Configuring Snappymail to run behind a reverse proxy
This article explains how I configured Snappymail to run behind my NGINX reverse proxy. I’m discussing direct server installations, meaning running Snappymail independently, not as part of an integration with Nextcloud or Cloudron or some kind of control panel, although this article might help with some of those situations. Also, this isn’t a comprehensive article, so it won’t delve into proper NGINX server block arrangements or security considerations, etc. It’s just for getting it running on the Snappymail side.
Previously I ran Rainloop, a webmail client from which Snappymail is forked, and it worked fine on my server behind an NGINX reverse proxy. But it has become apparent that Rainloop is now a dead project and frightening security holes have remained unpatched.
I therefore migrated from Rainloop to Snappymail, which is being actively maintained, and which was a straightforward process. But after installation, the server greeted me with this error message:
An error occurred. Please refresh the page and try again. Error: Failed loading /mail/snappymail/v/x.x.x/static/js/min/libs.min.js
I’m no expert, so this message didn’t make the problem apparent to me. I thought maybe my web server wasn’t processing JavaScript correctly or maybe I was missing a dependency, or something else entirely. So to help prevent you from banging your head against a wall as hard as I did, here’s the solution, and it’s simple:
Because a reverse proxy sends traffic directly to the virtual server root, which isn’t what Snappymail is expecting, Snappymail must be told where to look for its files.
As we can see from the error message, Snappymail is looking for a file here:
/mail/snappymail/ ...
What we need is for it to be configured to start a level higher, so that it looks for the file (and all other files) in this manner:
/snappymail/ ...
There are a number of ways to solve this, including configuring a redirect at the reverse proxy or at the web server, but from reading this Github discussion thread, we see that the app developers included a setting to easily solve the problem without messing with server settings.
Method 1: Edit application.ini (if you don’t have app admin access)
Configuration can be done via the Linux command line by editing the configuration file directly. If your /data/ directory is properly configured, you’ll notice that the file is protected and can only be accessed or edited by root (your actual file path may vary depending on how you configured your Snappymail domains and web server).
sudo su
nano /var/www/html/mail/data/_data_/_default_/configs/application.ini
If you need help finding application.ini on your system, you can always search for it:
find -name application.ini
Once you’ve found the file and opened it in a text editor, locate the following line:
app_path = ""
Then edit the line to read:
app_path = "/"
This instructs Snappymail to look for its files in the app root, which will play nicely with the reverse proxy. After that’s done save the file and edit the text editor, then exit root and restart your webserver:
exit
sudo systemctl restart apache2
or sudo systemctl restart httpd
or sudo systemctl restart nginx
Snappymail should now be working.
Method 2: Snappymail admin GUI (if you have admin access)
If you can access your Snappymail installation from its server’s network IP, which typically means you’re inside its internal network, you might be able to bypass the reverse proxy by navigating in a browser to its internal network IP:
http://192.168.1.11/snappymail/$admin
Otherwise, try navigating to your public Snappymail admin login:
https://www.yourdomain.com/snappymail/$admin
or
https://snappymail.yourdomain.com/$admin
Login with your admin credentials, then navigate to:
Config => webmail => app_path
The field will probably be blank. Simply enter a single slash: /
Then scroll all the way to the bottom of the Config settings and click “Save”. That's it. Your installation should now be working.