Using zimbra reverse proxy to forward http to external host

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
McGregor
Posts: 17
Joined: Wed Oct 25, 2017 5:09 pm

Using zimbra reverse proxy to forward http to external host

Post by McGregor »

Hi, I'm running Zimbra 8.7.11_GA_1854 over Ubuntu 16.04.

I would like to take advantage of my zimbra server being on a VPS without port restriction to use it as a reverse proxy to forward traffic from http://my-domain.com to https://ip-address:443, the latter being a web server located elsewhere where port 80 is blocked. I thought that the ngix proxy server of zimbra would be best to achieve this but I have a challenge finding the right way to configure it.

Any advice?

Thank you.
milauria
Advanced member
Advanced member
Posts: 96
Joined: Mon Aug 15, 2016 12:32 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by milauria »

If interested I did just the opposite ... with a webserver with nginx reverse proxy in front of Zimbra which is not directly exposed to external. I can pass you the .conf if you need it. cheers
McGregor
Posts: 17
Joined: Wed Oct 25, 2017 5:09 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by McGregor »

Sure Milauria, I'm interested to see your .conf file. Which version of zimbra are you using?

thanks.
milauria
Advanced member
Advanced member
Posts: 96
Joined: Mon Aug 15, 2016 12:32 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by milauria »

Hi see below my conf server location redirecting to LAN Zimbra server IP ... cheers

Code: Select all

server {
	server_name mail.mydomain.com ;
	location / {
		proxy_pass https://myzimbraIP:8443;           
		proxy_set_header      X-Real-IP $remote_addr;
		proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header      Host $http_host;
		proxy_read_timeout    90;
		proxy_connect_timeout 90;
		proxy_send_timeout        90;	
		proxy_buffer_size         16k;
		proxy_buffers        32   16k;
		proxy_busy_buffers_size   64k;
		client_body_buffer_size   128k;
		client_max_body_size  15m;
		}
}
McGregor
Posts: 17
Joined: Wed Oct 25, 2017 5:09 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by McGregor »

Interesting! Although I guess you are not running zimbra 8.7 or above, as it mandatory instalsl and enables a ngix proxy. This is why I thought about reusing it to forward non-email traffic to another domain. Which version of zimbra are you running?

Thanks!
milauria
Advanced member
Advanced member
Posts: 96
Joined: Mon Aug 15, 2016 12:32 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by milauria »

I am on latest 8.7.11. Zimbra has his own nginx proxy exanbled but it does not interfere, I read it's good to have it installed anyway also with memcache but it stays there on the zimbra server... maybe you can use it for what you want but me I preferred not to tweak the Zimbra install. The nginx I run for reverse proxy is totally independent on the other server.
McGregor
Posts: 17
Joined: Wed Oct 25, 2017 5:09 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by McGregor »

Is your proxy forwarding traffic coming from any port including email ports? I'm not an expert with ngix but I only see a forward to https://...:8443.
milauria
Advanced member
Advanced member
Posts: 96
Joined: Mon Aug 15, 2016 12:32 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by milauria »

You can do this, there are specific “mail” settings in nginx commands to do this. In my case i route incoming port 25 with the LAN router.
jhonatan1
Posts: 1
Joined: Fri Oct 27, 2017 1:29 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by jhonatan1 »

buenos dias tengo un problema con el zimbra es que yo mando correos me salen correctamente y no me rebotan pero nunca les llega a los destinatarios
me pueden colaborar por favor que tengo que hacer para solucionar esto gracias

Quedo Atento
McGregor
Posts: 17
Joined: Wed Oct 25, 2017 5:09 pm

Re: Using zimbra reverse proxy to forward http to external host

Post by McGregor »

Found a solution on this, so I'm sharing it.

Let's say you want to use zimbra reverse proxy as a front end to a docker container running a virtual post (http://www.example.com) posting a port on the same server as zimbra. This scenario assumes your virtual host is on the same domain as your zimbra server (example.com).
  • Edit (as zimbra user) the zimbra nginx conf file: /opt/zimbra/conf/nginx/templates/nginx.conf.web.https.default.template
    Just before the directive "location /" insert the following code
    Then restart the zimbra proxy: zmproxyctl restart
Remember that this customization will be erased the next time you uprade zimbra

Code: Select all

#   ***  Beginning of customizations  ***

   if ($host = www.example.com) {
      return 550;
   }

   error_page 550 = @custom;

   location @custom {                 # www.example.com
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8082;
        proxy_redirect default;
    }
   
#   ***  End of customizations  ***
Your Docker container should post its port as:

ports:
- "127.0.0.1:8082:80"
Post Reply