gnunux/dataset
1
0
Fork 0
forked from stove/dataset
Code Issues Pull requests Projects Releases Wiki Activity

upgrade roundcube

Browse source
This commit is contained in:
Emmanuel Garette 2022-10-20 22:40:01 +02:00
parent f66172b86c
commit 1de8353ac5
12 changed files with 346 additions and 553 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
seed/base-fedora-36/templates/login
View file

@ -1,4 +1,4 @@
# File from util-linux-*.x86_64 (not installed) #GNUNUX File from util-linux-*.x86_64 (not installed)
#%PAM-1.0 #%PAM-1.0
auth substack system-auth auth substack system-auth
auth include postlogin auth include postlogin

4
seed/php-fpm/templates/php-fpm.conf
View file

@ -23,8 +23,10 @@ pid = /run/php-fpm/php-fpm.pid
; If it's set to "syslog", log is sent to syslogd instead of being written ; If it's set to "syslog", log is sent to syslogd instead of being written
; in a local file. ; in a local file.
; Default Value: /var/log/php-fpm.log ; Default Value: /var/log/php-fpm.log
; GNUNUX error_log = /var/log/php-fpm/error.log ;>GNUNUX
;error_log = /var/log/php-fpm/error.log
error_log = syslog error_log = syslog
;<GNUNUX
; syslog_facility is used to specify what type of program is logging the ; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities ; message. This lets syslogd specify that messages from different facilities

20
seed/php-fpm/templates/www.conf
View file

@ -21,9 +21,15 @@
; Note: The user is mandatory. If the group is not set, the default user's group ; Note: The user is mandatory. If the group is not set, the default user's group
; will be used. ; will be used.
; RPM: apache user chosen to provide access to the same directories as httpd ; RPM: apache user chosen to provide access to the same directories as httpd
;>GNUNUX
;user = apache
user = %%php_fpm_user user = %%php_fpm_user
;<GNUNUX
; RPM: Keep a group allowed to write in log dir. ; RPM: Keep a group allowed to write in log dir.
;>GNUNUX
;group = apache
group = %%php_fpm_user group = %%php_fpm_user
;<GNUNUX
; The address on which to accept FastCGI requests. ; The address on which to accept FastCGI requests.
; Valid syntaxes are: ; Valid syntaxes are:
@ -52,7 +58,10 @@ listen = /run/php-fpm/www.sock
; When POSIX Access Control Lists are supported you can set them using ; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names. ; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored ; When set, listen.owner and listen.group are ignored
;>GNUNUX
;listen.acl_users = apache,nginx
listen.acl_users = %%php_fpm_user listen.acl_users = %%php_fpm_user
;<GNUNUX
;listen.acl_groups = ;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. ; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
@ -322,7 +331,10 @@ pm.max_spare_servers = 35
; The log file for slow requests ; The log file for slow requests
; Default Value: not set ; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set ; Note: slowlog is mandatory if request_slowlog_timeout is set
;>GNUNUX
;slowlog = /var/log/php-fpm/www-slow.log
slowlog = syslog slowlog = syslog
;<GNUNUX
; The timeout for serving a single request after which a PHP backtrace will be ; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; dumped to the 'slowlog' file. A value of '0s' means 'off'.
@ -420,7 +432,10 @@ slowlog = syslog
; specified at startup with the -d argument ; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off ;php_flag[display_errors] = off
;>GNUNUX
;php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_value[error_log] = syslog php_admin_value[error_log] = syslog
;<GNUNUX
php_admin_flag[log_errors] = on php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M ;php_admin_value[memory_limit] = 128M
@ -432,8 +447,11 @@ php_admin_flag[log_errors] = on
; ;
; See warning about choosing the location of these directories on your system ; See warning about choosing the location of these directories on your system
; at http://php.net/session.save-path ; at http://php.net/session.save-path
;<GNUNUX
;php_value[session.save_handler] = files
;php_value[session.save_path] = /var/lib/php/session
php_value[session.save_handler] = redis php_value[session.save_handler] = redis
;GNUNUX php_value[session.save_path] = /var/lib/php/session
;php_value[session.save_path] = "tcp://%%redis_client_server_domainname:6379?auth[user]=%%redis_client_username&auth[pass]=%%redis_client_password" ;php_value[session.save_path] = "tcp://%%redis_client_server_domainname:6379?auth[user]=%%redis_client_username&auth[pass]=%%redis_client_password"
;>GNUNUX
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
;php_value[opcache.file_cache] = /var/lib/php/opcache ;php_value[opcache.file_cache] = /var/lib/php/opcache

801
seed/php/templates/php.ini
View file

File diff suppressed because it is too large Load diff

1
seed/roundcube/UPGRADE.md Normal file
View file

@ -0,0 +1 @@
diff -u /var/lib/machines/roundcube.in.silique.fr/usr/share/factory/./etc/roundcubemail/defaults.inc.php /var/lib/risotto/templates/roundcube.in.silique.fr/./etc/roundcubemail/config.inc.php

2
seed/roundcube/applicationservice.yml
View file

@ -1,7 +1,7 @@
format: '0.1' format: '0.1'
description: Interface web de consultation des courriels Roundcube description: Interface web de consultation des courriels Roundcube
depends: depends:
- base-fedora-35 - base-fedora-36
- postgresql-client - postgresql-client
- imap-client - imap-client
- redis-client - redis-client

1
seed/roundcube/dictionaries/31_roundcube.xml
View file

@ -5,7 +5,6 @@
<file owner="root" group="nginx" mode="640">/etc/roundcubemail/config.inc.php</file> <file owner="root" group="nginx" mode="640">/etc/roundcubemail/config.inc.php</file>
<file>/etc/nginx/default.d/roundcubemail.conf</file> <file>/etc/nginx/default.d/roundcubemail.conf</file>
<file source="domain.inc.php" file_type="variable" variable="roundcube_domains">roundcube_config</file> <file source="domain.inc.php" file_type="variable" variable="roundcube_domains">roundcube_config</file>
<file>/secrets/roundcube-init.php</file>
<file engine="none">/static/silique_cloud.svg</file> <file engine="none">/static/silique_cloud.svg</file>
<file engine="none">/static/watermark.html</file> <file engine="none">/static/watermark.html</file>
<file>/etc/pki/ca-trust/source/anchors/ca_MailServer.crt</file> <file>/etc/pki/ca-trust/source/anchors/ca_MailServer.crt</file>

2
seed/roundcube/manual/image/preinstall/roundcube.sh
View file

@ -1 +1 @@
PKG="$PKG roundcubemail php-cli php-pgsql php-pecl-redis5" PKG="$PKG roundcubemail php-pgsql php-pecl-redis5"

23
seed/roundcube/templates/config.inc.php
View file

@ -102,10 +102,7 @@ $config['per_user_logging'] = false;
$config['smtp_log'] = true; $config['smtp_log'] = true;
// Log successful/failed logins to <log_dir>/userlogins.log or to syslog // Log successful/failed logins to <log_dir>/userlogins.log or to syslog
// GNUNUX $config['log_logins'] = false;
#>GNUNUX
$config['log_logins'] = false; $config['log_logins'] = false;
#<GNUNUX
// Log session debug information/authentication errors to <log_dir>/session.log or to syslog // Log session debug information/authentication errors to <log_dir>/session.log or to syslog
$config['session_debug'] = false; $config['session_debug'] = false;
@ -170,8 +167,6 @@ $config['imap_auth_type'] = null;
// ], // ],
// ]; // ];
// Note: These can be also specified as an array of options indexed by hostname // Note: These can be also specified as an array of options indexed by hostname
$config['imap_conn_options'] = null; $config['imap_conn_options'] = null;
// IMAP connection timeout, in seconds. Default: 0 (use default_socket_timeout) // IMAP connection timeout, in seconds. Default: 0 (use default_socket_timeout)
@ -241,7 +236,10 @@ $config['imap_disabled_caps'] = [];
$config['imap_log_session'] = false; $config['imap_log_session'] = false;
// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache' or 'memcached'. // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache' or 'memcached'.
//>GNUNUX
//$config['imap_cache'] = null;
$config['imap_cache'] = 'db'; $config['imap_cache'] = 'db';
//<GNUNUX
// Enables messages cache. Only 'db' cache is supported. // Enables messages cache. Only 'db' cache is supported.
// This requires an IMAP server that supports QRESYNC and CONDSTORE // This requires an IMAP server that supports QRESYNC and CONDSTORE
@ -532,7 +530,10 @@ $config['support_url'] = '';
// file from the currently selected skin. Prepend name/path with a slash to use // file from the currently selected skin. Prepend name/path with a slash to use
// current skin folder. Remove the slash to point to a file in the Roundcube // current skin folder. Remove the slash to point to a file in the Roundcube
// root directory. It can be also a full URL. // root directory. It can be also a full URL.
//>GNUNUX
//$config['blankpage_url'] = '/watermark.html';
$config['blankpage_url'] = '/risotto/watermark.html'; $config['blankpage_url'] = '/risotto/watermark.html';
//<GNUNUX
// Logo image replacement. Specifies location of the image as: // Logo image replacement. Specifies location of the image as:
// - URL relative to the document root of this Roundcube installation // - URL relative to the document root of this Roundcube installation
@ -566,7 +567,10 @@ $config['blankpage_url'] = '/risotto/watermark.html';
"[print]" => "/images/logo_print.png", "[print]" => "/images/logo_print.png",
]; ];
*/ */
//>GNUNUX
//$config['skin_logo'] = null;
$config['skin_logo'] = '/risotto/silique_cloud.svg'; $config['skin_logo'] = '/risotto/silique_cloud.svg';
//<GNUNUX
// Automatically register user in Roundcube database on successful (IMAP) logon. // Automatically register user in Roundcube database on successful (IMAP) logon.
// Set to false if only registered users should be allowed to the webmail. // Set to false if only registered users should be allowed to the webmail.
@ -584,7 +588,10 @@ $config['log_dir'] = '/var/log/roundcubemail/';
// Location of temporary saved files such as attachments and cache files // Location of temporary saved files such as attachments and cache files
// must be writeable for the user who runs PHP process (Apache user if mod_php is being used) // must be writeable for the user who runs PHP process (Apache user if mod_php is being used)
//>GNUNUX
//$config['temp_dir'] = '/var/lib/roundcubemail/temp/';
$config['temp_dir'] = '/tmp/'; $config['temp_dir'] = '/tmp/';
//<GNUNUX
// expire files in temp_dir after 48 hours // expire files in temp_dir after 48 hours
// possible units: s, m, h, d, w // possible units: s, m, h, d, w
@ -663,7 +670,10 @@ $config['session_samesite'] = null;
// Make sure the Redis extension (https://pecl.php.net/package/redis) version >= 2.0.0 is installed. // Make sure the Redis extension (https://pecl.php.net/package/redis) version >= 2.0.0 is installed.
// //
// Setting this value to 'php' will use the default session save handler configured in PHP // Setting this value to 'php' will use the default session save handler configured in PHP
//>GNUNUX
//$config['session_storage'] = 'db';
$config['session_storage'] = 'redis'; $config['session_storage'] = 'redis';
//<GNUNUX
// List of trusted proxies // List of trusted proxies
// X_FORWARDED_* and X_REAL_IP headers are only accepted from these IPs // X_FORWARDED_* and X_REAL_IP headers are only accepted from these IPs
@ -763,11 +773,14 @@ $config['useragent'] = null;
// try to load host-specific configuration // try to load host-specific configuration
// see https://github.com/roundcube/roundcubemail/wiki/Configuration:-Multi-Domain-Setup // see https://github.com/roundcube/roundcubemail/wiki/Configuration:-Multi-Domain-Setup
// for more details // for more details
//>GNUNUX
//$config['include_host_config'] = false;
$config['include_host_config'] = array( $config['include_host_config'] = array(
%for %%domain in %%roundcube_domains %for %%domain in %%roundcube_domains
"%%domain" => "%%{domain}.inc.php", "%%domain" => "%%{domain}.inc.php",
%end for %end for
); );
//<GNUNUX
// path to a text file which will be added to each sent message // path to a text file which will be added to each sent message
// paths are relative to the Roundcube root folder // paths are relative to the Roundcube root folder

13
seed/roundcube/templates/roundcube-init.php
View file

@ -1,13 +0,0 @@
<?php
//$sql = file_get_contents('/usr/share/roundcubemail/SQL/mysql.initial.sql');
//$mysqli = mysqli_init();
//$mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
//$mysqli->ssl_set(NULL, NULL, "/etc/ssl/certs/ca-bundle.crt", NULL, NULL);
//$mysqli->real_connect('mariadb_client_server_domainname', 'mariadb_client_username', 'mariadb_client_password', 'mariadb_client_database');
//$mysqli->multi_query($sql);
//$mysqli->close();
$sql = file_get_contents('/usr/share/roundcubemail/SQL/postgres.initial.sql');
$db = pg_connect("host=%%pg_client_server_domainname port=5432 dbname=%%pg_client_database user=%%pg_client_username password=%%pg_client_password");
pg_query($db, $sql);
pg_close($db);
?>

3
seed/roundcube/templates/roundcube.service
View file

@ -5,7 +5,8 @@ Before=nginx.service php-fpm.service
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=-/usr/bin/php /usr/local/lib/secrets/roundcube-init.php Environment=PGPASSFILE=/usr/local/lib/secrets/postgresql.pass
ExecStart=-/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -f /usr/share/roundcubemail/SQL/postgres.initial.sql"
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

25
seed/roundcube/templates/roundcubemail.conf
View file

@ -1,12 +1,23 @@
#>GNUNUX
#location = /roundcubemail {
#alias /usr/share/roundcubemail/;
location = / { location = / {
alias %%nginx_root; alias %%nginx_root;
#<GNUNUX
} }
#>GNUNUX
#location /roundcubemail/ {
# root /usr/share;
location / { location / {
root %%nginx_root; root %%nginx_root;
#<GNUNUX
index index.php; index index.php;
#>GNUNUX
# location ~ ^/roundcubemail/bin/(.+)$ {
location ~ ^/bin/(.+)$ { location ~ ^/bin/(.+)$ {
#<GNUNUX
deny all; deny all;
} }
location ~ ^/plugins/enigma/home/(.+)$ { location ~ ^/plugins/enigma/home/(.+)$ {
@ -16,7 +27,10 @@ location / {
# Define who can access the installer # Define who can access the installer
# keep this secured once configured # keep this secured once configured
#>GNUNUX
# location ~ ^/roundcubemail/installer/(.+\.php)$ {
location ~ ^/installer/(.+\.php)$ { location ~ ^/installer/(.+\.php)$ {
#<GNUNUX
allow 127.0.0.1; allow 127.0.0.1;
allow ::1; allow ::1;
deny all; deny all;
@ -32,10 +46,13 @@ location / {
# Define who can access the Webmail # Define who can access the Webmail
# You can enlarge permissions once configured # You can enlarge permissions once configured
#>GNUNUX
# location ~ ^/roundcubemail/(.+\.php)$ {
# allow 127.0.0.1;
# allow ::1;
# deny all;
location ~ ^/(.+\.php)$ { location ~ ^/(.+\.php)$ {
# GNUNUX allow 127.0.0.1; #<GNUNUX
# GNUNUX allow ::1;
# GNUNUX deny all;
try_files $uri =404; try_files $uri =404;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
@ -46,6 +63,8 @@ location / {
} }
} }
#>GNUNUX
location /skins/elastic/risotto { location /skins/elastic/risotto {
alias /usr/local/lib/static/; alias /usr/local/lib/static/;
} }
#<GNUNUX