Difference between revisions of "Roundcube"

From ArchWiki
Jump to navigation Jump to search
(Webserver (Nginx))
(Webserver (Nginx))
Line 73: Line 73:
 
{{Note|This assumes you already have a working [[Nginx ]]server setup with [[Nginx#PHP_configuration|php-fpm]]}}
 
{{Note|This assumes you already have a working [[Nginx ]]server setup with [[Nginx#PHP_configuration|php-fpm]]}}
  
{{hc|/etc/nginx.conf|
+
{{hc|/etc/nginx.conf|<nowiki>location /webmail {
 
 
location /webmail {
 
 
                         alias /usr/share/webapps/roundcubemail;
 
                         alias /usr/share/webapps/roundcubemail;
 
                         access_log /var/log/nginx/roundcube_access.log;
 
                         access_log /var/log/nginx/roundcube_access.log;
Line 119: Line 117:
 
                         }
 
                         }
 
                 }
 
                 }
}}
+
</nowiki>}}
  
 
== Install Roundcube ==
 
== Install Roundcube ==

Revision as of 21:00, 29 September 2015

Roundcube is a full-featured, PHP web-based mail client.

Installation

Install roundcubemail from the official repositories. Further you will need a database (e.g. MariaDB) and a web server with PHP-support (this guide will assume the Apache HTTP Server).

Since 1.1.0 roundcube needs iconv and/or mbstring PHP extensions.

Configuration

MariaDB

Here's an example on how you could setup a database for Roundcube with MariaDB called roundcubemail for the user roundcube identified by the password password:

CREATE DATABASE roundcubemail;
GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;

For any database you use, you will need to initialize the roundcubemail database tables. Here is an example of how to do this with MariaDB:

 mysql -u root -p roundcubemail < /usr/share/webapps/roundcubemail/SQL/mysql.initial.sql

Roundcube

Copy the example configuration file and adjust it to your configuration:

cp /etc/webapps/roundcubemail/config/config.inc.php.sample /etc/webapps/roundcubemail/config/config.inc.php

Set your mail server settings, and set enable_installer to enable the setup wizard:

/etc/webapps/roundcubemail/config/config.inc.php
$config['db_dsnw'] = 'mysql://roundcube:****@localhost/roundcubemail';
$config['default_host'] = 'tls://localhost';
$config['smtp_server'] = 'localhost';
$config['enable_installer'] = true;

PHP

Make sure to adjust following variables to these minimal values in your PHP config:

/etc/php/php.ini
 date.timezone = "UTC"

and uncomment

extension=iconv.so

Webserver (Apache)

Copy the configuration file for Apache to its configuration directory:

cp /etc/webapps/roundcubemail/apache.conf /etc/httpd/conf/extra/roundcube.conf

And include it at the bottom of

/etc/httpd/conf/httpd.conf
 Include conf/extra/roundcube.conf

Restart Apache (httpd.service).


Webserver (Nginx)

Warning: This is an example config of RoundCube running in an subdirectory "webmail" of the web root and has been compiled based on experiments with information from multiple sources, proceed with caution
Note: This assumes you already have a working Nginx server setup with php-fpm
/etc/nginx.conf
location /webmail {
                        alias /usr/share/webapps/roundcubemail;
                        access_log /var/log/nginx/roundcube_access.log;
                        error_log /var/log/nginx/roundcube_error.log;
                        #Favicon
                        location ~ ^/favicon.ico$ {
                                root /usr/share/webapps/roundcubemail/skins/classic/images;
                                log_not_found off;
                                access_log off;
                                expires max;
                        }
                        #Robots file
                        location ~ ^/robots.txt {
                                allow all;
                                log_not_found off;
                                access_log off;
                        }
                        #Deny Protected directories 
                        location ~ ^/(config|temp|logs)/ {
                                 deny all;
                        }
                        location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
                                deny all;
                        }
                        location ~ ^/(bin|SQL)/ {
                                deny all;
                        }
                        #Hide all dot files
                        location ~ /\. {
                                deny all;
                                access_log off;
                                log_not_found off;
                        }
                        #Roundcube fastcgi config
                        location ~ /webmail(/.*\.php)$ {
                                set $valid_fastcgi_script_name $1;
                                include fastcgi_params;
                                fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
                                fastcgi_split_path_info ^(.+.php)(/.*)$;
                                fastcgi_index index.php;
                                fastcgi_param SCRIPT_FILENAME /usr/share/webapps/roundcubemail/$valid_fastcgi_script_name;
                                fastcgi_param PHP_VALUE open_basedir="/tmp/:/var/cache/roundcubemail:/usr/share/webapps/roundcubemail:/etc/webapps/roundcubemail:/usr/share/pear/:/var/log/roundcubemail";
                        }
                }

Install Roundcube

Finally you can visit the Roundcube installation wizard in your browser: http://localhost/roundcube/installer

For security reasons, you should disable the installer when you have completed the wizard: remove $config['enable_installer'] = true; from config.inc.php.

Because the ~/roundcube/config directory contains sensitive information about your server, it's also a good idea to disallow access to this directory by adding these lines, too.

/etc/httpd/conf/extra/roundcube.conf
  <Directory /usr/share/webapps/roundcubemail/config>
     Options -FollowSymLinks
     AllowOverride None
     Require all denied
  </Directory>

Tips and tricks

Setting Roundcube up for use with an IMAP server that only allows TLS authentication

It's quite common for modern IMAP servers to only allow encrypted authentication, say using STARTTLS. If you are setting Roundcube up for TLS authentication, the web-based installer won't help you. You will need to edit the /etc/webapps/roundcubemail/config/config.inc.php by hand, adding the following lines:

 $config['default_host'] = 'tls://mail.my_domain.org';
 $config['imap_conn_options'] = array(
     'ssl' => array(
       'verify_peer'       => true,
       'allow_self_signed' => true,
       'peer_name'         => 'mail.my_domain.org',
       'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
       'cafile'  => '/etc/ssl/certs/ssl-cert-cyrus.my_domain.org.pem',
     ),
 );

where mail.my_domain.org is the CN host name in your SSL certificate (i.e. the hostname of your IMAP server), and /etc/ssl/certs/ssl-cert-cyrus.my_domain.org.pem is the path to your SSL certificate. You might need to adjust the ciphers element to correspond to the ciphers allowed by your IMAP server.

A complete list of PHP SSL configuration options can be found here.

PDF and OpenDocument file preview

Following Roundcube extensions enables you to preview PDF or OpenDocument file attachements. Install roundcubemail-plugins-kolabAUR from the AUR and adjust following configuration file to enable the extensions:

/etc/webapps/roundcubemail/config/config.inc.php
$config['plugins'] = array(
    'pdfviewer',
    'odfviewer'
);

If you encounter any file permission issues, than try this command:

chown -R http:http /usr/share/webapps/roundcubemail/plugins/odfviewer/files

Synchronize address book with CardDav contacts

It's useful to use the Roundcube address book to have auto-completion features for address fields etc. If you have your contacts stored somewhere else and the remote application offers a CardDav server for synchronization, then you can use the roundcube-rcmcarddavAUR extension from the AUR to access your remote address book in Roundcube. To enable it, adjust following lines in your config file:

/etc/webapps/roundcubemail/config/config.inc.php
$config['plugins'] = array(
    'carddav'
);

Further usage instructions can be found here.

See also