NginX reverse proxy with iRedMail Apache2

Server NGINX
1

On an empty VPS hosting (Ubuntu 13.10 x64), I managed to run the base
iRedMail installation with Apache2 and LDAP and my roundcubemail was
accessible at:
https://www.mydomain.com/mail

then I installed NginX, shutdown Apache2, reconfigured iRedMail (without
adding any extra A record in the DNS entry) and managed to run it on
NginX
base installation as well with roundcubemail accessible at:
https://mail.mydomain.com

Now, I want to run NginX reverse proxy with the base iRedMail Apache2
installation with roundcubemail accessible at:
https://mail.mydomain.com
and I’m kinda stuck with the following Apache2 config files:

Listen 8080

<VirtualHost *:8080>
DocumentRoot /var/www/
ServerName mail.mydomain.com

Alias / “/usr/share/apache2/roundcubemail/”
<Directory “/usr/share/apache2/roundcubemail”>
Options Indexes FollowSymlinks MultiViews
AllowOverride All
Order allow,deny
Allow from all

and following NginX config file:

server {
listen 80 default_server;
listen [::]:80;

    root /usr/share/nginx/html;
    index index.html index.htm index.php;

    server_name mydomain.com www.mydomain.com mail.mydomain.com;

    location / {
            try_files $uri $uri/ /index.html;
    }

    location ~ \.php$ {
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $host;
            proxy_pass http://127.0.0.1:8080/;
    }

    location ~ /\.ht {
            deny all;
    }

}

server {
listen 443 ssl;

    root /var/www;
    index index.html index.htm index.php;

    server_name mydomain.com www.mydomain.com mail.mydomain.com;

    ssl                  on;
    ssl_certificate      /etc/ssl/certs/iRedMail_CA.pem;
    ssl_certificate_key  /etc/ssl/private/iRedMail.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers

ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;

    location / {
            # Apache is listening here
            proxy_pass http://127.0.0.1:8080/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For

$proxy_add_x_forwarded_for;
}
}

Hitting in browser:
https://mail.mydomain.com
gives the usual SSL Connection Error.
Kindly advise.

Posted at Nginx Forum:

2

I changed the faulty line in NginX default config file to:

server {
listen 80 default_server;
listen [::]:80;

    root /usr/share/nginx/html;
    index index.html index.htm index.php;

    server_name mydomain.com www.mydomain.com;

    location / {
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For

$proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}

    location ~ /\.ht {
            deny all;
    }

}

So now, on hitting in the browser:
https://mail.mydomain.com

I get the error on the browser:
This webpage has a redirect loop
The webpage at https://mail.mydomain.com/ has resulted in too many
redirects. Clearing your cookies for this site or allowing third-party
cookies may fix the problem. If not, it is possibly a server
configuration
issue and not a problem with your computer.

The NginX error is gone but the Apache error remains the same.
I think it’s some config problem with setup of iRedMail so I’m going to
decommission Apache2 for iRedMail setup and move the entire iRedMail
setup
on NginX directly.

Posted at Nginx Forum: