42 lines
1.2 KiB
Markdown
42 lines
1.2 KiB
Markdown
# Roundcube
|
|
|
|
Requires additional PHP and web server setup, e.g. with this [nginx](https://git.notandy.de/ansible/roles/nginx) role:
|
|
|
|
```
|
|
roundcube_config:
|
|
imap_host: 'ssl://mail.example.com:993'
|
|
smtp_host: 'tls://mail.example.com:587'
|
|
des_key: "{{ lookup('passwordstore', 'example.com/roundcube-secret create=true length=24 nosymbols=true') }}"
|
|
|
|
nginx:
|
|
add_headers:
|
|
Strict-Transport-Security: "max-age=63072000"
|
|
Content-Security-Policy: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data:"
|
|
X-Frame-Options: "sameorigin"
|
|
X-Content-Type-Options: "nosniff"
|
|
X-XSS-Protection: "1; mode=block"
|
|
php:
|
|
ini:
|
|
date_timezone: Europe/Berlin
|
|
vhosts:
|
|
mail:
|
|
servername:
|
|
- mail.example.com
|
|
custom:
|
|
- root /var/lib/roundcube
|
|
- index index.php index.html index.htm
|
|
locations:
|
|
- match: /
|
|
custom:
|
|
- try_files $uri $uri/ /index.php?q=$uri&$args
|
|
- match: ^~ /data
|
|
custom:
|
|
- deny all
|
|
- match: '~ \.php$'
|
|
custom:
|
|
- include /etc/nginx/fastcgi_params
|
|
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name
|
|
- fastcgi_param REDIRECT_STATUS 200
|
|
- fastcgi_param HTTPS On
|
|
- fastcgi_pass php-handler
|
|
```
|