Topic: Nginx iRedMail and nextcloud
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version: Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): Mariadb
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I had a Ubuntu 14.04 server with iRedMail and Nexcloud both running with Apache. The server broke down so I decided to build a new one.
So i installed a VM with Ubuntu 18.04, Nginx, Mariadb, iRedMail 0.9.8 and Nexcloud 14.0.3.
My problem is that everything works out of the box with iRedMail - and thank you for ths great product/script.
But when i try to install and enable Nextcloud I run into problems.
I can choose to either have no Nextcloud or no iRedMail web apps.
My setup of Nextcloud is through a nextcloud .conf file in /etc/nginx/sites-enables symlinked from sites-available.
This setup seem to conflict with the way iRedMail is setup in nginx. When my nextcloud .conf file (through symlink) is present in sites-enables all the iRedMail web apps erros with a 404 not found. If i remove the nextcloud.conf all the iRedMail webapps works fine.
Nextcloud is symlinked as /var/www/html/nextcloud
How do I setup the nextcloud in the ioRedMail nginx configuration so they both works:
My nextcloud.conf file is like this:
<code>
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php-fpm.socket;
}
server {
listen 80;
server_name my_server_address;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name http://my_server_address;
ssl_certificate /etc/ssl/certs/rapidssl-combined.crt;
ssl_certificate_key /etc/ssl/private/rapidssl_private.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /var/www/html;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
# rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta
# last;
#rewrite ^/.well-known/host-meta.json
# /nextcloud/public.php?service=host-meta-json last;
location = /.well-known/carddav {
return 301 $scheme://$host/nextcloud/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/nextcloud/remote.php/dav;
}
location /.well-known/acme-challenge { }
location ^~ /nextcloud {
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location /nextcloud {
rewrite ^ /nextcloud/index.php$uri;
}
location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js|woff|svg|gif)$ {
try_files $uri /nextcloud/index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers (It is intended
# to have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read
# into this topic first.
# add_header Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /nextcloud/index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
}
</code>
The Nginx error.log when nextcloud is working and I try to access Roundcube mail:
2018/10/16 17:55:44 [error] 7961#7961: *94 "/var/www/html/mail/index.html" is not found (2: No such file or directory), client: 192.168.30.11, server: http://MY_SERVER ADDRESS, request: "GET /mail/ HTTP/1.1", host: MY_SERVER_ADDRESS
So how do I get both working - should I symlink Roundcube til /var/www/html/mail or is the way i setup Nextcloud not compatible with iRedMail?
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.