Author Topic: Sr. Admin, RC Newbie adding RC to established, sophisticated environment...  (Read 1191 times)

Offline strcube

  • Newbie
  • *
  • Posts: 9
Hi Everyone,

The alert might notice this profile I'm posting with was created around a year and a half ago! I've been "lurking" for a while and distracted by many other demands on my time but finally have an installation (v 1.6.1-1) to get running. ... I find the available documentation ... uh... lacking! However, rather than complain, I'm hoping that as I figure things out I can help with recording my journey as I'm big on "leaving bread-crumbs to follow" (however bad that metaphor is).

A key reason to lurk so long was to satisfy myself that RoundCube (RC) can in fact handle this particular scenario - I was pretty sure fairly early that it can and I'm pretty well convinced now that the limiting factor is my and my understudy's time; I'm under NO illusion that this is going to be simple and quick (though I'd love to be surprised), and unlike a shop just starting out, I don't have time or resources to create a "development installation" and then flesh out the more sophisticated bits, even though in theory that might take less time. Instead, I've got to integrate things during the installation process - as challenging at that may or may not be.

As an overview, it's a roughly 28 year old environment that started out on the first Red Hat distribution and remains on Fedora - presently 38. It's got a fairly sophisticated internal network with a few firewall / gateway machines, one of which is also a primary web server (Apache & Nginx) and that's our designated host for Round Cube. It doesn't do much else but firewall / gateway and web serving, has few resources, and, critically, is NOT a part of the rather robust backup strategy of daily-changing data - at least not at present anyway. So, the plan is that RC is going to "reach into the internal net" as needed to get to Postfix & Dovecot, and I'm presently hoping to let Postgres ("PostgreSQL" to the unfamiliar) plod happily along on the same system as RC and use Postgres' binary replication to bring the bits in for backup purposes as that's "already a thing" in our environment.

The site has around 50 domains it hosts, most of which are "charity cases", all of which are "virtual", and, thankfully, not a large number of live users, but that's expected to change some as RC comes online. We don't yet have virtual users for email but we need to have and that's another challenging part of what I hope to configure forthwith.

I think that does the overview well; please feel free to ask / comment, etc.

------

The installation itself was trivial; use "dnf install roundcube" and that's that. I found the listing of "requirements" and added a few bits of other software, including a couple of php packages, and I added Dovecot, too, as it may be helpful for a transitional period, I surmise.  And, we had a bit of a tragedy back in January where we learned that while our USER data backups are quite robust, we ended up losing some OS configuration level data and haven't got Dovecot working quite the way it did previously! ... We're just drawn too thin sometimes, I guess. And so anyway, a fresh crack at Dovecot seems reasonable.

I went through the configuration files and figure that the Fedora packaging is different than most other RoundCube platforms, most obviously because it doesn't have a config directory, etc.

And that's only one difference I found - versions change, etc, so I think my version may be quite different. In particular, the Dovecot password scheme configuration was in its own file, unlike what the available documentation led me to believe would be the case. ...Am I safe in presuming it - the user's password scheme as known by / to RC - gets read automatically? (I'm completely new to PHP, but "speak" over a dozen programming languages, so I figure it can't be too hard - but I may miss something here or there.)

I also noticed some "tutorials" saying you move the RC installation tree to be INSIDE the Apache DocumentRoot?! WOAH! Really?! Well, I'm presuming a link will do the job; should I put a link to the REAL installation directory (which I take to be /etc/roundcubemail) somewhere inside the document root of whatever virtual host it's for, right?

On that point, I noticed that there was a point made in requirements / prerequisites of configuring for the running scripts; I'm guessing I need a generic place to declare that, or else I have to copy it 50-ish times? That won't be fun, but I imagine SOMEONE figured out a better way already! It'd be nice if someone could point that out!

Is there a global location I can look for error reporting or is it all per virtual domain? (I presume the latter.)

...OK, enough for now, it's getting late!


Offline strcube

  • Newbie
  • *
  • Posts: 9
Breadcrumb 1:

Platform:

Fedora Server v38
Round Cube 1.6.1-1
Apache 2.4.57-1
Postfix 3.7.4-1
Dovecot 2.3.20-2
Postgresql 15.1.2

Configuration directory: /etc/roundcubemail
Installation directory:     /usr/share/roundcubemail

Configuration Goals, near term: Virtual web hosting on a gateway/firewall machine, local Postgres database, MTA and IMAP servers via internal network to internal host(s).

Getting Started:

Preconfigure as much as possible by going through the files in /etc/roundcubemail but be forewarned: THIS DISTRIBUTION'S DETAILS ARE NOT CORRECTLY DESCRIBED ANYWHERE IN ANY OFFICIAL LITERATURE WHATSOEVER. (And if I'm wrong, please point me to the correct information!)

Choose a directory to serve any particular virtual host and within it create a link to Round Cube as in this example:

   # ln -s /usr/share/roundcubemail  mail

Set up Apache's virtual host entry with:

    <Directory "/path/to/domain/files/mail">
      Options +FollowSymLinks -Indexes +ExecCGI
      AllowOverride All
      Order allow,deny
      allow from all
    </Directory>

Check for and fix any errors, then start with:

   # apachectl configtest
   # apachectl graceful

In a suitable browser, use the URL: https://<domain>/mail/

That gets you to Round Cube. Then try this to configure: https://<domain>/mail/installer

It will be disabled but you're on your way now...



Offline strcube

  • Newbie
  • *
  • Posts: 9
Breadcrumb #2:

Postgres setup:

From the postgres account, and with Postgres already up and running acceptably:

As your Round Cube user will be a "virtual" user - that is, without an OS level account - you then create a database and user, then grant privileges and so forth and confirm access. The username and database name are arbitrary, however I simply chose 'roundcube' - wherever you see that you can change it here:

   $ cd ~/data
   Edit pg_hba.conf to:
      modify the default line reading 'local all all peer' to read 'local all postgres peer' (note a single space is enough).
      add a line reading: 'local all all md5' - what this does is KEEP Postgres from having to provide a password while all other users do.
   $ pg_ctl reload
   $ psql
   postgres=# create database roundcube;
   postgres=# create user roundcube;
   postgres=# \password roundcube
   <respond to prompts>
   postgres=# grant all on database roundcube to roundcube;
   postgres=# \q
   $ psql roundcube
   roundcube=# grant all on schema public to roundcube;
   roundcube=# \q
   $ psql -U roundcube
   <respond to password prompts>
   roundcube=# \q

Then, as root:

   Add (or edit) an entry in /etc/roundcubemail/config.inc.php so you have this line:

   $config['enable_installer'] = true;

   Then, apply a URL sort of like this:

      https://<domain>/mail/installer

   And observe! Walk the steps to get to telling it to initialize the database.

Then, as postgres:

   psql -U roundcube
   roundcube=# \dt
   ... and look at all the nice tables that have been created!

...From here you already know how to exit psql and from here all that's left is your SMTP configuration and IMAP testing.

       
« Last Edit: May 26, 2023, 12:18:32 AM by strcube »