====== Heberger kolab avec nginx ======
(tester avec kolab 3.4)
voici le fichier de conf de nginx pour les vhosts
fastcgi_cache_path /var/lib/nginx/fastcgi/ levels=1:2 keys_zone=kolab3.example.net:16m max_size=256m inactive=1d;
fastcgi_temp_path /var/lib/nginx/fastcgi/temp 1 2;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
server {
listen 8000;
server_name hyperviseur.opensrc.fr;
rewrite ^ https://$server_name$request_uri permanent; # enforce https
}
server {
listen 443 ssl;
server_name .hyperviseur.opensrc.fr;
rewrite "^/roundcubemail/[a-zA-Z0-9]{16}/(.*)" /roundcubemail/$1;
access_log /var/log/nginx/access_kolab3.example.net_ssl.log;
error_log /var/log/nginx/error_kolab3.example.net_ssl.log;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; # dummy certificate, please create your own
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; # dummy certificate key, please create your own
#-------------------------------------------------
# cache settings
#-------------------------------------------------
open_file_cache max=1024 inactive=1m;
open_file_cache_valid 90s;
open_file_cache_min_uses 2;
#-------------------------------------------------
# Common Fastcgi settings
#-------------------------------------------------
fastcgi_param HTTPS on;
fastcgi_keep_conn on;
fastcgi_cache kolab3.example.net;
fastcgi_cache_valid 200 302 304 10m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_min_uses 2;
fastcgi_buffers 256 4k;
fastcgi_busy_buffers_size 8k;
fastcgi_temp_file_write_size 8k;
#-------------------------------------------------
# roundcube mail
#-------------------------------------------------
location / {
index index.php;
root /usr/share/roundcubemail/public_html;
client_max_body_size 30M; # set maximum upload size for mail attachments
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ ^/(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(bin|SQL|config|logs)/ {
deny all;
}
location ~^/program/(include|lib|localization|steps)/ {
deny all;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# enable php
location ~ \.php$ {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-roundcube.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
location /iRony {
alias /usr/share/iRony/public_html/index.php;
client_max_body_size 30M; # set maximum upload size
# If Nginx was built with http_dav_module:
dav_methods PUT DELETE MKCOL COPY MOVE;
# Required Nginx to be built with nginx-dav-ext-module:
# dav_ext_methods PROPFIND OPTIONS;
include fastcgi_params;
# fastcgi_param DAVBROWSER 1;
fastcgi_param HTTPS on;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fpm/kolab.example.org_iRony.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
location ~* /.well-known/(cal|card)dav {
rewrite ^ /iRony/ permanent;
}
##
## Chwala
##
location /chwala {
index index.php;
alias /usr/share/chwala/public_html;
client_max_body_size 30M; # set maximum upload size
# enable php
location ~ .php$ {
include fastcgi_params;
fastcgi_param HTTPS on;
fastcgi_pass unix:/var/run/php5-chwala.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
# Without this, PHPSESSION is replaced by webadmin-api X-Session-Token
fastcgi_param PHP_VALUE "session.auto_start=0
session.use_cookies=0";
fastcgi_pass_header X-Session-Token;
}
}
#-------------------------------------------------
# roundcube mail
#-------------------------------------------------
location /roundcubemail {
index index.php;
alias /usr/share/roundcubemail/public_html;
client_max_body_size 30M; # set maximum upload size for mail attachments
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ ^/(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(bin|SQL|config|logs)/ {
deny all;
}
location ~^/program/(include|lib|localization|steps)/ {
deny all;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# enable php
location ~ \.php$ {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-roundcube.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
#-------------------------------------------------
# kolab web administration panel
#-------------------------------------------------
location /kolab-webadmin {
index index.php;
alias /usr/share/kolab-webadmin/public_html;
try_files $uri $uri/ @kolab-wapapi;
# enable php
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/var/run/php5-wap.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
# Without this, PHPSESSION is replaced by webadmin-api X-Session-Token
fastcgi_param PHP_VALUE "session.auto_start=0
session.use_cookies=0";
fastcgi_pass_header X-Session-Token;
}
}
# kolab-webadmin api
location @kolab-wapapi {
rewrite ^/kolab-webadmin/api/(.*)\.(.*)$ /kolab-webadmin/api/index.php?service=$1&method=$2 last;
}
#-------------------------------------------------
# Kolab syncroton ActiveSync
#-------------------------------------------------
location /Microsoft-Server-ActiveSync {
alias /usr/share/kolab-syncroton/index.php;
client_max_body_size 30M; # set maximum upload size for mail attachments
include fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-syncroton.sock;
fastcgi_param SCRIPT_FILENAME /usr/share/kolab-syncroton/index.php;
}
#-------------------------------------------------
# Kolab freebusy
#-------------------------------------------------
location /freebusy {
alias /usr/share/kolab-freebusy/public_html/index.php;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-freebusy.sock;
fastcgi_param SCRIPT_FILENAME /usr/share/kolab-freebusy/public_html/index.php;
}
}
et les fichiers des configuration sock de php5-fpm
====php5-fpm_pool.d_kolab-freebusy.conf====
echo '
[kolab-freebusy]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-freebusy.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
==== php5-fpm_pool.d_kolab-syncroton.conf====
[kolab-syncroton]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-syncroton.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
====php5-fpm_pool.d_kolab-wap.conf====
[kolab-wap]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-wap.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
====php5-fpm_pool.d_chwala.conf====
[chwala]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-chwala.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
php_value[upload_max_filesize] = 300M
php_value[post_max_size] = 300M
====php5-fpm_pool.d_roundcube.conf====
[roundcubemail]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-roundcube.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
# Derived from .htaccess of roundcube
php_flag[display_errors] = Off
php_flag[log_errors] = On
php_value[upload_max_filesize] = 30M
php_value[post_max_size] = 30M
php_flag[zlib.output_compression] = Off
php_flag[magic_quotes_gpc] = Off
php_flag[magic_quotes_runtime] = Off
php_flag[zend.ze1_compatibility_mode] = Off
php_flag[suhosin.session.encrypt] = Off
php_flag[session.auto_start] = Off
php_value[session.gc_maxlifetime] = 21600
php_value[session.gc_divisor] = 500
php_value[session.gc_probability] = 1
# http://bugs.php.net/bug.php?id=30766
php_value[mbstring.func_overload] = 0
====php5-fpm_pool.d_irony.conf=====
[kolab_iRony]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-iRony.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
php_value[upload_max_filesize] = 30M
php_value[post_max_size] = 30M
====script de conf auto=====
echo '
[kolab-freebusy]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-freebusy.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = / ' > /etc/php5/fpm/pool.d/php5-fpm_pool.d_kolab-freebusy.conf
echo '
[kolab-syncroton]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-syncroton.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = / ' > /etc/php5/fpm/pool.d/php5-fpm_pool.d_kolab-syncroton.conf
echo '
[kolab-wap]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-wap.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = / '> /etc/php5/fpm/pool.d/php5-fpm_pool.d_kolab-wap.conf
echo '
[roundcubemail]
user = www-data
group = www-data
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
listen = /var/run/php5-roundcube.sock
pm = dynamic
pm.max_children = 40
pm.start_servers = 15
pm.min_spare_servers = 10
pm.max_spare_servers = 20
chdir = /
# Derived from .htaccess of roundcube
php_flag[display_errors] = Off
php_flag[log_errors] = On
php_value[upload_max_filesize] = 30M
php_value[post_max_size] = 30M
php_flag[zlib.output_compression] = Off
php_flag[magic_quotes_gpc] = Off
php_flag[magic_quotes_runtime] = Off
php_flag[zend.ze1_compatibility_mode] = Off
php_flag[suhosin.session.encrypt] = Off
php_flag[session.auto_start] = Off
php_value[session.gc_maxlifetime] = 21600
php_value[session.gc_divisor] = 500
php_value[session.gc_probability] = 1
# http://bugs.php.net/bug.php?id=30766
php_value[mbstring.func_overload] = 0 ' > /etc/php5/fpm/pool.d/php5-fpm_pool.d_roundcube.conf
{{tag> linux kolab messagerie nginx }}