|
|
@@ -192,48 +192,21 @@ function install_mailpile {
|
|
192
|
192
|
chmod +x /etc/systemd/system/mailpile.service
|
|
193
|
193
|
|
|
194
|
194
|
mailpile_nginx_site=/etc/nginx/sites-available/$MAILPILE_DOMAIN_NAME
|
|
195
|
|
- if [ ! -f $mailpile_nginx_site ]; then
|
|
196
|
|
- if [[ $ONION_ONLY == "no" ]]; then
|
|
197
|
|
- function_check nginx_http_redirect
|
|
198
|
|
- nginx_http_redirect $MAILPILE_DOMAIN_NAME
|
|
199
|
|
- echo 'server {' >> $mailpile_nginx_site
|
|
200
|
|
- echo ' listen 443 ssl;' >> $mailpile_nginx_site
|
|
201
|
|
- echo " server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site
|
|
202
|
|
- echo '' >> $mailpile_nginx_site
|
|
203
|
|
- echo ' # Security' >> $mailpile_nginx_site
|
|
204
|
|
- function_check nginx_ssl
|
|
205
|
|
- nginx_ssl $MAILPILE_DOMAIN_NAME
|
|
206
|
|
-
|
|
207
|
|
- function_check nginx_disable_sniffing
|
|
208
|
|
- nginx_disable_sniffing $MAILPILE_DOMAIN_NAME
|
|
209
|
|
-
|
|
210
|
|
- echo ' add_header Strict-Transport-Security max-age=15768000;' >> $mailpile_nginx_site
|
|
211
|
|
- echo '' >> $mailpile_nginx_site
|
|
212
|
|
- echo ' # Logs' >> $mailpile_nginx_site
|
|
213
|
|
- echo ' access_log off;' >> $mailpile_nginx_site
|
|
214
|
|
- echo ' error_log off;' >> $mailpile_nginx_site
|
|
215
|
|
- echo '' >> $mailpile_nginx_site
|
|
216
|
|
- echo ' # Root' >> $mailpile_nginx_site
|
|
217
|
|
- echo " root /var/www/$MAILPILE_DOMAIN_NAME/mail;" >> $mailpile_nginx_site
|
|
218
|
|
- echo '' >> $mailpile_nginx_site
|
|
219
|
|
- echo ' location / {' >> $mailpile_nginx_site
|
|
220
|
|
- function_check nginx_limits
|
|
221
|
|
- nginx_limits $MAILPILE_DOMAIN_NAME '15m'
|
|
222
|
|
- echo " proxy_pass http://localhost:${MAILPILE_PORT}/;" >> $mailpile_nginx_site
|
|
223
|
|
- echo ' proxy_set_header X-Forwarded-Host $host;' >> $mailpile_nginx_site
|
|
224
|
|
- echo ' proxy_set_header X-Forwarded-Server $host;' >> $mailpile_nginx_site
|
|
225
|
|
- echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site
|
|
226
|
|
- echo ' }' >> $mailpile_nginx_site
|
|
227
|
|
- echo '}' >> $mailpile_nginx_site
|
|
228
|
|
- else
|
|
229
|
|
- echo -n '' > $mailpile_nginx_site
|
|
230
|
|
- fi
|
|
|
195
|
+ if [[ $ONION_ONLY == "no" ]]; then
|
|
|
196
|
+ function_check nginx_http_redirect
|
|
|
197
|
+ nginx_http_redirect $MAILPILE_DOMAIN_NAME
|
|
231
|
198
|
echo 'server {' >> $mailpile_nginx_site
|
|
232
|
|
- echo " listen 127.0.0.1:$MAILPILE_ONION_PORT default_server;" >> $mailpile_nginx_site
|
|
233
|
|
- echo " server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site
|
|
|
199
|
+ echo ' listen 443 ssl;' >> $mailpile_nginx_site
|
|
|
200
|
+ echo " server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site
|
|
234
|
201
|
echo '' >> $mailpile_nginx_site
|
|
|
202
|
+ echo ' # Security' >> $mailpile_nginx_site
|
|
|
203
|
+ function_check nginx_ssl
|
|
|
204
|
+ nginx_ssl $MAILPILE_DOMAIN_NAME
|
|
|
205
|
+
|
|
235
|
206
|
function_check nginx_disable_sniffing
|
|
236
|
207
|
nginx_disable_sniffing $MAILPILE_DOMAIN_NAME
|
|
|
208
|
+
|
|
|
209
|
+ echo ' add_header Strict-Transport-Security max-age=15768000;' >> $mailpile_nginx_site
|
|
237
|
210
|
echo '' >> $mailpile_nginx_site
|
|
238
|
211
|
echo ' # Logs' >> $mailpile_nginx_site
|
|
239
|
212
|
echo ' access_log off;' >> $mailpile_nginx_site
|
|
|
@@ -251,7 +224,32 @@ function install_mailpile {
|
|
251
|
224
|
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site
|
|
252
|
225
|
echo ' }' >> $mailpile_nginx_site
|
|
253
|
226
|
echo '}' >> $mailpile_nginx_site
|
|
|
227
|
+ else
|
|
|
228
|
+ echo -n '' > $mailpile_nginx_site
|
|
254
|
229
|
fi
|
|
|
230
|
+ echo 'server {' >> $mailpile_nginx_site
|
|
|
231
|
+ echo " listen 127.0.0.1:$MAILPILE_ONION_PORT default_server;" >> $mailpile_nginx_site
|
|
|
232
|
+ echo " server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site
|
|
|
233
|
+ echo '' >> $mailpile_nginx_site
|
|
|
234
|
+ function_check nginx_disable_sniffing
|
|
|
235
|
+ nginx_disable_sniffing $MAILPILE_DOMAIN_NAME
|
|
|
236
|
+ echo '' >> $mailpile_nginx_site
|
|
|
237
|
+ echo ' # Logs' >> $mailpile_nginx_site
|
|
|
238
|
+ echo ' access_log off;' >> $mailpile_nginx_site
|
|
|
239
|
+ echo ' error_log off;' >> $mailpile_nginx_site
|
|
|
240
|
+ echo '' >> $mailpile_nginx_site
|
|
|
241
|
+ echo ' # Root' >> $mailpile_nginx_site
|
|
|
242
|
+ echo " root /var/www/$MAILPILE_DOMAIN_NAME/mail;" >> $mailpile_nginx_site
|
|
|
243
|
+ echo '' >> $mailpile_nginx_site
|
|
|
244
|
+ echo ' location / {' >> $mailpile_nginx_site
|
|
|
245
|
+ function_check nginx_limits
|
|
|
246
|
+ nginx_limits $MAILPILE_DOMAIN_NAME '15m'
|
|
|
247
|
+ echo " proxy_pass http://localhost:${MAILPILE_PORT}/;" >> $mailpile_nginx_site
|
|
|
248
|
+ echo ' proxy_set_header X-Forwarded-Host $host;' >> $mailpile_nginx_site
|
|
|
249
|
+ echo ' proxy_set_header X-Forwarded-Server $host;' >> $mailpile_nginx_site
|
|
|
250
|
+ echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site
|
|
|
251
|
+ echo ' }' >> $mailpile_nginx_site
|
|
|
252
|
+ echo '}' >> $mailpile_nginx_site
|
|
255
|
253
|
|
|
256
|
254
|
function_check create_site_certificate
|
|
257
|
255
|
if [ ! -f /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.pem ]; then
|
Bob Mottram
8 年 前