upgrade roundcube
This commit is contained in:
parent
f66172b86c
commit
1de8353ac5
12 changed files with 346 additions and 553 deletions
|
@ -1,4 +1,4 @@
|
||||||
# File from util-linux-*.x86_64 (not installed)
|
#GNUNUX File from util-linux-*.x86_64 (not installed)
|
||||||
#%PAM-1.0
|
#%PAM-1.0
|
||||||
auth substack system-auth
|
auth substack system-auth
|
||||||
auth include postlogin
|
auth include postlogin
|
||||||
|
|
|
@ -23,8 +23,10 @@ pid = /run/php-fpm/php-fpm.pid
|
||||||
; If it's set to "syslog", log is sent to syslogd instead of being written
|
; If it's set to "syslog", log is sent to syslogd instead of being written
|
||||||
; in a local file.
|
; in a local file.
|
||||||
; Default Value: /var/log/php-fpm.log
|
; Default Value: /var/log/php-fpm.log
|
||||||
; GNUNUX error_log = /var/log/php-fpm/error.log
|
;>GNUNUX
|
||||||
|
;error_log = /var/log/php-fpm/error.log
|
||||||
error_log = syslog
|
error_log = syslog
|
||||||
|
;<GNUNUX
|
||||||
|
|
||||||
; syslog_facility is used to specify what type of program is logging the
|
; syslog_facility is used to specify what type of program is logging the
|
||||||
; message. This lets syslogd specify that messages from different facilities
|
; message. This lets syslogd specify that messages from different facilities
|
||||||
|
|
|
@ -21,9 +21,15 @@
|
||||||
; Note: The user is mandatory. If the group is not set, the default user's group
|
; Note: The user is mandatory. If the group is not set, the default user's group
|
||||||
; will be used.
|
; will be used.
|
||||||
; RPM: apache user chosen to provide access to the same directories as httpd
|
; RPM: apache user chosen to provide access to the same directories as httpd
|
||||||
|
;>GNUNUX
|
||||||
|
;user = apache
|
||||||
user = %%php_fpm_user
|
user = %%php_fpm_user
|
||||||
|
;<GNUNUX
|
||||||
; RPM: Keep a group allowed to write in log dir.
|
; RPM: Keep a group allowed to write in log dir.
|
||||||
|
;>GNUNUX
|
||||||
|
;group = apache
|
||||||
group = %%php_fpm_user
|
group = %%php_fpm_user
|
||||||
|
;<GNUNUX
|
||||||
|
|
||||||
; The address on which to accept FastCGI requests.
|
; The address on which to accept FastCGI requests.
|
||||||
; Valid syntaxes are:
|
; Valid syntaxes are:
|
||||||
|
@ -52,7 +58,10 @@ listen = /run/php-fpm/www.sock
|
||||||
; When POSIX Access Control Lists are supported you can set them using
|
; When POSIX Access Control Lists are supported you can set them using
|
||||||
; these options, value is a comma separated list of user/group names.
|
; these options, value is a comma separated list of user/group names.
|
||||||
; When set, listen.owner and listen.group are ignored
|
; When set, listen.owner and listen.group are ignored
|
||||||
|
;>GNUNUX
|
||||||
|
;listen.acl_users = apache,nginx
|
||||||
listen.acl_users = %%php_fpm_user
|
listen.acl_users = %%php_fpm_user
|
||||||
|
;<GNUNUX
|
||||||
;listen.acl_groups =
|
;listen.acl_groups =
|
||||||
|
|
||||||
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
|
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
|
||||||
|
@ -322,7 +331,10 @@ pm.max_spare_servers = 35
|
||||||
; The log file for slow requests
|
; The log file for slow requests
|
||||||
; Default Value: not set
|
; Default Value: not set
|
||||||
; Note: slowlog is mandatory if request_slowlog_timeout is set
|
; Note: slowlog is mandatory if request_slowlog_timeout is set
|
||||||
|
;>GNUNUX
|
||||||
|
;slowlog = /var/log/php-fpm/www-slow.log
|
||||||
slowlog = syslog
|
slowlog = syslog
|
||||||
|
;<GNUNUX
|
||||||
|
|
||||||
; The timeout for serving a single request after which a PHP backtrace will be
|
; The timeout for serving a single request after which a PHP backtrace will be
|
||||||
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
|
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
|
||||||
|
@ -420,7 +432,10 @@ slowlog = syslog
|
||||||
; specified at startup with the -d argument
|
; specified at startup with the -d argument
|
||||||
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
|
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
|
||||||
;php_flag[display_errors] = off
|
;php_flag[display_errors] = off
|
||||||
|
;>GNUNUX
|
||||||
|
;php_admin_value[error_log] = /var/log/php-fpm/www-error.log
|
||||||
php_admin_value[error_log] = syslog
|
php_admin_value[error_log] = syslog
|
||||||
|
;<GNUNUX
|
||||||
php_admin_flag[log_errors] = on
|
php_admin_flag[log_errors] = on
|
||||||
;php_admin_value[memory_limit] = 128M
|
;php_admin_value[memory_limit] = 128M
|
||||||
|
|
||||||
|
@ -432,8 +447,11 @@ php_admin_flag[log_errors] = on
|
||||||
;
|
;
|
||||||
; See warning about choosing the location of these directories on your system
|
; See warning about choosing the location of these directories on your system
|
||||||
; at http://php.net/session.save-path
|
; at http://php.net/session.save-path
|
||||||
|
;<GNUNUX
|
||||||
|
;php_value[session.save_handler] = files
|
||||||
|
;php_value[session.save_path] = /var/lib/php/session
|
||||||
php_value[session.save_handler] = redis
|
php_value[session.save_handler] = redis
|
||||||
;GNUNUX php_value[session.save_path] = /var/lib/php/session
|
|
||||||
;php_value[session.save_path] = "tcp://%%redis_client_server_domainname:6379?auth[user]=%%redis_client_username&auth[pass]=%%redis_client_password"
|
;php_value[session.save_path] = "tcp://%%redis_client_server_domainname:6379?auth[user]=%%redis_client_username&auth[pass]=%%redis_client_password"
|
||||||
|
;>GNUNUX
|
||||||
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
|
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
|
||||||
;php_value[opcache.file_cache] = /var/lib/php/opcache
|
;php_value[opcache.file_cache] = /var/lib/php/opcache
|
||||||
|
|
File diff suppressed because it is too large
Load diff
1
seed/roundcube/UPGRADE.md
Normal file
1
seed/roundcube/UPGRADE.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
diff -u /var/lib/machines/roundcube.in.silique.fr/usr/share/factory/./etc/roundcubemail/defaults.inc.php /var/lib/risotto/templates/roundcube.in.silique.fr/./etc/roundcubemail/config.inc.php
|
|
@ -1,7 +1,7 @@
|
||||||
format: '0.1'
|
format: '0.1'
|
||||||
description: Interface web de consultation des courriels Roundcube
|
description: Interface web de consultation des courriels Roundcube
|
||||||
depends:
|
depends:
|
||||||
- base-fedora-35
|
- base-fedora-36
|
||||||
- postgresql-client
|
- postgresql-client
|
||||||
- imap-client
|
- imap-client
|
||||||
- redis-client
|
- redis-client
|
||||||
|
|
|
@ -5,7 +5,6 @@
|
||||||
<file owner="root" group="nginx" mode="640">/etc/roundcubemail/config.inc.php</file>
|
<file owner="root" group="nginx" mode="640">/etc/roundcubemail/config.inc.php</file>
|
||||||
<file>/etc/nginx/default.d/roundcubemail.conf</file>
|
<file>/etc/nginx/default.d/roundcubemail.conf</file>
|
||||||
<file source="domain.inc.php" file_type="variable" variable="roundcube_domains">roundcube_config</file>
|
<file source="domain.inc.php" file_type="variable" variable="roundcube_domains">roundcube_config</file>
|
||||||
<file>/secrets/roundcube-init.php</file>
|
|
||||||
<file engine="none">/static/silique_cloud.svg</file>
|
<file engine="none">/static/silique_cloud.svg</file>
|
||||||
<file engine="none">/static/watermark.html</file>
|
<file engine="none">/static/watermark.html</file>
|
||||||
<file>/etc/pki/ca-trust/source/anchors/ca_MailServer.crt</file>
|
<file>/etc/pki/ca-trust/source/anchors/ca_MailServer.crt</file>
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
PKG="$PKG roundcubemail php-cli php-pgsql php-pecl-redis5"
|
PKG="$PKG roundcubemail php-pgsql php-pecl-redis5"
|
||||||
|
|
|
@ -102,10 +102,7 @@ $config['per_user_logging'] = false;
|
||||||
$config['smtp_log'] = true;
|
$config['smtp_log'] = true;
|
||||||
|
|
||||||
// Log successful/failed logins to <log_dir>/userlogins.log or to syslog
|
// Log successful/failed logins to <log_dir>/userlogins.log or to syslog
|
||||||
// GNUNUX $config['log_logins'] = false;
|
|
||||||
#>GNUNUX
|
|
||||||
$config['log_logins'] = false;
|
$config['log_logins'] = false;
|
||||||
#<GNUNUX
|
|
||||||
|
|
||||||
// Log session debug information/authentication errors to <log_dir>/session.log or to syslog
|
// Log session debug information/authentication errors to <log_dir>/session.log or to syslog
|
||||||
$config['session_debug'] = false;
|
$config['session_debug'] = false;
|
||||||
|
@ -170,8 +167,6 @@ $config['imap_auth_type'] = null;
|
||||||
// ],
|
// ],
|
||||||
// ];
|
// ];
|
||||||
// Note: These can be also specified as an array of options indexed by hostname
|
// Note: These can be also specified as an array of options indexed by hostname
|
||||||
|
|
||||||
|
|
||||||
$config['imap_conn_options'] = null;
|
$config['imap_conn_options'] = null;
|
||||||
|
|
||||||
// IMAP connection timeout, in seconds. Default: 0 (use default_socket_timeout)
|
// IMAP connection timeout, in seconds. Default: 0 (use default_socket_timeout)
|
||||||
|
@ -241,7 +236,10 @@ $config['imap_disabled_caps'] = [];
|
||||||
$config['imap_log_session'] = false;
|
$config['imap_log_session'] = false;
|
||||||
|
|
||||||
// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache' or 'memcached'.
|
// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache' or 'memcached'.
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['imap_cache'] = null;
|
||||||
$config['imap_cache'] = 'db';
|
$config['imap_cache'] = 'db';
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// Enables messages cache. Only 'db' cache is supported.
|
// Enables messages cache. Only 'db' cache is supported.
|
||||||
// This requires an IMAP server that supports QRESYNC and CONDSTORE
|
// This requires an IMAP server that supports QRESYNC and CONDSTORE
|
||||||
|
@ -532,7 +530,10 @@ $config['support_url'] = '';
|
||||||
// file from the currently selected skin. Prepend name/path with a slash to use
|
// file from the currently selected skin. Prepend name/path with a slash to use
|
||||||
// current skin folder. Remove the slash to point to a file in the Roundcube
|
// current skin folder. Remove the slash to point to a file in the Roundcube
|
||||||
// root directory. It can be also a full URL.
|
// root directory. It can be also a full URL.
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['blankpage_url'] = '/watermark.html';
|
||||||
$config['blankpage_url'] = '/risotto/watermark.html';
|
$config['blankpage_url'] = '/risotto/watermark.html';
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// Logo image replacement. Specifies location of the image as:
|
// Logo image replacement. Specifies location of the image as:
|
||||||
// - URL relative to the document root of this Roundcube installation
|
// - URL relative to the document root of this Roundcube installation
|
||||||
|
@ -566,7 +567,10 @@ $config['blankpage_url'] = '/risotto/watermark.html';
|
||||||
"[print]" => "/images/logo_print.png",
|
"[print]" => "/images/logo_print.png",
|
||||||
];
|
];
|
||||||
*/
|
*/
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['skin_logo'] = null;
|
||||||
$config['skin_logo'] = '/risotto/silique_cloud.svg';
|
$config['skin_logo'] = '/risotto/silique_cloud.svg';
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// Automatically register user in Roundcube database on successful (IMAP) logon.
|
// Automatically register user in Roundcube database on successful (IMAP) logon.
|
||||||
// Set to false if only registered users should be allowed to the webmail.
|
// Set to false if only registered users should be allowed to the webmail.
|
||||||
|
@ -584,7 +588,10 @@ $config['log_dir'] = '/var/log/roundcubemail/';
|
||||||
|
|
||||||
// Location of temporary saved files such as attachments and cache files
|
// Location of temporary saved files such as attachments and cache files
|
||||||
// must be writeable for the user who runs PHP process (Apache user if mod_php is being used)
|
// must be writeable for the user who runs PHP process (Apache user if mod_php is being used)
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['temp_dir'] = '/var/lib/roundcubemail/temp/';
|
||||||
$config['temp_dir'] = '/tmp/';
|
$config['temp_dir'] = '/tmp/';
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// expire files in temp_dir after 48 hours
|
// expire files in temp_dir after 48 hours
|
||||||
// possible units: s, m, h, d, w
|
// possible units: s, m, h, d, w
|
||||||
|
@ -663,7 +670,10 @@ $config['session_samesite'] = null;
|
||||||
// Make sure the Redis extension (https://pecl.php.net/package/redis) version >= 2.0.0 is installed.
|
// Make sure the Redis extension (https://pecl.php.net/package/redis) version >= 2.0.0 is installed.
|
||||||
//
|
//
|
||||||
// Setting this value to 'php' will use the default session save handler configured in PHP
|
// Setting this value to 'php' will use the default session save handler configured in PHP
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['session_storage'] = 'db';
|
||||||
$config['session_storage'] = 'redis';
|
$config['session_storage'] = 'redis';
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// List of trusted proxies
|
// List of trusted proxies
|
||||||
// X_FORWARDED_* and X_REAL_IP headers are only accepted from these IPs
|
// X_FORWARDED_* and X_REAL_IP headers are only accepted from these IPs
|
||||||
|
@ -763,11 +773,14 @@ $config['useragent'] = null;
|
||||||
// try to load host-specific configuration
|
// try to load host-specific configuration
|
||||||
// see https://github.com/roundcube/roundcubemail/wiki/Configuration:-Multi-Domain-Setup
|
// see https://github.com/roundcube/roundcubemail/wiki/Configuration:-Multi-Domain-Setup
|
||||||
// for more details
|
// for more details
|
||||||
|
//>GNUNUX
|
||||||
|
//$config['include_host_config'] = false;
|
||||||
$config['include_host_config'] = array(
|
$config['include_host_config'] = array(
|
||||||
%for %%domain in %%roundcube_domains
|
%for %%domain in %%roundcube_domains
|
||||||
"%%domain" => "%%{domain}.inc.php",
|
"%%domain" => "%%{domain}.inc.php",
|
||||||
%end for
|
%end for
|
||||||
);
|
);
|
||||||
|
//<GNUNUX
|
||||||
|
|
||||||
// path to a text file which will be added to each sent message
|
// path to a text file which will be added to each sent message
|
||||||
// paths are relative to the Roundcube root folder
|
// paths are relative to the Roundcube root folder
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
<?php
|
|
||||||
//$sql = file_get_contents('/usr/share/roundcubemail/SQL/mysql.initial.sql');
|
|
||||||
//$mysqli = mysqli_init();
|
|
||||||
//$mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
|
|
||||||
//$mysqli->ssl_set(NULL, NULL, "/etc/ssl/certs/ca-bundle.crt", NULL, NULL);
|
|
||||||
//$mysqli->real_connect('mariadb_client_server_domainname', 'mariadb_client_username', 'mariadb_client_password', 'mariadb_client_database');
|
|
||||||
//$mysqli->multi_query($sql);
|
|
||||||
//$mysqli->close();
|
|
||||||
$sql = file_get_contents('/usr/share/roundcubemail/SQL/postgres.initial.sql');
|
|
||||||
$db = pg_connect("host=%%pg_client_server_domainname port=5432 dbname=%%pg_client_database user=%%pg_client_username password=%%pg_client_password");
|
|
||||||
pg_query($db, $sql);
|
|
||||||
pg_close($db);
|
|
||||||
?>
|
|
|
@ -5,7 +5,8 @@ Before=nginx.service php-fpm.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=-/usr/bin/php /usr/local/lib/secrets/roundcube-init.php
|
Environment=PGPASSFILE=/usr/local/lib/secrets/postgresql.pass
|
||||||
|
ExecStart=-/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -f /usr/share/roundcubemail/SQL/postgres.initial.sql"
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -1,12 +1,23 @@
|
||||||
|
#>GNUNUX
|
||||||
|
#location = /roundcubemail {
|
||||||
|
#alias /usr/share/roundcubemail/;
|
||||||
location = / {
|
location = / {
|
||||||
alias %%nginx_root;
|
alias %%nginx_root;
|
||||||
|
#<GNUNUX
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#>GNUNUX
|
||||||
|
#location /roundcubemail/ {
|
||||||
|
# root /usr/share;
|
||||||
location / {
|
location / {
|
||||||
root %%nginx_root;
|
root %%nginx_root;
|
||||||
|
#<GNUNUX
|
||||||
index index.php;
|
index index.php;
|
||||||
|
|
||||||
|
#>GNUNUX
|
||||||
|
# location ~ ^/roundcubemail/bin/(.+)$ {
|
||||||
location ~ ^/bin/(.+)$ {
|
location ~ ^/bin/(.+)$ {
|
||||||
|
#<GNUNUX
|
||||||
deny all;
|
deny all;
|
||||||
}
|
}
|
||||||
location ~ ^/plugins/enigma/home/(.+)$ {
|
location ~ ^/plugins/enigma/home/(.+)$ {
|
||||||
|
@ -16,7 +27,10 @@ location / {
|
||||||
# Define who can access the installer
|
# Define who can access the installer
|
||||||
# keep this secured once configured
|
# keep this secured once configured
|
||||||
|
|
||||||
|
#>GNUNUX
|
||||||
|
# location ~ ^/roundcubemail/installer/(.+\.php)$ {
|
||||||
location ~ ^/installer/(.+\.php)$ {
|
location ~ ^/installer/(.+\.php)$ {
|
||||||
|
#<GNUNUX
|
||||||
allow 127.0.0.1;
|
allow 127.0.0.1;
|
||||||
allow ::1;
|
allow ::1;
|
||||||
deny all;
|
deny all;
|
||||||
|
@ -32,10 +46,13 @@ location / {
|
||||||
# Define who can access the Webmail
|
# Define who can access the Webmail
|
||||||
# You can enlarge permissions once configured
|
# You can enlarge permissions once configured
|
||||||
|
|
||||||
|
#>GNUNUX
|
||||||
|
# location ~ ^/roundcubemail/(.+\.php)$ {
|
||||||
|
# allow 127.0.0.1;
|
||||||
|
# allow ::1;
|
||||||
|
# deny all;
|
||||||
location ~ ^/(.+\.php)$ {
|
location ~ ^/(.+\.php)$ {
|
||||||
# GNUNUX allow 127.0.0.1;
|
#<GNUNUX
|
||||||
# GNUNUX allow ::1;
|
|
||||||
# GNUNUX deny all;
|
|
||||||
|
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
|
@ -46,6 +63,8 @@ location / {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#>GNUNUX
|
||||||
location /skins/elastic/risotto {
|
location /skins/elastic/risotto {
|
||||||
alias /usr/local/lib/static/;
|
alias /usr/local/lib/static/;
|
||||||
}
|
}
|
||||||
|
#<GNUNUX
|
||||||
|
|
Loading…
Reference in a new issue