'Aw: Re: [SOGo] using nginx'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sogo-users
Subject:    Aw: Re: [SOGo] using nginx
From:       Infoomatic <infoomatic () gmx ! at>
Date:       2015-02-23 12:53:55
Message-ID: trinity-a8dcfa90-0772-47f0-bde4-a16db46744cd-1424696035670 () 3capp-gmx-bs16
[Download RAW message or body]

I just found out that removing
proxy_set_header x-webobjects-remote-host 127.0.0.1;

gives me the right client IP in the logs. 
However: what's the side effect of removing this line?

regards,

infoomatic

> Gesendet: Sonntag, 22. Februar 2015 um 21:48 Uhr
> Von: Infoomatic <infoomatic@gmx.at>
> An: users@sogo.nu
> Betreff: Aw: Re: [SOGo] using nginx
> 
> thanks for the replies, it's still not working, my config:
> 
> location = /principals/
> {
> rewrite ^ 'https://$server_name/SOGo/dav';
> allow all;
> }
> location ^~/SOGo
> {
> proxy_pass 'http://127.0.0.1:20000';
> proxy_redirect 'http://127.0.0.1:20000' default;
> # forward user's IP address
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto https;
> proxy_set_header Host $host;
> proxy_set_header x-webobjects-server-protocol HTTP/1.0;
> proxy_set_header x-webobjects-remote-host 127.0.0.1;
> proxy_set_header x-webobjects-server-name $server_name;
> proxy_set_header x-webobjects-server-url $scheme://$host;
> proxy_set_header x-webobjects-server-port $server_port;
> proxy_connect_timeout 90;
> proxy_send_timeout 90;
> proxy_read_timeout 90;
> proxy_buffer_size 4k;
> proxy_buffers 4 32k;
> proxy_busy_buffers_size 64k;
> proxy_temp_file_write_size 64k;
> client_max_body_size 50m;
> break;
> }
> 
> location ^~ /Microsoft-Server-ActiveSync {
> proxy_pass
> http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
> proxy_redirect
> http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
> }
> 
> location /SOGo.woa/WebServerResources/
> {
> alias /usr/lib/GNUstep/SOGo/WebServerResources/;
> allow all;
> }
> 
> location /SOGo/WebServerResources/
> {
> alias /usr/lib/GNUstep/SOGo/WebServerResources/;
> allow all;
> }
> 
> location (^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$)
> {
> alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
> }
> location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$)
>  {
> alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
> }
> 
> 
> regards,
> infoomatic
> 
> 
> > Gesendet: Sonntag, 22. Februar 2015 um 20:34 Uhr
> > Von: "Jens Erat" <jens.erat@uni-konstanz.de>
> > An: users@sogo.nu
> > Betreff: Re: [SOGo] using nginx
> > 
> > Hi!
> > 
> > My nginx configuration (which proxies to an Apache inside a Docker
> > container) also sets `X-Forwarded-For`:
> > 
> > proxy_set_header X-Real-IP  $remote_addr;
> > proxy_set_header X-Forwarded-For $remote_addr;
> > 
> > I didn't test what happens if you directly interface SOGo with nginx,
> > though.
> > 
> > Regards from Lake Constance, Germany,
> > Jens
> > 
> > 
> > On 22.02.2015 18:43, Infoomatic wrote:
> > > hi,
> > > I wanted to use nginx with sogo and apply the fail2ban rules. Basically, \
> > > everything is working fine with nginx, but: with the suggested nginx config \
> > > (including "proxy_set_header X-Real-IP $remote_addr;" from the sogo wiki) and \
> > > nginx version 1.6.2, the logfile only creates entries like:
> > > SOGoRootPage Login from '127.0.0.1' for user 'afd' might not have worked - \
> > > password policy: 65535  grace: -1  expire: -1  bound: 0 
> > > The same host, with the suggested apache2 configuration gives me:
> > > SOGoRootPage Login from 'XXX.XX.XX.XXX' for user 'aasd' might not have worked - \
> > > password policy: 65535  grace: -1  expire: -1  bound: 0 
> > > with my real IP and thus fail2ban working.
> > > 
> > > Is there a workaround or some variables to change in source and recompile to \
> > > have this working? Or better: a configuration option I did not see? 
> > > regards,
> > > infoomatic
> > > 
> > 
> > 
> > -- 
> > Jens Erat
> > 
> > [phone]: tel:+49-151-56961126
> > [mail]: mailto:email@jenserat.de
> > [jabber]: xmpp:jabber@jenserat.de
> > [web]: http://www.jenserat.de
> > 
> > OpenPGP: 0D69 E11F 12BD BA07 7B37  26AB 4E1F 799A A4FF 2279
> > 
> > 
> -- 
> users@sogo.nu
> https://inverse.ca/sogo/lists
> 
-- 
users@sogo.nu
https://inverse.ca/sogo/lists


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic