I tried it via renaming the symlink in /usr/share/ but it gives me a 404 error. May I know where should I change it? I also tried to secure it by adding the security certificate lines as mentioned in other vhosts to the apps vhost but still couldn't work out. Could you give me a link to a similar query if you've already answered it? Don't want to bother you with trivial questions.
Code: server { listen 8081; server_name _; root /var/www/apps; client_max_body_size 100M; location / { index index.php index.html; } # serve static files directly location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt)$ { access_log off; } location ~ /\. { deny all; } location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; fastcgi_param HTTPS $https; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; # To access phpMyAdmin, the default user (like www-data on Debian/Ubuntu) must be used #fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/lib/php7.2-fpm/apps.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_read_timeout 1200; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /phpMyAdmin { rewrite ^/* /phpmyadmin last; } location /squirrelmail { root /usr/share/; index index.php index.html index.htm; location ~ ^/squirrelmail/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; fastcgi_param HTTPS $https; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; # To access SquirrelMail, the default user (like www-data on Debian/Ubuntu) must be used #fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/lib/php7.2-fpm/apps.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /webmail { rewrite ^/* /squirrelmail last; } location /cgi-bin/mailman { root /usr/lib/; fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; fastcgi_param HTTPS $https; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_intercept_errors on; fastcgi_pass unix:/var/run/fcgiwrap.socket; } location /images/mailman { alias /usr/share/images/mailman; } location /pipermail { alias /var/lib/mailman/archives/public; autoindex on; } #location /rspamd/ { #proxy_pass http://127.0.0.1:11334/; #rewrite ^//(.*) /$1; #proxy_set_header X-Forwarded-Proto $scheme; #proxy_set_header Host $host; #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_pass_header Authorization; #client_max_body_size 0; #client_body_buffer_size 1m; #proxy_intercept_errors on; #proxy_buffering on; #proxy_buffer_size 128k; #proxy_buffers 256 16k; #proxy_busy_buffers_size 256k; #proxy_temp_file_write_size 256k; #proxy_max_temp_file_size 0; #proxy_read_timeout 300; # #location ~* ^/rspamd/(.+\.(jpg|jpeg|gif|css|png|js|ico|html?|xml|txt))$ { #alias /usr/share/rspamd/www/$1; #} #} } This is a truncated version of my file. I tried changing location /squirrelmail { with /webmail but I'm faced with 404. Is there something else I should change as well?
There is already a webmail location, you can not have two locations for webmail. You will have to remove the webmail location if you want to rename the squirrelmail location to webmail.
Change just this line: location /squirrelmail { and this one: location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { and remove: location /webmail { rewrite ^/* /squirrelmail last; }
Did the changes as you mentioned but now I'm redirected to /squirrelmail when I type /webmail and faced with 404. Here's the entire file: https://pastebin.com/vqqujGG4
Close your browser, open it again and try then. it might be that your browser has cached the redirect.
It's probably easier if you either leave it as it is or create a website in ispconfig for webmail like webmail.yourdomain.tld and then install a webmail application of your choice in that web.
So I added a subdomain but the APS installer doesn't have the roundcube package. So do I have to install roundcube manually?
I don't have any tutorials on that topic. Basically, you create a website in ispconfig with php enabled, create a database user and database in ISPConfig, upload RoundCube to that site and then open the roundcube installer in a browser and follow it's instructions. So it's not different from installing any kind of CMS system., But If I were you, I would just leave the RoundCube setup as it is. It is working fine and I use it on my servers like this for years without any issues.
I like the current setup - all I want to do is add SSL & change /squirrelmail in the URL to /webmail.
That /squirrelmail folder is used is the current setup as the webmail client is installed in that folder and uses this URL, so if you don't want this then you don't want the setup that ISPConfig uses and you have to build your own setup then. A good starting point for building your own setup is by reading the nginx and roundcube docs or by following the instructions I posted above for using an ispconfig website and installing roundcube into it. And you can enable SSL by adding the ssl config lines to apps vhost.
Well for SSL do I need to include all these lines in apps vhost from ispconfig vhost? The roundcube is on port listen 8080 ssl; listen [::]:8080 ssl ipv6only=on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt; ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key; ssl_ciphers 'XYZ'; ssl_prefer_server_ciphers on;
Yes, but you have to change the apps vhost, not the ispconfig vhost and the apps vhost port is 8081 and not 8080 and its a different config file.