
        }
}


server {
   
    if ($host = mail.example.com) {
        return 301 https://mail.example.com$request_uri;
    }
    listen 80;
    server_name mail.example.com;
   
    return 404;

}
```


sogo.conf on mail server with iRedMail:

```
# Settings for SOGo Groupware

# SOGo
location ~ ^/sogo { rewrite ^ https://$host/SOGo; }
location ~ ^/SOGO { rewrite ^ https://$host/SOGo; }

# Redirect /mail to /SOGo
#location ~ ^/mail { rewrite ^ https://$host/SOGo; }

# For Mac OS X and iOS devices.
rewrite ^/.well-known/caldav    /SOGo/dav permanent;
rewrite ^/.well-known/carddav   /SOGo/dav permanent;
rewrite ^/principals            /SOGo/dav permanent;

location ^~ /SOGo {
    include /etc/nginx/templates/hsts.tmpl;

    proxy_pass http://127.0.0.1:20000;
       

    proxy_buffer_size          256k;
    proxy_buffers              4 512k;
    proxy_busy_buffers_size    512k;

   
   
    # forward user's IP address
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;

    # always use https
    proxy_set_header x-webobjects-server-port $server_port;
    proxy_set_header x-webobjects-server-name $host;
    proxy_set_header x-webobjects-server-url  https://$host;
    proxy_set_header x-webobjects-server-protocol HTTP/1.0;
}

location ^~ /Microsoft-Server-ActiveSync {
    proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-S … ctiveSync;
   
    proxy_buffer_size          256k;
    proxy_buffers              4 512k;
    proxy_busy_buffers_size    512k;
   
    proxy_connect_timeout 3540;
    proxy_send_timeout 3540;
    proxy_read_timeout 3540;
}

location ^~ /SOGo/Microsoft-Server-ActiveSync {
    proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-S … ctiveSync;

    proxy_buffer_size          256k;
    proxy_buffers              4 512k;
    proxy_busy_buffers_size    512k;
   
    proxy_connect_timeout 3540;
    proxy_send_timeout 3540;
    proxy_read_timeout 3540;
}

location /SOGo.woa/WebServerResources/ {
    alias /usr/lib/GNUstep/SOGo/WebServerResources/;
    expires max;
}
location /SOGo/WebServerResources/ {
    alias /usr/lib/GNUstep/SOGo/WebServerResources/;
    expires max;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
    alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
    expires max;
}
```

If I go to the mail server IP from a private network like 10.77.50.85/SOGo

I will successfully login to SOGo. Everything is fine.
Now I can't login to SOGo if I login to the webserver by domain name mail.example.com
Server (nginx proxy) drops connection.

I try to test also (from nginx proxy web server):

curl -I http://10.77.50.85/SOGo


HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 05 Jul 2022 15:58:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://10.77.50.85/SOGo
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin

Where is my mistake? What am I doing wrong?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,082

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

maxyca wrote:

    proxy_buffer_size          256k;
    proxy_buffers              4 512k;
    proxy_busy_buffers_size    512k;

Try to increase the size on proxy server.

5 Reply by maxyca

  • maxyca
  • Member
  • Offline
  • Registered: 2020-05-17
  • Posts: 17

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

I have changed to:
            proxy_buffer_size          1024k;
            proxy_buffers              8 512k;
            proxy_busy_buffers_size    1024k;

Unfortunately without result.
The server terminates the connection.

All this happened after updating SOGo to version 5.7. What other recommendations are there for setting up a proxy. The problem is, but I don't know what to do.

6 Reply by maxyca

  • maxyca
  • Member
  • Offline
  • Registered: 2020-05-17
  • Posts: 17

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

After I enter login & password on the login page - I get an error -
ERR_CONNECTION_CLOSED

What should I do?
Thanks!

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,082

Re: Can't login to SOGo (5.7, iRedMail 1.6.0)

You must update the proxy_* parameters in Nginx running on both iRedMail and the reverse proxy.
Since the proxy server is not part of iRedMail, i'm afraid that you have to try it on your own.