roundcube/chwala interaction inconsistencies (and nginx?)

Johannes Graumann johannes_graumann at web.de
Wed Sep 24 11:59:53 CEST 2014


Hello,

I have a setup in which a centos lxc-container runs kolab and another 
(debian -based) lxc container runs nginx, proxying (https-rewriting) all 
http(s) traffic. I have attached the (slightly obfuscated) corresponding 
nginx configuration below - 10.10.10.4 is the address of the kolab-running 
container.

With this setup, I have access to roundcube, kolab-webadmin, ActiveSync and 
Chwala (via explicit */chwala) just fine (the other protocols haven't been 
tested).

For the "Files" tab in roundcube the default config doesn't work as 
everything is being rewritten to https ...
When I edit (on the kolab server) "/etc/roundcubemail/kolab_files.inc.php" 
to
>  $config['kolab_files_url'] = 'https://' . $_SERVER['HTTP_HOST'] . 
'/chwala/';
and run "service httpd restart", a roundcube instance that was open/logged 
in before that shows the expected folder structure in "Files" - saving to 
cloud still fails with "Saving 1 file(s) failed.".

Upon logging out of roundcube and logging back in, the "Files" tab is empty 
once more, not delivering the existing folder tree and restarting httpd 
does 
not bring it back.

This is plain weird. Where is there caching going on here and why? I am 
unable to find any meaningful logging information accompanying these events.

Any idea what's going on, what to try, where to look?

Thanks, Joh

> server {
>         listen   80;
>         # Rewrite to ssl (https)
>         server_name  mail.<MYDOMAIN>.org www.mail.<MYDOMAIN>.org 
kolab.<MYDOMAIN>.org www.kolab.<MYDOMAIN>.org mail.MY.HOSTER.net 
www.mail.MY.HOSTER.net;
>         #rewrite ^ https://$server_name$request_uri? permanent;
>         rewrite ^ https://mail.MY.HOSTER.net$request_uri? permanent;
> }
> server {
>         listen   443;
>         server_name  mail.<MYDOMAIN>.org www.mail.<MYDOMAIN>.org 
kolab.<MYDOMAIN>.org www.kolab.<MYDOMAIN>.org mail.MY.HOSTER.net 
www.mail.MY.HOSTER.net;
>         client_max_body_size 40M;
>         # SSL is using CACert credentials
>         ssl  on;
>         ssl_certificate  /etc/ssl/private/cacert.<MYDOMAIN>.org.pem;
>         ssl_certificate_key  
/etc/ssl/private/cacert.<MYDOMAIN>.org_privatkey.pem;
>         ssl_session_timeout  5m;
>         ssl_protocols  SSLv3 TLSv1;
>         ssl_ciphers  ALL:!ADH:!EXPORT56:!LOW:RC4+RSA:+HIGH:+MEDIUM:+SSLv3:
+EXP;
>         ssl_prefer_server_ciphers   on;
>         # Proxy the "kolab.<MYDOMAIN>.org" lxc container
>         location / {
>                 proxy_pass http://10.10.10.14/roundcubemail/;
>  #              proxy_pass http://10.10.10.14;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
>         location /kolab-webadmin/ {
>                 proxy_pass http://10.10.10.14/kolab-webadmin/;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
>         location /freebusy/ {
>                 proxy_pass http://10.10.10.14/freebusy/;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
>         location /chwala/ {
>                 proxy_pass http://10.10.10.14/chwala/;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
>         location /iRony/ {
>                 proxy_pass http://10.10.10.14/iRony/;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
>         location /Microsoft-Server-ActiveSync/ {
>                 proxy_pass http://10.10.10.14/Microsoft-Server-ActiveSync/;
>                 proxy_set_header Host $host;
>                 proxy_set_header X-Real-IP $remote_addr;
>                 proxy_set_header X-Forwarded-For 
$proxy_add_x_forwarded_for;
>         }
> }
>




More information about the users mailing list