mirror of
https://github.com/DanWin/mail-hosting.git
synced 2024-11-21 15:10:25 +00:00
Update config files
This commit is contained in:
Daniel Winzen
parent
acae5dcd7a
commit
adf6f51993
6 changed files with 9 additions and 23 deletions
|
|
@ -14,7 +14,7 @@ mail_debug = no
|
||||||
verbose_ssl = no
|
verbose_ssl = no
|
||||||
mail_location = maildir:/var/mail/vmail/%d/%n
|
mail_location = maildir:/var/mail/vmail/%d/%n
|
||||||
mail_home = /var/mail/vmail/%d/%n
|
mail_home = /var/mail/vmail/%d/%n
|
||||||
mail_plugins = $mail_plugins mail_crypt zlib
|
mail_plugins = $mail_plugins mail_crypt quota zlib
|
||||||
mailbox_list_index = yes
|
mailbox_list_index = yes
|
||||||
mail_always_cache_fields = date.save
|
mail_always_cache_fields = date.save
|
||||||
|
|
||||||
|
|
@ -58,11 +58,8 @@ ssl_prefer_server_ciphers = yes
|
||||||
|
|
||||||
#protocol setup
|
#protocol setup
|
||||||
protocols = "imap pop3 lmtp"
|
protocols = "imap pop3 lmtp"
|
||||||
protocol lmtp {
|
|
||||||
postmaster_address = postmaster@danwin1210.de
|
|
||||||
}
|
|
||||||
protocol imap {
|
protocol imap {
|
||||||
mail_plugins = $mail_plugins quota imap_quota imap_zlib last_login
|
mail_plugins = $mail_plugins imap_quota imap_zlib last_login
|
||||||
}
|
}
|
||||||
protocol pop3 {
|
protocol pop3 {
|
||||||
mail_plugins = $mail_plugins last_login
|
mail_plugins = $mail_plugins last_login
|
||||||
|
|
|
||||||
|
|
@ -66,18 +66,10 @@ http {
|
||||||
resolver 127.0.0.1 [::1];
|
resolver 127.0.0.1 [::1];
|
||||||
resolver_timeout 2s;
|
resolver_timeout 2s;
|
||||||
root /var/www/html;
|
root /var/www/html;
|
||||||
proxy_cache_path /var/lib/nginx/cache levels=2 keys_zone=cache:10m inactive=30d max_size=1g;
|
|
||||||
proxy_cache_revalidate on;
|
|
||||||
proxy_cache_use_stale http_503 timeout updating error;
|
|
||||||
proxy_no_cache $http_pragma $http_authorization;
|
|
||||||
proxy_cache_bypass $cookie_nocache $arg_nocache;
|
|
||||||
map $http_upgrade $connection_upgrade {
|
map $http_upgrade $connection_upgrade {
|
||||||
default upgrade;
|
default upgrade;
|
||||||
'' '';
|
'' '';
|
||||||
}
|
}
|
||||||
proxy_cache_lock_timeout 2m;
|
|
||||||
proxy_cache_lock_age 2m;
|
|
||||||
proxy_cache cache;
|
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
proxy_buffer_size 8k;
|
proxy_buffer_size 8k;
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
|
|
@ -88,7 +80,6 @@ http {
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection $connection_upgrade;
|
proxy_set_header Connection $connection_upgrade;
|
||||||
proxy_ignore_client_abort on;
|
proxy_ignore_client_abort on;
|
||||||
proxy_cache_key $server_name$request_method$host$request_uri;
|
|
||||||
proxy_read_timeout 3600; #wait up to 60 minutes for e.g. database import
|
proxy_read_timeout 3600; #wait up to 60 minutes for e.g. database import
|
||||||
|
|
||||||
##
|
##
|
||||||
|
|
|
||||||
|
|
@ -28,13 +28,13 @@ server {
|
||||||
add_header Cross-Origin-Opener-Policy same-origin always;
|
add_header Cross-Origin-Opener-Policy same-origin always;
|
||||||
add_header Cross-Origin-Resource-Policy same-origin always;
|
add_header Cross-Origin-Resource-Policy same-origin always;
|
||||||
include snippets/fastcgi-php.conf;
|
include snippets/fastcgi-php.conf;
|
||||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||||
expires off;
|
expires off;
|
||||||
}
|
}
|
||||||
location ~ \.php$ {
|
location ~ \.php$ {
|
||||||
add_header Referrer-Policy no-referrer always;
|
add_header Referrer-Policy no-referrer always;
|
||||||
include snippets/fastcgi-php.conf;
|
include snippets/fastcgi-php.conf;
|
||||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||||
expires off;
|
expires off;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -76,7 +76,7 @@ server {
|
||||||
add_header Cross-Origin-Opener-Policy same-origin always;
|
add_header Cross-Origin-Opener-Policy same-origin always;
|
||||||
add_header Cross-Origin-Resource-Policy same-origin always;
|
add_header Cross-Origin-Resource-Policy same-origin always;
|
||||||
include snippets/fastcgi-php.conf;
|
include snippets/fastcgi-php.conf;
|
||||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||||
expires off;
|
expires off;
|
||||||
}
|
}
|
||||||
location ~ \.php$ {
|
location ~ \.php$ {
|
||||||
|
|
@ -85,7 +85,7 @@ server {
|
||||||
add_header Expect-CT "max-age=86400, enforce" always;
|
add_header Expect-CT "max-age=86400, enforce" always;
|
||||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||||
include snippets/fastcgi-php.conf;
|
include snippets/fastcgi-php.conf;
|
||||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||||
expires off;
|
expires off;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@ server {
|
||||||
rewrite /.well-known/openpgpkey/(.*)/hu /mail/openpgpkey_wkd.php?domain=$1 last;
|
rewrite /.well-known/openpgpkey/(.*)/hu /mail/openpgpkey_wkd.php?domain=$1 last;
|
||||||
location ~ \.php$ {
|
location ~ \.php$ {
|
||||||
include snippets/fastcgi-php.conf;
|
include snippets/fastcgi-php.conf;
|
||||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||||
expires off;
|
expires off;
|
||||||
}
|
}
|
||||||
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
|
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
|
||||||
|
|
|
||||||
|
|
@ -33,12 +33,11 @@ smtp_tls_mandatory_ciphers = HIGH
|
||||||
tls_eecdh_auto_curves = X448 X25519 secp521r1 secp384r1 prime256v1
|
tls_eecdh_auto_curves = X448 X25519 secp521r1 secp384r1 prime256v1
|
||||||
smtpd_tls_protocols = TLSv1.2 TLSv1.3
|
smtpd_tls_protocols = TLSv1.2 TLSv1.3
|
||||||
smtp_tls_protocols = TLSv1.2 TLSv1.3
|
smtp_tls_protocols = TLSv1.2 TLSv1.3
|
||||||
smtpd_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA
|
smtpd_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA RSA AES+SHA256 AES+SHA384
|
||||||
smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA
|
smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA RSA AES+SHA256 AES+SHA384
|
||||||
smtp_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
smtp_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
||||||
smtp_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
smtp_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
||||||
tls_preempt_cipherlist = yes
|
tls_preempt_cipherlist = yes
|
||||||
smtpd_tls_dh1024_param_file = /etc/postfix/dh4096.pem
|
|
||||||
smtpd_tls_security_level = may
|
smtpd_tls_security_level = may
|
||||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||||
|
|
|
||||||
|
|
@ -96,7 +96,6 @@ modules_enabled = {
|
||||||
"conversejs";
|
"conversejs";
|
||||||
"http_altconnect";
|
"http_altconnect";
|
||||||
"external_services";
|
"external_services";
|
||||||
"conversejs";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
-- These modules are auto-loaded, but should you want
|
-- These modules are auto-loaded, but should you want
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue