On Mon, Feb 06, 2023 at 02:07:25PM +0300, Maksim Rodin wrote: > I added a space to that line, still no change in logs. > The whole config looks now so:
Thanks. Skimming through your config and the excerpt from the log, I'd say the GET request should be matched by the (now corrected) location block. If this is the case -- and you can easily check this by using a tester like https://nginx.viraptor.info/ -- then the appropriate headers are being added to the request, and the problem lies with how SOGo handles and/or logs them. You commented out nginx log-related directives, but maybe those logs could provide some insight as well. > > ``` > # Take note of http://wiki.nginx.org/Pitfalls > > #user www; > worker_processes 1; > > #load_module "modules/ngx_stream_module.so"; > > #error_log logs/error.log; > #error_log logs/error.log notice; > #error_log logs/error.log info; > #error_log syslog:server=unix:/dev/log,severity=notice; > > #pid logs/nginx.pid; > > worker_rlimit_nofile 1024; > events { > worker_connections 800; > } > > > http { > client_max_body_size 50m; > include mime.types; > default_type application/octet-stream; > index index.html index.htm; > > #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' > # '$status $body_bytes_sent "$http_referer" ' > # '"$http_user_agent" "$http_x_forwarded_for"'; > > #access_log logs/access.log main; > #access_log syslog:server=unix:/dev/log,severity=notice main; > > #tcp_nopush on; > > #keepalive_timeout 0; > keepalive_timeout 65; > > #gzip on; > > server_tokens off; > > server { > listen 80; > server_name mail.somedomain.org; > return 301 https://mail.somedomain.org$request_uri; > > } > > server { > > listen 443 ssl ; > server_name mail.somedomain.org; > root /var/www/lib/sogo/www/; > proxy_http_version 1.1; > > ssl_certificate > /etc/letsencrypt/live/somedomain.org/fullchain.pem; > ssl_certificate_key > /etc/letsencrypt/live/somedomain.org/privkey.pem; > > ssl_session_timeout 5m; > ssl_session_cache shared:SSL:1m; > > ssl_ciphers HIGH:!aNULL:!MD5:!RC4; > ssl_prefer_server_ciphers on; > > location = / > { > rewrite ^ http://$server_name/SOGo; > allow all; > } > > # For IOS 7 > location = /principals/ > { > rewrite ^ http://$server_name/SOGo/dav; > allow all; > } > > location = /.well-known/caldav/ > { > rewrite ^ http://$server_name/SOGo/dav; > } > > location = /.well-known/carddav/ > { > rewrite ^ http://$server_name/SOGo/dav; > allow all; > } > > location ^~ /SOGo > { > proxy_pass http://127.0.0.1:20000; > proxy_redirect http://127.0.0.1:20000 default; > # forward user's IP address > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > proxy_set_header Host $host; > proxy_set_header x-webobjects-server-protocol HTTP/1.0; > proxy_set_header x-webobjects-remote-host 127.0.0.1; > proxy_set_header x-webobjects-server-name $server_name; > proxy_set_header x-webobjects-server-url $scheme://$host; > proxy_set_header x-webobjects-server-port $server_port; > proxy_connect_timeout 90; > proxy_send_timeout 90; > proxy_read_timeout 90; > proxy_buffer_size 256k; > proxy_buffers 4 512k; > proxy_busy_buffers_size 512k; > proxy_temp_file_write_size 512k; > client_max_body_size 50m; > client_body_buffer_size 128k; > break; > } > > location /SOGo.woa/WebServerResources/ > { > alias /var/www/lib/sogo/www/; > allow all; > } > > location /SOGo/WebServerResources/ > { > alias /var/www/lib/sogo/www/; > allow all; > } > > location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ > { > alias /var/www/lib/sogo/$1.SOGo/Resources/$2; > } > > location > ^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ > { > alias /var/www/lib/sogo/$1.SOGo/Resources/$2; > } > > } > > } > ``` > > > On Mon Feb 6 10:04:01 2023, Zé Loff wrote: > > > > > > On Mon, Feb 06, 2023 at 11:32:47AM +0300, Maksim Rodin wrote: > > > Hello, > > > > This looks odd, and I can't check right now, but I don't think it > > > > matches "/SOGo/..." URLs. Shouldn't this be "location ~ ^/SOGo"? > > > > > > > I just used the example nginx config from sogo's pkg-readme > > > and only had to raise some proxy buffer settings because without these > > > nginx would > > > return errors about too big response from the upstream. > > > With this config Sogo webmail works. > > > The only problem is its logs. > > > > I found a couple of websites that have the same config as the > > pkg-readme (and you), but I also found some that have an extra space > > between "^~" and "/SOGo". I am inclined to believe that the space > > _should_ be there. > > > > Without that space, nginx will only match that location block if > > "^~/SOGo" (sic) is the beginning of the URI. If you add a space then > > "^~" becomes a modifier that means 'if the URI matches the following > > regex, use this block and stop looking for other matches' and "/SOGo" > > is the regex itself. > > > > So, in summary, I _think_ that there's a space missing between "^~" and > > "/SOGo" on the pkg-readme (and thus on your config), but I don't have a > > SOGO instance on which to test. Is it feasible for you to try adding > > that space to see if it makes a difference? Maybe someone else using it > > can chime in. > > > > > On Mon Feb 6 07:56:40 2023, Zé Loff wrote: > > > > On Mon, Feb 06, 2023 at 08:39:04AM +0300, Maksim Rodin wrote: > > > > > Hello, > > > > > After taking closer look at sogo I found out that it does not log real > > > > > ip of the client. > > > > > I set up the nginx just as it is it pkg-readme: > > > > > ... > > > > > location ^~/SOGo > > > > > > > > This looks odd, and I can't check right now, but I don't think it > > > > matches "/SOGo/..." URLs. Shouldn't this be "location ~ ^/SOGo"? > > > > > > > > > { > > > > > proxy_pass http://127.0.0.1:20000; > > > > > proxy_redirect http://127.0.0.1:20000 default; > > > > > # forward user's IP address > > > > > proxy_set_header X-Real-IP $remote_addr; > > > > > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > > > > > proxy_set_header Host $host; > > > > > proxy_set_header x-webobjects-server-protocol HTTP/1.0; > > > > > proxy_set_header x-webobjects-remote-host 127.0.0.1; > > > > > proxy_set_header x-webobjects-server-name $server_name; > > > > > proxy_set_header x-webobjects-server-url $scheme://$host; > > > > > proxy_set_header x-webobjects-server-port $server_port; > > > > > ... > > > > > > > > > > But the only ip I see in sogo.log is 127.0.0.1: > > > > > ... > > > > > Feb 06 08:18:52 sogod [5233]: <0x0x1314c787188[SOGoCache]> Cache > > > > > cleanup interval set every 300.000000 seconds > > > > > Feb 06 08:18:52 sogod [5233]: <0x0x1314c787188[SOGoCache]> Using > > > > > host(s) 'localhost' as server(s) > > > > > Feb 06 08:18:52 sogod [5233]: [WARN] > > > > > <0x0x13205ef07e8[SOGoWebDAVAclManager]> entry '{DAV:}write' already > > > > > exists in DAV permissions table > > > > > Feb 06 08:18:52 sogod [5233]: [WARN] > > > > > <0x0x13205ef07e8[SOGoWebDAVAclManager]> entry > > > > > '{DAV:}write-properties' already exists in DAV permissions table > > > > > Feb 06 08:18:52 sogod [5233]: [WARN] > > > > > <0x0x13205ef07e8[SOGoWebDAVAclManager]> entry '{DAV:}write-content' > > > > > already exists in DAV permissions table > > > > > Feb 06 08:18:52 sogod [5233]: 127.0.0.1 "GET > > > > > /SOGo/so/[email protected]/Calendar/alarmslist?browserTime=1675660780 > > > > > HTTP/1.1" 200 63/0 0.721 - - - > > > > > Feb 06 08:18:53 sogod [39052]: <0x0x1316e725408[NGImap4Client]> TLS > > > > > started successfully. > > > > > Feb 06 08:18:53 sogod [39052]: 127.0.0.1 "POST > > > > > /SOGo/so/[email protected]/Mail/0/folderINBOX/changes HTTP/1.1" 200 > > > > > 21/126 1.279 - - - > > > > > Feb 06 08:19:07 sogod [39052]: 127.0.0.1 "GET > > > > > /SOGo/so/[email protected]/Contacts/view HTTP/1.1" 200 21189/0 0.346 > > > > > 88239 75% - > > > > > Feb 06 08:19:08 sogod [39052]: [WARN] > > > > > <0x0x131f5640948[SOGoWebDAVAclManager]> entry '{DAV:}write' already > > > > > exists in DAV permissions table > > > > > Feb 06 08:19:08 sogod [39052]: [WARN] > > > > > <0x0x131f5640948[SOGoWebDAVAclManager]> entry > > > > > '{DAV:}write-properties' already exists in DAV permissions table > > > > > Feb 06 08:19:08 sogod [39052]: [WARN] > > > > > <0x0x131f5640948[SOGoWebDAVAclManager]> entry '{DAV:}write-content' > > > > > already exists in DAV permissions table > > > > > Feb 06 08:19:08 sogod [39052]: 127.0.0.1 "GET > > > > > /SOGo/so/[email protected]/Calendar/alarmslist?browserTime=1675660796 > > > > > HTTP/1.1" 200 63/0 0.022 - - - > > > > > Feb 06 08:19:08 sogod [39052]: 127.0.0.1 "POST > > > > > /SOGo/so/[email protected]/Contacts/645D-63DD1280-5-5CF5F100/view > > > > > HTTP/1.1" 200 522/46 0.027 - - - > > > > > Feb 06 08:19:08 sogod [5233]: <0x0x13173c7b808[NGImap4Client]> TLS > > > > > started successfully. > > > > > Feb 06 08:19:08 sogod [39052]: 127.0.0.1 "GET > > > > > /SOGo/so/[email protected]/Contacts/645D-63DD1280-5-5CF5F100/645D-63DD1280-7-5CF5F100.vcf/view > > > > > HTTP/1.1" 200 167/0 0.030 - - - > > > > > Feb 06 08:19:08 sogod [5233]: 127.0.0.1 "POST > > > > > /SOGo/so/[email protected]/Mail/0/folderINBOX/changes HTTP/1.1" 200 > > > > > 21/126 0.342 - - - > > > > > Feb 06 08:19:17 sogod [5233]: SOGoUserHomePage user > > > > > '[email protected]' logged off > > > > > Feb 06 08:19:17 sogod [5233]: 127.0.0.1 "GET > > > > > /SOGo/so/[email protected]/logoff HTTP/1.1" 302 0/0 0.060 - - - > > > > > Feb 06 08:19:17 sogod [5233]: 127.0.0.1 "GET /SOGo/so/ HTTP/1.1" 200 > > > > > 12347/0 0.114 45323 72% - > > > > > ... > > > > > > > > > > Is there something I forgot to set up? > > > > > > > > > > -- > > > > > Maksim Rodin > > > > > > > > > > > > > -- > > > > > > > > > > -- > > > С уважением, > > > Родин Максим > > > > > > > -- > > > > -- > С уважением, > Родин Максим > --
