apache proxy (443 - terminating) -> nginx (8081 http) -> proxy_pass http://carbonio-auth/zx/login/; -> consul (20008) -> carbonio-auth (but this is not in CE)
nginx-log:
recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 127.0.0.1, server: mail.zima-systems.de, request: "GET /zx/login/v3/config HTTP removed link ", upstream: " removed link "
recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 127.0.0.1, server: mail.zima-systems.de, request: "GET /zx/login/v3/account HTTP removed link ", upstream: " removed link "
recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 127.0.0.1, server: mail.zima-systems.de, request: "GET /zx/login/v3/auth/config HTTP removed link ", upstream: " removed link "
recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 127.0.0.1, server: mail.zima-systems.de, request: "GET /zx/login/v3/config HTTP removed link ", upstream: " removed link "
nginx-configs:
removed link : add_header Set-Cookie "ZX_AUTH_TOKEN=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure; SameSite=Strict";
removed link : location ^~ /zx/login/
removed link : proxy_pass http://carbonio-auth/zx/login/;
removed link : location ^~ /zx/auth/
removed link : proxy_pass http://carbonio-auth/zx/auth/;
removed link : add_header Set-Cookie "ZX_AUTH_TOKEN=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure; SameSite=Strict";
ProxyRequests Off
ProxyAddHeaders On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
RequestHeader set Host %{HTTP_HOST}s
ProxyTimeout 3600
Timeout 3600
LimitRequestBody 0
RewriteEngine On
# === WebSocket-Header-Fix (Apache Proxy) ===
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^(.*)$ - [E=HTTP_CONNECTION:Upgrade]
# === WebSocket & Chat / Messaging / Janus ===
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/services/messaging/ws-xmpp(.*) removed link [P,L]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/services/chats/events(.*) removed link [P,L]
# Janus-Routing (Before Catch-All)
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/janus$ removed link [P,L]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/janus/(.*) removed link $1 [P,L]
# === HTTP-Rules ===
ProxyPass /service/soap removed link keepalive=On retry=5
ProxyPassReverse /service/soap removed link
ProxyPass /services/chats/public removed link keepalive=On retry=5
ProxyPassReverse /services/chats/public removed link
ProxyPass /zx/login removed link
ProxyPassReverse /zx/login removed link
# === External Guests Auth (try) ===
ProxyPass /zx/login/v3 removed link /v3
ProxyPassReverse /zx/login/v3 removed link /v3
ProxyPass /carbonio/focus-mode removed link
ProxyPassReverse /carbonio/focus-mode removed link
# === HTTP-Proxy-Rules ===
ProxyPass /janus removed link
ProxyPassReverse /janus removed link
ProxyPass /zx removed link keepalive=On retry=5
ProxyPassReverse /zx removed link
ProxyPass /services/messaging removed link keepalive=On retry=5
ProxyPassReverse /services/messaging removed link
ProxyPass /services/chats removed link keepalive=On retry=5
ProxyPassReverse /services/chats removed link
# Microsoft ActiveSync via Push
ProxyPass /Microsoft-Server-ActiveSync removed link keepalive=On retry=5 connectiontimeout=1200 timeout=1200
ProxyPassReverse /Microsoft-Server-ActiveSync removed link
# Catch-All Webmail & UI
ProxyPass / removed link .1:8081/ keepalive=On retry=5
ProxyPassReverse / removed link .1:8081/
# === URL rewrite fix ===
Header edit Location "(^http|https)://([^/]+):8081(.*)$" "$1://$2$3"
carbonio-auth is not included in the Community Edition (CE), I would like to know how to enable waiting rooms (video) for Carbonio CE. Is this an Enterprise-only feature?