Browse Source

Reinstate webmail role

This merge reinstates the webmail role lost when we moved to Jessie. The carddav, managesieve, and twofactor_gauthentication plugins are carried forward.
Mike Ashley 8 years ago
parent
commit
0e379f5927

+ 17
- 0
roles/webmail/DESIGN.md View File

@@ -0,0 +1,17 @@
1
+# Overview
2
+
3
+This role installs the Roundcube package to enable browser-based email handling. This is useful if you need to access email with something other than your own computer or smart phone.  It is also the only friendly way in Sovereign to edit sieve filters for email.
4
+
5
+Roundcube is stable and continues to be actively developed.
6
+
7
+# Install
8
+
9
+The role installs roundcube from the source package released by the Roundcube team.  The version is pinned.  Old versions of this role installed Roundcube from apt packages, but the packages for Debian 8 do not install unattended correctly unless mysql is used at the backend.  We want to use only one database server (postgres) to save on RAM, so using packages is not an option for now.
10
+
11
+Roundcube is installed with sqlite3 for its persistence layer.  This eliminates dependency on a database server and likely improves performance given how little persistet data Roundcube keeps.  Roundcube automatically looks for the database file and intializes it if it is missing.  The file is kept on `/decrypted` since it contains user data, and the database will be backed up automatically if the tarsnap role is used.
12
+
13
+PHP composer is used for downloading and installing plugins.  Configuration files are kept with sovereign.  The configuration files for `twofactor_gauthentication` and `carddav` are not modified from their defaults.  I chose to do this so that maintainers could recognize when configuration files change in future plugin versions and decide whether or not to change new defaults.
14
+
15
+# Upgrade
16
+
17
+It's unknown how upgrades will be handled.  The best case is that an update can be installed over the current version, and code will automatically update the database the first time it connects.  This needs to be considered for plugins that store data also.

+ 5
- 0
roles/webmail/defaults/main.yml View File

@@ -0,0 +1,5 @@
1
+webmail_version: 1.2.1
2
+
3
+# Keep in sync with mail_server_hostname in mailserver role
4
+webmail_domain: "mail.{{ domain }}"
5
+

+ 45
- 0
roles/webmail/files/var_www_roundcube_composer.json View File

@@ -0,0 +1,45 @@
1
+{
2
+    "name": "roundcube/roundcubemail",
3
+    "description": "The Roundcube Webmail suite",
4
+    "license": "GPL-3.0+",
5
+    "repositories": [
6
+        {
7
+            "type": "pear",
8
+            "url": "https://pear.php.net/"
9
+        },
10
+        {
11
+            "type": "composer",
12
+            "url": "https://plugins.roundcube.net/"
13
+        },
14
+        {
15
+            "type": "vcs",
16
+            "url": "https://github.com/roundcube/Net_Sieve.git"
17
+        },
18
+        {
19
+            "type": "vcs",
20
+            "url": "https://git.kolab.org/diffusion/PNL/php-net_ldap.git"
21
+        }
22
+    ],
23
+    "require": {
24
+        "php": ">=5.3.7",
25
+        "pear/pear-core-minimal": "~1.10.1",
26
+        "roundcube/plugin-installer": "~0.1.6",
27
+        "pear-pear.php.net/net_socket": "~1.0.12",
28
+        "pear-pear.php.net/auth_sasl": "~1.0.6",
29
+        "pear-pear.php.net/net_idna2": "~0.1.1",
30
+        "pear-pear.php.net/mail_mime": "~1.10.0",
31
+        "pear-pear.php.net/net_smtp": "~1.7.1",
32
+        "pear-pear.php.net/crypt_gpg": "~1.4.2",
33
+        "roundcube/net_sieve": "~1.5.0",
34
+        "alexandregz/twofactor_gauthenticator": "dev-master",
35
+	"roundcube/carddav": "dev-master"
36
+    },
37
+    "require-dev": {
38
+        "phpunit/phpunit": "*"
39
+    },
40
+    "suggest": {
41
+        "pear-pear.php.net/net_ldap2": "~2.2.0 required for connecting to LDAP address books",
42
+        "kolab/Net_LDAP3": "dev-master required for connecting to LDAP address books"
43
+    },
44
+    "minimum-stability": "dev"
45
+}

+ 11
- 0
roles/webmail/files/var_www_roundcube_config_global.sieve View File

@@ -0,0 +1,11 @@
1
+require ["regex", "fileinto", "imap4flags"];
2
+# Catch mail tagged as Spam, except Spam retrained and delivered to the mailbox
3
+if allof (header :regex "X-DSPAM-Result" "^(Spam|Virus|Bl[ao]cklisted)$",
4
+          not header :contains "X-DSPAM-Reclassified" "Innocent") {
5
+  # Mark as read
6
+  setflag "\\Seen";
7
+  # Move into the Junk folder
8
+  fileinto "Spam";
9
+  # Stop processing here
10
+  stop;
11
+}

+ 185
- 0
roles/webmail/files/var_www_roundcube_plugins_carddav_config.inc.php View File

@@ -0,0 +1,185 @@
1
+<?php
2
+
3
+//// RCMCardDAV Plugin Admin Settings
4
+
5
+//// ** GLOBAL SETTINGS
6
+
7
+// Disallow users to add / edit / delete custom addressbooks (default: false)
8
+//
9
+// If true, User cannot add custom addressbooks
10
+// If false, user can add / edit / delete custom addressbooks
11
+//
12
+// This option only affects custom addressbooks. Preset addressbooks (see below)
13
+// are not affected.
14
+// $prefs['_GLOBAL']['fixed'] = true;
15
+
16
+// When enabled, this option hides the 'CardDAV' section inside Preferences.
17
+// $prefs['_GLOBAL']['hide_preferences'] = true;
18
+
19
+// Scheme for storing the CardDAV passwords, in order from least to best security.
20
+// Options:
21
+// plain: store as plaintext
22
+// base64: store encoded with base64 (default)
23
+// des_key: store encrypted with global des_key of roundcube
24
+// encrypted: store encrypted with IMAP password of the user
25
+//            NOTE: if the IMAP password of the user changes, the stored
26
+//             CardDAV passwords cannot be decrypted anymore and the user
27
+//             needs to reenter them.
28
+// $prefs['_GLOBAL']['pwstore_scheme'] = 'base64';
29
+
30
+//// ** ADDRESSBOOK PRESETS
31
+
32
+// Each addressbook preset takes the following form:
33
+/*
34
+$prefs['<Presetname>'] = array(
35
+	// required attributes
36
+	'name'         =>  '<Addressbook Name>',
37
+	'username'     =>  '<CardDAV Username>',
38
+	'password'     =>  '<CardDAV Password>',
39
+	'url'          =>  '<CardDAV URL>',
40
+
41
+	// optional attributes
42
+	'active'       =>  <true or false>,
43
+	'readonly'     =>  <true or false>,
44
+	'refresh_time' => '<Refresh Time in Hours, Format HH[:MM[:SS]]>',
45
+
46
+	// attributes that are fixed (i.e., not editable by the user) and
47
+	// auto-updated for this preset
48
+	'fixed'        =>  array( < 0 or more of the other attribute keys > ),
49
+
50
+	// hide this preset from CalDAV preferences section so users can't even
51
+	// see it
52
+	'hide' => <true or false>,
53
+);
54
+*/
55
+
56
+// All values in angle brackets <VALUE> have to be substituted.
57
+//
58
+// The meaning of the different parameters is as follows:
59
+//
60
+// <Presetname>: Unique preset name, must not be '_GLOBAL'. The presetname is
61
+//               not user visible and only used for an internal mapping between
62
+//               addressbooks created from a preset and the preset itself. You
63
+//               should never change this throughout its lifetime.
64
+//
65
+// The following parameters are REQUIRED and need to be specified for any preset.
66
+//
67
+// name:         User-visible name of the addressbook. If the server provides
68
+//               an additional display name for the addressbooks found for the
69
+//               preset, it will be appended in brackets to this name, except
70
+//               if carddav_name_only is true (see below).
71
+//
72
+// username:     CardDAV username to access the addressbook. Set this setting
73
+//               to '%u' to use the roundcube username.
74
+//               In case one uses an email address as username there is the
75
+//               additional option to choose '%l', which will only use the
76
+//               local part of the username (eg: user.name@example.com will
77
+//               become user.name).
78
+//               Also, %d is available to get only the domain part of the
79
+//               username (eg: user.name@example.com will become example.com).
80
+//
81
+// password:     CardDAV password to access the addressbook. Set this setting
82
+//               to '%p' to use the roundcube password. The password will not
83
+//               be stored in the database when using %p.
84
+//
85
+// url:          URL where to find the CardDAV addressbook(s). If the given URL
86
+//               refers directly to an addressbook, only this single
87
+//               addressbook will be added. If the URL points somewhere in the
88
+//               CardDAV space, but _not_ to the location of a particular
89
+//               addressbook, the server will be queried for the available
90
+//               addressbooks and all of them will be added. You can use %u
91
+//               within the URL as a placeholder for the CardDAV username.
92
+//               '%l' works the same way as it does for the username field.
93
+//
94
+// The following parameters are OPTIONAL and need to be specified only if the default
95
+// value is not acceptable.
96
+//
97
+// active:       If this parameter is false, the addressbook is not used by roundcube
98
+//               unless the user changes this setting.
99
+//               Default: true
100
+//
101
+// carddav_name_only:
102
+//               If this parameter is true, only the server provided displayname
103
+//               is used for addressbooks created from this preset, except if
104
+//               the server does not provide a display name.
105
+//               Default: false
106
+//
107
+// readonly:     If this parameter is true, the addressbook will only be
108
+//               accessible in read-only mode, i.e., the user will not be able
109
+//               to add, modify or delete contacts in the addressbook.
110
+//               Default: false
111
+//
112
+// refresh_time: Time interval for that cached versions of the addressbook
113
+//               entries should be used, in hours. After this time interval has
114
+//               passed since the last pull from the server, it will be
115
+//               refreshed when the addressbook is accessed the next time.
116
+//               Default: 01:00:00
117
+//
118
+// fixed:        Array of parameter keys that must not be changed by the user.
119
+//               Note that only fixed parameters will be automatically updated
120
+//               for existing addressbooks created from presets. Otherwise the
121
+//               user may already have changed the setting, and his change
122
+//               would be lost. You can add any of the above keys, but it the
123
+//               setting only affects parameters that can be changed via the
124
+//               settings pane (e.g., readonly cannot be changed by the user
125
+//               anyway). Still only parameters listed as fixed will
126
+//               automatically updated if the preset is changed.
127
+//               Default: empty, all settings modifiable by user
128
+//
129
+//               !!! WARNING: Only add 'url' to the list of fixed addressbooks
130
+//                if it _directly_ points to an address book collection.
131
+//                Otherwise, the plugin will initially lookup the URLs for the
132
+//                collections on the server, and at the next login overwrite it
133
+//                with the fixed value stored here. Therefore, if you change the
134
+//                URL, you have two options:
135
+//                1) If the new URL is a variation of the old one (e.g. hostname
136
+//                 change), you can run an SQL UPDATE query directly in the
137
+//                 database to adopt all addressbooks.
138
+//                2) If the new URL is not easily derivable from the old one,
139
+//                 change the key of the preset and change the URL. Addressbooks
140
+//                 belonging to the old preset will be deleted upon the next
141
+//                 login of the user and freshly created.
142
+//
143
+// hide:         Whether this preset should be hidden from the CalDAV listing
144
+//               on the preferences page.
145
+
146
+
147
+// How Preset Updates work
148
+//
149
+// Preset addressbooks are created for a user as she logs in.
150
+
151
+//// ** ADDRESSBOOK PRESETS - EXAMPLE: Two Addressbook Presets
152
+
153
+//// Preset 1: Personal
154
+/*
155
+$prefs['Personal'] = array(
156
+	// required attributes
157
+	'name'         =>  'Personal',
158
+	// will be substituted for the roundcube username
159
+	'username'     =>  '%u', 
160
+	// will be substituted for the roundcube password
161
+	'password'     =>  '%p',
162
+	// %u will be substituted for the CardDAV username
163
+	'url'          =>  'https://ical.example.org/caldav.php/%u/Personal',
164
+
165
+	'active'       =>  true,
166
+	'readonly'     =>  false,
167
+	'refresh_time' => '02:00:00',
168
+
169
+	'fixed'        =>  array( 'username' ),
170
+	'hide'        =>  false,
171
+);
172
+*/
173
+
174
+//// Preset 2: Corporate
175
+/*
176
+$prefs['Work'] = array(
177
+	'name'         =>  'Corporate',
178
+	'username'     =>  'CorpUser',
179
+	'password'     =>  'C0rpPasswo2d',
180
+	'url'          =>  'https://ical.example.org/caldav.php/%u/Corporate',
181
+
182
+	'fixed'        =>  array( 'name', 'username', 'password' ),
183
+	'hide'        =>  true,
184
+);
185
+*/

+ 100
- 0
roles/webmail/files/var_www_roundcube_plugins_managesieve_config.inc.php View File

@@ -0,0 +1,100 @@
1
+<?php
2
+
3
+// managesieve server port. When empty the port will be determined automatically
4
+// using getservbyname() function, with 4190 as a fallback.
5
+$config['managesieve_port'] = null;
6
+
7
+// managesieve server address, default is localhost.
8
+// Replacement variables supported in host name:
9
+// %h - user's IMAP hostname
10
+// %n - http hostname ($_SERVER['SERVER_NAME'])
11
+// %d - domain (http hostname without the first part)
12
+// For example %n = mail.domain.tld, %d = domain.tld
13
+$config['managesieve_host'] = 'localhost';
14
+
15
+// authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL
16
+// or none. Optional, defaults to best method supported by server.
17
+$config['managesieve_auth_type'] = null;
18
+
19
+// Optional managesieve authentication identifier to be used as authorization proxy.
20
+// Authenticate as a different user but act on behalf of the logged in user.
21
+// Works with PLAIN and DIGEST-MD5 auth.
22
+$config['managesieve_auth_cid'] = null;
23
+
24
+// Optional managesieve authentication password to be used for imap_auth_cid
25
+$config['managesieve_auth_pw'] = null;
26
+
27
+// use or not TLS for managesieve server connection
28
+// Note: tls:// prefix in managesieve_host is also supported
29
+$config['managesieve_usetls'] = false;
30
+
31
+// Connection scket context options
32
+// See http://php.net/manual/en/context.ssl.php
33
+// The example below enables server certificate validation
34
+//$config['managesieve_conn_options'] = array(
35
+//  'ssl'         => array(
36
+//     'verify_peer'  => true,
37
+//     'verify_depth' => 3,
38
+//     'cafile'       => '/etc/openssl/certs/ca.crt',
39
+//   ),
40
+// );
41
+$config['managesieve_conn_options'] = null;
42
+
43
+// default contents of filters script (eg. default spam filter)
44
+$config['managesieve_default'] = '/var/www/roundcube/config/global.sieve';
45
+
46
+// The name of the script which will be used when there's no user script
47
+$config['managesieve_script_name'] = 'managesieve';
48
+
49
+// Sieve RFC says that we should use UTF-8 endcoding for mailbox names,
50
+// but some implementations does not covert UTF-8 to modified UTF-7.
51
+// Defaults to UTF7-IMAP
52
+$config['managesieve_mbox_encoding'] = 'UTF-8';
53
+
54
+// I need this because my dovecot (with listescape plugin) uses
55
+// ':' delimiter, but creates folders with dot delimiter
56
+$config['managesieve_replace_delimiter'] = '';
57
+
58
+// disabled sieve extensions (body, copy, date, editheader, encoded-character,
59
+// envelope, environment, ereject, fileinto, ihave, imap4flags, index,
60
+// mailbox, mboxmetadata, regex, reject, relational, servermetadata,
61
+// spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc.
62
+// Note: not all extensions are implemented
63
+$config['managesieve_disabled_extensions'] = array();
64
+
65
+// Enables debugging of conversation with sieve server. Logs it into <log_dir>/sieve
66
+$config['managesieve_debug'] = false;
67
+
68
+// Enables features described in http://wiki.kolab.org/KEP:14
69
+$config['managesieve_kolab_master'] = false;
70
+
71
+// Script name extension used for scripts including. Dovecot uses '.sieve',
72
+// Cyrus uses '.siv'. Doesn't matter if you have managesieve_kolab_master disabled.
73
+$config['managesieve_filename_extension'] = '.sieve';
74
+
75
+// List of reserved script names (without extension).
76
+// Scripts listed here will be not presented to the user.
77
+$config['managesieve_filename_exceptions'] = array();
78
+
79
+// List of domains limiting destination emails in redirect action
80
+// If not empty, user will need to select domain from a list
81
+$config['managesieve_domains'] = array();
82
+
83
+// Enables separate management interface for vacation responses (out-of-office)
84
+// 0 - no separate section (default),
85
+// 1 - add Vacation section,
86
+// 2 - add Vacation section, but hide Filters section
87
+$config['managesieve_vacation'] = 0;
88
+
89
+// Default vacation interval (in days).
90
+// Note: If server supports vacation-seconds extension it is possible
91
+// to define interval in seconds here (as a string), e.g. "3600s".
92
+$config['managesieve_vacation_interval'] = 0;
93
+
94
+// Some servers require vacation :addresses to be filled with all
95
+// user addresses (aliases). This option enables automatic filling
96
+// of these on initial vacation form creation.
97
+$config['managesieve_vacation_addresses_init'] = false;
98
+
99
+// Supported methods of notify extension. Default: 'mailto'
100
+$config['managesieve_notify_methods'] = array('mailto');

+ 7
- 0
roles/webmail/files/var_www_roundcube_plugins_twofactor_gauthenticator_config.inc.php View File

@@ -0,0 +1,7 @@
1
+<?php
2
+// if true ALL users must have 2-steps active
3
+$rcmail_config['force_enrollment_users'] = false;
4
+
5
+// whitelist, CIDR format available
6
+// NOTE: we need to use .0 IP to define LAN because the class CIDR have a issue about that (we can't use 129.168.1.2/24, for example)
7
+$rcmail_config['whitelist'] = array('192.168.1.0/24', '::1', '192.168.0.9');

+ 1
- 0
roles/webmail/tasks/main.yml View File

@@ -0,0 +1 @@
1
+- include: roundcube.yml tags=roundcube

+ 100
- 0
roles/webmail/tasks/roundcube.yml View File

@@ -0,0 +1,100 @@
1
+- name: Determine whether roundcube is configured
2
+  stat: path=/var/www/roundcube/config.inc.php
3
+  register: roundcube_config
4
+
5
+- name: Install roundcube dependencies
6
+  apt: pkg={{ item }} state=present
7
+  with_items:
8
+    - php5
9
+    - php5-sqlite
10
+    - php5-mcrypt
11
+    - php5-gd
12
+    - php5-pspell
13
+    - php5-intl
14
+    - php5-curl
15
+    - aspell
16
+    - aspell-en
17
+  tags:
18
+    - dependencies
19
+
20
+- name: Clone roundcube
21
+  git: repo=https://github.com/roundcube/roundcubemail.git
22
+       dest=/var/www/roundcube
23
+       version={{ webmail_version }}
24
+       update=no
25
+       accept_hostkey=yes
26
+
27
+- name: Get Composer installer
28
+  get_url: url=https://getcomposer.org/installer
29
+           dest=/tmp/composer-installer
30
+
31
+- name: Copy composer configuration
32
+  copy: src=var_www_roundcube_composer.json dest=/var/www/roundcube/composer.json
33
+    owner=root
34
+    group=www-data
35
+    mode=0644
36
+
37
+- name: Install Composer
38
+  command: php /tmp/composer-installer
39
+           chdir=/root
40
+           creates=/root/composer.phar
41
+
42
+- name: Initialize composer
43
+  command: php /root/composer.phar install --no-dev
44
+           chdir=/var/www/roundcube
45
+           creates=/var/www/roundcube/vendor/autoload.php
46
+
47
+- name: Remove installer directory
48
+  file: path=/var/www/roundcube/installer state=absent
49
+
50
+- name: Install Roundcube configuration
51
+  template: src=var_www_roundcube_config_config.inc.j2 dest=/var/www/roundcube/config/config.inc.php
52
+
53
+- name: Create db directory
54
+  file: path=/decrypted/roundcube mode=0775 state=directory
55
+
56
+- name: Make logs and temp directories writable by web server
57
+  file: path=/var/www/roundcube/{{ item }} mode=0775 state=directory
58
+  with_items:
59
+    - temp
60
+    - logs
61
+
62
+- name: Make roundcube directory accessible to web server
63
+  file: path=/var/www/roundcube group=www-data recurse=yes state=directory
64
+
65
+- name: Install sieve plugin configuration
66
+  copy: src=var_www_roundcube_plugins_managesieve_config.inc.php
67
+    dest=/var/www/roundcube/plugins/managesieve/config.inc.php
68
+    owner=root
69
+    group=www-data
70
+    mode=0644
71
+
72
+- name: Install global sieve
73
+  copy: src=var_www_roundcube_config_global.sieve
74
+    dest=/var/www/roundcube/config/global.sieve
75
+    owner=root
76
+    group=www-data
77
+    mode=0644
78
+
79
+- name: Install carddav plugin configuration
80
+  copy: src=var_www_roundcube_plugins_carddav_config.inc.php
81
+    dest=/var/www/roundcube/plugins/carddav/config.inc.php
82
+    owner=root
83
+    group=www-data
84
+    mode=0644
85
+
86
+- name: Install Google 2-factor authentication plugin configuration
87
+  copy: src=var_www_roundcube_plugins_twofactor_gauthenticator_config.inc.php
88
+    dest=/var/www/roundcube/plugins/twofactor_gauthenticator/config.inc.php
89
+    owner=root
90
+    group=www-data
91
+    mode=0644
92
+
93
+- name: Configure Apache for Roundcube
94
+  template: src=etc_apache2_sites-available_roundcube.j2
95
+    dest=/etc/apache2/sites-available/roundcube.conf
96
+    group=root owner=root force=yes
97
+
98
+- name: Enable Roundcube site
99
+  command: a2ensite roundcube.conf creates=/etc/apache2/sites-enabled/roundcube.conf
100
+  notify: restart apache

+ 38
- 0
roles/webmail/templates/etc_apache2_sites-available_roundcube.j2 View File

@@ -0,0 +1,38 @@
1
+<VirtualHost *:80>
2
+    ServerName {{ webmail_domain }}
3
+
4
+    Redirect permanent / https://{{ webmail_domain }}/
5
+</VirtualHost>
6
+
7
+<VirtualHost *:443>
8
+    ServerName {{ webmail_domain }}
9
+    SSLEngine On
10
+
11
+    DocumentRoot            /var/www/roundcube
12
+    Options                 -Indexes
13
+
14
+    <Directory /var/www/roundcube>
15
+        AllowOverride All
16
+        Require all granted
17
+        DirectoryIndex index.php
18
+    </Directory>
19
+
20
+    <Directory /opt/roundcube/config>
21
+        AllowOverride None
22
+	Require all denied
23
+    </Directory>
24
+
25
+    <Directory /opt/roundcube/temp>
26
+        AllowOverride None
27
+	Require all denied
28
+    </Directory>
29
+
30
+    <Directory /opt/roundcube/logs>
31
+        AllowOverride None
32
+	Require all denied
33
+    </Directory>
34
+
35
+    LogLevel		    warn
36
+    ErrorLog                /var/log/apache2/roundcube.info-error_log
37
+    CustomLog               /var/log/apache2/roundcube.info-access_log common
38
+</VirtualHost>

+ 89
- 0
roles/webmail/templates/var_www_roundcube_config_config.inc.j2 View File

@@ -0,0 +1,89 @@
1
+<?php
2
+
3
+/*
4
+ +-----------------------------------------------------------------------+
5
+ | Local configuration for the Roundcube Webmail installation.           |
6
+ |                                                                       |
7
+ | This is a sample configuration file only containing the minimum       |
8
+ | setup required for a functional installation. Copy more options       |
9
+ | from defaults.inc.php to this file to override the defaults.          |
10
+ |                                                                       |
11
+ | This file is part of the Roundcube Webmail client                     |
12
+ | Copyright (C) 2005-2013, The Roundcube Dev Team                       |
13
+ |                                                                       |
14
+ | Licensed under the GNU General Public License version 3 or            |
15
+ | any later version with exceptions for skins & plugins.                |
16
+ | See the README file for a full license statement.                     |
17
+ +-----------------------------------------------------------------------+
18
+*/
19
+
20
+$config = array();
21
+
22
+// Database connection string (DSN) for read+write operations
23
+// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
24
+// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
25
+// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
26
+// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
27
+//       or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
28
+$config['db_dsnw'] = 'sqlite:////decrypted/roundcube/sqlite.db?mode=0664';
29
+
30
+// The mail host chosen to perform the log-in.
31
+// Leave blank to show a textbox at login, give a list of hosts
32
+// to display a pulldown menu or set one host as string.
33
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
34
+// Supported replacement variables:
35
+// %n - hostname ($_SERVER['SERVER_NAME'])
36
+// %t - hostname without the first part
37
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
38
+// %s - domain name after the '@' from e-mail address provided at login screen
39
+// For example %n = mail.domain.tld, %t = domain.tld
40
+$config['default_host'] = 'ssl://{{ webmail_domain }}:993';
41
+
42
+// SMTP server host (for sending mails).
43
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
44
+// If left blank, the PHP mail() function is used
45
+// Supported replacement variables:
46
+// %h - user's IMAP hostname
47
+// %n - hostname ($_SERVER['SERVER_NAME'])
48
+// %t - hostname without the first part
49
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
50
+// %z - IMAP domain (IMAP hostname without the first part)
51
+// For example %n = mail.domain.tld, %t = domain.tld
52
+$config['smtp_server'] = 'localhost';
53
+
54
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
55
+// deprecated SSL over SMTP (aka SMTPS))
56
+$config['smtp_port'] = 465;
57
+
58
+// SMTP username (if required) if you use %u as the username Roundcube
59
+// will use the current username for login
60
+$config['smtp_user'] = '%u';
61
+
62
+// SMTP password (if required) if you use %p as the password Roundcube
63
+// will use the current user's password for login
64
+$config['smtp_pass'] = '%p';
65
+
66
+// provide an URL where a user can get support for this Roundcube installation
67
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
68
+$config['support_url'] = '';
69
+
70
+// Name your service. This is displayed on the login screen and in the window title
71
+$config['product_name'] = 'Roundcube Webmail';
72
+
73
+// this key is used to encrypt the users imap password which is stored
74
+// in the session record (and the client cookie if remember password is enabled).
75
+// please provide a string of exactly 24 chars.
76
+// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
77
+$config['des_key'] = 'fwef42cna12wefew9fewfmac';
78
+
79
+// List of active plugins (in plugins/ directory)
80
+$config['plugins'] = array(
81
+    'archive',
82
+    'zipdownload',
83
+    'managesieve',
84
+    'twofactor_gauthenticator',
85
+    'carddav',
86
+);
87
+
88
+// skin name: folder from skins/
89
+$config['skin'] = 'larry';

+ 1
- 0
site.yml View File

@@ -9,6 +9,7 @@
9 9
   roles:
10 10
     - common
11 11
     - mailserver
12
+    - webmail
12 13
     - blog
13 14
     - ircbouncer
14 15
     - xmpp

Loading…
Cancel
Save