aboutsummaryrefslogtreecommitdiff
path: root/app/email/build
diff options
context:
space:
mode:
authorLUXEY Adrien <adrien.luxey@inria.fr>2021-01-19 14:33:44 +0100
committerLUXEY Adrien <adrien.luxey@inria.fr>2021-01-19 14:33:44 +0100
commit65421d947e84fc6697d2c925a5ca8c473b71c61c (patch)
tree8e35cf75340cde9949f9ff38de19c90beafd5391 /app/email/build
parenta5a56b6f70bd5b445c3d10d0c5a99011a8bcdd1d (diff)
parenteb925049ac4aab369763fbecb0caaec3579977a3 (diff)
downloadinfrastructure-65421d947e84fc6697d2c925a5ca8c473b71c61c.tar.gz
infrastructure-65421d947e84fc6697d2c925a5ca8c473b71c61c.zip
merge from upstream
Diffstat (limited to 'app/email/build')
-rw-r--r--app/email/build/alps/Dockerfile21
-rw-r--r--app/email/build/alps/skipverify.patch55
-rw-r--r--app/email/build/dovecot/.gitignore1
-rw-r--r--app/email/build/dovecot/Dockerfile17
-rw-r--r--app/email/build/dovecot/README.md18
-rw-r--r--app/email/build/dovecot/conf/all_before.sieve5
-rw-r--r--app/email/build/dovecot/conf/dovecot-ldap.sample.conf8
-rw-r--r--app/email/build/dovecot/conf/dovecot.conf79
-rw-r--r--app/email/build/dovecot/conf/report-ham.sieve17
-rw-r--r--app/email/build/dovecot/conf/report-spam.sieve9
-rwxr-xr-xapp/email/build/dovecot/entrypoint.sh27
-rw-r--r--app/email/build/opendkim/Dockerfile8
-rw-r--r--app/email/build/opendkim/README.md12
-rw-r--r--app/email/build/opendkim/opendkim.conf12
-rw-r--r--app/email/build/postfix/Dockerfile13
-rw-r--r--app/email/build/postfix/README.md18
-rwxr-xr-xapp/email/build/postfix/entrypoint.sh31
-rw-r--r--app/email/build/sogo/Dockerfile17
-rw-r--r--app/email/build/sogo/README.md20
-rwxr-xr-xapp/email/build/sogo/entrypoint13
-rw-r--r--app/email/build/sogo/sogo.nginx.conf83
21 files changed, 484 insertions, 0 deletions
diff --git a/app/email/build/alps/Dockerfile b/app/email/build/alps/Dockerfile
new file mode 100644
index 0000000..647d90d
--- /dev/null
+++ b/app/email/build/alps/Dockerfile
@@ -0,0 +1,21 @@
+FROM golang:1.15.6-buster as builder
+
+ARG VERSION
+
+ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64
+WORKDIR /tmp/alps
+
+RUN git init && \
+ git remote add origin https://git.sr.ht/~migadu/alps && \
+ git fetch --depth 1 origin ${VERSION} && \
+ git checkout FETCH_HEAD
+
+COPY skipverify.patch skipverify.patch
+
+RUN git apply skipverify.patch && \
+ go build -a -o /usr/local/bin/alps ./cmd/alps
+
+FROM scratch
+COPY --from=builder /usr/local/bin/alps /alps
+COPY --from=builder /tmp/alps/themes /themes
+ENTRYPOINT ["/alps"]
diff --git a/app/email/build/alps/skipverify.patch b/app/email/build/alps/skipverify.patch
new file mode 100644
index 0000000..14e14cb
--- /dev/null
+++ b/app/email/build/alps/skipverify.patch
@@ -0,0 +1,55 @@
+From 47765c10f1af2013556f76dc63dfa056167ae5e8 Mon Sep 17 00:00:00 2001
+From: Quentin <quentin@deuxfleurs.fr>
+Date: Fri, 4 Dec 2020 13:19:24 +0100
+Subject: [PATCH] Skip CA verification
+
+---
+ imap.go | 3 ++-
+ smtp.go | 3 ++-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/imap.go b/imap.go
+index 7554331..1a4931d 100644
+--- a/imap.go
++++ b/imap.go
+@@ -3,6 +3,7 @@ package alps
+ import (
+ "fmt"
+
++ "crypto/tls"
+ "github.com/emersion/go-imap"
+ imapclient "github.com/emersion/go-imap/client"
+ "github.com/emersion/go-message/charset"
+@@ -16,7 +17,7 @@ func (s *Server) dialIMAP() (*imapclient.Client, error) {
+ var c *imapclient.Client
+ var err error
+ if s.imap.tls {
+- c, err = imapclient.DialTLS(s.imap.host, nil)
++ c, err = imapclient.DialTLS(s.imap.host, &tls.Config{InsecureSkipVerify: true})
+ if err != nil {
+ return nil, fmt.Errorf("failed to connect to IMAPS server: %v", err)
+ }
+diff --git a/smtp.go b/smtp.go
+index 5e178f2..8d22f1d 100644
+--- a/smtp.go
++++ b/smtp.go
+@@ -3,6 +3,7 @@ package alps
+ import (
+ "fmt"
+
++ "crypto/tls"
+ "github.com/emersion/go-smtp"
+ )
+
+@@ -14,7 +15,7 @@ func (s *Server) dialSMTP() (*smtp.Client, error) {
+ var c *smtp.Client
+ var err error
+ if s.smtp.tls {
+- c, err = smtp.DialTLS(s.smtp.host, nil)
++ c, err = smtp.DialTLS(s.smtp.host, &tls.Config{InsecureSkipVerify: true})
+ if err != nil {
+ return nil, fmt.Errorf("failed to connect to SMTPS server: %v", err)
+ }
+--
+2.28.0
+
diff --git a/app/email/build/dovecot/.gitignore b/app/email/build/dovecot/.gitignore
new file mode 100644
index 0000000..71a04e2
--- /dev/null
+++ b/app/email/build/dovecot/.gitignore
@@ -0,0 +1 @@
+dovecot-ldap.conf
diff --git a/app/email/build/dovecot/Dockerfile b/app/email/build/dovecot/Dockerfile
new file mode 100644
index 0000000..9b87627
--- /dev/null
+++ b/app/email/build/dovecot/Dockerfile
@@ -0,0 +1,17 @@
+FROM amd64/debian:stretch
+
+RUN apt-get update && \
+ apt-get install -y \
+ dovecot-antispam \
+ dovecot-core \
+ dovecot-imapd \
+ dovecot-ldap \
+ dovecot-managesieved \
+ dovecot-sieve \
+ dovecot-lmtpd && \
+ rm -rf /etc/dovecot/*
+RUN useradd mailstore
+COPY ./conf/* /etc/dovecot/
+COPY entrypoint.sh /usr/local/bin/entrypoint
+
+ENTRYPOINT ["/usr/local/bin/entrypoint"]
diff --git a/app/email/build/dovecot/README.md b/app/email/build/dovecot/README.md
new file mode 100644
index 0000000..8c9f372
--- /dev/null
+++ b/app/email/build/dovecot/README.md
@@ -0,0 +1,18 @@
+```
+sudo docker build -t superboum/amd64_dovecot:v2 .
+```
+
+
+```
+sudo docker run -t -i \
+ -e TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=www.deuxfleurs.fr" \
+ -p 993:993 \
+ -p 143:143 \
+ -p 24:24 \
+ -p 1337:1337 \
+ -v /mnt/glusterfs/email/ssl:/etc/ssl/ \
+ -v /mnt/glusterfs/email/mail:/var/mail \
+ -v `pwd`/dovecot-ldap.conf:/etc/dovecot/dovecot-ldap.conf \
+ superboum/amd64_dovecot:v1 \
+ dovecot -F
+```
diff --git a/app/email/build/dovecot/conf/all_before.sieve b/app/email/build/dovecot/conf/all_before.sieve
new file mode 100644
index 0000000..7d2e57e
--- /dev/null
+++ b/app/email/build/dovecot/conf/all_before.sieve
@@ -0,0 +1,5 @@
+require ["fileinto", "mailbox"];
+if header :contains "X-Spam-Flag" "YES" {
+ fileinto :create "Junk";
+}
+
diff --git a/app/email/build/dovecot/conf/dovecot-ldap.sample.conf b/app/email/build/dovecot/conf/dovecot-ldap.sample.conf
new file mode 100644
index 0000000..472d5e8
--- /dev/null
+++ b/app/email/build/dovecot/conf/dovecot-ldap.sample.conf
@@ -0,0 +1,8 @@
+hosts = ldap.example.com
+dn = cn=admin,dc=example,dc=com
+dnpass = s3cr3t
+base = dc=example,dc=com
+scope = subtree
+user_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=example,dc=com)))
+pass_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=example,dc=com)))
+user_attrs = mail=/var/mail/%{ldap:mail}
diff --git a/app/email/build/dovecot/conf/dovecot.conf b/app/email/build/dovecot/conf/dovecot.conf
new file mode 100644
index 0000000..0d5068c
--- /dev/null
+++ b/app/email/build/dovecot/conf/dovecot.conf
@@ -0,0 +1,79 @@
+auth_mechanisms = plain login
+auth_username_format = %u
+log_timestamp = "%Y-%m-%d %H:%M:%S "
+mail_location = maildir:/var/mail/%u
+mail_privileged_group = mail
+
+log_path = /dev/stderr
+info_log_path = /dev/stdout
+debug_log_path = /dev/stdout
+
+protocols = imap sieve lmtp
+
+ssl_cert = < /etc/ssl/certs/dovecot.crt
+ssl_key = < /etc/ssl/private/dovecot.key
+
+service auth {
+ inet_listener {
+ port = 1337
+ }
+}
+
+passdb {
+ args = /etc/dovecot/dovecot-ldap.conf
+ driver = ldap
+}
+
+service lmtp {
+ inet_listener lmtp {
+ address = 0.0.0.0
+ port = 24
+ }
+}
+
+service imap-login {
+ inet_listener imap {
+ port = 143
+ }
+ inet_listener imaps {
+ port = 993
+ }
+}
+
+userdb {
+ args = uid=mailstore gid=mailstore home=/var/mail/%u
+ driver = static
+}
+
+protocol imap {
+ mail_plugins = $mail_plugins imap_sieve
+}
+
+protocol lda {
+ auth_socket_path = /var/run/dovecot/auth-master
+ info_log_path = /var/log/dovecot-deliver.log
+ log_path = /var/log/dovecot-deliver-errors.log
+ postmaster_address = postmaster@deuxfleurs.fr
+ mail_plugins = $mail_plugins sieve
+}
+
+plugin {
+ sieve = file:~/sieve;active=~/dovecot.sieve
+ sieve_before = /etc/dovecot/all_before.sieve
+
+ # antispam learn
+ sieve_plugins = sieve_imapsieve sieve_extprograms
+ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment +vnd.dovecot.debug
+ sieve_pipe_bin_dir = /usr/bin
+
+ imapsieve_mailbox1_name = Junk
+ imapsieve_mailbox1_causes = COPY FLAG APPEND
+ imapsieve_mailbox1_before = file:/etc/dovecot/report-spam.sieve
+
+ imapsieve_mailbox2_name = *
+ imapsieve_mailbox2_from = Spam
+ imapsieve_mailbox2_causes = COPY APPEND
+ imapsieve_mailbox2_before = file:/etc/dovecot/report-ham.sieve
+
+}
+
diff --git a/app/email/build/dovecot/conf/report-ham.sieve b/app/email/build/dovecot/conf/report-ham.sieve
new file mode 100644
index 0000000..c5a994a
--- /dev/null
+++ b/app/email/build/dovecot/conf/report-ham.sieve
@@ -0,0 +1,17 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables", "vnd.dovecot.debug"];
+
+if environment :matches "imap.mailbox" "*" {
+ set "mailbox" "${1}";
+}
+
+if string "${mailbox}" "Trash" {
+ stop;
+}
+
+if environment :matches "imap.user" "*" {
+ set "username" "${1}";
+}
+
+pipe :copy "sa-learn" [ "--ham", "-u", "debian-spamd" ];
+debug_log "ham reported by ${username}";
+
diff --git a/app/email/build/dovecot/conf/report-spam.sieve b/app/email/build/dovecot/conf/report-spam.sieve
new file mode 100644
index 0000000..1be7389
--- /dev/null
+++ b/app/email/build/dovecot/conf/report-spam.sieve
@@ -0,0 +1,9 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables", "vnd.dovecot.debug"];
+
+if environment :matches "imap.user" "*" {
+ set "username" "${1}";
+}
+
+pipe :copy "sa-learn" [ "--spam", "-u", "debian-spamd"];
+debug_log "spam reported by ${username}";
+
diff --git a/app/email/build/dovecot/entrypoint.sh b/app/email/build/dovecot/entrypoint.sh
new file mode 100755
index 0000000..2165d8f
--- /dev/null
+++ b/app/email/build/dovecot/entrypoint.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+if [[ ! -f /etc/ssl/certs/dovecot.crt || ! -f /etc/ssl/private/dovecot.key ]]; then
+ cd /root
+ openssl req \
+ -new \
+ -newkey rsa:4096 \
+ -days 3650 \
+ -nodes \
+ -x509 \
+ -subj ${TLSINFO} \
+ -keyout dovecot.key \
+ -out dovecot.crt
+
+ mkdir -p /etc/ssl/{certs,private}/
+
+ cp dovecot.crt /etc/ssl/certs/dovecot.crt
+ cp dovecot.key /etc/ssl/private/dovecot.key
+ chmod 400 /etc/ssl/certs/dovecot.crt
+ chmod 400 /etc/ssl/private/dovecot.key
+fi
+
+if [[ $(stat -c '%U' /var/mail/) != "mailstore" ]]; then
+ chown -R mailstore /var/mail
+fi
+
+exec "$@"
diff --git a/app/email/build/opendkim/Dockerfile b/app/email/build/opendkim/Dockerfile
new file mode 100644
index 0000000..70a39e4
--- /dev/null
+++ b/app/email/build/opendkim/Dockerfile
@@ -0,0 +1,8 @@
+FROM amd64/debian:buster
+
+RUN apt-get update && \
+ apt-get dist-upgrade -y && \
+ apt-get install -y opendkim opendkim-tools
+
+COPY ./opendkim.conf /etc/opendkim.conf
+CMD opendkim -f -v -x /etc/opendkim.conf
diff --git a/app/email/build/opendkim/README.md b/app/email/build/opendkim/README.md
new file mode 100644
index 0000000..e146125
--- /dev/null
+++ b/app/email/build/opendkim/README.md
@@ -0,0 +1,12 @@
+```
+sudo docker build -t superboum/amd64_opendkim:v1 .
+```
+
+```
+sudo docker run -t -i \
+ -v `pwd`/conf:/etc/dkim \
+ -v /dev/log:/dev/log \
+ -p 8999:8999
+ superboum/amd64_opendkim:v1
+ opendkim -f -v -x /etc/opendkim.conf
+```
diff --git a/app/email/build/opendkim/opendkim.conf b/app/email/build/opendkim/opendkim.conf
new file mode 100644
index 0000000..0d6465f
--- /dev/null
+++ b/app/email/build/opendkim/opendkim.conf
@@ -0,0 +1,12 @@
+Syslog yes
+SyslogSuccess yes
+LogWhy yes
+UMask 007
+Mode sv
+OversignHeaders From
+TrustAnchorFile /usr/share/dns/root.key
+KeyTable refile:/etc/dkim/keytable
+SigningTable refile:/etc/dkim/signingtable
+ExternalIgnoreList refile:/etc/dkim/trusted
+InternalHosts refile:/etc/dkim/trusted
+Socket inet:8999
diff --git a/app/email/build/postfix/Dockerfile b/app/email/build/postfix/Dockerfile
new file mode 100644
index 0000000..0c74fdc
--- /dev/null
+++ b/app/email/build/postfix/Dockerfile
@@ -0,0 +1,13 @@
+FROM amd64/debian:buster
+
+ARG VERSION
+
+RUN apt-get update && \
+ apt-get install -y \
+ postfix=$VERSION \
+ postfix-ldap
+
+COPY entrypoint.sh /usr/local/bin/entrypoint
+
+ENTRYPOINT ["/usr/local/bin/entrypoint"]
+CMD ["postfix", "start-fg"]
diff --git a/app/email/build/postfix/README.md b/app/email/build/postfix/README.md
new file mode 100644
index 0000000..ac44fc0
--- /dev/null
+++ b/app/email/build/postfix/README.md
@@ -0,0 +1,18 @@
+```
+sudo docker build -t superboum/amd64_postfix:v1 .
+```
+
+```
+sudo docker run -t -i \
+ -e TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=smtp.deuxfleurs.fr" \
+ -e MAILNAME="smtp.deuxfleurs.fr" \
+ -p 25:25 \
+ -p 465:465 \
+ -p 587:587 \
+ -v `pwd`/../../ansible/roles/container_conf/files/email/postfix-conf:/etc/postfix-conf \
+ -v /mnt/glusterfs/email/postfix-ssl/private:/etc/ssl/private \
+ -v /mnt/glusterfs/email/postfix-ssl/certs:/etc/ssl/certs \
+ superboum/amd64_postfix:v1 \
+ bash
+```
+
diff --git a/app/email/build/postfix/entrypoint.sh b/app/email/build/postfix/entrypoint.sh
new file mode 100755
index 0000000..fcf1a66
--- /dev/null
+++ b/app/email/build/postfix/entrypoint.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [[ ! -f /etc/ssl/certs/postfix.crt || ! -f /etc/ssl/private/postfix.key ]]; then
+ cd /root
+ openssl req \
+ -new \
+ -newkey rsa:4096 \
+ -days 3650 \
+ -nodes \
+ -x509 \
+ -subj ${TLSINFO} \
+ -keyout postfix.key \
+ -out postfix.crt
+
+ mkdir -p /etc/ssl/{certs,private}/
+
+ cp postfix.crt /etc/ssl/certs/postfix.crt
+ cp postfix.key /etc/ssl/private/postfix.key
+ chmod 400 /etc/ssl/certs/postfix.crt
+ chmod 400 /etc/ssl/private/postfix.key
+fi
+
+# A way to map files inside the postfix folder :s
+for file in $(ls /etc/postfix-conf); do
+ cp /etc/postfix-conf/${file} /etc/postfix/${file}
+done
+
+echo ${MAILNAME} > /etc/mailname
+postmap /etc/postfix/transport
+
+exec "$@"
diff --git a/app/email/build/sogo/Dockerfile b/app/email/build/sogo/Dockerfile
new file mode 100644
index 0000000..46880dd
--- /dev/null
+++ b/app/email/build/sogo/Dockerfile
@@ -0,0 +1,17 @@
+#FROM amd64/debian:stretch as builder
+
+FROM amd64/debian:buster
+
+RUN mkdir ~/.gnupg && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf
+
+RUN apt-get update && \
+ apt-get install -y apt-transport-https gnupg2 sudo nginx && \
+ rm -rf /etc/nginx/sites-enabled/* && \
+ apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 && \
+ echo "deb http://packages.inverse.ca/SOGo/nightly/5/debian/ buster buster" > /etc/apt/sources.list.d/sogo.list && \
+ apt-get update && \
+ apt-get install -y sogo sogo-activesync sope4.9-gdl1-postgresql postgresql-client
+
+COPY sogo.nginx.conf /etc/nginx/sites-enabled/sogo.conf
+COPY entrypoint /usr/sbin/entrypoint
+ENTRYPOINT ["/usr/sbin/entrypoint"]
diff --git a/app/email/build/sogo/README.md b/app/email/build/sogo/README.md
new file mode 100644
index 0000000..ea12245
--- /dev/null
+++ b/app/email/build/sogo/README.md
@@ -0,0 +1,20 @@
+```
+docker build -t superboum/amd64_sogo:v6 .
+
+# privileged is only for debug
+docker run --rm -ti \
+ --privileged \
+ -p 8080:8080 \
+ -v /tmp/sogo/log:/var/log/sogo \
+ -v /tmp/sogo/run:/var/run/sogo \
+ -v /tmp/sogo/spool:/var/spool/sogo \
+ -v /tmp/sogo/tmp:/tmp \
+ -v `pwd`/sogo:/etc/sogo:ro \
+ superboum/amd64_sogo:v1
+```
+
+Password must be url encoded in sogo.conf for postgres
+Will need a nginx instance: http://wiki.sogo.nu/nginxSettings
+
+Might (or might not) be needed:
+traefik.frontend.headers.customRequestHeaders=x-webobjects-server-port:443||x-webobjects-server-name=sogo.deuxfleurs.fr||x-webobjects-server-url:https://sogo.deuxfleurs.fr
diff --git a/app/email/build/sogo/entrypoint b/app/email/build/sogo/entrypoint
new file mode 100755
index 0000000..8b39def
--- /dev/null
+++ b/app/email/build/sogo/entrypoint
@@ -0,0 +1,13 @@
+#!/bin/bash
+mkdir -p /var/log/sogo
+mkdir -p /var/run/sogo
+mkdir -p /var/spool/sogo
+chown sogo /var/log/sogo
+chown sogo /var/run/sogo
+chown sogo /var/spool/sogo
+
+nginx -g 'daemon on; master_process on;'
+sudo -u sogo memcached -d
+sudo -u sogo sogod
+sleep 10
+tail -n200 -f /var/log/sogo/sogo.log
diff --git a/app/email/build/sogo/sogo.nginx.conf b/app/email/build/sogo/sogo.nginx.conf
new file mode 100644
index 0000000..ad920a5
--- /dev/null
+++ b/app/email/build/sogo/sogo.nginx.conf
@@ -0,0 +1,83 @@
+server {
+ listen 8080;
+ server_name default_server;
+ root /usr/lib/GNUstep/SOGo/WebServerResources/;
+
+ ## requirement to create new calendars in Thunderbird ##
+ proxy_http_version 1.1;
+
+ # Message size limit
+ client_max_body_size 50m;
+ client_body_buffer_size 128k;
+
+ location = / {
+ rewrite ^ '/SOGo';
+ allow all;
+ }
+
+ location = /principals/ {
+ rewrite ^ '/SOGo/dav';
+ allow all;
+ }
+
+ location ^~/SOGo {
+ proxy_pass 'http://127.0.0.1:20000';
+ proxy_redirect 'http://127.0.0.1:20000' default;
+ # forward user's IP address
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+ proxy_set_header x-webobjects-server-protocol HTTP/1.0;
+ proxy_set_header x-webobjects-remote-host 127.0.0.1;
+ proxy_set_header x-webobjects-server-name $server_name;
+ proxy_set_header x-webobjects-server-url $scheme://$host;
+ proxy_set_header x-webobjects-server-port $server_port;
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+ proxy_buffer_size 4k;
+ proxy_buffers 4 32k;
+ proxy_busy_buffers_size 64k;
+ proxy_temp_file_write_size 64k;
+ break;
+ }
+
+ location /SOGo.woa/WebServerResources/ {
+ alias /usr/lib/GNUstep/SOGo/WebServerResources/;
+ allow all;
+ expires max;
+ }
+
+ location /SOGo/WebServerResources/ {
+ alias /usr/lib/GNUstep/SOGo/WebServerResources/;
+ allow all;
+ expires max;
+ }
+
+ location (^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$) {
+ alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
+ expires max;
+ }
+
+ location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
+ alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
+ expires max;
+ }
+
+ location ^~ /Microsoft-Server-ActiveSync {
+ access_log /var/log/nginx/activesync.log;
+ error_log /var/log/nginx/activesync-error.log;
+
+ proxy_connect_timeout 75;
+ proxy_send_timeout 3600;
+ proxy_read_timeout 3600;
+ proxy_buffers 64 256k;
+
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
+ proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
+ }
+}