i've installed
cd roundcubemail
git log -n1
1 commit e00cd99d65863da5f4e953e1cfbdc49dbbe7c5df (HEAD ->
release-1.4, origin/release-1.4)
2 Author: Aleksander Machniak <[email protected]>
3 Date: Wed Aug 26 19:38:35 2020 +0200
4
5 Update changelog
on
nginx -v
nginx version: nginx/1.19.2 (PGNd Custom Build)
php -v
PHP 7.4.10 (cli) (built: Sep 1 2020 13:58:08) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.10, Copyright (c), by Zend
Technologies
i've also installed/enabled 2FA support,
https://github.com/alexandregz/twofactor_gauthenticator
on direct login to a standalone instance of RC
https://roundcube.example.com
all works as expected.
RC logs, through initial & 2FA login, return
==> /var/log/nginx/roundcubemail/sql.log <==
[18-Sep-2020 10:16:21]: <2375b1ce> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...111';
[18-Sep-2020 10:16:21]: <2375b1ce> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:21]: <2375b1ce> [3] PRAGMA FOREIGN_KEYS=ON;
[18-Sep-2020 10:16:21]: <2375b1ce> [4] SELECT * FROM
carddav_addressbooks WHERE "user_id" = '2';
[18-Sep-2020 10:16:21]: <2375b1ce> [5] UPDATE "session" SET "changed" =
datetime('now'), "vars" = 'abc...de1' WHERE "sess_id" = 'aaa...111';
[18-Sep-2020 10:16:21]: <2375b1ce> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...111';
[18-Sep-2020 10:16:21]: <2375b1ce> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:21]: <2375b1ce> [3] DELETE FROM "session" WHERE
"sess_id" = 'aaa...111';
[18-Sep-2020 10:16:21]: <2375b1ce> [4] INSERT INTO "session"
("sess_id", "vars", "ip", "changed") VALUES ('aaa...111', 'bGF...CI7',
'fd80:10:10::10', datetime('now'));
[18-Sep-2020 10:16:40]: <2375b1ce> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...111';
[18-Sep-2020 10:16:40]: <2375b1ce> [2] DELETE FROM "session" WHERE
"sess_id" = 'aaa...111';
[18-Sep-2020 10:16:40]: <2375b1ce> [3] SELECT * FROM "users" WHERE
"mail_host" = 'back.example.com' AND "username" = '[email protected]';
[18-Sep-2020 10:16:41]: <2375b1ce> [4] UPDATE "users" SET "last_login"
= datetime('now') WHERE "user_id" = '2';
[18-Sep-2020 10:16:41]: <eb5b5c61> [5] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...222';
==> /var/log/nginx/roundcubemail/userlogins.log <==
[18-Sep-2020 10:16:41]: <eb5b5c61> Successful login for
[email protected] (ID: 2) from fd80:10:10::10 in session eb5b5c61d11447e8
==> /var/log/nginx/roundcubemail/sql.log <==
[18-Sep-2020 10:16:41]: <eb5b5c61> [6] INSERT INTO "session"
("sess_id", "vars", "ip", "changed") VALUES ('aaa...222', 'abc...de2==',
'fd80:10:10::10', datetime('now'));
[18-Sep-2020 10:16:53]: <eb5b5c61> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:53]: <eb5b5c61> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:53]: <eb5b5c61> [3] PRAGMA FOREIGN_KEYS=ON;
[18-Sep-2020 10:16:53]: <eb5b5c61> [4] SELECT * FROM
carddav_addressbooks WHERE "user_id" = '2';
[18-Sep-2020 10:16:53]: <eb5b5c61> [5] UPDATE "session" SET "changed" =
datetime('now'), "vars" = 'abc...de3' WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:53]: <eb5b5c61> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:53]: <eb5b5c61> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:53]: <eb5b5c61> [3] PRAGMA FOREIGN_KEYS=ON;
[18-Sep-2020 10:16:53]: <eb5b5c61> [4] SELECT * FROM
carddav_addressbooks WHERE "user_id" = '2';
[18-Sep-2020 10:16:54]: <eb5b5c61> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:54]: <eb5b5c61> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:54]: <eb5b5c61> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:54]: <eb5b5c61> [3] PRAGMA FOREIGN_KEYS=ON;
[18-Sep-2020 10:16:54]: <eb5b5c61> [4] SELECT * FROM
carddav_addressbooks WHERE "user_id" = '2';
[18-Sep-2020 10:16:54]: <eb5b5c61> [2] SELECT * FROM "users" WHERE
"user_id" = '2';
[18-Sep-2020 10:16:54]: <eb5b5c61> [3] PRAGMA FOREIGN_KEYS=ON;
[18-Sep-2020 10:16:54]: <eb5b5c61> [4] SELECT * FROM
carddav_addressbooks WHERE "user_id" = '2';
[18-Sep-2020 10:16:54]: <eb5b5c61> [5] UPDATE "session" SET "changed" =
datetime('now'), "vars" = 'abc...de4==' WHERE "sess_id" = 'aaa...222';
[18-Sep-2020 10:16:54]: <eb5b5c61> [5] UPDATE "session" SET "changed" =
datetime('now'), "vars" = 'abc...de3';
after which I'm 'in' RC ui; fully functional.
if, however, I access RC through nginx setup as a reverse proxy, with front-end
nginx config,
server {
listen [fd80:10:10::10]:443 ssl http2;
server_tokens off;
server_name frontend.example.com;
root /dev/null;
autoindex off;
rewrite_log on;
access_log /var/log/nginx/frontend.access.log main;
error_log /var/log/nginx/frontend.error.log notice;
ssl_verify_client optional;
ssl_verify_depth 2;
ssl_client_certificate "/srv/ssl/ca_chain.crt.pem";
ssl_certificate "/srv/ssl/frontend.server.crt";
ssl_certificate_key "/srv/ssl/frontend.server.key";
location / {
root /srv/nulldir;
try_files $uri $uri/ =404;
}
location /rcmail/ {
proxy_pass https://roundcube.example.com:443/;
proxy_ssl_name roundcube.example.com;
proxy_set_header X-Script-Name /rcmail;
proxy_ssl_verify off;
proxy_ssl_certificate
"/srv/ssl/roundcube.client.crt";
proxy_ssl_certificate_key
"/srv/ssl/roundcube.client.key";
proxy_ssl_trusted_certificate
"/srv/ssl/ca_chain.crt.pem";
access_log /var/log/nginx/frontend.rc.access.log
upstreamlog;
error_log /var/log/nginx/frontend.rc.error.log notice;
include includes/proxy.inc;
}
}
on nav to
https://frontend.example.com/rcmail
I _do_ see the RC login, as before, at the frontend URI ...
but, when I enter 1st-factor credentials & submit, i simply loop back to the
same RC login; no accepted login, and no pass to the 2FA
RC logs for this ONLY show
==> /var/log/nginx/roundcubemail/sql.log <==
[18-Sep-2020 10:34:58]: <68003b3d> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = '680...fc5';
[18-Sep-2020 10:35:06]: <68003b3d> [1] SELECT "vars", "ip", "changed",
datetime('now') AS ts FROM "session" WHERE "sess_id" = '680...fc5';
i've not figured out which logs are more useful/informative logs out of this.
yet.
any hints as to either a correct/functional proxy setup/config, &/or which
specific logging to dig around in?
_______________________________________________
Roundcube Users mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/users
