General discussion on installation and configuration of SOGo

Text archives Help


[SOGo] Second Host on SOGo/Zentyal Server


Chronological Thread 
  • From: "Kevin Smith" ( ) < >
  • To:
  • Subject: [SOGo] Second Host on SOGo/Zentyal Server
  • Date: Thu, 27 Jul 2017 07:44:20 -0500
  • Dmarc-filter: OpenDMARC Filter v1.2.0 mail.inverse.ca B3BF7F07887

I am trying to install a second, ssl enabled vhost on my Sogo/Zentyal server, but I'm running into difficulty with the proxy. I keep getting the error

The stylesheet https://www.[i]mysecondsite[/i].com/SOGo.woa/WebServerResources/dtree.css?lm=1459872312 was not loaded because its MIME type, “application/octet-stream”, is not “text/css”.

I have a ProxyPass directive, to send everything non-sogo related into another server. That doesn't seem to be having any effect on the above error. I have even tried copying and pasting the original sogo conf file, to the second site, but it doesn't work. I have tried with and without the SOGo.woa proxypass directive. Sogo does not seem to pick up the Alias /SOGo.woa/WebServerResources/ , as it won't load any of the .woa resources, without the ProxyPass /SOGo.woa ... Does anyone have any ideas? 

Here is my .conf file That I am currently working with. Keep in mind that I have heavily changed the second, ssl, virtualhost. I started by duplicating the original VirtualHost, changing the ServerName and ServerAlias, but that didn't work.

user  www-data
group www-data

WSGILazyInitialization On
WSGIPythonPath /usr/lib/openchange/web/rpcproxy
WSGIScriptAlias /rpc/rpcproxy.dll /usr/lib/openchange/web/rpcproxy/rpcproxy.wsgi
WSGIScriptAlias /rpcwithcert/rpcproxy.dll /usr/lib/openchange/web/rpcproxy/rpcproxy.wsgi

<VirtualHost *:443>
    ServerName zentyal.myfirstsite.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/ocsmanager/myfirstsite.com.pem
    ProxyAddHeaders On

    ############################
    #### Autodiscover begin ####
    ############################
    ProxyPassMatch /[Aa]utodiscover(.*)$ http://127.0.0.1:5000/autodiscover$1

    #############
    #### EWS ####
    #############
    ProxyPass /ews http://127.0.0.1:5000/ews

    #########################
    #### RPC Proxy begin ####
    #########################
    # Extremely high timeout required by clients)
    Timeout 300
    KeepAlive On
    KeepAliveTimeout 120
    MaxKeepAliveRequests 500
    AddDefaultCharset utf-8

    Include /etc/apache2/mods-available/wsgi.load
    Include /etc/apache2/mods-available/env.load

    <Directory /usr/lib/openchange/web/rpcproxy/>
        SetEnv RPCPROXY_LOGLEVEL INFO
        SetEnv NTLMAUTHHANDLER_WORKDIR /var/cache/ntlmauthhandler
        SetEnv SAMBA_HOST 127.0.0.1
        WSGIPassAuthorization On
        WSGIProcessGroup %{GLOBAL}
        Require all granted
    </Directory>

    ############################
    #### SOGo webmail begin ####
    ############################
    Alias /SOGo.woa/WebServerResources/         /usr/lib/GNUstep/SOGo/WebServerResources/
    Alias /SOGo/WebServerResources/         /usr/lib/GNUstep/SOGo/WebServerResources/
    AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*)         /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2

    <Directory /usr/lib/GNUstep/SOGo/>
        AllowOverride None
        Require all granted

        # Explicitly allow caching of static content to avoid browser specific
        # behavior. A resource URL MUST change in order to have the client
        # load the new version.
        <IfModule expires_module>
            ExpiresActive On
            ExpiresDefault "access plus 1 year"
        </IfModule>
    </Directory>

    <LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
        SetHandler default-handler
    </LocationMatch>

    ## Uncomment the following to enable proxy-side authentication, you will then
    ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
    ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
    ## below.
    #<Location /SOGo>
    #  AuthType XXX
    #  Require valid-user
    #  SetEnv proxy-nokeepalive 1
    #  Allow from all
    #</Location>
    ProxyRequests Off
    SetEnv proxy-nokeepalive 1
    ProxyPreserveHost On

    # When using CAS, you should uncomment this and install cas-proxy-validate.py
    # in /usr/lib/cgi-bin to reduce server overloading
    #
    # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
    #   Order deny,allow
    #   Allow from your-cas-host-addr
    # </Proxy>

    ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
    ProxyPass /sogo/ http://127.0.0.1:20000/SOGo
    ProxyPass /sogo http://127.0.0.1:20000/SOGo
    ProxyPass /webmail/ http://127.0.0.1:20000/SOGo
    ProxyPass /webmail http://127.0.0.1:20000/SOGo
    ProxyPass /_debug http://127.0.0.1:5000/_debug retry=0

        ## When using proxy-side autentication, you need to uncomment and
        ## adjust the following line:
        #  RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
        RequestHeader set "x-webobjects-server-url" "https://%{REQUEST_HOST}e:443"
        SetEnvIf Host "(.*):?" REQUEST_HOST=$1
        AddDefaultCharset UTF-8
        Require all granted
    </Proxy>

    # For apple autoconfiguration
    <IfModule rewrite_module>
        RewriteEngine On
        RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
    </IfModule>

    CustomLog ${APACHE_LOG_DIR}/ocsmanager-access.log combined
    ErrorLog ${APACHE_LOG_DIR}/ocsmanager-error.log
</VirtualHost>




##################################################################
##################################################################
##################################################################






<VirtualHost *:80>
    ServerAlias mysecondsite.com
    DocumentRoot /var/www/mysecondsite.com
        <Directory /var/www/mysecondsite.com>
                Require all granted
        </Directory>
</VirtualHost>

<Virtualhost *:443>
ServerAlias mysecondsite.com

SSLCertificateFile /etc/apache2/ssl/www_mysecondsite_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www_mysecondsite_com.key
SSLCACertificateFile /etc/apache2/ssl/comodo-rsa-domain-validation-sha-2-w-root.ca-bundle
SSLEngine on
SSLProxyEngine on
ProxyPassInherit off
ProxyPreserveHost on
SetEnv proxy-nokeepalive 1


### I have tried every permutation of the proxy directives, that I can think of. Nothing works to load the .css. 

ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
ProxyPassReverse /SOGo http://127.0.0.1:20000/SOGo #with or without, this directive makes no difference
ProxyPass /sogo/ http://127.0.0.1:20000/SOGo
ProxyPass /webmail/ http://127.0.0.1:20000/SOGo
ProxyPass /webmail http://127.0.0.1:20000/SOGo
ProxyPass /_debug http://127.0.0.1:5000/_debug retry=0
ProxyPass /SOGo.woa http://127.0.0.1:20000/SOGo.woa
ProxyPassReverse /SOGo.woa http://127.0.0.1:20000/SOGo.woa #with or without, this directive makes no difference

#This proxy directive has been modified from the original, but it makes no difference.

<IfModule headers_module>
  RequestHeader set "x-webobjects-server-port" "443"
  RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e" env=HTTP_HOST
  RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e" env=HTTP_HOST
  RequestHeader unset "x-webobjects-remote-user"
  RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
</IfModule>
</Proxy>

    CustomLog ${APACHE_LOG_DIR}/acr-ocsmanager-access.log combined
    ErrorLog ${APACHE_LOG_DIR}/acr-ocsmanager-error.log

</VirtualHost>
Modify message




  • [SOGo] Second Host on SOGo/Zentyal Server, Kevin Smith, 07/27/2017

Archive powered by MHonArc 2.6.18.

Top of page