- if [[ ! -e $rcdir/config/secret ]]; then
- base64 </dev/urandom | head -c24 >$rcdir/config/secret || [[ $? == 141 || ${PIPESTATUS[0]} == 32 ]]
- fi
- secret=$(cat $rcdir/config/secret)
-
- rclogdir=/var/log/$rcbase
- rctmpdir=/var/tmp/$rcbase
- rcdb=/m/rc/$rcbase.sqlite
- # config from mailinabox
- u $rcdir/config/config.inc.php <<EOF
-<?php
-\$config = array();
-# debian creates this for us
-\$config['log_dir'] = '$rclogdir/';
-# debian also creates a temp dir, but it is under its install dir,
-# seems better to have our own.
-\$config['temp_dir'] = '$rctmpdir/';
-\$config['db_dsnw'] = 'sqlite:///$rcdb?mode=0640';
-\$config['default_host'] = 'ssl://localhost';
-\$config['default_port'] = 993;
-\$config['imap_conn_options'] = array(
- 'ssl' => array(
- 'verify_peer' => false,
- 'verify_peer_name' => false,
- ),
- );
-\$config['imap_timeout'] = 15;
-\$config['smtp_server'] = 'tls://127.0.0.1';
-\$config['smtp_conn_options'] = array(
- 'ssl' => array(
- 'verify_peer' => false,
- 'verify_peer_name' => false,
- ),
- );
-\$config['product_name'] = 'webmail';
-\$config['des_key'] = '$secret';
-\$config['plugins'] = array('archive', 'zipdownload', 'password', 'managesieve', 'jqueryui', 'carddav', 'html5_notifier');
-\$config['skin'] = 'elastic';
-\$config['login_autocomplete'] = 2;
-\$config['password_charset'] = 'UTF-8';
-\$config['junk_mbox'] = 'Spam';
-# disable builtin addressbook
-\$config['address_book_type'] = '';
-?>
-EOF
-
- m mkdir -p $rclogdir
- m chmod 750 $rclogdir
- m chown www-data:adm $rclogdir
- # note: subscribed to updates:
- # r2e add rcmcarddav https://github.com/blind-coder/rcmcarddav/commits/master.atom ian@iankelling.org
- # r2e add roundcube https://github.com/roundcube/roundcubemail/releases.atom ian@iankelling.org
- m mkdir -p $rctmpdir /m/rc
- m chown -R www-data.www-data $rctmpdir /m/rc
- m chmod 750 $rctmpdir
- # todo: check for other mailinabox things
- # Ensure the log file monitored by fail2ban exists, or else fail2ban can't start.
- m sudo -u www-data touch $rclogdir/errors.log
-
- #### begin carddav install
- # This is the official roundcube carddav repo.
- # Install doc suggests downloading with composer, but that
- # didnt work, it said some ldap package for roundcube was missing,
- # but I dont want to download some extra ldap thing.
- # https://github.com/blind-coder/rcmcarddav/blob/master/doc/INSTALL.md
- verf=$rcdir/plugins/carddav/myversion
- upgrade=false
- install=false
- v=5.0.1
- if [[ -e $verf ]]; then
- if [[ $(cat $verf) != "$v" ]]; then
- install=true
- upgrade=true
- fi
- else
- install=true
- fi
- if $install; then
- m rm -rf $rcdir/plugins/carddav
- tmpd=$(mktemp -d)
- m wget -nv -O $tmpd/t.tgz https://github.com/blind-coder/rcmcarddav/releases/download/v$v/carddav-v$v.tar.gz
- cd $rcdir/plugins
- tar xzf $tmpd/t.tgz
- rm -rf $tmpd
- m chown -R www-data:www-data $rcdir/plugins/carddav
- m cd $rcdir/plugins/carddav
- if $upgrade; then
- m sudo -u www-data composer.phar update --no-dev
- else
- m sudo -u www-data composer.phar install --no-dev
- fi
- m chown -R root:root $rcdir/plugins/carddav
- echo $v >$verf
- fi
+ done
+
+fi
+
+# * roundcube setup
+
+# # roundcube disabled due to lack of real world use.
+# #
+# #
+# # Note: currently, there is this problem:
+# # /usr/local/lib/rcninja/bin/updatedb.sh --dir /usr/local/lib/rcninja/SQL --package roundcube
+# # Unsupported PHP version. Required PHP >= 5.4 and < 8.0.
+# #
+# if [[ $HOSTNAME == bk ]]; then
+
+
+# pi roundcube roundcube-sqlite3
+
+
+# ### begin composer install
+# # https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md
+# cd /usr/local/bin
+# EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
+# php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+# ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
+
+# if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
+# then
+# >&2 echo 'ERROR: Invalid installer checksum'
+# rm composer-setup.php
+# exit 1
+# fi
+
+# php composer-setup.php --quiet
+# rm composer-setup.php
+
+# # based on error when running composer
+# mkdir -p /var/www/.composer
+# chown www-data:www-data /var/www/.composer
+
+# ### end composer install
+
+# # point debian cronjob to our local install, preventing daily cron error
+
+# # debian's cronjob will fail, remove both paths it uses just to be sure
+# rm -fv /usr/share/roundcube/bin/cleandb.sh /etc/cron.d/roundcube-core
+
+# #### begin dl roundcube
+# # note, im r2e subbed to https://github.com/roundcube/roundcubemail/releases.atom
+# v=1.4.13; f=roundcubemail-$v-complete.tar.gz
+# cd /root
+# if [[ -e $f ]]; then
+# timestamp=$(stat -c %Y $f)
+# else
+# timestamp=0
+# fi
+# m wget -nv -N https://github.com/roundcube/roundcubemail/releases/download/$v/$f
+# new_timestamp=$(stat -c %Y $f)
+# for rcdir in ${rcdirs[@]}; do
+# if [[ $timestamp != "$new_timestamp" || ! -e "$rcdir/config/secret" ]]; then
+# m tar -C /usr/local/lib --no-same-owner -zxf $f
+# m rm -rf $rcdir
+# m mv /usr/local/lib/roundcubemail-$v $rcdir
+# fi
+# done
+# #### end dl roundcube
+
+# for ((i=0; i < ${#bkdomains[@]}; i++)); do
+# domain=${bkdomains[i]}
+
+# rcdir=${rcdirs[i]}
+# rcbase=${rcdir##*/}
+
+# # copied from debians cronjob
+# u /etc/cron.d/$rcbase <<EOF
+# # Roundcube database cleaning: finally removes all records that are
+# # marked as deleted.
+# 0 5 * * * www-data $rcdir/bin/cleandb.sh >/dev/null
+# EOF
+
+
+# if [[ ! -e $rcdir/config/secret ]]; then
+# base64 </dev/urandom | head -c24 >$rcdir/config/secret || [[ $? == 141 || ${PIPESTATUS[0]} == 32 ]]
+# fi
+# secret=$(cat $rcdir/config/secret)
+
+# rclogdir=/var/log/$rcbase
+# rctmpdir=/var/tmp/$rcbase
+# rcdb=/m/rc/$rcbase.sqlite
+# # config from mailinabox
+# u $rcdir/config/config.inc.php <<EOF
+# <?php
+# \$config = array();
+# # debian creates this for us
+# \$config['log_dir'] = '$rclogdir/';
+# # debian also creates a temp dir, but it is under its install dir,
+# # seems better to have our own.
+# \$config['temp_dir'] = '$rctmpdir/';
+# \$config['db_dsnw'] = 'sqlite:///$rcdb?mode=0640';
+# \$config['default_host'] = 'ssl://localhost';
+# \$config['default_port'] = 993;
+# \$config['imap_conn_options'] = array(
+# 'ssl' => array(
+# 'verify_peer' => false,
+# 'verify_peer_name' => false,
+# ),
+# );
+# \$config['imap_timeout'] = 15;
+# \$config['smtp_server'] = 'tls://127.0.0.1';
+# \$config['smtp_conn_options'] = array(
+# 'ssl' => array(
+# 'verify_peer' => false,
+# 'verify_peer_name' => false,
+# ),
+# );
+# \$config['product_name'] = 'webmail';
+# \$config['des_key'] = '$secret';
+# \$config['plugins'] = array('archive', 'zipdownload', 'password', 'managesieve', 'jqueryui', 'carddav', 'html5_notifier');
+# \$config['skin'] = 'elastic';
+# \$config['login_autocomplete'] = 2;
+# \$config['password_charset'] = 'UTF-8';
+# \$config['junk_mbox'] = 'Spam';
+# # disable builtin addressbook
+# \$config['address_book_type'] = '';
+# ?>
+# EOF
+
+# m mkdir -p $rclogdir
+# m chmod 750 $rclogdir
+# m chown www-data:adm $rclogdir
+# # note: subscribed to updates:
+# # r2e add rcmcarddav https://github.com/blind-coder/rcmcarddav/commits/master.atom ian@iankelling.org
+# # r2e add roundcube https://github.com/roundcube/roundcubemail/releases.atom ian@iankelling.org
+# m mkdir -p $rctmpdir /m/rc
+# m chown -R www-data.www-data $rctmpdir /m/rc
+# m chmod 750 $rctmpdir
+# # todo: check for other mailinabox things
+# # Ensure the log file monitored by fail2ban exists, or else fail2ban can't start.
+# m sudo -u www-data touch $rclogdir/errors.log
+
+# #### begin carddav install
+# # This is the official roundcube carddav repo.
+# # Install doc suggests downloading with composer, but that
+# # didnt work, it said some ldap package for roundcube was missing,
+# # but I dont want to download some extra ldap thing.
+# # https://github.com/blind-coder/rcmcarddav/blob/master/doc/INSTALL.md
+# verf=$rcdir/plugins/carddav/myversion
+# upgrade=false
+# install=false
+# v=5.0.1
+# if [[ -e $verf ]]; then
+# if [[ $(cat $verf) != "$v" ]]; then
+# install=true
+# upgrade=true
+# fi
+# else
+# install=true
+# fi
+# if $install; then
+# m rm -rf $rcdir/plugins/carddav
+# tmpd=$(mktemp -d)
+# m wget -nv -O $tmpd/t.tgz https://github.com/blind-coder/rcmcarddav/releases/download/v$v/carddav-v$v.tar.gz
+# cd $rcdir/plugins
+# tar xzf $tmpd/t.tgz
+# rm -rf $tmpd
+# m chown -R www-data:www-data $rcdir/plugins/carddav
+# m cd $rcdir/plugins/carddav
+# if $upgrade; then
+# m sudo -u www-data composer.phar update --no-dev
+# else
+# m sudo -u www-data composer.phar install --no-dev
+# fi
+# m chown -R root:root $rcdir/plugins/carddav
+# echo $v >$verf
+# fi
+
+# # So, strangely, this worked in initial testing, but then
+# # on first run it wouldn't show the existing contacts until
+# # I went into the carddav settings and did "force immediate sync",
+# # which seemed to fix things. Note, some of these settings
+# # get initalized per/addressbook in the db, then need changing
+# # there or through the settings menu.
+
+# # About categories, see https://www.davx5.com/tested-with/nextcloud
+# # https://github.com/blind-coder/rcmcarddav/blob/master/doc/GROUPS.md
+# u $rcdir/plugins/carddav/config.inc.php <<EOF;
+# <?php
+# \$prefs['_GLOBAL']['hide_preferences'] = false;
+# \$prefs['davserver'] = array(
+# # name in the UI is kind of dumb. This is just something short that seems to fit ok.
+# 'name' => 'Main',
+# 'username' => '%u', // login username
+# 'password' => '%p', // login password
+# 'url' => 'https://$domain/nextcloud/remote.php/dav/addressbooks/users/%u/contacts',
+# 'active' => true,
+# 'readonly' => false,
+# 'refresh_time' => '00:10:00',
+# 'fixed' => array('username','password'),
+# 'use_categories' => false,
+# 'hide' => false,
+# );
+# ?>
+# EOF
+# #### end carddav install
+
+# cd $rcdir/plugins
+# if [[ ! -d html5_notifier ]]; then
+# m git clone https://github.com/stremlau/html5_notifier
+# fi
+# cd $rcdir/plugins/html5_notifier
+# m git pull --rebase
+
+# # todo: try out roundcube plugins: thunderbird labels
+
+# # Password changing plugin settings
+# cat $rcdir/plugins/password/config.inc.php.dist - >$rcdir/plugins/password/config.inc.php <<'EOF'
+# # following are from mailinabox
+# $config['password_minimum_length'] = 8;
+# $config['password_db_dsn'] = 'sqlite:////m/rc/users.sqlite';
+# $config['password_query'] = 'UPDATE users SET password=%D WHERE email=%u';
+# $config['password_dovecotpw'] = '/usr/bin/doveadm pw';
+# $config['password_dovecotpw_method'] = 'SHA512-CRYPT';
+# $config['password_dovecotpw_with_method'] = true;
+# EOF
+# # so PHP can use doveadm, for the password changing plugin
+# m usermod -a -G dovecot www-data
+# m usermod -a -G mail $u
+
+# # so php can update passwords
+# m chown www-data:dovecot /m/rc/users.sqlite
+# m chmod 664 /m/rc/users.sqlite
+
+# # Run Roundcube database migration script (database is created if it does not exist)
+# m $rcdir/bin/updatedb.sh --dir $rcdir/SQL --package roundcube
+# m chown www-data:www-data $rcdb
+# m chmod 664 $rcdb
+# done # end loop over domains and rcdirs
+
+
+# # note bk backups are defined in crontab outside this file
+# ### end php setup for rc ###
+
+# fi # end roundcube setup
+
+
+# * nextcloud setup
+
+if [[ $HOSTNAME == bk ]]; then
iankelling.org / git / distro-setup / commitdiff