# kolab roundcube
location /
{
    index index.php;
    root  /usr/share/kolab-roundcube/public_html;
    client_max_body_size 30M; # set maximum upload size for mail attachments

    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    location ~ ^/(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$
    {
        deny all;
    }

    location ~ ^/(bin|SQL|config|logs)/
    {
        deny all;
    }

    location ~^/program/(include|lib|localization|steps)/
    {
        deny all;
    }
    
    location ~ /\.
    {
        deny all;
        access_log off;
        log_not_found off;
    }
    
	# For roundcube CSRF token support.
    rewrite "^/[a-f0-9]{16}/(.*)" /$1 last;    

    # enable php
    location ~ \.php$
    {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        fastcgi_pass unix:/run/php5-kolab-roundcube.sock;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_pass_header X-Session-Token;
    }
}