7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add random masterpass for sogo admin login

Browse Source 
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
This commit is contained in:
Marcel Hofer
2019-02-26 09:02:35 +01:00
parent 937cdadd36
commit dd6d253ac0
7 changed files with 51 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
data/conf/nginx/templates/sogo.auth_request.template.sh
View File

@@ -1,8 +1,10 @@
if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
echo 'auth_request /sogo-auth-verify;
auth_request_set $user $upstream_http_x_username;
proxy_set_header x-webobjects-remote-user $user;
if ($args ~* (.*)(account=(?!0))(.*)) {
return 401;
}'
auth_request_set $user $upstream_http_x_user;
auth_request_set $auth $upstream_http_x_auth;
auth_request_set $auth_type $upstream_http_x_auth_type;
proxy_set_header x-webobjects-remote-user "$user";
proxy_set_header Authorization "$auth";
proxy_set_header x-webobjects-auth-type "$auth_type";
'
fi