flywithu/kopano-docker
1
0
Fork 0
mirror of https://github.com/zokradonh/kopano-docker synced 2025-06-06 15:36:40 +00:00
Code Issues Releases Wiki Activity
kopano-docker/web/README.md
Felix Bartels 045ca52d79
fallback to a hardcoded value in case FQDNCLEANED is not set (#443) 
* fallback to a hardcoded value in case FQDNCLEANED is not set
* strip ports in kweb startup script
2020-09-15 11:29:41 +02:00

2.6 KiB
Raw Permalink Blame History

Kopano Web image

Reverse Proxy to securely and with as less configuration effort as possible expose Kopano to the public internet.

In its default configuration this container will redirect requests to the root of the domain (so for example when opening https://kopano.demo/ in a browser) to https://kopano.demo/webapp. To redirect to a different path the environment variable DEFAULTREDIRECT needs to be configured.

Example:

# the following value needs to be added to .env
DEFAULTREDIRECT=/meet

Serving additional files

Kweb in the Web container can easily be extended to serve static content. By default it will serve all content that has been copied into /var/www/. To extend the built in configuration file just add an additional file into /etc/kweb-extras/. Kweb is using the Caddyfile syntax.

Using existing ssl certificates

By default this container will use automatic tls certificates provided by Let's Encrypt. This can be influenced through the following environment variables:

# 1. Automatic certificate from Let's Encrypt
TLS_MODE=tls_auto
EMAIL=example@example.com

# 2. Custom certificate and key
TLS_MODE=tls_custom
TLS_CERT=/src/ssl/cert.pem
TLS_KEY=/src/ssl/key.pem

# 3. Self signed certificate (FOR DEBUGGING)
TLS_MODE=tls_selfsigned

# 4. Disable TLS entirely
TLS_MODE=tls_off

Using a reverse proxy in front of this container

In case there is already an ssl terminating proxy in the network this container can be switched to plain http by either setting EMAIL=off or TLS_MODE=tls_off.

In addition to this the default docker-compose.yml has a tweak to route all traffic for the configured domain through this container. This route needs to be changed when this container is only offering http access by removing FQDNCLEANED from .env.

When using an external reverse proxy it is recommended to proxy connections to port 2015 of this container. Additionally connections to /api/kwm/v2/rtm/websocket need to be upgraded to websocket connections.

Information needed when not running your own reverse proxy

The kopano_webapp container is accessible on port 9080 and serves the WebApp on /webapp.