From 77f7f187d24463d17dfda6036fdafe6567fff67e Mon Sep 17 00:00:00 2001
From: Nicole Rappe <cyberstrawberry101@gmail.com>
Date: Sat, 6 Jan 2024 20:49:08 -0700
Subject: [PATCH] Update Servers/Linux/iRedMail.md

---
 Servers/Linux/iRedMail.md | 41 ++++++++++++++++++++++++++++++++++++---
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/Servers/Linux/iRedMail.md b/Servers/Linux/iRedMail.md
index 6a66a5a..5f1e8e1 100644
--- a/Servers/Linux/iRedMail.md
+++ b/Servers/Linux/iRedMail.md
@@ -71,7 +71,42 @@ reboot
 
 ## Nested Reverse Proxy Configuration
 In my homelab environment, I run Traefik reverse proxy in front of everything, which includes the NGINX reverse proxy that iRedMail creates.  In my scenario, I have to make some custom adjustments to the reverse proxy dynamic configuration data to ensure it will allow self-signed certificates from iRedMail to communicate with the Traefik reverse proxy successfully.  You will see an example Traefik configuration file below.
-```jsx title="/srv/containers/traefik/config/dynamic/dynamic-config.yml" sh
-# ROUTERS
-test
+``` sh
+# ROUTER
+http:
+  routers:
+    mail:
+      entryPoints:
+        - websecure
+      rule: "Host(`mail.bunny-lab.io`)"
+      service: mail
+      middlewares:
+        - add-real-ip-header
+        - add-host-header
+      tls:
+        certResolver: myresolver
+
+# MIDDLEWARE (May not actually be necessary)
+  middlewares:
+     add-real-ip-header:
+      headers:
+        customRequestHeaders:
+          X-Real-IP: ""
+    add-host-header:
+      headers:
+        customRequestHeaders:
+          Host: "mail.bunny-lab.io" 
+
+# SERVICE
+    mail:
+      loadBalancer:
+        serversTransport: insecureTransport
+        servers:
+          - url: "https://192.168.3.13:443"
+        passHostHeader: true
+
+# TRANSPORT
+  serversTransports:
+    insecureTransport:
+      insecureSkipVerify: true
 ```
\ No newline at end of file