NGINX Configuration Directive Reference: Difference between revisions

mNo edit summary
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{Article Infobox|{{admin}}||{{ZCS 8.5}}||{{ZCS 8.0}}|}}Almost all the configuration directives for Zimbra NGINX Proxy are controlled by LDAP attributes, and in some cases, by LocalConfig values. To simplify the Proxy Configuration, the NGINX Proxy Configuration Generator reads these LDAP/LocalConfig values, and generates the Proxy configuration files. To allow more flexibility to the process of config generation, the Config Generator reads in a set of template files, substitutes certain keywords with the actual values from LDAP/LocalConfig, and generates the configuration files for use with NGINX.
#REDIRECT [[Advance_Topics_For_Zimbra_Proxy_-_Configuration_And_Template_Files_And_Proxy_Related_Variables#Nginx_Configuration_Directive_Reference_Introduction]]
 
Both, the Proxy configuration files, and the Proxy configuration templates, are hierarchical in nature, which means that a main, top-level configuration file or template, includes other configuration files or templates respectively. Refer to the [[NGINX Configuration Structure]] for the Proxy Configuration Inclusion Hierarchy
 
== Nginx Configuration Directive Reference INtroduction ==
 
Almost all the configuration directives for Zimbra NGINX Proxy are controlled by LDAP attributes, and in some cases, by LocalConfig values. To simplify the Proxy Configuration, the NGINX Proxy Configuration Generator reads these LDAP/LocalConfig values, and generates the Proxy configuration files. To allow more flexibility to the process of config generation, the Config Generator reads in a set of template files, substitutes certain keywords with the actual values from LDAP/LocalConfig, and generates the configuration files for use with NGINX.
 
Both, the Proxy configuration files, and the Proxy configuration templates, are hierarchical in nature, which means that a main, top-level configuration file or template, includes other configuration files or templates respectively. Refer to the [[NGINX Configuration Structure]] for the Proxy Configuration Inclusion Hierarchy
 
=== Configuration Keywords ===
 
 
==== core.workdir ====
 
----
  NGINX Keyword:        core.workdir
  Description:          Working Directory for NGINX worker processes
  Controlling Attribute: (none)
  Default Value:        /opt/zimbra
  Config Text:          /opt/zimbra
  How to modify:        N/A
 
==== core.includes ====
 
----
  NGINX Keyword:        core.includes
  Description:          Include directory (relative to ${core.workdir}/conf) containing sub-configuration files
  Controlling Attribute: (none)
  Default Value:        nginx/includes
  Config Text:          nginx/includes
  How to modify:        N/A
 
==== core.cprefix ====
 
----
  NGINX Keyword:        core.cprefix
  Description:          Common config file prefix
  Controlling Attribute: (none)
  Default Value:        nginx.conf
  Config Text:          nginx.conf
  How to modify:        N/A
 
==== core.tprefix ====
 
----
  NGINX Keyword:        core.tprefix
  Description:          Common template file prefix
  Controlling Attribute: (none)
  Default Value:        nginx.conf
  Config Text:          nginx.conf
  How to modify:        N/A
 
==== core.ipv4only.enabled ====
 
----
  NGINX Keyword:        core.ipv4only.enabled
  Description:              Whether ipv4 is enabled for the proxy or not (based on zimbraIPMode)
  Controlling Attribute: (none)
  Default Value:            false
  Config Text:              N/A
  How to modify:          N/A
 
==== core.ipv6only.enabled ====
 
----
  NGINX Keyword:        core.ipv6only.enabled
  Description:            Whether ipv6 is enabled for the proxy or not (based on zimbraIPMode)
  Controlling Attribute: (none)
  Default Value:        false
  Config Text:            N/A
  How to modify:        N/A
 
==== core.ipboth.enabled ====
 
----
  NGINX Keyword:        core.ipboth.enabled
  Description:            Whether ipv4 & ipv6 both are enabled for the proxy or not (based on zimbraIPMode)
  Controlling Attribute: (none)
  Default Value:        true
  Config Text:            N/A
  How to modify:        N/A
 
==== mail.:auth_http ====
 
----
  NGINX Keyword:        mail.:auth_http
  Description:          List of mail route lookup handlers (i.e. servers for which zimbraReverseProxyLookupTarget is true)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7072]
  Config Text:              auth_http  <server>:7072/service/extension/nginx-lookup;
  How to modify:        zmprov ms <server> zimbraReverseProxyLookupTarget TRUE      // to add a server to route-lookup list
                        zmprov ms <server> zimbraReverseProxyLookupTarget FALSE      // to remove a server from route-lookup list
 
==== mail.authwait ====
 
----
  NGINX Keyword:        mail.authwait
  Description:          Time delay (ms) after which an incorrect POP/IMAP login attempt will be rejected
  Controlling Attribute: zimbraReverseProxyAuthWaitInterval
  Default Value:        10000
  Config Text:          10000ms
  How to modify:        zmprov mcf zimbraReverseProxyAuthWaitInterval 15s            // s=seconds, m=minutes, h=hours, d=days
 
==== mail.defaultrealm ====
 
----
  NGINX Keyword:        mail.defaultrealm
  Description:          Default SASL realm used in case Kerberos principal does not contain realm information
  Controlling Attribute: zimbraReverseProxyDefaultRealm
  Default Value:       
  Config Text:         
  How to modify:        zmprov ms <server> zimbraReverseProxyDefaultRealm MYREALM.COM
 
==== mail.dpasswd ====
 
----
  NGINX Keyword:        mail.dpasswd
  Description:          Password for master credentials used by NGINX to log in to upstream for GSSAPI authentication
  Controlling Attribute: ldap_nginx_password
  Default Value:        zmnginx
  Config Text:          zmnginx
  How to modify:        N/A
 
==== mail.enabled ====
 
----
  NGINX Keyword:        mail.enabled
  Description:          Indicates whether Mail Proxy is enabled
  Controlling Attribute: zimbraReverseProxyMailEnabled
  Default Value:        true
  Config Text:         
  How to modify:        zmprov ms <server> zimbraReverseProxyMailEnabled FALSE
 
==== mail.imap.authgssapi.enabled ====
 
----
  NGINX Keyword:        mail.imap.authgssapi.enabled
  Description:          Whether SASL GSSAPI is enabled for IMAP
  Controlling Attribute: zimbraReverseProxyImapSaslGssapiEnabled
  Default Value:        false
  Config Text:         
  How to modify:        zmprov ms <server> zimbraReverseProxyImapSaslGssapiEnabled TRUE
 
==== mail.imap.authplain.enabled ====
 
----
  NGINX Keyword:        mail.imap.authplain.enabled
  Description:          Whether SASL PLAIN is enabled for IMAP
  Controlling Attribute: zimbraReverseProxyImapSaslPlainEnabled
  Default Value:        true
  Config Text:         
  How to modify:        zmprov ms <server> zimbraReverseProxyImapSaslPlainEnabled FALSE
 
==== mail.imap.greeting ====
 
----
  NGINX Keyword:        mail.imap.greeting
  Description:          Proxy IMAP banner message (contains build version if zimbraReverseProxyImapExposeVersionOnBanner is true)
  Controlling Attribute: zimbraReverseProxyPop3ExposeVersionOnBanner
  Default Value:       
  Config Text:         
  How to modify:        zmprov ms zimbraReverseProxyPop3ExposeVersionOnBanner TRUE
 
==== mail.imap.literalauth ====
 
----
  NGINX Keyword:        mail.imap.literalauth
  Description:          Whether NGINX uses literal strings for user name/password when logging in to upstream IMAP server - if false, NGINX uses quoted strings
  Controlling Attribute: (none)
  Default Value:        true
  Config Text:          on
  How to modify:        N/A
 
==== mail.imap.port ====
 
----
  NGINX Keyword:        mail.imap.port
  Description:          Mail Proxy IMAP Port
  Controlling Attribute: zimbraImapProxyBindPort
  Default Value:        143
  Config Text:          143
  How to modify:        N/A
 
==== mail.imap.tls ====
 
----
  NGINX Keyword:        mail.imap.tls
  Description:          TLS support for IMAP - can be on|off|only - on indicates TLS support present, off indicates TLS support absent, only indicates TLS is enforced on unsecure channel
  Controlling Attribute: zimbraReverseProxyImapStartTlsMode
  Default Value:        only
  Config Text:          on
  How to modify:        N/A
 
==== mail.imapcapa ====
 
----
  NGINX Keyword:        mail.imapcapa
  Description:          IMAP Capability List
  Controlling Attribute: zimbraReverseProxyImapEnabledCapability
  Default Value:        []
  Current Value:        [ACL, BINARY, CATENATE, CHILDREN, CONDSTORE, ENABLE, ESEARCH, ESORT, I18NLEVEL=1, ID, IDLE, IMAP4rev1, LIST-EXTENDED, LITERAL+, MULTIAPPEND, NAMESPACE, QRESYNC, QUOTA, RIGHTS=ektx, SASL-IR, SEARCHRES, SORT, THREAD=ORDEREDSUBJECT, UIDPLUS, UNSELECT, WITHIN]
  Config Text:            "ACL" "BINARY" "CATENATE" "CHILDREN" "CONDSTORE" "ENABLE" "ESEARCH" "ESORT" "I18NLEVEL=1" "ID" "IDLE" "IMAP4rev1" "LIST-EXTENDED" "LITERAL+" "MULTIAPPEND" "NAMESPACE" "QRESYNC" "QUOTA" "RIGHTS=ektx" "SASL-IR" "SEARCHRES" "SORT" "THREAD=ORDEREDSUBJECT" "UIDPLUS" "UNSELECT" "WITHIN"
  How to modify:        N/A
 
==== mail.imapid ====
 
----
  NGINX Keyword:        mail.imapid
  Description:          NGINX response to IMAP ID command
  Controlling Attribute: (none)
  Default Value:        "NAME" "Zimbra" "VERSION" "5.0" "RELEASE" "zimbra"
  Current Value:        "NAME" "Zimbra" "VERSION" "5.0" "RELEASE" "zimbra"
  Config Text:          "NAME" "Zimbra" "VERSION" "5.0" "RELEASE" "zimbra"
  How to modify:        N/A
 
==== mail.imaps.port ====
 
----
  NGINX Keyword:        mail.imaps.port
  Description:          Mail Proxy IMAPS Port
  Controlling Attribute: zimbraImapSSLProxyBindPort
  Default Value:        993
  Config Text:          993
  How to modify:        N/A
 
==== mail.ipmax ====
 
----
  NGINX Keyword:        mail.ipmax
  Description:          IP Login Limit (Throttle) - 0 means infinity
  Controlling Attribute: zimbraReverseProxyIPLoginLimit
  Default Value:        0
  Config Text:          0
  How to modify:        N/A
 
==== mail.iprej ====
 
----
  NGINX Keyword:        mail.iprej
  Description:          Rejection message for IP throttle
  Controlling Attribute: zimbraReverseProxyIpThrottleMsg
  Default Value:        Login rejected from this IP
  Config Text:          Login rejected from this IP
  How to modify:        N/A
 
==== mail.ipttl ====
 
----
  NGINX Keyword:        mail.ipttl
  Description:          Time interval (ms) after which IP Login Counter is reset
  Controlling Attribute: zimbraReverseProxyIPLoginLimitTime
  Default Value:        3600000
  Config Text:          3600000ms
  How to modify:        N/A
 
==== mail.passerrors ====
 
----
  NGINX Keyword:        mail.passerrors
  Description:          Indicates whether mail proxy will pass any protocol specific errors from the upstream server back to the downstream client
  Controlling Attribute: zimbraReverseProxyPassErrors
  Default Value:        true
  Config Text:          on
  How to modify:        N/A
 
==== mail.pop3.authgssapi.enabled ====
 
----
  NGINX Keyword:        mail.pop3.authgssapi.enabled
  Description:          Whether SASL GSSAPI is enabled for POP3
  Controlling Attribute: zimbraReverseProxyPop3SaslGssapiEnabled
  Default Value:        false
  Config Text:         
  How to modify:        N/A
 
==== mail.pop3.authplain.enabled ====
 
----
  NGINX Keyword:        mail.pop3.authplain.enabled
  Description:          Whether SASL PLAIN is enabled for POP3
  Controlling Attribute: zimbraReverseProxyPop3SaslPlainEnabled
  Default Value:        true
  Config Text:         
  How to modify:        N/A
 
==== mail.pop3.greeting ====
 
----
  NGINX Keyword:        mail.pop3.greeting
  Description:          Proxy POP3 banner message (contains build version if zimbraReverseProxyPop3ExposeVersionOnBanner is true)
  Controlling Attribute: zimbraReverseProxyPop3ExposeVersionOnBanner
  Default Value:       
  Config Text:         
  How to modify:        N/A
 
==== mail.pop3.port ====
 
----
  NGINX Keyword:        mail.pop3.port
  Description:          Mail Proxy POP3 Port
  Controlling Attribute: zimbraPop3ProxyBindPort
  Default Value:        110
  Config Text:          110
  How to modify:        N/A
 
==== mail.pop3.tls ====
 
----
  NGINX Keyword:        mail.pop3.tls
  Description:          TLS support for POP3 - can be on|off|only - on indicates TLS support present, off indicates TLS support absent, only indicates TLS is enforced on unsecure channel
  Controlling Attribute: zimbraReverseProxyPop3StartTlsMode
  Default Value:        only
  Config Text:          on
  How to modify:        N/A
 
==== mail.pop3capa ====
 
----
  NGINX Keyword:        mail.pop3capa
  Description:          POP3 Capability List
  Controlling Attribute: zimbraReverseProxyPop3EnabledCapability
  Default Value:        []
  Current Value:        [EXPIRE 31 USER, TOP, UIDL, USER, XOIP]
  Config Text:            "EXPIRE 31 USER" "TOP" "UIDL" "USER" "XOIP"
  How to modify:        N/A
 
==== mail.pop3s.port ====
 
----
  NGINX Keyword:        mail.pop3s.port
  Description:          Mail Proxy POP3S Port
  Controlling Attribute: zimbraPop3SSLProxyBindPort
  Default Value:        995
  Config Text:          995
  How to modify:        N/A
 
==== mail.sasl_host_from_ip ====
 
----
  NGINX Keyword:        mail.sasl_host_from_ip
  Description:          Whether to use incoming interface IP address to determine service principal name (if true, IP address is reverse mapped to DNS name, else host name of proxy is used)
  Controlling Attribute: krb5_service_principal_from_interface_address
  Default Value:        false
  Config Text:          off
  How to modify:        N/A
 
==== mail.saslapp ====
 
----
  NGINX Keyword:        mail.saslapp
  Description:          Application name used by NGINX to initialize SASL authentication
  Controlling Attribute: (none)
  Default Value:        nginx
  Config Text:          nginx
  How to modify:        N/A
 
==== mail.ssl.cert ====
 
----
  NGINX Keyword:        mail.ssl.cert
  Description:          Mail Proxy SSL certificate file
  Controlling Attribute: (none)
  Default Value:        /opt/zimbra/conf/nginx.crt
  Config Text:          /opt/zimbra/conf/nginx.crt
  How to modify:        N/A
 
==== mail.ssl.ciphers ====
 
----
  NGINX Keyword:        mail.ssl.ciphers
  Description:          Permitted ciphers for mail proxy
  Controlling Attribute: zimbraReverseProxySSLCiphers
  Default Value:        !SSLv2:!MD5:HIGH
  Config Text:          !SSLv2:!MD5:HIGH
  How to modify:        N/A
 
==== mail.ssl.key ====
 
----
  NGINX Keyword:        mail.ssl.key
  Description:          Mail Proxy SSL certificate key
  Controlling Attribute: (none)
  Default Value:        /opt/zimbra/conf/nginx.key
  Config Text:          /opt/zimbra/conf/nginx.key
  How to modify:        N/A
 
==== mail.ssl.preferserverciphers ====
 
----
  NGINX Keyword:        mail.ssl.preferserverciphers
  Description:          Requires protocols SSLv3 and TLSv1 server ciphers be preferred over the client's ciphers
  Controlling Attribute: (none)
  Default Value:        true
  Config Text:          on
  How to modify:        N/A
 
==== mail.timeout ====
 
----
  NGINX Keyword:        mail.timeout
  Description:          Time interval (ms) after which, if a POP/IMAP connection is inactive, it will be automatically disconnected
  Controlling Attribute: zimbraReverseProxyInactivityTimeout
  Default Value:        3600000
  Config Text:          3600000ms
  How to modify:        N/A
 
==== mail.upstream.imapid ====
 
----
  NGINX Keyword:        mail.upstream.imapid
  Description:          Whether NGINX issues the IMAP ID command to the upstream server prior to logging in (audit purpose)
  Controlling Attribute: zimbraReverseProxySendImapId
  Default Value:        true
  Config Text:          on
  How to modify:        N/A
 
==== mail.upstream.pop3xoip ====
 
----
  NGINX Keyword:        mail.upstream.pop3xoip
  Description:          Whether NGINX issues the POP3 XOIP command to the upstream server prior to logging in (audit purpose)
  Controlling Attribute: zimbraReverseProxySendPop3Xoip
  Default Value:        true
  Config Text:          on
  How to modify:        N/A
 
==== mail.usermax ====
 
----
  NGINX Keyword:        mail.usermax
  Description:          User Login Limit (Throttle) - 0 means infinity
  Controlling Attribute: zimbraReverseProxyUserLoginLimit
  Default Value:        0
  Config Text:          0
  How to modify:        N/A
 
==== mail.userrej ====
 
----
  NGINX Keyword:        mail.userrej
  Description:          Rejection message for User throttle
  Controlling Attribute: zimbraReverseProxyUserThrottleMsg
  Default Value:        Login rejected for this user
  Config Text:          Login rejected for this user
  How to modify:        N/A
 
==== mail.userttl ====
 
----
  NGINX Keyword:        mail.userttl
  Description:          Time interval (ms) after which User Login Counter is reset
  Controlling Attribute: zimbraReverseProxyUserLoginLimitTime
  Default Value:        3600000
  Config Text:          3600000ms
  How to modify:        N/A
 
==== main.connections ====
 
----
  NGINX Keyword:        main.connections
  Description:          Maximum number of simultaneous connections per worker process
  Controlling Attribute: zimbraReverseProxyWorkerConnections
  Default Value:        10240
  Config Text:          10240
  How to modify:        N/A
 
==== main.group ====
 
----
  NGINX Keyword:        main.group
  Description:          The group as which the worker processes will run
  Controlling Attribute: (none)
  Default Value:        zimbra
  Config Text:          zimbra
  How to modify:        N/A
 
==== main.krb5keytab ====
 
----
  NGINX Keyword:        main.krb5keytab
  Description:          Path to kerberos keytab file used for GSSAPI authentication
  Controlling Attribute: krb5_keytab
  Default Value:        /opt/zimbra/conf/krb5.keytab
  Config Text:          /opt/zimbra/conf/krb5.keytab
  How to modify:        N/A
 
==== main.logfile ====
 
----
  NGINX Keyword:        main.logfile
  Description:          Log file path (relative to ${core.workdir})
  Controlling Attribute: (none)
  Default Value:        log/nginx.log
  Config Text:          log/nginx.log
  How to modify:        N/A
 
==== main.loglevel ====
 
----
  NGINX Keyword:        main.loglevel
  Description:          Log level - can be debug|info|notice|warn|error|crit
  Controlling Attribute: zimbraReverseProxyLogLevel
  Default Value:        info
  Config Text:          info
  How to modify:        N/A
 
==== main.pidfile ====
 
----
  NGINX Keyword:        main.pidfile
  Description:          PID file path (relative to ${core.workdir})
  Controlling Attribute: (none)
  Default Value:        log/nginx.pid
  Config Text:          log/nginx.pid
  How to modify:        N/A
 
==== main.user ====
 
----
  NGINX Keyword:        main.user
  Description:          The user as which the worker processes will run
  Controlling Attribute: (none)
  Default Value:        zimbra
  Config Text:          zimbra
  How to modify:        N/A
 
==== main.workers ====
 
----
  NGINX Keyword:        main.workers
  Description:          Number of worker processes
  Controlling Attribute: zimbraReverseProxyWorkerProcesses
  Default Value:        4
  Config Text:          4
  How to modify:        N/A
 
==== memcache.:servers ====
 
----
  NGINX Keyword:        memcache.:servers
  Description:          List of known memcache servers (i.e. servers having imapproxy service enabled)
  Controlling Attribute: (none)
  Default Value:        []
  Current Value:        [<server>:11211]
  Config Text:            servers  <server>:11211;
  How to modify:        N/A
 
==== memcache.reconnect ====
 
----
  NGINX Keyword:        memcache.reconnect
  Description:          Time (ms) after which NGINX will attempt to re-establish a broken connection to a memcache server
  Controlling Attribute: zimbraReverseProxyCacheReconnectInterval
  Default Value:        60000
  Config Text:          60000ms
  How to modify:        N/A
 
==== memcache.timeout ====
 
----
  NGINX Keyword:        memcache.timeout
  Description:          Time (ms) given to a cache-fetch operation to complete
  Controlling Attribute: zimbraReverseProxyCacheFetchTimeout
  Default Value:        3000
  Config Text:          3000ms
  How to modify:        N/A
 
==== memcache.ttl ====
 
----
  NGINX Keyword:        memcache.ttl
  Description:          Time interval (ms) for which cached entries remain in memcache
  Controlling Attribute: zimbraReverseProxyCacheEntryTTL
  Default Value:        3600000
  Config Text:          3600000ms
  How to modify:        N/A
 
==== memcache.unqual ====
 
----
  NGINX Keyword:        memcache.unqual
  Description:          Deprecated - always set to false
  Controlling Attribute: (none)
  Default Value:        false
  Config Text:          off
  How to modify:        N/A
 
==== web.:routehandlers ====
 
----
  NGINX Keyword:        web.:routehandlers
  Description:          List of web route lookup handlers (i.e. servers for which zimbraReverseProxyLookupTarget is true)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7072]
  Config Text:              zmroutehandlers  <server>:7072/service/extension/nginx-lookup;
  How to modify:        N/A
 
==== web.enabled ====
 
----
  NGINX Keyword:        web.enabled
  Description:          Indicates whether HTTP proxying is enabled
  Controlling Attribute: zimbraReverseProxyHttpEnabled
  Default Value:        false
  Config Text:         
  How to modify:        N/A
 
==== web.http.enabled ====
 
----
  NGINX Keyword:        web.http.enabled
  Description:          Indicates whether HTTP Proxy will accept connections on HTTP (true unless zimbraReverseProxyMailMode is 'https')
  Controlling Attribute: (none)
  Default Value:        true
  Config Text:         
  How to modify:        N/A
 
==== web.http.maxbody ====
 
----
  NGINX Keyword:        web.http.maxbody
  Description:          Maximum accepted client request body size (indicated by Content-Length) - if content length exceeds this limit, then request fails with HTTP 413
  Controlling Attribute: zimbraFileUploadMaxSize
  Default Value:        10485760
  Config Text:          10485760
  How to modify:        N/A
 
==== web.http.port ====
 
----
  NGINX Keyword:        web.http.port
  Description:          Web Proxy HTTP Port
  Controlling Attribute: zimbraMailProxyPort
  Default Value:        0
  Config Text:          80
  How to modify:        N/A
 
==== web.http.uport ====
 
----
  NGINX Keyword:        web.http.uport
  Description:          Web upstream server port
  Controlling Attribute: zimbraMailPort
  Default Value:        80
  Config Text:          7070
  How to modify:        N/A
 
==== web.https.enabled ====
 
----
  NGINX Keyword:        web.https.enabled
  Description:          Indicates whether HTTP Proxy will accept connections on HTTPS (true unless zimbraReverseProxyMailMode is 'http')
  Controlling Attribute: (none)
  Default Value:        true
  Config Text:         
  How to modify:        N/A
 
==== web.https.maxbody ====
 
----
  NGINX Keyword:        web.https.maxbody
  Description:          Maximum accepted client request body size (indicated by Content-Length) - if content length exceeds this limit, then request fails with HTTP 413
  Controlling Attribute: zimbraFileUploadMaxSize
  Default Value:        10485760
  Config Text:          10485760
  How to modify:        N/A
 
==== web.https.port ====
 
----
  NGINX Keyword:        web.https.port
  Description:          Web Proxy HTTPS Port
  Controlling Attribute: zimbraMailSSLProxyPort
  Default Value:        0
  Config Text:          443
  How to modify:        N/A
 
==== web.mailmode ====
 
----
  NGINX Keyword:        web.mailmode
  Description:          Reverse Proxy Mail Mode - can be http|https|both|redirect|mixed
  Controlling Attribute: zimbraReverseProxyMailMode
  Default Value:        both
  Config Text:          mixed
  How to modify:        N/A
 
==== web.routetimeout ====
 
----
  NGINX Keyword:        web.routetimeout
  Description:          Time interval (ms) given to web route lookup handler to respond to route lookup request (after this time elapses, Proxy fails over to next handler, or fails the request if there are no more lookup handlers)
  Controlling Attribute: (none)
  Default Value:        15000
  Config Text:          15000ms
  How to modify:        N/A
 
==== web.ssl.cert ====
 
----
  NGINX Keyword:        web.ssl.cert
  Description:          Web Proxy SSL certificate path
  Controlling Attribute: (none)
  Default Value:        /opt/zimbra/conf/nginx.crt
  Config Text:          /opt/zimbra/conf/nginx.crt
 
==== web.ssl.key ====
 
----
  NGINX Keyword:        web.ssl.key
  Description:          Web Proxy SSL certificate key
  Controlling Attribute: (none)
  Default Value:        /opt/zimbra/conf/nginx.key
  Config Text:          /opt/zimbra/conf/nginx.key
  How to modify:        N/A
 
==== web.uploadmax ====
 
----
  NGINX Keyword:        web.uploadmax
  Description:          Maximum accepted client request body size (indicated by Content-Length) - if content length exceeds this limit, then request fails with HTTP 413
  Controlling Attribute: zimbraFileUploadMaxSize
  Default Value:        10485760
  Config Text:          10485760
  How to modify:        N/A
 
==== web.upstream.webclient:servers ====
 
----
  NGINX Keyword:        web.upstream.webclient:servers
  Description:          List of upstream HTTP webclient servers used by Web Proxy (i.e. webclient servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.upstream.webclient.name ====
 
----
  NGINX Keyword:        web.upstream.webclient.name
  Description:          Symbolic name for HTTP webclient upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_webclient
  Config Text:          zimbra_webclient
  How to modify:        N/A
 
==== web.upstream.:servers ====
 
----
  NGINX Keyword:        web.upstream.:servers
  Description:          List of upstream HTTP servers used by Web Proxy (i.e. mailclient servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.upstream.name ====
 
----
  NGINX Keyword:        web.upstream.name
  Description:          Symbolic name for HTTP mailclient upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra
  Config Text:          zimbra
  How to modify:        N/A
 
==== web.ssl.upstream.webclient:servers ====
 
----
  NGINX Keyword:        web.ssl.upstream.webclient:servers
  Description:          List of upstream HTTPS webclient servers used by Web Proxy (i.e. webclient servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.ssl.upstream.webclient.name ====
 
----
  NGINX Keyword:        web.ssl.upstream.webclient.name
  Description:          Symbolic name for HTTPS webclient upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_ssl_webclient
  Config Text:          zimbra_ssl_webclient
  How to modify:        N/A
 
==== web.ssl.upstream.:servers ====
 
----
  NGINX Keyword:        web.ssl.upstream.:servers
  Description:          List of upstream HTTPS mailclient servers used by Web Proxy (i.e. mailclient servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.ssl.upstream.name ====
 
----
  NGINX Keyword:        web.ssl.upstream.name
  Description:          Symbolic name for HTTP mailclient upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_ssl
  Config Text:          zimbra_ssl
  How to modify:        N/A
 
==== web.admin.upstream.adminclient.:servers ====
 
----
  NGINX Keyword:        web.admin.upstream.adminclient:servers
  Description:          List of upstream admin client servers used by Web Proxy (i.e. adminclient servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7071]
  Config Text:              server  <server>:7071;
  How to modify:        N/A
 
==== web.admin.upstream.adminclient.name ====
 
----
  NGINX Keyword:        web.admin.upstream.adminclient.name
  Description:          Symbolic name for admin client upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_adminclient
  Config Text:          zimbra_adminclient
  How to modify:        N/A
 
==== web.admin.upstream.:servers ====
 
----
  NGINX Keyword:        web.admin.upstream.:servers
  Description:          List of upstream admin servers used by Web Proxy (i.e. admin servers for which zimbraReverseProxyLookupTarget is true, and whose mail mode is http|mixed|both)
  Controlling Attribute: zimbraReverseProxyLookupTarget
  Default Value:        []
  Current Value:        [<server>:7071]
  Config Text:              server  <server>:7071;
  How to modify:        N/A
 
==== web.admin.upstream.name ====
 
----
  NGINX Keyword:        web.admin.upstream.name
  Description:          Symbolic name for admin upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_admin
  Config Text:          zimbra_admin
  How to modify:        N/A
 
==== web.upstream.ewsserver:servers ====
 
----
  NGINX Keyword:        web.upstream.ewsserver:servers
  Description:          List of upstream HTTP EWS servers used by Web Proxy (i.e. servers to which we will proxy EWS requests)
  Controlling Attribute: zimbraReverseProxyUpstreamEwsServers
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.ews.upstream.name ====
 
----
  NGINX Keyword:        web.upstream.name
  Description:          Symbolic name for HTTP EWS upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra
  Config Text:          zimbra
  How to modify:        N/A
 
==== web.ssl.upstream.ewsserver:servers ====
 
----
  NGINX Keyword:        web.ssl.upstream.ewsserver:servers
  Description:          List of upstream HTTPS EWS servers used by Web Proxy (i.e. servers to which we will proxy EWS requests)
  Controlling Attribute: zimbraReverseProxyUpstreamEwsServers
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.ssl.ews.upstream.name ====
 
----
  NGINX Keyword:        web.ssl.upstream.name
  Description:          Symbolic name for HTTPS EWS upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_ssl_ews
  Config Text:          zimbra_ssl_ews
  How to modify:        N/A
 
==== web.upstream.loginserver.:servers ====
 
----
  NGINX Keyword:        web.upstream.loginserver:servers
  Description:          List of upstream HTTP Login servers used by Web Proxy (i.e. servers to which we will proxy login page requests)
  Controlling Attribute: zimbraReverseProxyUpstreamLoginServers
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.login.upstream.name ====
----
  NGINX Keyword:        web.login.upstream.name
  Description:          Symbolic name for HTTP Login upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_login
  Config Text:          zimbra_login
  How to modify:        N/A
 
==== web.ssl.upstream.loginserver.:servers ====
 
----
  NGINX Keyword:        web.ssl.upstream.loginserver:servers
  Description:          List of upstream HTTP Login servers used by Web Proxy (i.e. servers to which we will proxy login page requests)
  Controlling Attribute: zimbraReverseProxyUpstreamLoginServers
  Default Value:        []
  Current Value:        [<server>:7070]
  Config Text:              server  <server>:7070;
  How to modify:        N/A
 
==== web.ssl.login.upstream.name ====
 
----
 
  NGINX Keyword:        web.ssl.login.upstream.name
  Description:          Symbolic name for HTTPS Login upstream cluster
  Controlling Attribute: (none)
  Default Value:        zimbra_ssl_login
  Config Text:          zimbra_ssl_login
  How to modify:        N/A
 
==== max_fails ====
 
----
 
  NGINX Keyword:        max_fails
  Description:          The max number of unsuccessful attempts to connect to the current server (as an upstream).
                        If this number is reached, proxy will refuse to connect to the current server, wait for
                        zimbraMailProxyReconnectTimeout and then try to reconnect. Default value is 1. Setting
                        this to 0 means turning this check off.
  Controlling Attribute: zimbraMailProxyMaxFails
  Default Value:        1
  Config Text:          server    <server hostname>:<port> max_fails=<value>
  How to modify:        zmprov mcf zimbraMailProxyMaxFails <value>
 
==== fail_timeout ====
 
----
 
  NGINX Keyword:        fail_timeout
  Description:          The time in sec that proxy will reconnect the current server (as an upstream) after
                        connection errors happened before
  Controlling Attribute: zimbraMailProxyReconnectTimeout
  Default Value:        60
  Config Text:          server    <server hostname>:<port> fail_timeout=<value>
  How to modify:        zmprov mcf  zimbraMailProxyReconnectTimeout <value>
 
==== version ====
 
----
 
  NGINX Keyword:        version
  Description:          Current version of ZCS installed on this server
  Controlling Attribute: zimbraServerVersion
  Default Value:        None
  Config Text:          server    <server hostname>:<port> version=<value>
  How to modify:        Should not be modified. Set by the installer
 
{{Article Footer|ZCS 8.0 and later|7/23/2014}}
 
[[Category:Proxy]]
[[Category:ZCS 8.0]]

Latest revision as of 18:10, 10 September 2014

Jump to: navigation, search