keep Roundcube working too, put owncloud at /cloud rather than at /

This commit is contained in:
Joshua Tauberer 2014-08-12 11:36:40 +00:00
parent cf4f519cc0
commit 9d6dc78b15
6 changed files with 160 additions and 65 deletions

View file

@ -31,7 +31,7 @@ Then run the post-install checklist command to see what you need to do next:
In addition to above once finished you need to: In addition to above once finished you need to:
Goto https://<your domain>.<tld>, and make a admin account. By default you don't need to edit the advanced settings Goto https://<your domain>.<tld>/cloud, and make an ownCloud admin account. By default you don't need to edit the advanced settings
Once logged in, click the "Files" link beside the cloud in the top left corner and then click Apps button Once logged in, click the "Files" link beside the cloud in the top left corner and then click Apps button
Goto the "External user support" and activate it, do the same thing with the mail app Goto the "External user support" and activate it, do the same thing with the mail app

View file

@ -2,10 +2,6 @@
## Do not edit this file. It will be replaced each time ## Do not edit this file. It will be replaced each time
## Mail-in-a-Box needs up update the web configuration. ## Mail-in-a-Box needs up update the web configuration.
upstream php-fpm {
server unix:/var/run/php5-fpm.sock;
}
# Redirect all HTTP to HTTPS. # Redirect all HTTP to HTTPS.
server { server {
listen 80; listen 80;
@ -26,89 +22,84 @@ server {
ssl_certificate_key $SSL_KEY; ssl_certificate_key $SSL_KEY;
include /etc/nginx/nginx-ssl.conf; include /etc/nginx/nginx-ssl.conf;
# TODO: This is bad, we shouldnt hack it like this. # Expose this directory as static files.
root /usr/local/lib/owncloud; root $ROOT;
index index.html index.htm; index index.html index.htm;
# ownCloud configuration # Roundcube Webmail configuration.
client_max_body_size 16G; # set max upload size rewrite ^/mail$ /mail/ redirect;
fastcgi_buffers 64 4K; rewrite ^/mail/$ /mail/index.php;
location /mail/ {
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; index index.php;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; alias /usr/local/lib/roundcubemail/;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; }
location ~ /mail/config/.* {
index index.php; # A ~-style location is needed to give this precedence over the next block.
error_page 403 /core/templates/403.php; return 403;
error_page 404 /core/templates/404.php; }
location ~ /mail/.*\.php {
location = /robots.txt { # note: ~ has precendence over a regular location block
allow all; include fastcgi_params;
log_not_found off; fastcgi_split_path_info ^/mail(/.*)()$;
access_log off; fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;
fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
client_max_body_size 20M;
} }
location ~ ^/(data|config|\.ht|db_structure\.xml|README) { # ownCloud configuration.
deny all; rewrite ^/caldav(.*)$ /cloud/remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /cloud/remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /cloud/remote.php/webdav$1 redirect;
rewrite ^/cloud$ /cloud/ redirect;
rewrite ^/cloud/$ /cloud/index.php;
rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
location /cloud/ {
alias /usr/local/lib/owncloud/;
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
} }
location ~ ^(/cloud)(/.+\.php)(/.*)?$ {
location / { # note: ~ has precendence over a regular location block
# The following 2 rules are only needed with webfinger include fastcgi_params;
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
# PHP specific configuration to deal with large file uploads
fastcgi_param PHP_VALUE "upload_max_filesize = 16G"; fastcgi_param PHP_VALUE "upload_max_filesize = 16G";
fastcgi_param PHP_VALUE "post_max_size = 16G"; fastcgi_param PHP_VALUE "post_max_size = 16G";
fastcgi_param PHP_VALUE "output_buffering = 16384"; fastcgi_param PHP_VALUE "output_buffering = 16384";
fastcgi_param PHP_VALUE "memory_limit = 512M"; fastcgi_param PHP_VALUE "memory_limit = 512M";
fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
include fastcgi_params; fastcgi_param SCRIPT_NAME $1$2;
fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $3;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-fpm; fastcgi_pass php-fpm;
error_page 403 /cloud/core/templates/403.php;
error_page 404 /cloud/core/templates/404.php;
client_max_body_size 1G;
fastcgi_buffers 64 4K;
} }
rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
# Optional: set long EXPIRES header on static assets rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
expires 30d; rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;
# Optional: Don't log access to assets
access_log off;
}
# Webfinger configuration. # Webfinger configuration.
# TODO: fix this for owncloud
location = /.well-known/webfinger { location = /.well-known/webfinger {
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php; fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php;
fastcgi_pass php-fpm; fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
} }
# Microsoft Exchange autodiscover.xml for email # Microsoft Exchange autodiscover.xml for email
location /autodiscover/autodiscover.xml { location /autodiscover/autodiscover.xml {
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php; fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php;
fastcgi_pass php-fpm; fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
} }
# Z-Push (Microsoft Exchange ActiveSync) # Z-Push (Microsoft Exchange ActiveSync)
location /Microsoft-Server-ActiveSync { location /Microsoft-Server-ActiveSync {
include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
fastcgi_param PHP_VALUE "include_path=/usr/share/awl/inc";
fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php; fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;
fastcgi_pass php-fpm; fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock;
} }
# ADDITIONAL DIRECTIVES HERE # ADDITIONAL DIRECTIVES HERE

View file

@ -7,7 +7,7 @@
define('CALDAV_SERVER', 'https://localhost'); define('CALDAV_SERVER', 'https://localhost');
define('CALDAV_PORT', '443'); define('CALDAV_PORT', '443');
define('CALDAV_PATH', '/remote.php/caldav/calendars/%u/'); define('CALDAV_PATH', '/caldav/calendars/%u/');
define('CALDAV_PERSONAL', ''); define('CALDAV_PERSONAL', '');
// If the CalDAV server supports the sync-collection operation // If the CalDAV server supports the sync-collection operation

View file

@ -9,9 +9,9 @@
define('CARDDAV_PROTOCOL', 'https'); /* http or https */ define('CARDDAV_PROTOCOL', 'https'); /* http or https */
define('CARDDAV_SERVER', 'localhost'); define('CARDDAV_SERVER', 'localhost');
define('CARDDAV_PORT', '443'); define('CARDDAV_PORT', '443');
define('CARDDAV_PATH', '/remote.php/carddav/addressbooks/%u/'); define('CARDDAV_PATH', '/carddav/addressbooks/%u/');
define('CARDDAV_DEFAULT_PATH', '/remote.php/carddav/addressbooks/%u/contacts/'); /* subdirectory of the main path */ define('CARDDAV_DEFAULT_PATH', '/carddav/addressbooks/%u/contacts/'); /* subdirectory of the main path */
define('CARDDAV_GAL_PATH', '/caldav.php/%d/GAL/'); /* readonly, searchable, not syncd */ define('CARDDAV_GAL_PATH', ''); /* readonly, searchable, not syncd */
define('CARDDAV_GAL_MIN_LENGTH', 5); define('CARDDAV_GAL_MIN_LENGTH', 5);
define('CARDDAV_CONTACTS_FOLDER_NAME', '%u Addressbook'); define('CARDDAV_CONTACTS_FOLDER_NAME', '%u Addressbook');

View file

@ -273,6 +273,7 @@ EOF
. setup/dkim.sh . setup/dkim.sh
. setup/spamassassin.sh . setup/spamassassin.sh
. setup/web.sh . setup/web.sh
. setup/webmail.sh
. setup/owncloud.sh . setup/owncloud.sh
. setup/zpush.sh . setup/zpush.sh
. setup/management.sh . setup/management.sh

103
setup/webmail.sh Executable file
View file

@ -0,0 +1,103 @@
# Webmail: Using roundcube
##########################
source setup/functions.sh # load our functions
source /etc/mailinabox.conf # load global vars
# Ubuntu's roundcube-core has dependencies on Apache & MySQL, which we don't want, so we can't
# install roundcube directly via apt-get install.
#
# Additionally, the Roundcube shipped with Ubuntu is consistently out of date.
#
# And it's packaged incorrectly --- it seems to be missing a directory of files.
#
# So we'll use apt-get to manually install the dependencies of roundcube that we know we need,
# and then we'll manually install roundcube from source.
# These dependencies are from 'apt-cache showpkg roundcube-core'.
apt_install \
dbconfig-common \
php5 php5-sqlite php5-mcrypt php5-intl php5-json php5-common php-auth php-net-smtp php-net-socket php-net-sieve php-mail-mime php-crypt-gpg php5-gd php5-pspell \
tinymce libjs-jquery libjs-jquery-mousewheel libmagic1
# We used to install Roundcube from Ubuntu, without triggering the dependencies
# on Apache and MySQL, by downloading the debs and installing them manually.
# Now that we're beyond that, get rid of those debs before installing from source.
apt-get purge -qq -y roundcube*
# Install Roundcube from source if it is not already present.
# TODO: Check version?
if [ ! -d /usr/local/lib/roundcubemail ]; then
rm -f /tmp/roundcube.tgz
wget -qO /tmp/roundcube.tgz http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz
tar -C /usr/local/lib -zxf /tmp/roundcube.tgz
mv /usr/local/lib/roundcubemail-1.0.1/ /usr/local/lib/roundcubemail
rm -f /tmp/roundcube.tgz
fi
# Generate a safe 24-character secret key of safe characters.
SECRET_KEY=$(dd if=/dev/random bs=20 count=1 2>/dev/null | base64 | fold -w 24 | head -n 1)
# Create a configuration file.
#
# For security, temp and log files are not stored in the default locations
# which are inside the roundcube sources directory. We put them instead
# in normal places.
cat - > /usr/local/lib/roundcubemail/config/config.inc.php <<EOF;
<?php
/*
* Do not edit. Written by Mail-in-a-Box. Regenerated on updates.
*/
\$config = array();
\$config['log_dir'] = '/var/log/roundcubemail/';
\$config['temp_dir'] = '/tmp/roundcubemail/';
\$config['db_dsnw'] = 'sqlite:///$STORAGE_ROOT/mail/roundcube/roundcube.sqlite?mode=0640';
\$config['default_host'] = 'ssl://localhost';
\$config['default_port'] = 993;
\$config['imap_timeout'] = 15;
\$config['smtp_server'] = 'tls://localhost';
\$config['smtp_port'] = 587;
\$config['smtp_user'] = '%u';
\$config['smtp_pass'] = '%p';
\$config['support_url'] = 'https://mailinabox.email/';
\$config['product_name'] = 'Mail-in-a-Box/Roundcube Webmail';
\$config['des_key'] = '$SECRET_KEY';
\$config['plugins'] = array('archive', 'zipdownload', 'password', 'managesieve');
\$config['skin'] = 'classic';
\$config['login_autocomplete'] = 2;
\$config['password_charset'] = 'UTF-8';
\$config['junk_mbox'] = 'Spam';
?>
EOF
# Create writable directories.
mkdir -p /var/log/roundcubemail /tmp/roundcubemail $STORAGE_ROOT/mail/roundcube
chown -R www-data.www-data /var/log/roundcubemail /tmp/roundcubemail $STORAGE_ROOT/mail/roundcube
# Password changing plugin settings
# The config comes empty by default, so we need the settings
# we're not planning to change in config.inc.dist...
cp /usr/local/lib/roundcubemail/plugins/password/config.inc.php.dist \
/usr/local/lib/roundcubemail/plugins/password/config.inc.php
tools/editconf.py /usr/local/lib/roundcubemail/plugins/password/config.inc.php \
"\$config['password_minimum_length']=6;" \
"\$config['password_db_dsn']='sqlite:///$STORAGE_ROOT/mail/users.sqlite';" \
"\$config['password_query']='UPDATE users SET password=%D WHERE email=%u';" \
"\$config['password_dovecotpw']='/usr/bin/doveadm pw';" \
"\$config['password_dovecotpw_method']='SHA512-CRYPT';" \
"\$config['password_dovecotpw_with_method']=true;"
# so PHP can use doveadm, for the password changing plugin
usermod -a -G dovecot www-data
# set permissions so that PHP can use users.sqlite
# could use dovecot instead of www-data, but not sure it matters
chown root.www-data $STORAGE_ROOT/mail
chmod 775 $STORAGE_ROOT/mail
chown root.www-data $STORAGE_ROOT/mail/users.sqlite
chmod 664 $STORAGE_ROOT/mail/users.sqlite
# Enable PHP modules.
php5enmod mcrypt
restart_service php5-fpm