Browse Source

Add and configure latest z-push

Signed-off-by: PajamaSoft <support@pajamasoft.com>
PajamaSoft 10 years ago
parent
commit
40d0900557

+ 7
- 0
roles/mailserver/files/etc_apache2_conf.d_z-push.conf View File

@@ -0,0 +1,7 @@
1
+Alias /Microsoft-Server-ActiveSync /usr/share/z-push/index.php
2
+<Directory /usr/share/z-push>
3
+    php_flag magic_quotes_gpc off        
4
+    php_flag register_globals off        
5
+    php_flag magic_quotes_runtime off        
6
+    php_flag short_open_tag on    
7
+</Directory>

+ 1
- 0
roles/mailserver/tasks/main.yml View File

@@ -4,3 +4,4 @@
4 4
 - include: dspam.yml tags=dspam
5 5
 - include: solr.yml tags=solr
6 6
 - include: checkrbl.yml tags=checkrbl
7
+- include: z-push.yml tags=zpush

+ 38
- 0
roles/mailserver/tasks/z-push.yml View File

@@ -0,0 +1,38 @@
1
+- name: Install required packages for z-push
2
+  apt: pkg={{ item }} state=installed
3
+  with_items:
4
+    - php5
5
+    - php5-cli
6
+    - php-soap
7
+    - php5-imap
8
+    
9
+- name: Download z-push release
10
+  get_url: 
11
+    url=http://zarafa-deutschland.de/z-push-download/final/2.1/z-push-{{ zpush_version }}.tar.gz
12
+    dest=/root/z-push-{{ zpush_version }}.tar.gz
13
+
14
+- name: Decompress z-push source
15
+  command: tar xzf z-push-{{ zpush_version }}.tar.gz chdir=/root creates=/root/z-push-{{ zpush_version }}
16
+
17
+- name: Create /usr/share/z-push
18
+  file: state=directory path=/usr/share/z-push
19
+
20
+- name: Copy z-push source files to /usr/share/z-push
21
+  shell: cp -R z-push-{{ zpush_version }}/* /usr/share/z-push/ chdir=/root
22
+
23
+- name: Remove downloaded, temporary z-push source files
24
+  shell: rm -rf z-push* chdir=/root
25
+
26
+- name: Ensure z-push state and log directories are in place
27
+  file: state=directory path={{ item }} owner=www-data group=www-data mode=755
28
+  with_items:
29
+    - /decrypted/zpush-state
30
+    - /var/log/z-push
31
+  notify: restart apache
32
+
33
+- name: Copy z-push's config.php into place
34
+  template: src=usr_share_z-push_config.php.j2 dest=/usr/share/z-push/config.php
35
+
36
+- name: Configure z-push apache alias and php settings
37
+  copy: src=etc_apache2_conf.d_z-push.conf dest=/etc/apache2/conf.d/z-push.conf
38
+  notify: restart apache

+ 306
- 0
roles/mailserver/templates/usr_share_z-push_config.php.j2 View File

@@ -0,0 +1,306 @@
1
+<?php
2
+/***********************************************
3
+* File      :   config.php
4
+* Project   :   Z-Push
5
+* Descr     :   Main configuration file
6
+*
7
+* Created   :   01.10.2007
8
+*
9
+* Copyright 2007 - 2013 Zarafa Deutschland GmbH
10
+*
11
+* This program is free software: you can redistribute it and/or modify
12
+* it under the terms of the GNU Affero General Public License, version 3,
13
+* as published by the Free Software Foundation with the following additional
14
+* term according to sec. 7:
15
+*
16
+* According to sec. 7 of the GNU Affero General Public License, version 3,
17
+* the terms of the AGPL are supplemented with the following terms:
18
+*
19
+* "Zarafa" is a registered trademark of Zarafa B.V.
20
+* "Z-Push" is a registered trademark of Zarafa Deutschland GmbH
21
+* The licensing of the Program under the AGPL does not imply a trademark license.
22
+* Therefore any rights, title and interest in our trademarks remain entirely with us.
23
+*
24
+* However, if you propagate an unmodified version of the Program you are
25
+* allowed to use the term "Z-Push" to indicate that you distribute the Program.
26
+* Furthermore you may use our trademarks where it is necessary to indicate
27
+* the intended purpose of a product or service provided you use it in accordance
28
+* with honest practices in industrial or commercial matters.
29
+* If you want to propagate modified versions of the Program under the name "Z-Push",
30
+* you may only do so if you have a written permission by Zarafa Deutschland GmbH
31
+* (to acquire a permission please contact Zarafa at trademark@zarafa.com).
32
+*
33
+* This program is distributed in the hope that it will be useful,
34
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
35
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
36
+* GNU Affero General Public License for more details.
37
+*
38
+* You should have received a copy of the GNU Affero General Public License
39
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
40
+*
41
+* Consult LICENSE file for details
42
+************************************************/
43
+
44
+/**********************************************************************************
45
+ *  Default settings
46
+ */
47
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
48
+    define('TIMEZONE', '{{ zpush_timezone }}');
49
+
50
+    // Defines the base path on the server
51
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
52
+
53
+    // Try to set unlimited timeout
54
+    define('SCRIPT_TIMEOUT', 0);
55
+
56
+    // When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
57
+    define('USE_X_FORWARDED_FOR_HEADER', false);
58
+
59
+    // When using client certificates, we can check if the login sent matches the owner of the certificate.
60
+    // This setting specifies the owner parameter in the certificate to look at.
61
+    define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
62
+
63
+/**********************************************************************************
64
+ *  Default FileStateMachine settings
65
+ */
66
+    define('STATE_DIR', '/decrypted/zpush-state/');
67
+
68
+
69
+/**********************************************************************************
70
+ *  Logging settings
71
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
72
+ *  LOGLEVEL_OFF            - no logging
73
+ *  LOGLEVEL_FATAL          - log only critical errors
74
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
75
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
76
+ *  LOGLEVEL_INFO           - usually completed actions
77
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
78
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
79
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
80
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
81
+ *
82
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
83
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
84
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
85
+ */
86
+    define('LOGFILEDIR', '/var/log/z-push/');
87
+    define('LOGFILE', LOGFILEDIR . 'z-push.log');
88
+    define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
89
+    define('LOGLEVEL', LOGLEVEL_INFO);
90
+    define('LOGAUTHFAIL', false);
91
+
92
+
93
+    // To save e.g. WBXML data only for selected users, add the usernames to the array
94
+    // The data will be saved into a dedicated file per user in the LOGFILEDIR
95
+    // Users have to be encapusulated in quotes, several users are comma separated, like:
96
+    //   $specialLogUsers = array('info@domain.com', 'myusername');
97
+    define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
98
+    $specialLogUsers = array();
99
+
100
+    // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
101
+    // Uncomment and modify the following line if the validation of the certificates fails.
102
+    // define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
103
+
104
+/**********************************************************************************
105
+ *  Mobile settings
106
+ */
107
+    // Device Provisioning
108
+    define('PROVISIONING', true);
109
+
110
+    // This option allows the 'loose enforcement' of the provisioning policies for older
111
+    // devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
112
+    // false (default) - Enforce provisioning for all devices
113
+    // true - allow older devices, but enforce policies on devices which support it
114
+    define('LOOSE_PROVISIONING', false);
115
+
116
+    // Default conflict preference
117
+    // Some devices allow to set if the server or PIM (mobile)
118
+    // should win in case of a synchronization conflict
119
+    //   SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
120
+    //   SYNC_CONFLICT_OVERWRITE_PIM    - PIM is overwritten, Server wins (default)
121
+    define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
122
+
123
+    // Global limitation of items to be synchronized
124
+    // The mobile can define a sync back period for calendar and email items
125
+    // For large stores with many items the time period could be limited to a max value
126
+    // If the mobile transmits a wider time period, the defined max value is used
127
+    // Applicable values:
128
+    //   SYNC_FILTERTYPE_ALL (default, no limitation)
129
+    //   SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
130
+    //   SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
131
+    define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
132
+
133
+    // Interval in seconds before checking if there are changes on the server when in Ping.
134
+    // It means the highest time span before a change is pushed to a mobile. Set it to
135
+    // a higher value if you have a high load on the server.
136
+    define('PING_INTERVAL', 30);
137
+
138
+    // Interval in seconds to force a re-check of potentially missed notifications when
139
+    // using a changes sink. Default are 300 seconds (every 5 min).
140
+    // This can also be disabled by setting it to false
141
+    define('SINK_FORCERECHECK', 300);
142
+
143
+    // Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
144
+    // It will only affect new/modified contacts on the mobile which then are synced to the server.
145
+    // Possible values are:
146
+    // SYNC_FILEAS_FIRSTLAST    - fileas will be "Firstname Middlename Lastname"
147
+    // SYNC_FILEAS_LASTFIRST    - fileas will be "Lastname, Firstname Middlename"
148
+    // SYNC_FILEAS_COMPANYONLY  - fileas will be "Company"
149
+    // SYNC_FILEAS_COMPANYLAST  - fileas will be "Company (Lastname, Firstname Middlename)"
150
+    // SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
151
+    // SYNC_FILEAS_LASTCOMPANY  - fileas will be "Lastname, Firstname Middlename (Company)"
152
+    // SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
153
+    // The company-fileas will only be set if a contact has a company set. If one of
154
+    // company-fileas is selected and a contact doesn't have a company set, it will default
155
+    // to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
156
+    // option is selected for company).
157
+    // If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
158
+    // SYNC_FILEAS_LASTFIRST will be used
159
+    define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
160
+
161
+    // Amount of items to be synchronized per request
162
+    // Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
163
+    // Exporting too much items can cause mobile timeout on busy systems.
164
+    // Z-Push will use the lowest value, either set here or by the mobile.
165
+    // default: 100 - value used if mobile does not limit amount of items
166
+    define('SYNC_MAX_ITEMS', 100);
167
+
168
+    // The devices usually send a list of supported properties for calendar and contact
169
+    // items. If a device does not includes such a supported property in Sync request,
170
+    // it means the property's value will be deleted on the server.
171
+    // However some devices do not send a list of supported properties. It is then impossible
172
+    // to tell if a property was deleted or it was not set at all if it does not appear in Sync.
173
+    // This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
174
+    // supported properties.
175
+    // See also https://jira.zarafa.com/browse/ZP-302.
176
+    // Possible values:
177
+    // false - do not unset properties which are not sent during Sync (default)
178
+    // true  - unset properties which are not sent during Sync
179
+    define('UNSET_UNDEFINED_PROPERTIES', false);
180
+
181
+    // ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
182
+    // in the semantic sanity checks and contacts with larger photos are not synchronized.
183
+    // This limitation is not being followed by the ActiveSync clients which set much bigger
184
+    // contact photos. You can override the default value of the max photo size.
185
+    // default: 49152 - 48 KB default max photo size in bytes
186
+    define('SYNC_CONTACTS_MAXPICTURESIZE', 49152);
187
+
188
+/**********************************************************************************
189
+ *  Backend settings
190
+ */
191
+    // the backend data provider
192
+    define('BACKEND_PROVIDER', 'BackendIMAP');
193
+
194
+
195
+    // ************************
196
+    //  BackendZarafa settings
197
+    // ************************
198
+    // Defines the server to which we want to connect
199
+    define('MAPI_SERVER', 'file:///var/run/zarafa');
200
+
201
+
202
+    // ************************
203
+    //  BackendIMAP settings
204
+    // ************************
205
+    // Defines the server to which we want to connect
206
+    define('IMAP_SERVER', 'localhost');
207
+    // connecting to default port (143)
208
+    define('IMAP_PORT', 993);
209
+    // best cross-platform compatibility (see http://php.net/imap_open for options)
210
+    define('IMAP_OPTIONS', '/ssl/novalidate-cert');
211
+    // overwrite the "from" header if it isn't set when sending emails
212
+    // options: 'username'    - the username will be set (usefull if your login is equal to your emailaddress)
213
+    //        'domain'    - the value of the "domain" field is used
214
+    //        '@mydomain.com' - the username is used and the given string will be appended
215
+    define('IMAP_DEFAULTFROM', '');
216
+    // copy outgoing mail to this folder. If not set d-push will try the default folders
217
+    define('IMAP_SENTFOLDER', 'Sent');
218
+    // forward messages inline (default false - as attachment)
219
+    define('IMAP_INLINE_FORWARD', false);
220
+    // don't use imap_mail() to send emails.
221
+    // true (default, uses imap_mail, which is broken - false uses mail(),
222
+    // which handles cc and from in a more sane way)
223
+    define('IMAP_USE_IMAPMAIL', false);
224
+
225
+
226
+    // ************************
227
+    //  BackendMaildir settings
228
+    // ************************
229
+    define('MAILDIR_BASE', '/tmp');
230
+    define('MAILDIR_SUBDIR', 'Maildir');
231
+
232
+    // **********************
233
+    //  BackendVCardDir settings
234
+    // **********************
235
+    define('VCARDDIR_DIR', '/home/%u/.kde/share/apps/kabc/stdvcf');
236
+    
237
+    
238
+/**********************************************************************************
239
+ *  Search provider settings
240
+ *
241
+ *  Alternative backend to perform SEARCH requests (GAL search)
242
+ *  By default the main Backend defines the preferred search functionality.
243
+ *  If set, the Search Provider will always be preferred.
244
+ *  Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
245
+ */
246
+    define('SEARCH_PROVIDER', '');
247
+    // Time in seconds for the server search. Setting it too high might result in timeout.
248
+    // Setting it too low might not return all results. Default is 10.
249
+    define('SEARCH_WAIT', 10);
250
+    // The maximum number of results to send to the client. Setting it too high
251
+    // might result in timeout. Default is 10.
252
+    define('SEARCH_MAXRESULTS', 10);
253
+
254
+
255
+/**********************************************************************************
256
+ *  Synchronize additional folders to all mobiles
257
+ *
258
+ *  With this feature, special folders can be synchronized to all mobiles.
259
+ *  This is useful for e.g. global company contacts.
260
+ *
261
+ *  This feature is supported only by certain devices, like iPhones.
262
+ *  Check the compatibility list for supported devices:
263
+ *      http://z-push.sf.net/compatibility
264
+ *
265
+ *  To synchronize a folder, add a section setting all parameters as below:
266
+ *      store:      the ressource where the folder is located.
267
+ *                  Zarafa users use 'SYSTEM' for the 'Public Folder'
268
+ *      folderid:   folder id of the folder to be synchronized
269
+ *      name:       name to be displayed on the mobile device
270
+ *      type:       supported types are:
271
+ *                      SYNC_FOLDER_TYPE_USER_CONTACT
272
+ *                      SYNC_FOLDER_TYPE_USER_APPOINTMENT
273
+ *                      SYNC_FOLDER_TYPE_USER_TASK
274
+ *                      SYNC_FOLDER_TYPE_USER_MAIL
275
+ *
276
+ *  Additional notes:
277
+ *  - on Zarafa systems use backend/zarafa/listfolders.php script to get a list
278
+ *    of available folders
279
+ *
280
+ *  - all Z-Push users must have full writing permissions (secretary rights) so
281
+ *    the configured folders can be synchronized to the mobile
282
+ *
283
+ *  - this feature is only partly suitable for multi-tenancy environments,
284
+ *    as ALL users from ALL tenents need access to the configured store & folder.
285
+ *    When configuring a public folder, this will cause problems, as each user has
286
+ *    a different public folder in his tenant, so the folder are not available.
287
+
288
+ *  - changing this configuration could cause HIGH LOAD on the system, as all
289
+ *    connected devices will be updated and load the data contained in the
290
+ *    added/modified folders.
291
+ */
292
+
293
+    $additionalFolders = array(
294
+        // demo entry for the synchronization of contacts from the public folder.
295
+        // uncomment (remove '/*' '*/') and fill in the folderid
296
+/*
297
+        array(
298
+            'store'     => "SYSTEM",
299
+            'folderid'  => "",
300
+            'name'      => "Public Contacts",
301
+            'type'      => SYNC_FOLDER_TYPE_USER_CONTACT,
302
+        ),
303
+*/
304
+    );
305
+
306
+?>

+ 3
- 0
vars/defaults.yml View File

@@ -29,6 +29,9 @@ mail_mysql_database: mailserver
29 29
 # mail_virtual_users: (required)
30 30
 # mail_virtual_aliases: (required)
31 31
 
32
+# z-push
33
+zpush_version: 2.1.1-1788
34
+
32 35
 # owncloud
33 36
 owncloud_domain: "cloud.{{ domain }}"
34 37
 owncloud_mysql_username: owncloud

+ 3
- 0
vars/user.yml View File

@@ -43,6 +43,9 @@ mail_virtual_aliases:
43 43
     destination: "{{ admin_email }}"
44 44
     domain_pk_id: 1
45 45
 
46
+# z-push
47
+zpush_timezone: "TODO"  #Example: "America/New_York"
48
+
46 49
 # owncloud
47 50
 owncloud_mysql_password: TODO
48 51
 

Loading…
Cancel
Save