NGINX configure 2 roots with same subdomain?



  • Hi,

    I was wondering if someone could point me to the right direction, currently have NGINX working with rainloop using SSL letsencrypt works great. now im trying to get the Active Sync with zpush working. I got it working by taking down the rainloop, my question is how can i have rainloop and zpush on the same config with 2 roots? i was looking at the manual and saw alias but not sure if i did it correctly this is what i got so far.

    Rainloop

                server {
                    server_name mail.mydomain.com;
                    root /var/www/rainloop/;
                    access_log /var/www/rainloop/logs/access.log;
                    error_log /var/www/rainloop/logs/error.log;
                    index index.php;
                
                    location / {
                        try_files $uri $uri/ /index.php?$query_string;
                    }
                
                    location ~ \.php$ {
                        fastcgi_index index.php;
                        fastcgi_split_path_info ^(.+\.php)(.*)$;
                        fastcgi_keep_conn on;
                        include /etc/nginx/fastcgi_params;
                        fastcgi_pass unix:/var/run/php5-fpm.sock;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                
                    }
                
                    location ~ /\.ht {
                        deny all;
                    }
                
                    location ^~ /data {
                      deny all;
                    }
                
                
                    listen 443 ssl; # managed by Certbot
                    ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot
                    ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot
                    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
                    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
                
                
                    ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot
                    ssl_stapling on; # managed by Certbot
                    ssl_stapling_verify on; # managed by Certbot
                
                }
                server {
                    if ($host = mail.mydomain.com) {
                        return 301 https://$host$request_uri;
                    } # managed by Certbot
                
                
                    server_name mail.mydomain.com;
                    listen 80;
                    return 404; # managed by Certbot
                
                
                }
                # HTTP TO HTTPS REDIRECT
                server {
                    listen 80;
                    server_name mail.mydomain.com;
                return 301 https://$host$request_uri;
                }
    

    and this is my zpush (active sync)

              server {
                 listen 443;
                 server_name mail.mydomain.com autodiscover.mydomain.com;
             
                 ssl on;
                 ssl_certificate         /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem;
                 ssl_certificate_key     /etc/letsencrypt/live/mail.mydomain.com/privkey.pem;
             
                 root    /var/www/zpush;
                 index   index.php;
             
                 error_log /var/log/nginx/zpush-error.log;
                 access_log /var/log/nginx/zpush-access.log;
             
                 location / {
                     try_files $uri $uri/ index.php;
                 }
             
                 location /Microsoft-Server-ActiveSync {
                     rewrite ^(.*)$  /index.php last;
                 }
             
                
             
                 location ~ .php$ {
                     include /etc/nginx/fastcgi_params;
                     fastcgi_index index.php;
                     fastcgi_param HTTPS on;
                     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                     fastcgi_pass unix:/var/run/php5-fpm.sock;
                     # Z-Push Ping command will be alive for 470s, but be safe
                     fastcgi_read_timeout 630;
                 }
             
             }
    

    I was reading about putting the alias but i tried many options and could not get it work.
    Any ideas?

    Thank you


  • Service Provider

    If you have two "mail.mydomain.com" in server_name, how could NGinx figure out which one to send a request to?

    It's like having two machines with the same IP address, they overlap and it just has to pick the first one it sees.



  • Set up the Active Sync & ZPush so that it works...

    Then after the location /Microsoft-Server-ActiveSync block add

    location /rainloop {
            root /var/www/rainloop/;
    }
    

    Your webmail users would then go to https://mail.mydomain.com/rainloop for the RainLoop webmail.

    * Disclaimer: I have not actually tried this yet.



  • @scottalanmiller Thanks for the reply, thats true i thought that because zpush and active sync did not have a webgui and just a alias it would work, but i guess im wrong. I could try what @dafyre suggested mail.mydomain.com/webmail or rainloop.
    So would it be something like this?

            server {
                                       listen 443;
                                       server_name mail.mydomain.com autodiscover.mydomain.com;
                                   
                                       ssl on;
                                       
                                       ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot
                                       ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot
                                        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
                                       ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
                         
                         
                                        ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot
                                       ssl_stapling on; # managed by Certbot
                                        ssl_stapling_verify on; # managed by Certbot
                                       ssl_certificate         /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem;
                                       ssl_certificate_key     /etc/letsencrypt/live/mail.mydomain.com/privkey.pem;
             
                                     }
                                   
                                       root    /var/www/zpush;
                                       index   index.php;
                              
                                     location / {
                                                         try_files $uri $uri/ /index.php?$query_string;
                                                     }
               
                                       location ~ /\.ht {
                                                           deny all;
                                                       }
                                                   
                                                       location ^~ /data {
                                                         deny all;
                                                       }
                                   
                                       error_log /var/log/nginx/zpush-error.log;
                                       access_log /var/log/nginx/zpush-access.log;
             
                               
                                   
                                       location / {
                                           try_files $uri $uri/ index.php;
                                       }
                                   
                                       location /Microsoft-Server-ActiveSync {
                                           rewrite ^(.*)$  /index.php last;
                                       }
                                      
                                     location /rainloop {
                                             root /var/www/rainloop/;
                                     }
                                      
                                   
                                       location ~ .php$ {
                                           include /etc/nginx/fastcgi_params;
                                           fastcgi_split_path_info ^(.+\.php)(.*)$;
                                           fastcgi_keep_conn on;
                                           fastcgi_index index.php;
                                           fastcgi_param HTTPS on;
                                           fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                                           fastcgi_pass unix:/var/run/php5-fpm.sock;
                                           # Z-Push Ping command will be alive for 470s, but be safe
                                           fastcgi_read_timeout 630;
                                       }
                                   
                                   }
             
             
                                  # HTTP TO HTTPS REDIRECT
                                              server {
                                                  listen 80;
                                                  server_name mail.mydomain.com;
                                              return 301 https://$host$request_uri;
                                              }

  • Service Provider

    @killmasta93 said in NGINX configure 2 roots with same subdomain?:

    @scottalanmiller Thanks for the reply, thats true i thought that because zpush and active sync did not have a webgui and just a alias it would work, but i guess im wrong.

    It's still an HTTP header pointing the request to a location, same as if there is a GUI, because in both cases, GUI or not, it's just a text file response from one location or another. With overlapping addresses, it'll pull the text file from the wrong place.



  • @scottalanmiller Thanks for the reply, great point now i understand that the only way is to what @dafyre to add the /rainloop this is the conf but cannot get the /rainloop to get im getting the 403 denied page i was looking around changing this but no luck. This is the conf

                   server {
                                   server_name mail.mydomain.com;
                                   root    /var/www/zpush;
                                   access_log /var/www/rainloop/logs/access.log;
                                   error_log /var/www/rainloop/logs/error.log;
                                   index index.php;
                               
                                   location / {
                                       try_files $uri /index.php?$query_string;
                                   }
                               
                                   location ~ \.php$ {
                                       fastcgi_index index.php;
                                       # fastcgi_param HTTPS on;
                                       fastcgi_split_path_info ^(.+\.php)(.*)$;
                                       fastcgi_keep_conn on;
                                       include /etc/nginx/fastcgi_params;
                                       fastcgi_pass unix:/var/run/php5-fpm.sock;
                                       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                                       # Z-Push Ping command will be alive for 470s, but be safe
                                    fastcgi_read_timeout 630;
                               
                                   }
                               
                                   location ~ /\.ht {
                                       deny all;
                                   }
                               
                                   location ^~ /data {
                                     deny all;
                                   }
                                   
                                   location /Microsoft-Server-ActiveSync {
                                    rewrite ^(.*)$  /index.php last;
                                   }
                                   location /rainloop {
                                    root /var/www/rainloop/;
                                     index index.php;
                                     }
                               
                                   listen 443 ssl; # managed by Certbot
                                   ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot
                                   ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot
                                   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
                                   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
                               
                               
                                   ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot
                                   ssl_stapling on; # managed by Certbot
                                   ssl_stapling_verify on; # managed by Certbot
                               
                               }
                                         
                               
                           
                               # HTTP TO HTTPS REDIRECT
                               server {
                                   listen 80;
                                   server_name mail.mydomain.com;
                               return 301 https://$host$request_uri;
                               }


  • @killmasta93 said in NGINX configure 2 roots with same subdomain?:

    server {
    server_name mail.mydomain.com;
    root /var/www/zpush;
    access_log /var/www/rainloop/logs/access.log;
    error_log /var/www/rainloop/logs/error.log;
    index index.php;

                               location / {
                                   try_files $uri /index.php?$query_string;
                               }
                           
                               location ~ \.php$ {
                                   fastcgi_index index.php;
                                   # fastcgi_param HTTPS on;
                                   fastcgi_split_path_info ^(.+\.php)(.*)$;
                                   fastcgi_keep_conn on;
                                   include /etc/nginx/fastcgi_params;
                                   fastcgi_pass unix:/var/run/php5-fpm.sock;
                                   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                                   # Z-Push Ping command will be alive for 470s, but be safe
                                fastcgi_read_timeout 630;
                           
                               }
                           
                               location ~ /\.ht {
                                   deny all;
                               }
                           
                               location ^~ /data {
                                 deny all;
                               }
                               
                               location /Microsoft-Server-ActiveSync {
                                rewrite ^(.*)$  /index.php last;
                               }
                               location /rainloop {
                                root /var/www/rainloop/;
                                 index index.php;
                                 }
                           
                               listen 443 ssl; # managed by Certbot
                               ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot
                               ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot
                               include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
                               ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
                           
                           
                               ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot
                               ssl_stapling on; # managed by Certbot
                               ssl_stapling_verify on; # managed by Certbot
                           
                           }
    

    SOLVED IT: needed to create a symbolic link

     ln -s /var/www/rainloop  /var/www/zpush

  • Service Provider

    @killmasta93 the directory had just been missing?