Hello everyone,
I have an issue with the WebUI: I cant reach it both locally and from my domain.
I set up mailcow following the docs and I set up my nginx reverse proxy (in an external LXC) as usual, I made sure to edit mailcow.conf with 127.0.0.1 as bind adress and 8090 as HTTP port and 8443 as HTTPS port.
My domain is managed by Cloudflare though I don’t think it’s relevant but may be worth to mention.
My reverse proxy manages all my other services without an issue and takes care of Let’s Encrypt certs
Does anyone have an idea ?
Here is the conf of my nginx reverse proxy:
server{
listen 80;
server_name mail.domain.tld
#return 301 https://mail.domain.tld$request_uri;
rewrite ^ https://$server_name$request_uri? permanent;
access_log /var/log/nginx/mailcow_access.log combined;
error_log /var/log/nginx/mailcow_error.log error;
location /.well-known {
alias /var/www/html/.well-known;
}
}
server {
listen 443 ssl http2;
server_name mail.domain.tld;
access_log /var/log/nginx/mailcow_ssl_access.log combined;
error_log /var/log/nginx/mailcow_ssl_error.log error;
ssl_certificate /etc/letsencrypt/live/mail.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.domain.tld/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ecdh_curve secp384r1;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; ";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
location / {
include proxy_params;
proxy_pass http://192.168.2.13:8090;
}
location /.well-known {
alias /var/www/html/.well-known;
}
location /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
}
```