NGINX configure 2 roots with same subdomain?
-
Hi,
I was wondering if someone could point me to the right direction, currently have NGINX working with rainloop using SSL letsencrypt works great. now im trying to get the Active Sync with zpush working. I got it working by taking down the rainloop, my question is how can i have rainloop and zpush on the same config with 2 roots? i was looking at the manual and saw alias but not sure if i did it correctly this is what i got so far.
Rainloop
server { server_name mail.mydomain.com; root /var/www/rainloop/; access_log /var/www/rainloop/logs/access.log; error_log /var/www/rainloop/logs/error.log; index index.php; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_keep_conn on; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~ /\.ht { deny all; } location ^~ /data { deny all; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot ssl_stapling on; # managed by Certbot ssl_stapling_verify on; # managed by Certbot } server { if ($host = mail.mydomain.com) { return 301 https://$host$request_uri; } # managed by Certbot server_name mail.mydomain.com; listen 80; return 404; # managed by Certbot } # HTTP TO HTTPS REDIRECT server { listen 80; server_name mail.mydomain.com; return 301 https://$host$request_uri; }and this is my zpush (active sync)
server { listen 443; server_name mail.mydomain.com autodiscover.mydomain.com; ssl on; ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; root /var/www/zpush; index index.php; error_log /var/log/nginx/zpush-error.log; access_log /var/log/nginx/zpush-access.log; location / { try_files $uri $uri/ index.php; } location /Microsoft-Server-ActiveSync { rewrite ^(.*)$ /index.php last; } location ~ .php$ { include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/var/run/php5-fpm.sock; # Z-Push Ping command will be alive for 470s, but be safe fastcgi_read_timeout 630; } }I was reading about putting the alias but i tried many options and could not get it work.
Any ideas?Thank you
-
If you have two "mail.mydomain.com" in server_name, how could NGinx figure out which one to send a request to?
It's like having two machines with the same IP address, they overlap and it just has to pick the first one it sees.
-
Set up the Active Sync & ZPush so that it works...
Then after the location
/Microsoft-Server-ActiveSync blockaddlocation /rainloop { root /var/www/rainloop/; }Your webmail users would then go to
https://mail.mydomain.com/rainloopfor the RainLoop webmail.* Disclaimer: I have not actually tried this yet.
-
@scottalanmiller Thanks for the reply, thats true i thought that because zpush and active sync did not have a webgui and just a alias it would work, but i guess im wrong. I could try what @dafyre suggested mail.mydomain.com/webmail or rainloop.
So would it be something like this?server { listen 443; server_name mail.mydomain.com autodiscover.mydomain.com; ssl on; ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot ssl_stapling on; # managed by Certbot ssl_stapling_verify on; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; } root /var/www/zpush; index index.php; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ /\.ht { deny all; } location ^~ /data { deny all; } error_log /var/log/nginx/zpush-error.log; access_log /var/log/nginx/zpush-access.log; location / { try_files $uri $uri/ index.php; } location /Microsoft-Server-ActiveSync { rewrite ^(.*)$ /index.php last; } location /rainloop { root /var/www/rainloop/; } location ~ .php$ { include /etc/nginx/fastcgi_params; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_keep_conn on; fastcgi_index index.php; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/var/run/php5-fpm.sock; # Z-Push Ping command will be alive for 470s, but be safe fastcgi_read_timeout 630; } } # HTTP TO HTTPS REDIRECT server { listen 80; server_name mail.mydomain.com; return 301 https://$host$request_uri; } -
@killmasta93 said in NGINX configure 2 roots with same subdomain?:
@scottalanmiller Thanks for the reply, thats true i thought that because zpush and active sync did not have a webgui and just a alias it would work, but i guess im wrong.
It's still an HTTP header pointing the request to a location, same as if there is a GUI, because in both cases, GUI or not, it's just a text file response from one location or another. With overlapping addresses, it'll pull the text file from the wrong place.
-
@scottalanmiller Thanks for the reply, great point now i understand that the only way is to what @dafyre to add the /rainloop this is the conf but cannot get the /rainloop to get im getting the 403 denied page i was looking around changing this but no luck. This is the conf
server { server_name mail.mydomain.com; root /var/www/zpush; access_log /var/www/rainloop/logs/access.log; error_log /var/www/rainloop/logs/error.log; index index.php; location / { try_files $uri /index.php?$query_string; } location ~ \.php$ { fastcgi_index index.php; # fastcgi_param HTTPS on; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_keep_conn on; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # Z-Push Ping command will be alive for 470s, but be safe fastcgi_read_timeout 630; } location ~ /\.ht { deny all; } location ^~ /data { deny all; } location /Microsoft-Server-ActiveSync { rewrite ^(.*)$ /index.php last; } location /rainloop { root /var/www/rainloop/; index index.php; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot ssl_stapling on; # managed by Certbot ssl_stapling_verify on; # managed by Certbot } # HTTP TO HTTPS REDIRECT server { listen 80; server_name mail.mydomain.com; return 301 https://$host$request_uri; } -
@killmasta93 said in NGINX configure 2 roots with same subdomain?:
server {
server_name mail.mydomain.com;
root /var/www/zpush;
access_log /var/www/rainloop/logs/access.log;
error_log /var/www/rainloop/logs/error.log;
index index.php;location / { try_files $uri /index.php?$query_string; } location ~ \.php$ { fastcgi_index index.php; # fastcgi_param HTTPS on; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_keep_conn on; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # Z-Push Ping command will be alive for 470s, but be safe fastcgi_read_timeout 630; } location ~ /\.ht { deny all; } location ^~ /data { deny all; } location /Microsoft-Server-ActiveSync { rewrite ^(.*)$ /index.php last; } location /rainloop { root /var/www/rainloop/; index index.php; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot ssl_stapling on; # managed by Certbot ssl_stapling_verify on; # managed by Certbot }SOLVED IT: needed to create a symbolic link
ln -s /var/www/rainloop /var/www/zpush -
@killmasta93 the directory had just been missing?
