Hello,
I am giving SOGo a try for the first time, attempting to get it setup on my
Ubuntu 24.04.3 server with Nginx and Mariadb. The official documentation
focuses more on cases where SOGo is being setup with Apache and Postgresql, and
so I've been scouring the internet for community-provided examples of working
nginx configs. Alas, after a couple of days of struggling with this, I have
simply been unable to overcome a 502 error when trying to visit my instance of
SOGo from a browser. Well, technically I was able to serve the site once a
couple days ago, but then had issues getting the Mariadb setup correct, but
somewhere in the process of figuring things out, I accidentally deleted the
.conf file for my nginx config and had to rewrite it. I have been unable to
get the site to load since, and I cannot seem to remember what I did the first
time that worked, or even what forum or website I got that example from. I've
been looking and looking and looking and trying example config after example
config, and I'm about ready to cry. I also tried searching the mailing list as
instructed on sogo's community support page, but I just can't get that site to
load (connection keeps timing out), so I have no idea if there is a solution to
my problem hiding in the mailing lists (if there is, please forgive my
redundancy). Below are the details of my current setup so it's easier to try
to help me. Also, I didn't like the idea of redirecting to
https://mail.domain.tld/sogo/, and just want users to stay on
https://mail.domain.tld/, hence the way I setup the nginx config.
OS: Ubuntu 24.04.3
Web server: Nginx 1.29.1
Database: Mariadb 12.0.2
SOGo: 5.12.4 (nightly)
>From /etc/hosts:
127.0.0.1 localhost sogodb
Directories and permissions:
0755 sogo:sogo -> /etc/sogo/
0644 sogo:sogo -> /etc/sogo/sogo.conf
0755 www-data:www-data -> /usr/lib/GNUstep/SOGo/WebServerResources/
0644 www-data:www-data -> /usr/lib/GNUstep/SOGo/WebServerResources/{files found
in here}
0755 sogo:sogo -> /var/run/sogo
Contents of /etc/sogo/sogo.conf (sorry, formatting wasn't preserved when I
copy-pasted):
{
/* Database configuration (mysql://, postgresql:// or oracle://) */
SOGoProfileURL = "mysql://sogo:{REDACTED}@sogodb:3306/sogo_user_profile";
OCSFolderInfoURL = "mysql://sogo:{REDACTED}@sogodb:3306/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:{REDACTED}@sogodb:3306/sogo_sessions_folder";
/* Mail */
SOGoDraftsFolderName = Drafts;
SOGoSentFolderName = Sent;
SOGoTrashFolderName = Trash;
SOGoJunkFolderName = Spam;
SOGoIMAPServer = "localhost";
SOGoSieveServer = "sieve://127.0.0.1:4190";
SOGoSMTPServer = "smtp://127.0.0.1";
SOGoMailDomain = webmail.strangequark.dev;
SOGoMailingMechanism = smtp;
SOGoForceExternalLoginWithEmail = NO;
SOGoMailSpoolPath = /var/spool/sogo;
NGImap4ConnectionStringSeparator = "/";
/* Notifications */
SOGoAppointmentSendEMailNotifications = YES;
SOGoACLsSendEMailNotifications = NO;
SOGoFoldersSendEMailNotifications = NO;
/* Authentication */
SOGoPasswordChangeEnabled = YES;
/* Mariadb Authentication */
SOGoUserSources =
(
{
type = sql;
id = directory;
viewURL = "mysql://sogo:{REDACTED}@sogodb:3306/sogo_users_table";
canAuthenticate = YES;
isAddressBook = YES;
displayName = "SOGo Users";
MailFieldNames = ["mail"];
searchFields = ["Mail", "cn", "uid"]
userPasswordAlgorithm = md5;
}
);
SOGoProfileURL: "mysql://sogo:{REDACTED}@sogodb:3306/sogo_user_profile";
MySQL4Encoding = "utf8mb4";
/* Web Interface */
SOGoPageTitle = SOGo;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
SOGoMailAuxiliaryUserAccountsEnabled = YES;
SOGoTrustProxyAuthentication = NO;
SOGoXSRFValidationEnabled = NO;
/* General - SOGoTimeZone *MUST* be defined */
SOGoLanguage = English;
SOGoTimeZone = Pacific/Honolulu;
SOGoCalendarDefaultRoles = (
PublicDAndTViewer,
ConfidentialDAndTViewer
);
SOGoSuperUsernames = (administrator); // This is an array - keep the parens!
SxVMemLimit = 384;
//WOPidFile = "/var/run/sogo/sogo.pid";
SOGoMemcachedHost = "127.0.0.1";
/* ActiveSync */
WOWorkersCount = 15;
WOWatchDogRequestTimeout = 59;
SOGoMaximumPingInterval = 3540;
SOGoMaximumSyncInterval = 3540;
SOGoInternalSyncInterval = 30;
/* Debug */
SOGoDebugRequests = YES;
SoDebugBaseURL = YES;
ImapDebugEnabled = YES;
LDAPDebugEnabled = YES;
PGDebugEnabled = YES;
MySQL4DebugEnabled = YES;
SOGoUIxDebugEnabled = YES;
WODontZipResponse = YES;
WOLogFile = /var/log/sogo/sogo.log;
}
Contents of /etc/nginx/conf.d/10-mail.{REDACTED}.{TLD}.conf (sorry, formatting
wasn't preserved when I copy-pasted):
server {
server_name mail.{REDACTED}.{TLD};
root /usr/lib/GNUstep/SOGo/WebServerResources/;
server_tokens off;
index index.php index.html index.htm
index.nginx-debian.html;
autoindex off;
error_page 404 /404.php;
# redirect server error pages to the static page /50x.php
error_page 500 502 503 504 /50x.php;
location = /50x.php {
root /usr/share/nginx/html;
}
error_log /var/log/nginx/{REDACTED}.{TLD}/webmail/error.log;
access_log /var/log/nginx/{REDACTED}.{TLD}/webmail/access.log;
client_max_body_size 100M;
location / {
proxy_pass http://127.0.0.1:20000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location = /principals/ {
rewrite ^ https://$server_name/dav;
allow all;
}
location /SOGo.woa/WebServerResources/ <http://SOGo.woa/WebServerResources/> {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 <http://1.SOGo/Resources/$2>;
}
location
^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 <http://1.SOGo/Resources/$2>;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass unix:/run/php/php8.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
}
location ^~ /SOGo/Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mail.{REDACTED}.{TLD}/fullchain.pem; #
managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mail.{REDACTED}.{TLD}/privkey.pem; #
managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000" always; # managed by
Certbot
ssl_trusted_certificate /etc/letsencrypt/live/mail.{REDACTED}.{TLD}/chain.pem;
# managed by Certbot
ssl_stapling on; # managed by Certbot
ssl_stapling_verify on; # managed by Certbot
}
server {
if ($host = mail.{REDACTED}.{TLD}) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name mail.{REDACTED}.{TLD};
root /usr/lib/GNUstep/SOGo/WebServerResources/;
server_tokens off;
index index.php index.html index.htm
index.nginx-debian.html;
autoindex off;
error_page 404 /404.php;
# redirect server error pages to the static page /50x.php
error_page 500 502 503 504 /50x.php;
location = /50x.php {
root /usr/share/nginx/html;
}
error_log /var/log/nginx/{REDACTED}.{TLD}/webmail/error.log;
access_log /var/log/nginx/{REDACTED}.{TLD}/webmail/access.log;
client_max_body_size 100M;
location / {
proxy_pass http://127.0.0.1:20000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location = /principals/ {
rewrite ^ https://$server_name/dav;
allow all;
}
location /SOGo.woa/WebServerResources/ <http://SOGo.woa/WebServerResources/> {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 <http://1.SOGo/Resources/$2>;
}
location
^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 <http://1.SOGo/Resources/$2>;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass unix:/run/php/php8.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
}
location ^~ /SOGo/Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
}
}
The error appearing in /var/log/nginx/{REDACTED}.{TLD}/webmail/error.log:
2025/10/07 20:53:57 [error] 923#923: *3 connect() failed (111: Connection
refused) while connecting to upstream, client: {REDACTED}, server:
mail.{REDACTED}.{TLD}, request: "GET / HTTP/1.1", upstream:
"http://127.0.0.1:20000/";, host: "{REDACTED}"
The error appearing in my web browser when attempting to visit the site:
Error code: 502 Bad Gateway
If you need any additional information in order to advise me, please let me
know what I need to provide. And thank you to anyone who takes the time to
look over my issue and let me know what I am missing or need to do to get this
working.
Cheers!
--
Secured with Tuta Mail:
https://tuta.com/free-email
