kopano-docker/kweb/kweb.cfg

:8080 {
    redir / https://{host}{uri}
}

*, :8443 {
    log stdout
    errors stdout

    gzip
    header / Server kweb

    tls {%EMAIL%}

    limits {
        header 1MB
        body   50MB
    }

    redir 302 {
        if {path} is /
        / /webapp/
    }

    # Config
    configjson /api/config/v1/kopano/ config/kopano

    # Konnect
    proxy /upstreams/konnect/ {
        without /upstreams/konnect/
        upstream kopano_konnect:8777
        policy least_conn
        health_check /health-check
        fail_timeout 10s
        try_duration 30s
        keepalive 100
        transparent
        header_downstream Feature-Policy "midi 'none'"
        header_downstream X-Frame-Options "sameorigin"
    }
    ratelimit * 100 200 minute {
        /upstreams/konnect/v1/
        /signin/v1/identifier/_/
        whitelist 127.0.0.1/8
    }
    rewrite /.well-known/openid-configuration {
        to /upstreams/konnect/{path}
    }
    rewrite /konnect/v1/ {
        to /upstreams/konnect/{path}
    }
    rewrite /signin/v1/ {
        to /upstreams/konnect/{path}
    }
    redir /signin /signin/v1/identifier

    # Kapi
    proxy /upstreams/kapi/ {
        without /upstreams/kapi/
        upstream kopano_kapi:8039
        policy least_conn
        health_check /health-check
        fail_timeout 10s
        try_duration 30s
        keepalive 100
        transparent
        websocket
    }
    ratelimit * 100 200 minute {
        /upstreams/kapi/api/
        whitelist 127.0.0.1/8
    }
    rewrite /api/gc/v1/ {
        to /upstreams/kapi/{path}
    }
    rewrite /api/pubs/v1/ {
        to /upstreams/kapi/{path}
    }
    rewrite /api/kvs/v1/ {
        to /upstreams/kapi/{path}
    }

    # playground for oidc
    proxy /oidc-playground/ http://kopano_playground:8888/ {
        fail_timeout 10s
        try_duration 30s
        transparent
        keepalive 100
    }
    folderish /oidc-playground

    # playground for Kapi
    proxy /kapi-playground/ http://kopano_playground:8888/ {
        fail_timeout 10s
        try_duration 30s
        transparent
        keepalive 100
    }
    folderish /kapi-playground

    proxy /webapp/ kopano_webapp:80 {
        fail_timeout 10s
        try_duration 30s
        transparent
        keepalive 100
    }
    folderish /webapp

    proxy /Microsoft-Server-ActiveSync kopano_zpush:80 {
        transparent
        keepalive 0
        timeout 3540s
    }

    proxy /AutoDiscover/AutoDiscover.xml kopano_zpush:80 {
        transparent
        keepalive 0
        fail_timeout 10s
        try_duration 30s
    }

    proxy /ldap-admin/ ldap-admin:80 {
        without /ldap-admin
        transparent
    }
    redir /ldap-admin /ldap-admin/
}