Possibility to deactivate SSL configuration for nginx

[abctaylor]

Impacted versions

• Distribution: Ubuntu 18.04 LTS
• Arch: N/A to issue
• Database: N/A to issue

Steps to reproduce

• Load balancer sitting somewhere at frontend handling SSL with real cert, domain-based routing if domain = mail.example.com -> modoboa server

Full trace using --debug option or current behaviour

You will get stuck in a 301 Moved Permanently loop

Expected behavior

Installer should give option to install self-signed SSL

RESOLUTION

Edit the nginx conf file for your setup, e.g. mail.example.com.conf as follows:

• delete rewrite ^ https://$server_name$request_uri? permanent; in first server block
• join the :80 and :443 server blocks together by deleting the } and server { respectively
• delete the now duplicate listen directives (both of them) from old :443 server block
• delete the now duplicate server_name directive from old :443 server block
• delete all lines in the new combined server block starting with ssl_
• reload nginx

[abctaylor]

In case the motivation is not clear, I suspect many selfhosters are running multiple web servers in their environments, on separate VMs. I use HAProxy to do domain-based http/s routing to:

1. a default cluster of 4x nginx servers
2. a personal media server
3. a mail server's web interface

These are separate servers and a wildcard TLD exists at the load balancer to encrypt all traffic to/from the load balancer to the Internet.

It would be great if the script could give an option to proceed with SSL or not, bearing in mind it might be handled somewhere else.

[dabos1]

thank you