Tag: ssl

1. Tukar port HTTPS Citadel ke 2001 dengan arahan

   dpkg-reconfigure citadel-webcit

2. Pasang SSL truecrypt dengan merujuk kepada artikel https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
3. Edit /etc/nginx/sites-enabled/citadel seperti berikut:

   [code lang=’plain’]
   server {

   server_name domain.com citadel.domain.com;
   listen 443 ssl http2;
   listen [::]:443 ssl http2;
   include snippets/ssl-domain.com.conf;
   include snippets/ssl-params.conf;

   error_log /var/log/nginx/citadel-error.log;
   access_log /var/log/nginx/citadel-access.log;

   root /usr/share/citadel-webcit;
   # optional:
   # listen 192.168.1.1:443
   # instead depending on your setup…
   # Main location
   location /webcit/ {
   proxy_pass https://127.0.0.1:2001/;
   proxy_redirect off;

   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

   client_max_body_size 10m;
   client_body_buffer_size 128k;

   proxy_connect_timeout 90;
   proxy_send_timeout 90;
   proxy_read_timeout 90;

   proxy_buffer_size 4k;
   proxy_buffers 4 32k;
   proxy_busy_buffers_size 64k;
   proxy_temp_file_write_size 64k;
   }
   location /listsub/ {
   proxy_pass https://127.0.0.1:2001;
   proxy_redirect off;

   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

   client_max_body_size 10m;
   client_body_buffer_size 128k;

   proxy_connect_timeout 90;
   proxy_send_timeout 90;
   proxy_read_timeout 90;

   proxy_buffer_size 4k;
   proxy_buffers 4 32k;
   proxy_busy_buffers_size 64k;
   proxy_temp_file_write_size 64k;
   }
   location /groupdav/ {
   proxy_pass https://127.0.0.1:2001/;
   proxy_redirect off;

   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

   client_max_body_size 10m;
   client_body_buffer_size 128k;

   proxy_connect_timeout 90;
   proxy_send_timeout 90;
   proxy_read_timeout 90;

   proxy_buffer_size 4k;
   proxy_buffers 4 32k;
   proxy_busy_buffers_size 64k;
   proxy_temp_file_write_size 64k;
   }
   location /freebusy/ {
   proxy_pass https://127.0.0.1:2001/;
   proxy_redirect off;

   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

   client_max_body_size 10m;
   client_body_buffer_size 128k;

   proxy_connect_timeout 90;
   proxy_send_timeout 90;
   proxy_read_timeout 90;

   proxy_buffer_size 4k;
   proxy_buffers 4 32k;
   proxy_busy_buffers_size 64k;
   proxy_temp_file_write_size 64k;
   }
   }[/code]

Sumber:
http://www.citadel.org/doku.php/faq:installation:apacheproxy
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04