mirror of
https://github.com/DanWin/mail-hosting.git
synced 2024-11-24 16:40:27 +00:00
Update config files
This commit is contained in:
parent
acae5dcd7a
commit
adf6f51993
6 changed files with 9 additions and 23 deletions
|
@ -14,7 +14,7 @@ mail_debug = no
|
|||
verbose_ssl = no
|
||||
mail_location = maildir:/var/mail/vmail/%d/%n
|
||||
mail_home = /var/mail/vmail/%d/%n
|
||||
mail_plugins = $mail_plugins mail_crypt zlib
|
||||
mail_plugins = $mail_plugins mail_crypt quota zlib
|
||||
mailbox_list_index = yes
|
||||
mail_always_cache_fields = date.save
|
||||
|
||||
|
@ -58,11 +58,8 @@ ssl_prefer_server_ciphers = yes
|
|||
|
||||
#protocol setup
|
||||
protocols = "imap pop3 lmtp"
|
||||
protocol lmtp {
|
||||
postmaster_address = postmaster@danwin1210.de
|
||||
}
|
||||
protocol imap {
|
||||
mail_plugins = $mail_plugins quota imap_quota imap_zlib last_login
|
||||
mail_plugins = $mail_plugins imap_quota imap_zlib last_login
|
||||
}
|
||||
protocol pop3 {
|
||||
mail_plugins = $mail_plugins last_login
|
||||
|
|
|
@ -66,18 +66,10 @@ http {
|
|||
resolver 127.0.0.1 [::1];
|
||||
resolver_timeout 2s;
|
||||
root /var/www/html;
|
||||
proxy_cache_path /var/lib/nginx/cache levels=2 keys_zone=cache:10m inactive=30d max_size=1g;
|
||||
proxy_cache_revalidate on;
|
||||
proxy_cache_use_stale http_503 timeout updating error;
|
||||
proxy_no_cache $http_pragma $http_authorization;
|
||||
proxy_cache_bypass $cookie_nocache $arg_nocache;
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' '';
|
||||
}
|
||||
proxy_cache_lock_timeout 2m;
|
||||
proxy_cache_lock_age 2m;
|
||||
proxy_cache cache;
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffer_size 8k;
|
||||
proxy_buffering off;
|
||||
|
@ -88,7 +80,6 @@ http {
|
|||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
proxy_ignore_client_abort on;
|
||||
proxy_cache_key $server_name$request_method$host$request_uri;
|
||||
proxy_read_timeout 3600; #wait up to 60 minutes for e.g. database import
|
||||
|
||||
##
|
||||
|
|
|
@ -28,13 +28,13 @@ server {
|
|||
add_header Cross-Origin-Opener-Policy same-origin always;
|
||||
add_header Cross-Origin-Resource-Policy same-origin always;
|
||||
include snippets/fastcgi-php.conf;
|
||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
||||
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
expires off;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
add_header Referrer-Policy no-referrer always;
|
||||
include snippets/fastcgi-php.conf;
|
||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
||||
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
expires off;
|
||||
}
|
||||
}
|
||||
|
@ -76,7 +76,7 @@ server {
|
|||
add_header Cross-Origin-Opener-Policy same-origin always;
|
||||
add_header Cross-Origin-Resource-Policy same-origin always;
|
||||
include snippets/fastcgi-php.conf;
|
||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
||||
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
expires off;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
|
@ -85,7 +85,7 @@ server {
|
|||
add_header Expect-CT "max-age=86400, enforce" always;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
include snippets/fastcgi-php.conf;
|
||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
||||
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
expires off;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -13,7 +13,7 @@ server {
|
|||
rewrite /.well-known/openpgpkey/(.*)/hu /mail/openpgpkey_wkd.php?domain=$1 last;
|
||||
location ~ \.php$ {
|
||||
include snippets/fastcgi-php.conf;
|
||||
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
|
||||
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
expires off;
|
||||
}
|
||||
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
|
||||
|
|
|
@ -33,12 +33,11 @@ smtp_tls_mandatory_ciphers = HIGH
|
|||
tls_eecdh_auto_curves = X448 X25519 secp521r1 secp384r1 prime256v1
|
||||
smtpd_tls_protocols = TLSv1.2 TLSv1.3
|
||||
smtp_tls_protocols = TLSv1.2 TLSv1.3
|
||||
smtpd_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA
|
||||
smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA
|
||||
smtpd_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA RSA AES+SHA256 AES+SHA384
|
||||
smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA RSA AES+SHA256 AES+SHA384
|
||||
smtp_tls_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
||||
smtp_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
|
||||
tls_preempt_cipherlist = yes
|
||||
smtpd_tls_dh1024_param_file = /etc/postfix/dh4096.pem
|
||||
smtpd_tls_security_level = may
|
||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||
|
|
|
@ -96,7 +96,6 @@ modules_enabled = {
|
|||
"conversejs";
|
||||
"http_altconnect";
|
||||
"external_services";
|
||||
"conversejs";
|
||||
}
|
||||
|
||||
-- These modules are auto-loaded, but should you want
|
||||
|
|
Loading…
Reference in a new issue