Zarafa on SME8
The below howto is a copy of: http://www.pollet-ghys.be/intranet/index.php/Zarafa on July 16th, 2012
Zarafa 7.0.8 and above on SME 8
IMPORTANT : If you want to have a multicompany-environment, format of the SME-username and the ZARAFA-username has to be [username].[companyname] !!!
A multicompany-evironment is only possible with the DB-plugin (So, you make your Zarafa-users 'by hand').
In a multicompany-evironment every company has his own Global Adressbook and public folders.
Search latest php53-mapi.rpm
SME8 uses PHP5.3
Unfortunately, PHP 5.1 and PHP 5.3 are ABI incompatible, that means that PHP modules that were compiled for PHP 5.1 (like the php-mapi.rpm compiled in the Zarafa-rpms for RHEL 5) can not be run using PHP 5.3 :
https://community.zarafa.com/pg/blog/read/1837/support-for-php-53-in-rhel-5-via-new-php53mapi-rpm-package
So, search on the EPEL-repositories the latest php53-mapi-package.
https://admin.fedoraproject.org/updates/search/php53-mapi?
Set the epel-repository :
/sbin/e-smith/db yum_repositories set epel repository \ Name 'Epel - EL5' \ BaseUrl 'http://download.fedoraproject.org/pub/epel/5/$basearch' \ MirrorList 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch' \ EnableGroups no \ GPGCheck yes \ GPGKey http://download.fedora.redhat.com/pub/epel/RPM-GPG-KEY-EPEL \ Visible no \ status disabled
signal-event yum-modify
ONLY IF YOU ARE UPDATING AN EXISTING ZARAFA-7-INSTALLATION -> Remove the existing php53-mapi.rpm first :
rpm -e php53-mapi --nodeps
Download via the Zarafawebsite the package for ZCP corresponding with the php53-mapi.rpm (cf. version above)
cd /to an installdirectory, ex. : /root/InstallZarafa
wget http://download.zarafa.com/community/final/7.0/[version]/zcp-[version]-rhel-5-[cpu-arch]-free.tar.gz
The 'free'-version has the ability to connect with Microsoft Outlook (default 3 users for free, buy zarafa-CAL's if you want more).
Download the Z-push-package (version 1.5 !!)
wget http://zarafa-deutschland.de/z-push-download/final/1.5/[z-push-latest version]
Save in the same installdirectory, ex. : root/InstallZarafa
Unpack the corresponding package for ZCP and the package for Z-push :
Go (cd /...) to the installdirectory (if you haven't done this yet) :
cd /to the installdirectory
And unpack :
tar -zxvf zcp-* tar -zxvf z-push-[latest version] -C /var/www/html
Change the name of the created z-push-directory in /var/www/html to 'z-push'.
Go (cd ./zcp-...) to the created subdirectory (zcp-...) :
cd ./zcp- ...
Remove the devel packages Move the windows-directory to an installshare in your network
Download the latest webapp.rpm too in the same subdirectory :
wget http://download.zarafa.com/community/final/WebApp/1.1/rhel/[zarafa-webapp-version.noarch.rpm]
Install all rpm's in the unpacked package of ZCP and the webapp.rpm too :
yum localinstall *.rpm
All packages have dependencies that cannot be resolved if you install only part of the rpm's.
If you only want to upgrade one package (ex. the Webapp) :
cd /to the new Webapp.rpm rpm -Uvh --force zarafa-webapp-[version].noarch
Remove the default php-mapi.rpm
We have to remove the installation of the default php-mapi (because it's not built for php 5.3).
rpm -e php-mapi --nodeps
Install the php53-mapi.rpm
Install the php53-mapi.rpm of the EPEL-repository :
-If you downloaded the rpm :
rpm -Uvh --force php53-mapi
-If you did set the EPEL-repository :
yum install php53-mapi --enablerepo=epel
ONLY FOR FIRST INSTALLATION : Make actions
nano -w /etc/e-smith/events/actions/zarafa-expand-templates
#!/bin/sh /sbin/e-smith/expand-template /etc/zarafa/gateway.cfg /sbin/e-smith/expand-template /etc/zarafa/ical.cfg /sbin/e-smith/expand-template /etc/zarafa/server.cfg /sbin/e-smith/expand-template /etc/zarafa/unix.cfg /sbin/e-smith/expand-template /etc/zarafa/monitor.cfg /sbin/e-smith/expand-template /etc/zarafa/indexer.cfg /sbin/e-smith/expand-template /etc/zarafa/spooler.cfg /sbin/e-smith/expand-template /etc/zarafa/dagent.cfg /sbin/e-smith/expand-template /etc/zarafa/licensed.cfg
nano -w /etc/e-smith/events/actions/zarafa-services
#!/bin/sh FILE=/etc/rc.d/init.d/zarafa-licensed if [ "$1" == start ]; then /etc/rc.d/init.d/zarafa-dagent start /etc/rc.d/init.d/zarafa-gateway start /etc/rc.d/init.d/zarafa-ical start if [ -a $FILE ]; then $FILE start; fi /etc/rc.d/init.d/zarafa-monitor start /etc/rc.d/init.d/zarafa-spooler start /etc/rc.d/init.d/zarafa-indexer start /etc/rc.d/init.d/zarafa-server start exit 0 fi if [ "$1" == stop ]; then /etc/rc.d/init.d/zarafa-dagent stop /etc/rc.d/init.d/zarafa-gateway stop /etc/rc.d/init.d/zarafa-ical stop if [ -a $FILE ]; then $FILE stop; fi /etc/rc.d/init.d/zarafa-indexer stop /etc/rc.d/init.d/zarafa-spooler stop /etc/rc.d/init.d/zarafa-server stop /etc/rc.d/init.d/zarafa-monitor stop exit 0 fi if [ "$1" == restart ]; then /etc/rc.d/init.d/zarafa-dagent stop /etc/rc.d/init.d/zarafa-gateway stop /etc/rc.d/init.d/zarafa-ical stop if [ -a $FILE ]; then $FILE stop; fi /etc/rc.d/init.d/zarafa-monitor stop /etc/rc.d/init.d/zarafa-indexer stop /etc/rc.d/init.d/zarafa-spooler stop /etc/rc.d/init.d/zarafa-server stop /etc/rc.d/init.d/zarafa-dagent start /etc/rc.d/init.d/zarafa-gateway start /etc/rc.d/init.d/zarafa-ical start if [ -a $FILE ]; then $FILE start; fi /etc/rc.d/init.d/zarafa-monitor start /etc/rc.d/init.d/zarafa-server start /etc/rc.d/init.d/zarafa-spooler start /etc/rc.d/init.d/zarafa-indexer start exit 0 fi if [ "$1" == enabled ]; then config setprop zarafa-gateway status enabled config setprop zarafa-ical status enabled if [ -a $FILE ]; then config setprop zarafa-licensed status enabled; fi config setprop zarafa-monitor status enabled config setprop zarafa-server status enabled config setprop zarafa-spooler status enabled config setprop zarafa-indexer status enabled config setprop zarafa-dagent status enabled exit 0 fi if [ "$1" == disabled ]; then config setprop zarafa-gateway status disabled config setprop zarafa-ical status disabled if [ -a $FILE ]; then config setprop zarafa-licensed status disabled; fi config setprop zarafa-monitor status disabled config setprop zarafa-server status disabled config setprop zarafa-spooler status disabled config setprop zarafa-indexer status disabled config setprop zarafa-dagent status disabled exit 0 fi echo "Usage: start|stop|restart|enabled|disabled" exit 0
nano -w /etc/e-smith/events/actions/zarafa-install
#!/bin/sh clear /bin/chmod 554 /etc/e-smith/events/actions/zarafa-expand-templates /bin/chmod 554 /etc/e-smith/events/actions/zarafa-services /bin/chmod 554 /etc/e-smith/events/actions/zarafa-update /bin/chmod 554 /etc/e-smith/events/actions/zarafa-create-user /bin/chmod 554 /etc/e-smith/events/actions/zarafa-create-company /bin/echo "Enter the language of your choice for your zarafa-mailboxes and public store. Values: en_US.UTF-8, en_GB.UTF-8, nl_NL.UTF-8, fr_FR.UTF-8, de_DE.UTF-8, ..." read ZARAFALANGUAGE /sbin/e-smith/config set zarafa service status enabled language $ZARAFALANGUAGE /sbin/e-smith/expand-template /etc/sysconfig/zarafa /bin/echo "Setting up templates2expand-files" mkdir -p /etc/e-smith/events/email-update/templates2expand/etc/zarafa touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/gateway.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/ical.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/server.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/unix.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/spooler.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/licensed.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/monitor.cfg touch /etc/e-smith/events/email-update/templates2expand/etc/zarafa/dagent.cfg mkdir -p /etc/e-smith/events/group-create/templates2expand/etc/zarafa touch /etc/e-smith/events/group-create/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/group-delete/templates2expand/etc/zarafa touch /etc/e-smith/events/group-delete/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/group-modify/templates2expand/etc/zarafa touch /etc/e-smith/events/group-modify/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/user-create/templates2expand/etc/zarafa touch /etc/e-smith/events/user-create/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/user-delete/templates2expand/etc/zarafa touch /etc/e-smith/events/user-delete/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/user-modify/templates2expand/etc/zarafa touch /etc/e-smith/events/user-modify/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/ibay-create/templates2expand/etc/zarafa touch /etc/e-smith/events/ibay-create/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/machine-account-create/templates2expand/etc/zarafa touch /etc/e-smith/events/machine-account-create/templates2expand/etc/zarafa/unix.cfg mkdir -p /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa touch /etc/e-smith/events/post-upgrade/templates2expand/etc/e-smith/sql/init/80zarafa touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/gateway.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/ical.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/server.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/unix.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/spooler.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/licensed.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/monitor.cfg touch /etc/e-smith/events/post-upgrade/templates2expand/etc/zarafa/dagent.cfg mkdir -p /etc/e-smith/events/timezone-update/templates2expand/etc/zarafa touch /etc/e-smith/events/timezone-update/templates2expand/etc/zarafa/ical.cfg /bin/echo "Setting up services2adjust-links" ln -s reload /etc/e-smith/events/group-create/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/group-delete/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/group-modify/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/user-create/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/user-delete/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/user-modify/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/ibay-create/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/machine-account-create/services2adjust/zarafa-server ln -s reload /etc/e-smith/events/timezone-update/services2adjust/zarafa-server /bin/echo "Initialize-default-databases" /etc/e-smith/events/actions/initialize-default-databases /bin/echo "Setting up db-entries for Zarafa" /sbin/e-smith/db configuration setprop mysqld InnoDB enabled /sbin/e-smith/db configuration setprop smtpd tnef2mime disabled /sbin/e-smith/db configuration setprop zarafa-server access private status enabled TCPPort 236 index_services_enabled yes /bin/echo "Enter your user plugin. Values: unix or db (ldap is not supported, multicompany-support only with db-plugin)" read USERPLUGIN /sbin/e-smith/db configuration setprop zarafa-server Plugin $USERPLUGIN if [ "$USERPLUGIN" == db ]; then /bin/echo "Do you want to set up a multicompany-environment ? Values: yes or no" read MULTICOMPANY /sbin/e-smith/db configuration setprop zarafa-server Multicompany $MULTICOMPANY fi /sbin/e-smith/db configuration setprop zarafa access SSL /sbin/e-smith/db configuration set zarafa-ical service access private status enabled TCPPort 8088 /sbin/e-smith/db configuration set zarafa-icals service access public status enabled TCPPort 8089 /sbin/e-smith/db configuration set zarafa-imap service access private status enabled TCPPort 8143 /sbin/e-smith/db configuration set zarafa-imaps service access public status enabled TCPPort 8993 /sbin/e-smith/db configuration set zarafa-pop3 service access private status enabled TCPPort 8110 /sbin/e-smith/db configuration set zarafa-pop3s service access public status enabled TCPPort 8995 /sbin/e-smith/db configuration set zarafa-ssl service access public status enabled TCPPort 237 /sbin/e-smith/db configuration set zarafa-gateway service status enabled /sbin/e-smith/db configuration set zarafa-spooler service status enabled /sbin/e-smith/db configuration set zarafa-monitor service status enabled /sbin/e-smith/db configuration set zarafa-indexer service status enabled /sbin/e-smith/db configuration set zarafa-licensed service status enabled /sbin/e-smith/db configuration set zarafa-dagent service status enabled /bin/echo "Expanding the my.cnf-template" /sbin/e-smith/expand-template /etc/my.cnf /bin/echo "Restarting mysqld" /usr/bin/sv t /service/mysqld /bin/echo "Signal-event remoteaccess-update" /sbin/e-smith/signal-event remoteaccess-update /bin/echo "Creating the Zarafa-database" /sbin/e-smith/expand-template /etc/e-smith/sql/init/80zarafa /etc/rc.d/init.d/mysql.init start /bin/echo "Expanding the Zarafa-templates" /etc/e-smith/events/actions/zarafa-expand-templates /bin/echo "Configuration of the Webaccess and Z-push" /bin/chown -R www:www /var/lib/zarafa-webaccess/tmp /bin/chown -R www:www /var/lib/zarafa-webapp/tmp FILE=/etc/httpd/conf.d/zarafa-webaccess.conf; if [ -a $FILE ]; then /bin/rm -f $FILE; fi FILE=/etc/httpd/conf.d/zarafa-webapp.conf; if [ -a $FILE ]; then /bin/rm -f $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chown -R www:www $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chmod 755 $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/touch /var/www/html/z-push/debug.txt; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chown www:www /var/www/html/z-push/debug.txt; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chmod 755 /var/www/html/z-push/debug.txt; fi /bin/echo "Expanding http.conf-template" /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf /bin/echo "Restarting httpd" /usr/bin/sv restart /service/httpd-e-smith /bin/echo "Setting up more symbolic links" ln -s /lib/libcrypto.so.0.9.8e /usr/lib/libcrypto.so.0.9.8 ln -s /lib/libssl.so.0.9.8e /usr/lib/libssl.so.0.9.8 ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-dagent ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-gateway ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-indexer ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-licensed ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-monitor ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-spooler ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-ical ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99zarafa-server /bin/echo "Starting Zarafa-services" /etc/e-smith/events/actions/zarafa-services start /bin/echo "Setting permissions on files" FILE=/var/log/zarafa/dagent.log; if [ -a $FILE ]; then /bin/chmod 666 $FILE; fi if [ "$USERPLUGIN" == unix ]; then /bin/echo "creating Public store" /usr/bin/zarafa-admin --utf8 -s fi if [ "$USERPLUGIN" == db ]; then if [ "$MULTICOMPANY" == no ]; then /bin/echo "creating Public store" /usr/bin/zarafa-admin --utf8 -s fi fi if [ "$USERPLUGIN" == db ]; then if [ "$MULTICOMPANY" == yes ]; then /bin/echo "Make your first company. Enter your first companyname :" read COMPANYNAME /usr/bin/zarafa-admin --create-company "$COMPANYNAME" /bin/echo "!!! REMEMBER !!! : for a multicompany-environment the username-format of the SME-user and the ZARAFA-user, has to be : [username].[companyname]." fi fi
nano -w /etc/e-smith/events/actions/zarafa-update
#!/bin/sh /bin/echo "Stopping the Zarafa-services" /etc/e-smith/events/actions/zarafa-services stop /bin/echo "webaccess config" /bin/chown -R www:www /var/lib/zarafa-webaccess/tmp /bin/chown -R www:www /var/lib/zarafa-webapp/tmp FILE=/etc/httpd/conf.d/zarafa-webaccess.conf; if [ -a $FILE ]; then /bin/rm -f $FILE; fi FILE=/etc/httpd/conf.d/zarafa-webapp.conf; if [ -a $FILE ]; then /bin/rm -f $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chown -R www:www $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chmod 755 $FILE; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/touch /var/www/html/z-push/debug.txt; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chown www:www /var/www/html/z-push/debug.txt; fi FILE=/var/www/html/z-push/state; if [ -d $FILE ]; then /bin/chmod 755 /var/www/html/z-push/debug.txt; fi /bin/echo "Expanding Zarafa-templates" /etc/e-smith/events/actions/zarafa-expand-templates /bin/echo "Expanding http.conf-template" /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf /bin/echo "Restarting httpd" /usr/bin/sv restart /service/httpd-e-smith /bin/echo "Starting Zarafa-services" /etc/e-smith/events/actions/zarafa-services start /bin/echo "Setting permissions on files" FILE=/var/log/zarafa/dagent.log; if [ -a $FILE ]; then /bin/chmod 666 $FILE; fi
nano -w /etc/e-smith/events/actions/zarafa-create-user (ONLY FOR DB-PLUGIN)
#!/bin/sh clear /bin/echo "Enter the username of the ZARAFA-user" /bin/echo "If you have a multicompany-setup, format of the SME-username and the ZARAFA-username" /bin/echo "has to be [username].[companyname] !!!" read USERNAME /bin/echo "Enter password:" read PASSWORD /bin/echo "Enter e-mail address:" read EMAIL /bin/echo "Enter full name:" read FULLNAME /bin/echo "Executing..." /usr/bin/zarafa-admin -c "$USERNAME" -p "$PASSWORD" -e "$EMAIL" -f "$FULLNAME" /usr/bin/zarafa-admin -l /sbin/e-smith/db accounts setprop $USERNAME zarafa enabled /etc/e-smith/events/actions/qmail-update-user
nano -w /etc/e-smith/events/actions/zarafa-create-company (ONLY FOR DB-PLUGIN)
#!/bin/sh clear /bin/echo "Enter the companyname :" read COMPANYNAME /bin/echo "Executing..." /usr/bin/zarafa-admin --create-company "$COMPANYNAME"
ONLY FOR FIRST INSTALLATION : Make templates
nano -w /etc/e-smith/db/configuration/migrate/80zarafa
{ use MIME::Base64 qw(encode_base64); my $rec = $DB->get('zarafa-server') || $DB->new_record('zarafa-server', {type => 'service'}); my $pw = $rec->prop('DbPassword'); return "" if $pw; $rec->set_prop('DbPassword', sprintf("%15.0f", int( (1000000000000000) * rand() ))); }
nano -w /etc/e-smith/templates/etc/e-smith/sql/init/80zarafa
{ my $db = ${'zarafa-server'}{DbName} || 'zarafa'; my $user = ${'zarafa-server'}{DbUser} || 'zarafa'; my $pass = ${'zarafa-server'}{DbPassword} || 'changeme'; $OUT .= <<END #! /bin/sh if [ -d /var/lib/mysql/$db ]; then exit fi /usr/bin/mysql <<EOF CREATE DATABASE $db DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci; use $db; use mysql; GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost IDENTIFIED BY '$pass'; flush privileges; EOF END }
nano -w /etc/e-smith/templates.metadata/etc/e-smith/sql/init/80zarafa
PERMS=0750
mkdir -p /etc/e-smith/templates/etc/sysconfig/zarafa
nano -w /etc/e-smith/templates/etc/sysconfig/zarafa/zarafa
# # Locale setting for all Zarafa services # ZARAFA_LOCALE="{ ${'zarafa'}{language} || 'en_US.UTF-8' ; }" # # Locale setting for Zarafa userscripts # ZARAFA_USERSCRIPT_LOCALE="{ ${'zarafa'}{language} || 'en_US.UTF-8' ; }"
nano -w /etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/29ZarafaAliases
{ # vim: ft=perl: $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ? 'yes' : 'no'; my $zwebmailStatus = $zarafa{'status'} || "disabled"; my $zwebmailAccessType = $zarafa{'access'} || "SSL"; my $dirs; $dirs{zarafa} = '/usr/share/zarafa-webaccess'; $dirs{webaccess} = '/usr/share/zarafa-webaccess'; $dirs{webmail} = '/usr/share/zarafa-webaccess'; if ($imp{'status'} eq 'enabled') {$dirs{webmail} = ''}; $dirs{webapp} = '/usr/share/zarafa-webapp'; $dirs{'Microsoft-Server-ActiveSync'} = '/var/www/html/z-push/index.php'; return " # Zarafa is disabled in this VirtualHost\n" unless $zwebmailStatus eq 'enabled'; foreach $place ('zarafa','webmail','webaccess','webapp','Microsoft-Server-ActiveSync') { if (($port eq "80") && ($haveSSL eq 'yes') && ($zwebmailAccessType eq 'SSL')) { $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n"; } else { if (($dirs{$place}) ne '') {$OUT .= " Alias /$place $dirs{$place}\n"}; } } }
nano -w /etc/e-smith/templates/etc/httpd/conf/httpd.conf/86ZarafaAlias
{ my $zstatus = $zarafa{'status'}; if (defined $zstatus && $zstatus eq 'enabled') { $OUT .= qq( #-------------------------------------------------------------------- # Zarafa specific configuration files. #-------------------------------------------------------------------- Alias /zarafa /usr/share/zarafa-webaccess/ <Directory /usr/share/zarafa-webaccess/> # DirectoryIndex index.php # Options -Indexes +FollowSymLinks # AllowOverride Options Options -Indexes AllowOverride All order allow,deny allow from all AddType application/x-httpd-php .php php_flag magic_quotes_gpc off php_flag track_vars on </Directory> Alias /webapp /usr/share/zarafa-webapp/ <Directory /usr/share/zarafa-webapp/> Options -Indexes AllowOverride All order allow,deny allow from all AddType application/x-httpd-php .php php_flag magic_quotes_gpc off php_flag track_vars on </Directory> <Directory /var/www/html/> Options -Indexes AllowOverride All order allow,deny allow from all AddType application/x-httpd-php .php .php3 php_flag magic_quotes_gpc off </Directory> <Directory /var/www/html/z-push/> Options -Indexes AllowOverride All order allow,deny allow from all AddType application/x-httpd-php .php php_flag magic_quotes_gpc off php_flag register_globals off php_flag magic_quotes_runtime off php_flag short_open_tag on </Directory> ); } else { $OUT .= "# Zarafa Webmail is not configured as it is disabled in the config db"; } }
mkdir -p /etc/e-smith/templates/etc/zarafa/gateway.cfg
nano -w /etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg
############################################################## # GATEWAY SETTINGS server_bind = 0.0.0.0 # Please refer to the administrator manual or manpage why HTTP is used rather than the UNIX socket. server_socket = http://localhost:{${'zarafa-server'}{TCPPort}||'236';}/zarafa # Set this value to a name to show in the logon greeting to clients. # Leave empty to use DNS to find this name. server_hostname = # Whether to show the hostname in the logon greeting to clients. server_hostname_greeting = no # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-gateway.pid # run server in this path (when not using the -F switch) running_path = / # enable/disable POP3, and POP3 listen port pop3_enable = { if (${'zarafa-pop3'}{status} eq 'enabled') {'yes'} else {'no'}; } pop3_port = { ${'zarafa-pop3'}{TCPPort} || '8110'; } # enable/disable Secure POP3, and Secure POP3 listen port pop3s_enable = { if (${'zarafa-pop3s'}{status} eq 'enabled') {'yes'} else {'no'}; } pop3s_port = { ${'zarafa-pop3s'}{TCPPort} || '8995'; } # enable/disable IMAP, and IMAP listen port imap_enable = { if (${'zarafa-imap'}{status} eq 'enabled') {'yes'} else {'no'}; } imap_port = { ${'zarafa-imap'}{TCPPort} || '8143'; } # enable/disable Secure IMAP, and Secure IMAP listen port imaps_enable = { if (${'zarafa-imaps'}{status} eq 'enabled') {'yes'} else {'no'}; } imaps_port = { ${'zarafa-imaps'}{TCPPort} || '8993'; } # Only mail folder for IMAP or all subfolders (calendar, contacts, tasks, etc. too) imap_only_mailfolders = { ${'zarafa-imap'}{imap_only_mailfolders} || 'yes'; } # Show Public folders for IMAP imap_public_folders = { ${'zarafa-imap'}{imap_public_folders} || 'yes'; } # IMAP clients may use IDLE command imap_capability_idle = yes # The maximum size of an email that can be uploaded to the gateway imap_max_messagesize = { ${'zarafa-imap'}{imap_max_messagesize} || '134217728'; } # Override the e-mail charset and generate using utf-8 (when imap data is not present on the item) imap_generate_utf8 = { ${'zarafa-imap'}{imap_generate_utf8} || 'no'; } # Internally issue the expunge command to directly delete e-mail marked for deletion in IMAP. imap_expunge_on_delete = { ${'zarafa-imap'}{imap_expunge_on_delete} || 'no'; } # Store full rfc822 message during APPEND imap_store_rfc822 = { ${'zarafa-imap'}{imap_store_rfc822} || 'yes'; } # File with RSA key for SSL ssl_private_key_file = /home/e-smith/ssl.key/{$SystemName}.{$DomainName}.key #File with certificate for SSL ssl_certificate_file = /home/e-smith/ssl.crt/{$SystemName}.{$DomainName}.crt # Verify client certificate ssl_verify_client = { ${'zarafa-gateway'}{ssl_verify_client} || 'no'; } # Client verify file and/or path ssl_verify_file = ssl_verify_path = # Process model, using pthreads (thread) or processes (fork) process_model = { ${'zarafa-gateway'}{process_model} || 'fork'; } ############################################################## # GATEWAY LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-gateway'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-gateway'}{log_level} || '2'; } # Logfile for log_method = file, use '-' for stderr log_file = /var/log/zarafa/gateway.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-gateway'}{log_timestamp} || '1'; }
mkdir -p /etc/e-smith/templates/etc/zarafa/ical.cfg
nano -w /etc/e-smith/templates/etc/zarafa/ical.cfg/ical.cfg
############################################################## # ICAL SETTINGS # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-ical.pid # run server in this path (when not using the -F switch) running_path = / # IP Address to bind to (0.0.0.0 for ANY) server_bind = 0.0.0.0 # wether normal connections can be made to the ical server ical_enable = { if (${'zarafa-ical'}{status} eq 'enabled') {'yes'} else {'no'}; } # port which the ical server listens on for normal connections ical_port = { ${'zarafa-ical'}{TCPPort} || '8088'; } # wether ssl connections can be made to the ical server icals_enable = { if (${'zarafa-icals'}{status} eq 'enabled') {'yes'} else {'no'}; } # port which the ical server listens on for ssl connections icals_port = { ${'zarafa-icals'}{TCPPort} || '8089'; } # default connection to the Zarafa server # Please refer to the administrator manual or manpage why HTTP is used rather than the UNIX socket. server_socket = http://localhost:{${'zarafa-server'}{TCPPort}||'236';}/zarafa # Process model, using pthreads (thread) or processes (fork) process_model = { ${'zarafa-ical'}{process_model} || 'fork'; } ############################################################## # ICAL LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-ical'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-ical'}{log_level} || '2'; } # Logfile for log_method = file, use '-' for stderr log_file = /var/log/zarafa/ical.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-ical'}{log_timestamp} || '1'; } ############################################################## # ICAL SSL SETTINGS FOR INCOMING CONNECTIONS # File with RSA key for SSL ssl_private_key_file = /home/e-smith/ssl.key/{$SystemName}.{$DomainName}.key # File with certificate for SSL ssl_certificate_file = /home/e-smith/ssl.crt/{$SystemName}.{$DomainName}.crt # Verify client certificate ssl_verify_client = { ${'zarafa-ical'}{ssl_verify_client} || 'no'; } # Client verify file and/or path ssl_verify_file = ssl_verify_path = ############################################################## # OTHER ICAL SETTINGS # The timezone of the system clock server_timezone = {$TimeZone} # The charset of data to expect when the client doesn't specify any default_charset = { ${'zarafa-ical'}{default_charset} || 'utf-8'; } # Enable the iCalendar GET method for downloading calendars enable_ical_get = { ${'zarafa-ical'}{enable_ical_get} || 'yes'; }
mkdir -p /etc/e-smith/templates/etc/zarafa/server.cfg
nano -w /etc/e-smith/templates/etc/zarafa/server.cfg/server.cfg
############################################################## # SERVER SETTINGS # IP Address to bind to (0.0.0.0 for ANY) # Set to 127.0.0.1 if connections should only come from localhost # and through the webserver proxy server_bind = 0.0.0.0 # Accept normal TCP connections (not recommended to disable) server_tcp_enabled = { ${'zarafa-server'}{server_tcp_enabled} || 'yes'; } # Port to bind to server_tcp_port = { ${'zarafa-server'}{TCPPort} || '236'; } # Accept unix pipe connections (not recommended to disable) server_pipe_enabled = { ${'zarafa-server'}{server_pipe_enabled} || 'yes'; } # Unix socket location server_pipe_name = /var/run/zarafa server_pipe_priority = /var/run/zarafa-prio # Name for identifying the server in a multi-server environment server_name = { ${'zarafa-server'}{server_name} || 'Zarafa'; } # Override the hostname of this server, used by Kerberos SSO if enabled server_hostname = # Database engine (mysql) database_engine = { ${'zarafa-server'}{database_engine} || 'mysql'; } # Allow connections from normal users through the unix socket allow_local_users = { ${'zarafa-server'}{allow_local_users} || 'yes'; } # local admin users who can connect to any store (use this for the zarafa-dagent) # field is SPACE separated # eg: local_admin_users = root vmail local_admin_users = { ${'zarafa-server'}{local_admin_users} || 'root'; } # e-mail address of the Zarafa System user system_email_address = { ${'zarafa-server'}{system_email_address} || 'postmaster@localhost'; } # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-server.pid # run server in this path (when not using the -F switch) running_path = / # session timeout for clients. Values lower than 300 will be upped to 300 # automatically. If the server hears nothing from a client in session_timeout # seconds, then the session is killed. session_timeout = { ${'zarafa-server'}{session_timeout} || '300'; } # Socket to connect to license server license_socket = /var/run/zarafa-licensed # Time (in seconds) to wait for a connection to the license server before # terminating the request. license_timeout = { ${'zarafa-server'}{license_timeout} || '10'; } ############################################################## # LOG SETTINGS # Logging method (syslog, file), syslog facility is 'mail' log_method = { ${'zarafa-server'}{log_method} || 'file'; } # Logfile (for log_method = file, '-' for stderr) log_file = /var/log/zarafa/server.log # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-server'}{log_level} || '2'; } # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-server'}{log_timestamp} || '1'; } ############################################################## # AUDIT LOG SETTINGS # Audit logging is by default not enabled audit_log_enabled = { ${'zarafa-server'}{audit_log_enabled} || 'no'; } # Audit logging method (syslog, file), syslog facility is 'authpriv' audit_log_method = { ${'zarafa-server'}{audit_log_method} || 'syslog'; } # Audit logfile (for log_method = file, '-' for stderr) audit_log_file = /var/log/zarafa/audit.log # Audit loglevel (0=no logging, 1=full logging) audit_log_level = { ${'zarafa-server'}{audit_log_level} || '1'; } # Audit log timestamp - prefix each log line with timestamp in 'file' logging mode audit_log_timestamp = { ${'zarafa-server'}{audit_log_timestamp} || '1'; } ############################################################## # MYSQL SETTINGS (for database_engine = mysql) # MySQL hostname to connect to for database access mysql_host = { ${'zarafa-server'}{mysql_host} || 'localhost'; } # MySQL port to connect with (usually 3306) mysql_port = { ${'zarafa-server'}{mysql_port} || '3306'; } # The user under which we connect with MySQL mysql_user = { ${'zarafa-server'}{DbUser} || 'zarafa'; } # The password for the user (leave empty for no password) mysql_password = { ${'zarafa-server'}{DbPassword}; } # Override the default MySQL socket to access mysql locally # Works only if the mysql_host value is empty or 'localhost' mysql_socket = # Database to connect to mysql_database = { ${'zarafa-server'}{DbName} || 'zarafa'; } # Where to place attachments. Value can be 'database' or 'files' attachment_storage = { ${'zarafa-server'}{attachment_storage} || 'files'; } # When attachment_storage is 'files', use this path to store the files attachment_path = /home/e-smith/files/zarafa # Compression level for attachments when attachment_storage is 'files'. # Set compression level for attachments disabled=0, max=9 attachment_compression = { ${'zarafa-server'}{attachment_compression} || '6'; } ############################################################## # SSL SETTINGS # enable SSL support in server server_ssl_enabled = { ${'zarafa-ssl'}{server_ssl_enabled} || 'yes'; } # Listen for SSL connections on this port server_ssl_port = { ${'zarafa-ssl'}{TCPPort} || '237'; } # Required Server certificate, contains the certificate and the private key parts server_ssl_key_file = /home/e-smith/ssl.pem/{$SystemName}.{$DomainName}.pem # Password of Server certificate server_ssl_key_pass = { ${'zarafa-server'}{DbPassword}; } # Required Certificate Authority of server server_ssl_ca_file = /home/e-smith/ssl.crt/{$SystemName}.{$DomainName}.crt # Path with CA certificates, e.g. /etc/ssl/certs server_ssl_ca_path = /home/e-smith/ssl.crt # Path of SSL Public keys of clients sslkeys_path = /home/e-smith/ssl.pem ############################################################## # THREAD SETTINGS # Number of server threads # default: 8 threads = { ${'zarafa-server'}{threads} || '8'; } # Watchdog frequency. The number of watchdog checks per second. # default: 1 watchdog_frequency = { ${'zarafa-server'}{watchdog_frequency} || '1'; } # Watchdog max age. The maximum age in ms of a task before a # new thread is started. # default: 500 watchdog_max_age = { ${'zarafa-server'}{watchdog_max_age} || '500'; } # Maximum SOAP keep_alive value # default: 100 server_max_keep_alive_requests = { ${'zarafa-server'}{server_max_keep_alive_requests} || '100'; } # SOAP recv timeout value (time between requests) # default: 5 server_recv_timeout = { ${'zarafa-server'}{server_recv_timeout} || '5'; } # SOAP read timeout value (time during requests) # default: 60 server_read_timeout = { ${'zarafa-server'}{server_read_timeout} || '60'; } # SOAP send timeout value # default: 60 server_send_timeout = { ${'zarafa-server'}{server_send_timeout} || '60'; } ############################################################## # OTHER SETTINGS # Softdelete clean cycle (in days) 0=never running softdelete_lifetime = { ${'zarafa-server'}{softdelete_lifetime} || '30'; } # Sync lifetime, removes all changes remembered for a client after x days of inactivity sync_lifetime = { ${'zarafa-server'}{sync_lifetime} || '365'; } # Set to 'yes' if all changes (for synchronization) to messages should be logged to the database sync_log_all_changes = { ${'zarafa-server'}{sync_log_all_changes} || 'no'; } # Set to 'yes' if you have Kerberos or NTLM correctly configured for single sign-on enable_sso = { ${'zarafa-server'}{enable_sso} || 'no'; } # Set to 'yes' if you want to show the GAB to your users enable_gab = { ${'zarafa-server'}{enable_gab} || 'yes'; } # Authentication can be through plugin (default, recommended), pam or kerberos auth_method = { ${'zarafa-server'}{auth_method} || 'plugin'; } # If auth_method is set to pam, you should provide the pam service name pam_service = { ${'zarafa-server'}{pam_service} || 'passwd'; } ############################################################# # CACHE SETTINGS # # To see the live cache usage, use 'zarafa-stats --system', # or send a USR1 signal to the server, and read the logfile. # Size in bytes of the 'cell' cache (should be set as high as you can afford to set it) cache_cell_size = { ${'zarafa-server'}{cache_cell_size} || '268435456'; } # Size in bytes of the 'object' cache cache_object_size = { ${'zarafa-server'}{cache_object_size} || '5242880'; } # Size in bytes of the 'indexed object' cache cache_indexedobject_size = { ${'zarafa-server'}{cache_indexedobject_size} || '16777216'; } # Size in bytes of the userquota details cache_quota_size = { ${'zarafa-server'}{cache_quota_size} || '1048576'; } # Lifetime for userquota details cache_quota_lifetime = { ${'zarafa-server'}{cache_quota_lifetime} || '1'; } # Size in bytes of the acl cache cache_acl_size = { ${'zarafa-server'}{cache_acl_size} || '1048576'; } # Size in bytes of the store id/guid cache cache_store_size = { ${'zarafa-server'}{cache_store_size} || '1048576'; } # Size in bytes of the 'user id' cache (this is allocated twice) cache_user_size = { ${'zarafa-server'}{cache_user_size} || '1048576'; } # Size in bytes of the 'user details' cache cache_userdetails_size = { ${'zarafa-server'}{cache_userdetails_size} || '26214400'; } # Lifetime for user details cache_userdetails_lifetime = { ${'zarafa-server'}{cache_userdetails_lifetime} || '5'; } # Size in bytes of the server details (multiserver setups only) cache_server_size = { ${'zarafa-server'}{cache_server_size} || '1048576'; } # Lifetime for server details (multiserver setups only) cache_server_lifetime = { ${'zarafa-server'}{cache_server_lifetime} || '30'; } ############################################################## # QUOTA SETTINGS # The default Warning Quota Level. Set to 0 to disable this level. # The user will receive an email when this level is reached. Value is in Mb. Default value is 0. quota_warn = { ${'zarafa-server'}{quota_warn} || '0'; } # The default Soft Quota Level. Set to 0 to disable this level. # The user will still receive mail, but sending new mail is prohibited, until objects are removed from the store. # VALUE is in Mb. Default value is 0. quota_soft = { ${'zarafa-server'}{quota_soft} || '0'; } # The default Hard Quota Level. Set to 0 to disable this level. # The user can not receive and send mail, until objects are removed from the store. # Value is in Mb. Default value is 0. quota_hard = { ${'zarafa-server'}{quota_hard} || '0'; } # The default Warning Quota Level for multitenant public stores. Set to 0 to disable this level. # The tenant administrator will receive an email when this level is reached. Value is in Mb. Default value is 0. companyquota_warn = { ${'zarafa-server'}{companyquota_warn} || '0'; } ############################################################## # USER PLUGIN SETTINGS # Name of the plugin that handles users # Required, default = ldap # Values: ldap, unix, db, ldapms (available in enterprise license) user_plugin = { ${'zarafa-server'}{Plugin} || 'db'; } # configuration file of the user plugin, examples can be found in /usr/share/zarafa/example-config { if (( ${'zarafa-server'}{Plugin} || 'db' ) eq 'unix') { 'user_plugin_config = /etc/zarafa/unix.cfg'; } elsif (( ${'zarafa-server'}{Plugin} || 'db' ) eq 'ldap') { 'user_plugin_config = /etc/zarafa/ldap.cfg'; } } # location of the zarafa plugins # if you have a 64bit distribution, this probably should be changed to /usr/lib64/zarafa plugin_path = /usr/lib/zarafa # scripts which create stores for users from an external source # used for ldap and unix plugins only createuser_script = /etc/zarafa/userscripts/createuser deleteuser_script = /etc/zarafa/userscripts/deleteuser creategroup_script = /etc/zarafa/userscripts/creategroup deletegroup_script = /etc/zarafa/userscripts/deletegroup createcompany_script = /etc/zarafa/userscripts/createcompany deletecompany_script = /etc/zarafa/userscripts/deletecompany # Set this option to 'yes' to skip the creation and deletion of new users # The action will be logged, so you can see if your changes to the plugin # configuration are correct. user_safe_mode = { ${'zarafa-server'}{user_safe_mode} || 'no'; } ############################################################## # MISC SETTINGS # Thread size in KB, default is 512 # WARNING: Do not set too small, your server WILL crash thread_stacksize = { ${'zarafa-server'}{thread_stacksize} || '512'; } # Enable multi-tenancy environment # When set to true it is possible to create tenants within the # zarafa instance and assign all users and groups to particular # tenants. # When set to false, the normal single-tenancy environment is created. { if (( ${'zarafa-server'}{Multicompany} || 'no' ) eq 'yes') { 'enable_hosted_zarafa = true'; } elsif (( ${'zarafa-server'}{Multicompany} || 'no' ) eq 'no') { 'enable_hosted_zarafa = false'; } } # Enable multi-server environment # When set to true it is possible to place users and tenants on # specific servers. # When set to false, the normal single-server environment is created. enable_distributed_zarafa = { ${'zarafa-server'}{enable_distributed_zarafa} || 'false'; } # Display format of store name # Allowed variables: # %u Username # %f Fullname # %c Teantname # default: %f storename_format = { ${'zarafa-server'}{storename_format} || '%f'; } # Loginname format (for Multi-tenancy installations) # When the user does not login through a system-wide unique # username (like the email address) a unique name is created # by combining the username and the tenantname. # With this configuration option you can set how the # loginname should be built up. # # Note: Do not use the = character in the format. # # Allowed variables: # %u Username # %c Teantname # # default: %u { if (( ${'zarafa-server'}{Multicompany} || 'no' ) eq 'yes') { 'loginname_format = %u.%c'; } elsif (( ${'zarafa-server'}{Multicompany} || 'no' ) eq 'no') { 'loginname_format = %u'; } } # Set to yes for Windows clients to be able to download the latest # Zarafa Outlook client from the Zarafa server client_update_enabled = { ${'zarafa-server'}{client_update_enabled} || 'false'; } # Place the correct Zarafa Outlook Client in this directory for # Windows clients to download through the Zarafa server client_update_path = { ${'zarafa-server'}{client_update_path} || '/var/lib/zarafa/client'; } # Recieve update information from the client (0 = disabled, 1 = only on error, 2 = log always) client_update_log_level = { ${'zarafa-server'}{client_update_log_level} || '1'; } # Log location for the client auto update files client_update_log_path = /var/log/zarafa/autoupdate # Everyone is a special internal group, which contains every user and group # You may want to disable this group from the Global Addressbook by setting # this option to 'yes'. Administrators will still be able to see the group. hide_everyone = { ${'zarafa-server'}{hide_everyone} || 'yes'; } # System is a special internal user, which has super-admin privileges # You may want to disable this user from the Global Addressbook by setting # this option to 'yes'. Administrators will still be able to see the user. hide_system = { ${'zarafa-server'}{hide_system} || 'yes'; } # Use Indexing service for faster searching. # Enabling this option requires the zarafa-indexer service to # be running. index_services_enabled = { ${'zarafa-server'}{index_services_enabled} || 'no'; } # Path to the zarafa-indexer service, this option is only required # if the server is going to make use of the indexing service. index_services_path = file:///var/run/zarafa-indexer # Time (in seconds) to wait for a connection to the zarafa-indexer service # before terminating the indexed search request. index_services_search_timeout = { ${'zarafa-server'}{index_services_search_timeout} || '10'; } # Minimum length of a search term in characters to enable prefix searching index_services_prefix_chars = { ${'zarafa-server'}{index_services_prefix_chars} || '3'; } # Allow enhanced ICS operations to speedup synchronization with cached profiles. # default: yes enable_enhanced_ics = { ${'zarafa-server'}{enable_enhanced_ics} || 'yes'; } # Synchronize GAB users on every open of the GAB (otherwise, only on # zarafa-admin --sync) sync_gab_realtime = { ${'zarafa-server'}{sync_gab_realtime} || 'yes'; } # Disable features for users. Default all features are disabled. This # list is space separated. Currently valid values: imap disabled_features = { ${'zarafa-server'}{disabled_features}; } # Maximum number of deferred records in total max_deferred_records = { ${'zarafa-server'}{max_deferred_records} || '0'; } # Maximum number of deferred records per folder max_deferred_records_folder = { ${'zarafa-server'}{max_deferred_records_folder} || '20'; }
mkdir -p /etc/e-smith/templates/etc/zarafa/unix.cfg
nano -w /etc/e-smith/templates/etc/zarafa/unix.cfg/unix.cfg
{ use esmith::AccountsDB } ############################################################## # UNIX USER PLUGIN SETTINGS # # Any of these directives that are required, are only required if the # userplugin parameter is set to unix. # Charset used in /etc/passwd for the fullname of a user. Normally this # is us-ascii, but this can differ according to your setup. # The charset specified here must be supported by your iconv(1) # setup. See iconv -l for all charsets. fullname_charset = iso-8859-15 # Default email domain for constructing new users # Required, no default default_domain = { ${'zarafa-server'}{DomainName} || $DomainName; } # The lowest user id that is considered a regular user # Optional, default = 1000 min_user_uid = 101 # The highest user id that is considered a regular user # Optional, default = 10000 max_user_uid = 10000 # A list of user ids that are not considered to be regular users # Optional, default = empty # except_user_uids = except_user_uids = { $accounts = esmith::AccountsDB->open_ro or die "Could not open AccountsDB"; { while (($name, $passwd, $uid, $gid, $quota, $comment, $gcos, $dir, $shell) = getpwent()) { $user = $accounts->get($name); $OUT .= "$uid " unless $uid <= 101 or (defined $user and $user->prop('type') eq "user"); } } } # The lowest group id that is considered a regular group # Optional, default = 1000 min_group_gid = 5000 # The highest group id that is considered a regular group # Optional, default = 10000 max_group_gid = 10000 # A list of group ids that are not considered to be regular groups # Optional, default = empty # except_group_gids = except_group_gids = { setpwent(); while (($name, $passwd, $uid, $gid, $quota, $comment, $gcos, $dir, $shell) = getpwent()) { $group = $accounts->get($name); $OUT .= "$gid " unless $gid < 5000 or (defined $group and $group->prop('type') eq "group"); } endpwent(); } # Create a user as non-active when it has this unix shell non_login_shell = /bin/false
mkdir -p /etc/e-smith/templates/etc/zarafa/indexer.cfg
nano -w /etc/e-smith/templates/etc/zarafa/indexer.cfg/indexer.cfg
############################################################## # INDEXER SERVICE SETTINGS # Location of the index files index_path = /var/lib/zarafa/index/ # run as specific user run_as_user = # run as specific group run_as_group = # control pid file pid_file = /var/run/zarafa-indexer.pid # run server in this path (when not using the -F switch) running_path = / # Force remove lockfiles on startup. Leaves possibly corrupt indexes on disk. # See log for info of removed locks. cleanup_lockfiles = { ${'zarafa-indexer'}{cleanup_lockfiles} || 'no'; } # Limit the number of results returned (0 = don't limit) limit_results = { ${'zarafa-indexer'}{limit_results} || '0'; } ############################################################## # CONNECTION TO ZARAFA SERVER SETTINGS # # Socket to find the connection to the Zarafa server. # Use https to reach servers over the network server_socket = file:///var/run/zarafa # Login to the Zarafa server using this SSL Key sslkey_file = /etc/zarafa/ssl/indexer.pem # The password of the SSL Key sslkey_pass = replace-with-server-cert-password ############################################################## # LISTEN SETTINGS # # binding address # To setup for multi-server, use: http://0.0.0.0:port or https://0.0.0.0:port server_bind_name = file:///var/run/zarafa-indexer # File with RSA key for SSL, used then server_bind_name uses https ssl_private_key_file= /etc/zarafa/indexer/privkey.pem # File with certificate for SSL, used then server_bind_name uses https ssl_certificate_file= /etc/zarafa/indexer/cert.pem ############################################################## # LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-indexer'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-indexer'}{log_level} || '2'; } # Logfile for log_method = file, use '-' for stderr log_file = /var/log/zarafa/indexer.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-indexer'}{log_timestamp} || '1'; } ############################################################## # ADVANCED INDEXER SETTINGS # Indexing interval (in minutes) index_interval = { ${'zarafa-indexer'}{index_interval} || '5'; } # Max number of indexing threads index_threads = { ${'zarafa-indexer'}{index_threads} || '1'; } # Max length of indexed data index_max_field_length = { ${'zarafa-indexer'}{index_max_field_length} || '10000'; } # Number of documents per segments before segments are merged index_merge_factor = { ${'zarafa-indexer'}{index_merge_factor} || '10'; } # Max number of documents kept in memory before CLucene will write a new segment to disk index_max_buffered_docs = { ${'zarafa-indexer'}{index_max_buffered_docs} || '10'; } # Minumum amount of documents in memory before index is written to disk index_min_merge_docs = { ${'zarafa-indexer'}{index_min_merge_docs} || '10'; } # Maximum number of documents in memory before index is written to disk index_max_merge_docs = { ${'zarafa-indexer'}{index_max_merge_docs} || '2147483647'; } # The fraction of terms in the "dictionary" which should be stored in RAM. index_term_interval = { ${'zarafa-indexer'}{index_term_interval} || '128'; } # Timout for keeping Lucene cache open index_cache_timeout = { ${'zarafa-indexer'}{index_cache_timeout} || '0'; } ############################################################## # ATTACHMENT INDEX SETTINGS # Should attachments be indexed index_attachments = { ${'zarafa-indexer'}{index_attachments} || 'no'; } # Maximum file size for attachments (in kb) index_attachment_max_size = { ${'zarafa-indexer'}{index_attachment_max_size} || '5120'; } # Scripts to attachment to text parser index_attachment_parser = /etc/zarafa/indexerscripts/attachments_parser # Maximum amount of memory which a parser may use in bytes (set to 0 for unlimited) # If this maximum is exceeded the parser will be killed index_attachment_parser_max_memory = { ${'zarafa-indexer'}{index_attachment_parser_max_memory} || '0'; } # Maximim amount of CPU time (in seconds) which a parser may spend on parsing (set to 0 for unlimited) # If this maximum is exceeded the parser will be killed index_attachment_parser_max_cputime = { ${'zarafa-indexer'}{index_attachment_parser_max_cputime} || '0'; } # Filter out parsing of attachment which has a mimetype from this list # Only the first part of the mime needs to be given, like 'image'. # This field is SPACE separated index_attachment_mime_filter = # Filter out parsing of attachment which has an extension from this list # (only tested if mimetype was not found on the attachment) # This field is SPACE separated index_attachment_extension_filter = ############################################################## # INDEX FILTERS # Don't index users from the following list # field is SPACE separated index_block_users = # Don't index users from the following companies # field is SPACE separated index_block_companies = # Index users only from the following servers (see server.cfg#server_name) # If left empty, all servers will be allowed. # field is SPACE separated index_allow_servers =
mkdir -p /etc/e-smith/templates/etc/zarafa/monitor.cfg
nano -w /etc/e-smith/templates/etc/zarafa/monitor.cfg/monitor.cfg
############################################################## # ZARAFA MONITOR SETTINGS # Server unix socket location server_socket = file:///var/run/zarafa # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-monitor.pid # run server in this path (when not using the -F switch) running_path = / ############################################################## # ZARAFA MONITOR LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-monitor'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-monitor'}{log_level} || '2'; } # Logfile for log_method = file log_file = /var/log/zarafa/monitor.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-monitor'}{log_timestamp} || '1'; } ############################################################## # MONITOR SSL LOGIN SETTINGS # # Note: server_socket must be set to https://servername:portname/zarafa # to use this type of login method # Login to the Zarafa server using this SSL Key sslkey_file = /etc/zarafa/ssl/monitor.pem # The password of the SSL Key sslkey_pass = replace-with-monitor-cert-password ############################################################## # ZARAFA MONITOR INTERVAL SETTINGS # Quota check interval (in minutes) quota_check_interval = { ${'zarafa-monitor'}{quota_check_interval} || '15'; } ############################################################## # ZARAFA MONITOR MAIL QUOTA SETTINGS # Quota mail interval in days mailquota_resend_interval = { ${'zarafa-monitor'}{mailquota_resend_interval} || '1'; } # Templates to be used for quota emails which are send to the user # when the various user quota levels have been exceeded. userquota_warning_template = /etc/zarafa/quotamail/userwarning.mail userquota_soft_template = /etc/zarafa/quotamail/usersoft.mail userquota_hard_template = /etc/zarafa/quotamail/userhard.mail # Templates to be used for quota emails which are send to the company administrators # when the various company quota levels have been exceeded. companyquota_warning_template = /etc/zarafa/quotamail/companywarning.mail companyquota_soft_template = /etc/zarafa/quotamail/companysoft.mail companyquota_hard_template = /etc/zarafa/quotamail/companyhard.mail
mkdir -p /etc/e-smith/templates/etc/zarafa/licensed.cfg
nano -w /etc/e-smith/templates/etc/zarafa/licensed.cfg/licensed.cfg
############################################################## # SERVER SETTINGS # The socket that the license server will run on # default: /var/run/zarafa-licensed server_pipe_name = /var/run/zarafa-licensed # The URL on which we can contact zarafa-server # default: file:///var/run/zarafa server_socket = file:///var/run/zarafa-prio # Login to the Zarafa server using this SSL Key sslkey_file = /etc/zarafa/ssl/licensed.pem # The password of the SSL Key sslkey_pass = replace-with-server-cert-password # License path (should contain 'base' and CALs in other files) license_path = /etc/zarafa/license # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-licensed.pid # run server in this path (when not using the -F switch) running_path = / ############################################################## # LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-licensed'}{log_method} || 'file'; } # Logfile (for log_method = file, '-' for stderr) log_file = /var/log/zarafa/licensed.log # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-licensed'}{log_level} || '2'; } # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-licensed'}{log_timestamp} || '1'; }
mkdir -p /etc/e-smith/templates/etc/zarafa/spooler.cfg
nano -w /etc/e-smith/templates/etc/zarafa/spooler.cfg/spooler.cfg
############################################################## # SPOOLER SETTINGS # Outgoing mailserver name or IP address smtp_server = localhost # Port number for outgoing mailserver smtp_port = { ${'zarafa-spooler'}{smtp_port} || '25'; } # Server unix socket location server_socket = file:///var/run/zarafa # drop privileges and run the process as this user run_as_user = # drop privileges and run the process as this group run_as_group = # create a pid file for stopping the service via the init.d scripts pid_file = /var/run/zarafa-spooler.pid # run server in this path (when not using the -F switch) running_path = / ############################################################## # SPOOLER LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-spooler'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-spooler'}{log_level} || '3'; } # Logfile for log_method = file log_file = /var/log/zarafa/spooler.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-spooler'}{log_timestamp} || '1'; } ############################################################## # SPOOLER SSL LOGIN SETTINGS # # Note: server_socket must be set to https://servername:portname/zarafa # to use this type of login method # Login to the Zarafa server using this SSL Key sslkey_file = /etc/zarafa/ssl/spooler.pem # The password of the SSL Key sslkey_pass = replace-with-server-cert-password ############################################################## # SPOOLER THREAD SETTINGS # Maximum number of threads used to send outgoing messages # Default: 5 max_threads = { ${'zarafa-spooler'}{max_threads} || '5'; } ############################################################## # SPOOLER FAXING SETTINGS # When sending an email that must go to a fax address, the address # will be rewritten to <phonenumber>@<fax_domain> fax_domain = { ${'zarafa-spooler'}{fax_domain} || 'fax.local'; } # If the received number starts with a '+', it will be replaced by # the fax_international value. # eg. +3112345678@fax.local will be rewritten to 003112345678@fax.local fax_international = { ${'zarafa-spooler'}{fax_international} || '00'; } ############################################################## # SPOOLER DELEGATE SETTINGS # Set this value to 'yes' to let the spooler always send emails with # delegates (other user than yourself in the From: header) # In installations before 6.20, this value was always 'yes'. # IMPORTANT: This feature overrides "send-as" functionality. always_send_delegates = { ${'zarafa-spooler'}{always_send_delegates} || 'no'; } # Set this value to 'no' if you do NOT want to allow redirected e-mails # being sent with their original 'FROM' header allow_redirect_spoofing = { ${'zarafa-spooler'}{allow_redirect_spoofing} || 'yes'; } # Copies the sent mail of delegates and send-as mails in the # "Sent Items" folder of the representer. copy_delegate_mails = { ${'zarafa-spooler'}{copy_delegate_mails} || 'yes'; } # Allow to forward and sent a meeting request as delegate Zarafa and # SMTP user. allow_delegate_meeting_request = { ${'zarafa-spooler'}{allow_delegate_meeting_request} || 'yes'; } # Allow users to send email to the 'everyone' group allow_send_to_everyone = { ${'zarafa-spooler'}{allow_send_to_everyone} || 'yes'; } ############################################################## # SPOOLER OUTPUT SETTINGS # Set this value to 'yes' to always send meeting request information # using TNEF method (winmail.dat attachments) # Otherwise, the meeting request information is sent using # iCalendar (calendar.ics attachment). always_send_tnef = { ${'zarafa-spooler'}{always_send_tnef} || 'no'; } # Send all e-mail always using the UTF-8 charset. # Normally, the requested charset is used, which can be any charset. always_send_utf8 = { ${'zarafa-spooler'}{always_send_utf8} || 'no'; } # The us-ascii charset will be upgraded to this charset, to allow more # use of high-characters. Not used when always_send_utf8 is enabled. charset_upgrade = { ${'zarafa-spooler'}{charset_upgrade} || 'windows-1252'; } ############################################################## # SPOOLER GROUP EXPANSION # Set this value to 'yes' if groups should be expanded to their # members; This means that the receiving party will see the names # of the group members in the To: header for example. If set to # 'no', the name of the group will appear in the headers. # # Note: groups with email addresses are never expanded expand_groups = { ${'zarafa-spooler'}{expand_groups} || 'no'; } ############################################################## # SPOOLER ARCHIVING SETTINGS # Enable archive_on_send to automatically archive all outgoing # messages. # This will do nothing if no archive is attached to the source mailbox. archive_on_send = { ${'zarafa-spooler'}{archive_on_send} || 'no'; }
mkdir -p /etc/e-smith/templates/etc/zarafa/dagent.cfg
nano -w /etc/e-smith/templates/etc/zarafa/dagent.cfg/dagent.cfg
############################################################## # DAGENT SETTINGS # connection to the zarafa server server_socket = file:///var/run/zarafa ############################################################## # DAGENT SSL LOGIN SETTINGS # # Note: server_socket must be set to https://servername:portname/zarafa # to use this type of login method # Login to the Zarafa server using this SSL Key sslkey_file = /etc/zarafa/ssl/dagent.pem # The password of the SSL Key sslkey_pass = replace-with-dagent-cert-password ############################################################## # DAGENT LOG SETTINGS # Logging method (syslog, file) log_method = { ${'zarafa-dagent'}{log_method} || 'file'; } # Loglevel (0=no logging, 5=full logging) log_level = { ${'zarafa-dagent'}{log_level} || '2'; } # Logfile for log_method = file, use '-' for stderr log_file = /var/log/zarafa/dagent.log # Log timestamp - prefix each log line with timestamp in 'file' logging mode log_timestamp = { ${'zarafa-dagent'}{log_timestamp} || '1'; } # Log raw message to a file log_raw_message = { ${'zarafa-dagent'}{log_raw_message} || 'no'; } # Log raw messages path log_raw_message_path = /tmp ############################################################## # DAGENT LMTP SETTINGS # start dagent with -d to create an lmtp daemon of the zarafa-dagent # binding address for LMTP daemon # change to 0.0.0.0 if you require connections over the network server_bind = 127.0.0.1 # LMTP port to listen on for LMTP connections lmtp_port = { ${'zarafa-dagent'}{lmtp_port} || '2003'; } # Maximum LMTP threads that ca be running simultaneously # This is also limited by your SMTP server. (20 is the postfix default concurrency limit) lmtp_max_threads = { ${'zarafa-dagent'}{lmtp_max_threads} || '20'; } # Process model for LMTP daemon, using pthreads (thread) or processes (fork) process_model = { ${'zarafa-dagent'}{process_model} || 'fork'; } # run as specific user in LMTP mode. # make sure this user is listed in local_admin_users in your zarafa server config # or use SSL connections with certificates to login run_as_user = # run as specific group in LMTP mode. run_as_group = # control pid file pid_file = /var/run/zarafa-dagent.pid # The following e-mail header will mark the mail as spam, so the mail # is placed in the Junk Mail folder, and not the Inbox. # The name is case insensitive. # set to empty to not use this detection scheme. spam_header_name = { ${'zarafa-dagent'}{spam_header_name} || 'X-Spam-Status'; } # If the above header is found, and contains the following value # the mail will be considered as spam. # Notes: # - The value is case insensitive. # - Leading and trailing spaces are stripped. # - The word 'bayes' also contains the word 'yes'. spam_header_value = { ${'zarafa-dagent'}{spam_header_value} || 'Yes'; } ############################################################## # DAGENT ARCHIVING SETTINGS # Enable archive_on_delivery to automatically archive all incoming # messages on delivery. # This will do nothing if no archive is attached to the target mailbox. archive_on_delivery = { ${'zarafa-dagent'}{archive_on_delivery} || 'no'; } ############################################################## # DAGENT RULE SETTINGS # Enable the addition of X-Zarafa-Rule-Action headers on messages # that have been forwarded or replied by a rule. # Default: yes set_rule_headers = yes
nano -w /etc/e-smith/templates-user/.qmail/80Zarafa
{ my $zarafa = $user->prop('zarafa') || 'disabled'; my $zarafa2 = ${'zarafa-server'}{GlobalForward} || 'disabled'; if ($zarafa eq 'enabled' || $zarafa2 eq 'enabled') { return "| /usr/bin/zarafa-dagent -q $USERNAME ; if [ \$\? -ne 0 ] ; then exit -1; else exit 99; fi;" } }
nano -w /etc/e-smith/templates-user/.qmail-junkmail/01Zarafa
{ # vim: ft=perl: die "USERNAME not set." unless defined ($USERNAME); use esmith::AccountsDB; $adb = esmith::AccountsDB->open_ro or die "Couldn't open AccountsDB"; $user = $adb->get($USERNAME) or die "No user $USERNAME in AccountsDB"; my $zarafa = $user->prop('zarafa') || 'disabled'; return "| /usr/bin/zarafa-dagent -qj $USERNAME ; if [ \$\? -ne 0 ] ; then exit -1; else exit 99; fi;" if ($zarafa eq 'enabled'); }
ONLY FOR FIRST INSTALLATION : Execute zarafa-install
/bin/chmod 554 /etc/e-smith/events/actions/zarafa-install
/etc/e-smith/events/actions/zarafa-install
signal-event post-upgrade; signal-event reboot
UPGRADING : Execute zarafa-update
Search in the Zarafa-releasenotes for new keys in the config-files and change the config-templates with these new keys
http://doc.zarafa.com/7.0/Release_Notes/en-US/html-single/
/etc/e-smith/events/actions/zarafa-update
signal-event post-upgrade; signal-event reboot
Managing Zarafa-users/companies
With Unix-plugin
Zarafa-users are created with the creation of a SME-user, but you have to enable delivery to zarafa for these SME-users.
Enable maildelivery to zarafa for a user :
db accounts setprop [USERNAME] zarafa enabled /etc/e-smith/events/actions/qmail-update-user
Disable maildelivery to zarafa for a user :
db accounts setprop [USERNAME] zarafa disabled /etc/e-smith/events/actions/qmail-update-user
Enable mail delivery to zarafa for ALL users (NOT RECOMMANDED - cf. junkmail-template not adjusted for GlobalForward) :
config setprop zarafa-server GlobalForward enabled /etc/e-smith/events/actions/qmail-update-user
Other options for managing users
zarafa-admin --help
With DB-plugin
Create company
/etc/e-smith/events/actions/zarafa-create-company
Create user
/etc/e-smith/events/actions/zarafa-create-user
Disable maildelivery to zarafa for a user :
db accounts setprop [USERNAME] zarafa disabled /etc/e-smith/events/actions/qmail-update-user
Other options for managing users/companies
zarafa-admin --help
Usefull commands
Change db-entries (Change default-values in zarafa-config-files)
config setprop [zarafa-service] [key] [value] /etc/e-smith/events/actions/zarafa-expand-templates /etc/e-smith/events/actions/zarafa-services restart
Change loglevel to 5 (= max. (default = 2))
config setprop zarafa-server log_level 5 config setprop zarafa-dagent log_level 5 config setprop zarafa-spooler log_level 5 config setprop zarafa-monitor log_level 5 config setprop zarafa-ical log_level 5 config setprop zarafa-gateway log_level 5 config setprop zarafa-licensed log_level 5 config setprop zarafa-indexer log_level 5 /etc/e-smith/events/actions/zarafa-expand-templates /etc/e-smith/events/actions/zarafa-services restart
Change index-interval to 60 minutes (= max. (default = 5))
config setprop zarafa-indexer index_interval 60 /etc/e-smith/events/actions/zarafa-expand-templates /etc/e-smith/events/actions/zarafa-services restart
Setting system-email-address
config setprop zarafa-server system_email_address [admin@mydomain.com] /etc/e-smith/events/actions/zarafa-expand-templates /etc/e-smith/events/actions/zarafa-services restart
View userdetails
zarafa-admin --details [user]
Setting send-emailadres for a user
zarafa-admin -u [user] -e [send-emailadres]
Quota-settings
zarafa-admin -u [user] --qo y --qw 1600 --qs 1800 --qh 2000
Give a user administrator-privileges
zarafa-admin -u [user] -a y
Connecting Outlook
On your Windowsclients, execute zarafaclient.msi (Moved earlier to an installshare in your network - cf. supra)
Configure Outlook (point it to your zarafaserver with the credentials of a created Zarafa-user (if DB-plugin : create Zarafa-users first))
Zarafa-documentation
Zarafa Administrator Manual
Help for the zarafa-admin-tool
zarafa-admin --help
man-pages
man zarafa-server man zarafa-monitor man zarafa-dagent man zarafa-gateway man zarafa-spooler man zarafa-ical man zarafa-indexer man zarafa-licensed man zarafa-server.cfg man zarafa-monitor.cfg man zarafa-dagent.cfg man zarafa-gateway.cfg man zarafa-spooler.cfg man zarafa-ical.cfg man zarafa-indexer.cfg man zarafa-licensed.cfg man zarafa-unix.cfg