From c4cc81fc66d75b104e9c0ae2330e1a274b1d9fce Mon Sep 17 00:00:00 2001
From: AVAtar Mod <respawner289@gmail.com>
Date: Sat, 31 Jul 2021 09:35:07 +0300
Subject: [PATCH 1/3] EN-US subdomain how-to

---
 en_US/howto/subdomains.md | 111 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 111 insertions(+)
 create mode 100644 en_US/howto/subdomains.md

diff --git a/en_US/howto/subdomains.md b/en_US/howto/subdomains.md
new file mode 100644
index 00000000..fe10dc78
--- /dev/null
+++ b/en_US/howto/subdomains.md
@@ -0,0 +1,111 @@
+# Move SOGO, Roundcube and iRedAdmin to subdomains with Nginx
+
+[TOC]
+
+## Introduction
+iRedMail create different templates for different needs.
+By default, SOGO, Roundcube and iRedAdmin are located at /iredadmin, 
+/mail and /sogo (if you install SOGo, then /mail redirect to this too).
+For example, we have:
+
+- domain example.com
+- server (hosting, etc.) with installed iRedMail
+- correctly configured DNS zone example.com
+
+If we visit example.com/iredadmin, then we will be redirected to the iRedAdmin (usually login page of the iRedAdmin)
+
+Let's to see to default config at /etc/nginx/sites-available/00-default-ssl.conf:
+```
+#
+# Note: This file must be loaded before other virtual host config files,
+#
+# HTTPS
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name _;
+
+    root /var/www/html;
+    index index.php index.html;
+
+    include /etc/nginx/templates/misc.tmpl;
+    include /etc/nginx/templates/ssl.tmpl;
+    include /etc/nginx/templates/iredadmin.tmpl;
+    include /etc/nginx/templates/roundcube.tmpl;
+    include /etc/nginx/templates/sogo.tmpl;
+    include /etc/nginx/templates/netdata.tmpl;
+    include /etc/nginx/templates/php-catchall.tmpl;
+    include /etc/nginx/templates/stub_status.tmpl;
+
+	location /{
+	try_files $uri $uri/ /index.php$is_args$args;
+	}
+}
+```
+Wee can see following:
+```
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name _;
+    ...
+    include /etc/nginx/templates/iredadmin.tmpl;
+    include /etc/nginx/templates/roundcube.tmpl;
+    include /etc/nginx/templates/sogo.tmpl;
+    ...
+}
+```
+That means that SOGO, Roundcube and iRedAdmin are located at host "_" (see (Nginx Documentation)[https://nginx.org/en/docs/http/server_names.html] ).
+
+## Move SOGO, Roundcube and iRedAdmin to subdomain.
+
+We can move 1, 2 or 3 services to any subdomain (ex. Roundcube, iRedAdmin, but SOGO leave at "_" host)
+
+To do this, we need:
+1. Delete wanted line(s) from
+```
+    include /etc/nginx/templates/iredadmin.tmpl;
+    include /etc/nginx/templates/roundcube.tmpl;
+    include /etc/nginx/templates/sogo.tmpl;
+    ...
+    include /etc/nginx/templates/example_service.tmpl;
+```
+As example, wee deleted
+```
+    include /etc/nginx/templates/example_service.tmpl;
+```
+2. Create new site config at /etc/nginx/sites-available/
+As example, wee create example_service.example.com.conf
+3. Write config to file
+We need server{} context with
+```
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name example_service.example.com;
+```
+Then, add line
+```
+    include /etc/nginx/templates/example_service-subdomain.tmpl;
+```
+We can also add SSL support:
+Create /etc/nginx/templates/ssl-subdomain.tmpl (you may use ssl.tmpl as template), then add line
+```
+    include /etc/nginx/templates/ssl-subdomain.tmpl;
+```
+As result, we have
+```
+server{
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name example_service.example.com;
+
+    include /etc/nginx/templates/example_service-subdomain.tmpl;
+    include /etc/nginx/templates/ssl-subdomain.tmpl;
+}
+```
+!!! note
+        I recommend 
+        - create request wildcard SSL certificate (that works for any subdomain, ex name1.example.com ... 1000name.example.com)
+        - create wildcard DNS records, ex. "CNAME *.example.com example.com"
+
+That's all we need
\ No newline at end of file

From 979e98d265f18b49215852069fc3e22928fb4fb8 Mon Sep 17 00:00:00 2001
From: AVAtar Mod <respawner289@gmail.com>
Date: Sat, 31 Jul 2021 09:36:13 +0300
Subject: [PATCH 2/3] EN-US subdomains: fix typos

---
 en_US/howto/subdomains.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/en_US/howto/subdomains.md b/en_US/howto/subdomains.md
index fe10dc78..abc308a5 100644
--- a/en_US/howto/subdomains.md
+++ b/en_US/howto/subdomains.md
@@ -42,7 +42,7 @@ server {
 	}
 }
 ```
-Wee can see following:
+We can see following:
 ```
 server {
     listen 443 ssl http2;
@@ -70,12 +70,12 @@ To do this, we need:
     ...
     include /etc/nginx/templates/example_service.tmpl;
 ```
-As example, wee deleted
+As example, we deleted
 ```
     include /etc/nginx/templates/example_service.tmpl;
 ```
 2. Create new site config at /etc/nginx/sites-available/
-As example, wee create example_service.example.com.conf
+As example, we create example_service.example.com.conf
 3. Write config to file
 We need server{} context with
 ```

From aecfe98ee90bdc6f374360bc3abddf6c7cc7bb97 Mon Sep 17 00:00:00 2001
From: AVAtar Mod <respawner289@gmail.com>
Date: Wed, 4 Aug 2021 19:58:18 +0300
Subject: [PATCH 3/3] EN-US subdomains: more flexible guide

---
 en_US/howto/subdomains.md | 55 +++++++++++++++++++++++++++------------
 1 file changed, 39 insertions(+), 16 deletions(-)

diff --git a/en_US/howto/subdomains.md b/en_US/howto/subdomains.md
index abc308a5..0808cac3 100644
--- a/en_US/howto/subdomains.md
+++ b/en_US/howto/subdomains.md
@@ -55,37 +55,55 @@ server {
     ...
 }
 ```
-That means that SOGO, Roundcube and iRedAdmin are located at host "_" (see (Nginx Documentation)[https://nginx.org/en/docs/http/server_names.html] ).
-
+That means that SOGO, Roundcube and iRedAdmin are located at host "_" (see (Nginx Documentation)[https://nginx.org/en/docs/http/server_names.html] ) and available at example.com/mail/, example.com/sogo/, etc.
 ## Move SOGO, Roundcube and iRedAdmin to subdomain.
 
 We can move 1, 2 or 3 services to any subdomain (ex. Roundcube, iRedAdmin, but SOGO leave at "_" host)
 
 To do this, we need:
-1. Delete wanted line(s) from
+1. Check available configs with subdomain support at /etc/nginx/templates directory
+Open terminal (usually this mean connect over ssh to server)
+Enter command after "$":
 ```
-    include /etc/nginx/templates/iredadmin.tmpl;
-    include /etc/nginx/templates/roundcube.tmpl;
-    include /etc/nginx/templates/sogo.tmpl;
-    ...
-    include /etc/nginx/templates/example_service.tmpl;
+$ ls -w 1 /etc/nginx/templates
+adminer.tmpl
+fastcgi_php.tmpl
+hsts.tmpl
+iredadmin-subdomain.tmpl
+iredadmin.tmpl
+misc.tmpl
+netdata-subdomain.tmpl
+netdata.tmpl
+php-catchall.tmpl
+redirect_to_https.tmpl
+roundcube-subdomain.tmpl
+roundcube.tmpl
+sogo-subdomain.tmpl
+sogo.tmpl
+ssl.tmpl
+stub_status.tmpl
 ```
-As example, we deleted
+We can see 4 iRedMail configs with subdomain support:
 ```
-    include /etc/nginx/templates/example_service.tmpl;
+iredadmin-subdomain.tmpl
+netdata-subdomain.tmpl
+roundcube-subdomain.tmpl
+sogo-subdomain.tmpl
 ```
+This mean that iRedAdmin, Netdata, Roundcube or SOGO can be moved to subdomain.
+We choose one of them, as example roundcube-subdomain.tmpl
 2. Create new site config at /etc/nginx/sites-available/
-As example, we create example_service.example.com.conf
+As example, we create roundcube.example.com.conf
 3. Write config to file
-We need server{} context with
+We need to use "server" context with
 ```
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
-    server_name example_service.example.com;
+    server_name roundcube.example.com;
 ```
 Then, add line
 ```
-    include /etc/nginx/templates/example_service-subdomain.tmpl;
+    include /etc/nginx/templates/roundcube-subdomain.tmpl;
 ```
 We can also add SSL support:
 Create /etc/nginx/templates/ssl-subdomain.tmpl (you may use ssl.tmpl as template), then add line
@@ -97,15 +115,20 @@ As result, we have
 server{
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
-    server_name example_service.example.com;
+    server_name roundcube.example.com;
 
-    include /etc/nginx/templates/example_service-subdomain.tmpl;
+    include /etc/nginx/templates/roundcube-subdomain.tmpl;
     include /etc/nginx/templates/ssl-subdomain.tmpl;
 }
 ```
+4. [OPTIONAL] If you want deny acess to your service at host "_" over example.com/mail/, you can do the following:
+    * Remove line "include /etc/nginx/templates/roundcube.tmpl;"
+    from default config at /etc/nginx/sites-available/00-default-ssl.conf
 !!! note
         I recommend 
         - create request wildcard SSL certificate (that works for any subdomain, ex name1.example.com ... 1000name.example.com)
         - create wildcard DNS records, ex. "CNAME *.example.com example.com"
+        - Use wildcard SSL certificate for any number of your subdomains (use /etc/nginx/templates/ssl.tmpl as template
+        and see (Nginx Docs)[https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl] if you have troubles)
 
 That's all we need
\ No newline at end of file