Hi,
just to add that from /opt/zimbra/conf/nginx/templates/nginx.conf.template I see:
${web.available}${web.enabled}include ${core.includes}/${core.cprefix}.web;
The "#" in /opt/zimbra/conf/nginx.conf seems related to the variables web.available and web.enabled...
...how to better check?
tnx & br
Proxy does not listens on port http/https
- JDunphy
- Outstanding Member
- Posts: 889
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Proxy does not listens on port http/https
zmproxyconfig generates the nginx proxy configuration files. It reads LDAP settings to replace template variables and generates the final nginx configuration.
Here is the section on 8.7+ that looks to be important in your case.
You could look at some of those ldap variables to see what they contain in your environment. Note: -w: Toggle Web proxy portions and -x: the proxy mail mode when enable proxy, or the store mail mode when disable proxy (Both default: http).
Ok... this looks like it might help... https://wiki.zimbra.com/wiki/Enabling_Z ... _memcached Check out the section where they have only a proxy and list this.
Here is the section on 8.7+ that looks to be important in your case.
Code: Select all
if (isInstalled("zimbra-proxy")) {
...
...
if ($options{w}) {
if ($options{x}) {
$proxyMailMode=$options{x};
}
chomp($proxyMailMode);
print ZMPROV "ms $hostname ".
"zimbraMailPort $w1 ".
"zimbraMailProxyPort $w2 ".
"zimbraMailSSLPort $w3 ".
"zimbraMailSSLProxyPort $w4 ".
"zimbraReverseProxyMailMode $proxyMailMode ".
"zimbraReverseProxyHttpEnabled FALSE\n";
#once web proxy is disabled, admin console proxy will be disabled for sure
print ZMPROV "ms $hostname ".
"zimbraReverseProxyAdminEnabled FALSE ".
"zimbraAdminPort $n1 ".
"zimbraAdminProxyPort $n2\n";
}
$enabledHTTPProxy = getLdapServerValue("zimbraReverseProxyHttpEnabled");
$enabledMailProxy = getLdapServerValue("zimbraReverseProxyMailEnabled");
if ($enabledHTTPProxy eq "FALSE" && $enabledMailProxy eq "FALSE" && isEnabled("zimbra-proxy")) {
print ZMPROV "ms $hostname ".
"-zimbraServiceEnabled proxy\n";
}
}
Ok... this looks like it might help... https://wiki.zimbra.com/wiki/Enabling_Z ... _memcached Check out the section where they have only a proxy and list this.
Code: Select all
/opt/zimbra/libexec/zmproxyconfig -e -m -H mailbox.node.service.hostname
Re: Proxy does not listens on port http/https
Hi,
I double checked LDAP properties but I didnt find any problem
On proxy node:
[zimbra@ml-fe ~]$ zmprov gs `zmhostname` zimbraMailPort zimbraMailProxyPort zimbraMailSSLPort zimbraMailSSLProxyPort zimbraReverseProxyMailMode zimbraReverseProxyHttpEnabled zimbraReverseProxyMailEnabled zimbraServiceEnabled zimbraServiceInstalled zimbraReverseProxySSLToUpstreamEnabled zimbraReverseProxyStrictServerNameEnabled zimbraReverseProxyLookupTarget zimbraMailMode
# name ml-fe.x.internal
zimbraMailPort: 8080
zimbraMailProxyPort: 80
zimbraMailSSLPort: 8443
zimbraMailSSLProxyPort: 443
zimbraReverseProxyHttpEnabled: TRUE
zimbraReverseProxyLookupTarget: FALSE
zimbraReverseProxyMailEnabled: TRUE
zimbraReverseProxyMailMode: https
zimbraReverseProxySSLToUpstreamEnabled: TRUE
zimbraReverseProxyStrictServerNameEnabled: FALSE
zimbraServiceEnabled: memcached
zimbraServiceEnabled: stats
zimbraServiceEnabled: proxy
zimbraServiceInstalled: proxy
zimbraServiceInstalled: memcached
zimbraServiceInstalled: stats
On a mailstore node:
[zimbra@ml-store01 ~]$ zmprov gs `zmhostname` zimbraMailPort zimbraMailProxyPort zimbraMailSSLPort zimbraMailSSLProxyPort zimbraReverseProxyMailMode zimbraReverseProxyHttpEnabled zimbraReverseProxyMailEnabled zimbraServiceEnabled zimbraServiceInstalled zimbraReverseProxySSLToUpstreamEnabled zimbraReverseProxyStrictServerNameEnabled zimbraReverseProxyLookupTarget zimbraMailMode
# name ml-store01.x.internal
zimbraMailMode: https
zimbraMailPort: 8080
zimbraMailProxyPort: 80
zimbraMailSSLPort: 8443
zimbraMailSSLProxyPort: 443
zimbraReverseProxyHttpEnabled: FALSE
zimbraReverseProxyLookupTarget: TRUE
zimbraReverseProxyMailEnabled: TRUE
zimbraReverseProxySSLToUpstreamEnabled: TRUE
zimbraReverseProxyStrictServerNameEnabled: TRUE
zimbraServiceEnabled: service
zimbraServiceEnabled: zimlet
zimbraServiceEnabled: mailbox
zimbraServiceEnabled: stats
zimbraServiceEnabled: spell
zimbraServiceInstalled: mailbox
zimbraServiceInstalled: stats
zimbraServiceInstalled: spell
I'm trying to understand what's the value of the attributes:
${web.available}
${web.enabled}
from /opt/zimbra/conf/nginx/templates/nginx.conf.template
I would like to understand where/how they are set...in order to remove the "#" in /opt/zimbra/conf/nginx.conf
And also, why I got the following warnings?
[zimbra@ml-fe ~]$ /opt/zimbra/libexec/zmproxyconfgen --dry-run
[] INFO: Strict server name enforcement enabled? false
[] INFO: Web is enabled but there are no HTTP upstream webclient/mailclient servers
[] INFO: Web is enabled but there are no HTTPS upstream webclient/mailclient servers
[] WARN: Configuration is not valid because no route lookup handlers exist, or because no HTTP/HTTPS upstream servers were found
[] WARN: Please ensure that the output of 'zmprov garpu/garpb' returns at least one entry
...
Tnx & br
I double checked LDAP properties but I didnt find any problem
On proxy node:
[zimbra@ml-fe ~]$ zmprov gs `zmhostname` zimbraMailPort zimbraMailProxyPort zimbraMailSSLPort zimbraMailSSLProxyPort zimbraReverseProxyMailMode zimbraReverseProxyHttpEnabled zimbraReverseProxyMailEnabled zimbraServiceEnabled zimbraServiceInstalled zimbraReverseProxySSLToUpstreamEnabled zimbraReverseProxyStrictServerNameEnabled zimbraReverseProxyLookupTarget zimbraMailMode
# name ml-fe.x.internal
zimbraMailPort: 8080
zimbraMailProxyPort: 80
zimbraMailSSLPort: 8443
zimbraMailSSLProxyPort: 443
zimbraReverseProxyHttpEnabled: TRUE
zimbraReverseProxyLookupTarget: FALSE
zimbraReverseProxyMailEnabled: TRUE
zimbraReverseProxyMailMode: https
zimbraReverseProxySSLToUpstreamEnabled: TRUE
zimbraReverseProxyStrictServerNameEnabled: FALSE
zimbraServiceEnabled: memcached
zimbraServiceEnabled: stats
zimbraServiceEnabled: proxy
zimbraServiceInstalled: proxy
zimbraServiceInstalled: memcached
zimbraServiceInstalled: stats
On a mailstore node:
[zimbra@ml-store01 ~]$ zmprov gs `zmhostname` zimbraMailPort zimbraMailProxyPort zimbraMailSSLPort zimbraMailSSLProxyPort zimbraReverseProxyMailMode zimbraReverseProxyHttpEnabled zimbraReverseProxyMailEnabled zimbraServiceEnabled zimbraServiceInstalled zimbraReverseProxySSLToUpstreamEnabled zimbraReverseProxyStrictServerNameEnabled zimbraReverseProxyLookupTarget zimbraMailMode
# name ml-store01.x.internal
zimbraMailMode: https
zimbraMailPort: 8080
zimbraMailProxyPort: 80
zimbraMailSSLPort: 8443
zimbraMailSSLProxyPort: 443
zimbraReverseProxyHttpEnabled: FALSE
zimbraReverseProxyLookupTarget: TRUE
zimbraReverseProxyMailEnabled: TRUE
zimbraReverseProxySSLToUpstreamEnabled: TRUE
zimbraReverseProxyStrictServerNameEnabled: TRUE
zimbraServiceEnabled: service
zimbraServiceEnabled: zimlet
zimbraServiceEnabled: mailbox
zimbraServiceEnabled: stats
zimbraServiceEnabled: spell
zimbraServiceInstalled: mailbox
zimbraServiceInstalled: stats
zimbraServiceInstalled: spell
I'm trying to understand what's the value of the attributes:
${web.available}
${web.enabled}
from /opt/zimbra/conf/nginx/templates/nginx.conf.template
I would like to understand where/how they are set...in order to remove the "#" in /opt/zimbra/conf/nginx.conf
And also, why I got the following warnings?
[zimbra@ml-fe ~]$ /opt/zimbra/libexec/zmproxyconfgen --dry-run
[] INFO: Strict server name enforcement enabled? false
[] INFO: Web is enabled but there are no HTTP upstream webclient/mailclient servers
[] INFO: Web is enabled but there are no HTTPS upstream webclient/mailclient servers
[] WARN: Configuration is not valid because no route lookup handlers exist, or because no HTTP/HTTPS upstream servers were found
[] WARN: Please ensure that the output of 'zmprov garpu/garpb' returns at least one entry
...
Tnx & br
Re: Proxy does not listens on port http/https
Hi,
I don't know if it's related to this issue, so I opened a new topic: viewtopic.php?f=15&t=64554
tnx & br
I don't know if it's related to this issue, so I opened a new topic: viewtopic.php?f=15&t=64554
tnx & br
Re: Proxy does not listens on port http/https
Hi,
I found the following workaround. I don't know if it can be a solution...
From the installer I configured an ADMIN only UI node. I discovered It runs also a mailbox service (don't know why...I would like only UI). So I disabled the service mailbox because I have other dedicate mailbox servers.
As per https://wiki.zimbra.com/wiki/Enabling_Z ... _memcached (Proxy Login Slow)
on admin node I executed:
zmprov ms `zmhostname` zimbraReverseProxyLookupTarget FALSE
This caused the issue!
Now on admin node I restored
zmprov ms `zmhostname` zimbraReverseProxyLookupTarget TRUE
and proxy has the web configuration!
What do you think? It's corrrect to set zimbraReverseProxyLookupTarget TRUE even if it does not run mailbox service?...what about the doc?
tnx & br
I found the following workaround. I don't know if it can be a solution...
From the installer I configured an ADMIN only UI node. I discovered It runs also a mailbox service (don't know why...I would like only UI). So I disabled the service mailbox because I have other dedicate mailbox servers.
As per https://wiki.zimbra.com/wiki/Enabling_Z ... _memcached (Proxy Login Slow)
on admin node I executed:
zmprov ms `zmhostname` zimbraReverseProxyLookupTarget FALSE
This caused the issue!
Now on admin node I restored
zmprov ms `zmhostname` zimbraReverseProxyLookupTarget TRUE
and proxy has the web configuration!
What do you think? It's corrrect to set zimbraReverseProxyLookupTarget TRUE even if it does not run mailbox service?...what about the doc?
tnx & br