git subrepo clone https://github.com/mailcow/mailcow-dockerized.git mailcow/src/mailcow-dockerized

subrepo: subdir:   "mailcow/src/mailcow-dockerized"
  merged:   "a832becb"
upstream: origin:   "https://github.com/mailcow/mailcow-dockerized.git"
  branch:   "master"
  commit:   "a832becb"
git-subrepo: version:  "0.4.3"
  origin:   "???"
  commit:   "???"
Change-Id: If5be2d621a211e164c9b6577adaa7884449f16b5
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_plain.template b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_plain.template
new file mode 100644
index 0000000..a044b22
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_plain.template
@@ -0,0 +1,2 @@
+listen ${HTTP_PORT};
+listen [::]:${HTTP_PORT};
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_ssl.template b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_ssl.template
new file mode 100644
index 0000000..93ec80c
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/listen_ssl.template
@@ -0,0 +1,2 @@
+listen ${HTTPS_PORT} ssl http2;
+listen [::]:${HTTPS_PORT} ssl http2;
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/server_name.template b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/server_name.template
new file mode 100644
index 0000000..261a1ec
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/server_name.template
@@ -0,0 +1 @@
+server_name ${MAILCOW_HOSTNAME} autodiscover.* autoconfig.*;
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sites.template.sh b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sites.template.sh
new file mode 100644
index 0000000..782c814
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sites.template.sh
@@ -0,0 +1,38 @@
+echo '
+server {
+  listen 127.0.0.1:65510;
+  include /etc/nginx/conf.d/listen_plain.active;
+  include /etc/nginx/conf.d/listen_ssl.active;
+
+  ssl_certificate /etc/ssl/mail/cert.pem;
+  ssl_certificate_key /etc/ssl/mail/key.pem;
+
+  include /etc/nginx/conf.d/server_name.active;
+
+  include /etc/nginx/conf.d/includes/site-defaults.conf;
+}
+';
+for cert_dir in /etc/ssl/mail/*/ ; do
+  if [[ ! -f ${cert_dir}domains ]] || [[ ! -f ${cert_dir}cert.pem ]] || [[ ! -f ${cert_dir}key.pem ]]; then
+    continue
+  fi
+  # do not create vhost for default-certificate. the cert is already in the default server listen
+  domains="$(cat ${cert_dir}domains | sed -e 's/^[[:space:]]*//')"
+  case "${domains}" in
+    "") continue;;
+    "${MAILCOW_HOSTNAME}"*) continue;;
+  esac
+  echo -n '
+server {
+  include /etc/nginx/conf.d/listen_ssl.active;
+
+  ssl_certificate '${cert_dir}'cert.pem;
+  ssl_certificate_key '${cert_dir}'key.pem;
+';
+  echo -n '
+  server_name '${domains}';
+
+  include /etc/nginx/conf.d/includes/site-defaults.conf;
+}
+';
+done
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.auth_request.template.sh b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.auth_request.template.sh
new file mode 100644
index 0000000..f6d2d98
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.auth_request.template.sh
@@ -0,0 +1,10 @@
+if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
+    echo 'auth_request /sogo-auth-verify;
+auth_request_set $user $upstream_http_x_user;
+auth_request_set $auth $upstream_http_x_auth;
+auth_request_set $auth_type $upstream_http_x_auth_type;
+proxy_set_header x-webobjects-remote-user "$user";
+proxy_set_header Authorization "$auth";
+proxy_set_header x-webobjects-auth-type "$auth_type";
+'
+fi
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.template b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.template
new file mode 100644
index 0000000..2c08438
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo.template
@@ -0,0 +1 @@
+proxy_pass http://${IPV4_NETWORK}.248:20000;
diff --git a/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo_eas.template.sh b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo_eas.template.sh
new file mode 100644
index 0000000..b241ef0
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/nginx/templates/sogo_eas.template.sh
@@ -0,0 +1,5 @@
+if printf "%s\n" "${SKIP_SOGO}" | grep -E '^([yY][eE][sS]|[yY])+$' >/dev/null; then
+  echo "return 410;"
+else
+  echo "proxy_pass http://${IPV4_NETWORK}.248:20000/SOGo/Microsoft-Server-ActiveSync;"
+fi