SOGo + ISPConfig 3.1

A bejegyzésből megtudhatod, hogy az ISPConfig 3 támogatásával hogyan használhatod a SOGo levelezőt

SOGo Tároló Beállítása

Vegyük fel a SOGo tároló gpg kulcsát:

sudo gpg --keyserver hkp://keys.gnupg.net --recv-key 0x810273C4
sudo gpg --armor --export 0x810273C4 | sudo apt-key add -
sudo apt-get update

Állítsuk be a tárolót:

nano /etc/apt/sources.list.d/sogo.list
deb https://packages.inverse.ca/SOGo/nightly/4/debian/ buster buster

Frissítsük a csomaglistát:

apt-get update

SOGO telepítése

Telepítsük a szükséges csomagokat:

apt-get install sogo sogo-activesync memcached dovecot-sieve dovecot-managesieved

Engedélyezzük az alábbi Apache modulokat:

a2enmod proxy
a2enmod proxy_http
a2enmod headers
a2enmod rewrite

Adatbázis beállítása

Lépjünk be az adatbázis kezelőbe:

mysql -uroot -p

Hozzuk létre az adatbázist és a táblákat:

CREATE DATABASE sogo CHARSET='UTF8';
CREATE USER 'sogo'@'localhost' IDENTIFIED BY 'sogo';
GRANT ALL PRIVILEGES ON sogo.* TO 'sogo'@'localhost';
USE sogo;
CREATE VIEW sogo_view (c_uid, c_name, c_password, c_cn, mail) AS SELECT email, email, password, name, email FROM dbispconfig.mail_user;
flush privileges;
exit

Módosítsuk a SOGo konfigurációját:

nano /etc/sogo/sogo.conf
{
  /* *********************  Main SOGo configuration file  **********************
   *                                                                           *
   * Since the content of this file is a dictionary in OpenStep plist format,  *
   * the curly braces enclosing the body of the configuration are mandatory.   *
   * See the Installation Guide for details on the format.                     *
   *                                                                           *
   * C and C++ style comments are supported.                                   *
   *                                                                           *
   * This example configuration contains only a subset of all available        *
   * configuration parameters. Please see the installation guide more details. *
   *                                                                           *
   * ~sogo/GNUstep/Defaults/.GNUstepDefaults has precedence over this file,    *
   * make sure to move it away to avoid unwanted parameter overrides.          *
   *                                                                           *
   * **************************************************************************/
 
  /* Database configuration (mysql:// or postgresql://) */
  SOGoProfileURL = "mysql://sogo:sogo@127.0.0.1:3306/sogo/sogo_user_profile";
  OCSFolderInfoURL = "mysql://sogo:sogo@127.0.0.1:3306/sogo/sogo_folder_info";
  OCSSessionsFolderURL = "mysql://sogo:sogo@127.0.0.1:3306/sogo/sogo_sessions_folder";
  OCSEMailAlarmsFolderURL = "mysql://sogo:sogo@127.0.0.1:3306/sogo//sogo_alarms_folder";
 
  /* Mail */
  SOGoDraftsFolderName = Drafts;
  SOGoSentFolderName = Sent;
  SOGoTrashFolderName = Trash;
  SOGoIMAPServer = localhost;
  SOGoSieveServer = sieve://127.0.0.1:4190;
  SOGoSMTPServer = 127.0.0.1;
  SOGoMailDomain = domain.de;
  SOGoMailingMechanism = smtp;
  SOGoForceExternalLoginWithEmail = YES;
  //SOGoMailSpoolPath = /var/spool/sogo;
  NGImap4ConnectionStringSeparator = "/";
  SOGoMailMessageCheck = "every_5_minutes";
  SOGoFirstDayOfWeek = 1;
  SOGoLoginModule = Mail;
 
 
  /* Notifications */
  SOGoAppointmentSendEMailNotifications = YES;
  //SOGoACLsSendEMailNotifications = YES;
  //SOGoFoldersSendEMailNotifications = YES;
  SOGoEnableEMailAlarms = YES;
 
  /* Authentication */
  SOGoPasswordChangeEnabled = YES;
 
  /* LDAP authentication example */
  //SOGoUserSources = (
  //  {
  //    type = ldap;
  //    CNFieldName = cn;
  //    UIDFieldName = uid;
  //    IDFieldName = uid; // first field of the DN for direct binds
  //    bindFields = (uid, mail); // array of fields to use for indirect binds
  //    baseDN = "ou=users,dc=acme,dc=com";
  //    bindDN = "uid=sogo,ou=users,dc=acme,dc=com";
  //    bindPassword = qwerty;
  //    canAuthenticate = YES;
  //    displayName = "Shared Addresses";
  //    hostname = ldap://127.0.0.1:389;
  //    id = public;
  //    isAddressBook = YES;
  //  }
  //);
 
  /* LDAP AD/Samba4 example */
  //SOGoUserSources = (
  //  {
  //    type = ldap;
  //    CNFieldName = cn;
  //    UIDFieldName = sAMAccountName;
  //    baseDN = "CN=users,dc=domain,dc=tld";
  //    bindDN = "CN=sogo,CN=users,DC=domain,DC=tld";
  //    bindFields = (sAMAccountName, mail);
  //    bindPassword = password;
  //    canAuthenticate = YES;
  //    displayName = "Public";
  //    hostname = ldap://127.0.0.1:389;
  //    filter = "mail = '*'";
  //    id = directory;
  //    isAddressBook = YES;
  //  }
  //);
 
 
  /* SQL authentication example */
  /*  These database columns MUST be present in the view/table:
   *    c_uid - will be used for authentication -  it's the username or username@domain.tld)
   *    c_name - which can be identical to c_uid -  will be used to uniquely identify entries
   *    c_password - password of the user, plain-text, md5 or sha encoded for now
   *    c_cn - the user's common name - such as "John Doe"
   *    mail - the user's mail address
   *  See the installation guide for more details
   */
  SOGoUserSources =
    (
      {
        type = sql;
        id = users;
        viewURL = "mysql://sogo:sogo@127.0.0.1:3306/sogo/sogo_view";
        canAuthenticate = YES;
        isAddressBook = YES;
        userPasswordAlgorithm = crypt;
        displayName = "SOGo Users";
      }
    );
 
  /* Web Interface */
  SOGoPageTitle = "SOGo Levelező";
  SOGoVacationEnabled = YES;
  SOGoForwardEnabled = YES;
  SOGoSieveScriptsEnabled = YES;
  //SOGoMailAuxiliaryUserAccountsEnabled = YES;
  //SOGoTrustProxyAuthentication = NO;
  //SOGoXSRFValidationEnabled = YES;
 
  /* General - SOGoTimeZone *MUST* be defined */
  SOGoLanguage = Hungary;
  SOGoTimeZone = Europe/Budapest;
  //SOGoCalendarDefaultRoles = (
  //  PublicDAndTViewer,
  //  ConfidentialDAndTViewer
  //);
  SOGoSuperUsernames = (name@domain.de); // This is an array - keep the parens!
  //SxVMemLimit = 384;
  //WOPidFile = "/var/run/sogo/sogo.pid";
  // A korábbiakban a NextCloud telepítés miatt módosítva lett a memcached, az alábbi porton érhető el a 
  // szolgáltatás:
  SOGoMemcachedHost = "127.0.0.1:11211";
 
  /* Debug */
  //SOGoDebugRequests = YES;
  //SoDebugBaseURL = YES;
  //ImapDebugEnabled = YES;
  //LDAPDebugEnabled = YES;
  //PGDebugEnabled = YES;
  //MySQL4DebugEnabled = YES;
  //SOGoUIxDebugEnabled = YES;
  //WODontZipResponse = YES;
  //WOLogFile = /var/log/sogo/sogo.log;
}

Dovecot Konfigurálás

A Dovecot konfigurációját módosítani kell a SOGo használatához. Legyünk figyelmesek, néhány új konfigurációt is meg kell adni, valamint a meglévőeket az alábbiak szerint módosítani:

nano /etc/dovecot/dovecot.conf
protocols = [..] sieve
 
plugin {
[..]
  # ispconfig sieve script is loaded before anything else
  # this way ispconfig sieve script can be edited by using sive protocol
  # if you prefer to keep ispconfig sieve script hidden from using sive protocol
  # change location eg. sieve_before = /var/vmail/%d/%n/ispconfig.sieve
  sieve_before = /var/vmail/%d/%n/sieve/ispconfig.sieve
  sieve_dir = /var/vmail/%d/%n/sieve/
  sieve_extensions = +notify +imapflags
  # the next to lines are optional but i use them so i show them
  # a directory where global .sieve script can be found
  sieve_global_dir = /var/vmail/sieve
  # a global sieve script to use allways
  sieve_global_path = /var/vmail/sieve/dovecot.sieve
}
 
service managesieve-login {
inet_listener sieve {
    # port to use for managesieve
    port = 4190
    }
    process_min_avail = 10
    service_count = 1
    vsz_limit = 64 M
}
 
protocol sieve {
    # Explicitly specify the SIEVE and NOTIFY capability reported by the server
    # before login. If left unassigned these will be reported dynamically
    # according to what the Sieve interpreter supports by default (after login this may differ depending on the user).
    # managesieve_notify_capability = mailto
    # managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify
    mail_max_userip_connections = 10
    managesieve_logout_format = bytes=%i/%o
    managesieve_max_compile_errors = 5
    managesieve_max_line_length = 65536
}
 
protocol lda {
[..]
  mail_plugins = [..] sieve
}
 
protocol lmtp {
[..]
  mail_plugins = [..] sieve
}

Apache konfiguráció

Létre kell hoznunk az Apache konfigurációt a SOGo Webes használatához:

nano /etc/apache2/conf-available/sogo.conf
Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
 
<Directory /usr/lib/GNUstep/SOGo/>
    AllowOverride None
 
    <IfVersion < 2.4>
        Order deny,allow
        Allow from all
    </IfVersion>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
 
    # Explicitly allow caching of static content to avoid browser specific behavior.
    # A resource's URL MUST change in order to have the client load the new version.
    <IfModule expires_module>
      ExpiresActive On
      ExpiresDefault "access plus 1 year"
    </IfModule>
</Directory>
 
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
 
# Enable to use Microsoft ActiveSync support
# Note that you MUST have many sogod workers to use ActiveSync.
# See the SOGo Installation and Configuration guide for more details.
#
ProxyPass /Microsoft-Server-ActiveSync \
http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \
retry=60 connectiontimeout=5 timeout=360
 
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
 
<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
## and do not forget to enable the headers module
<IfModule headers_module>
  RequestHeader set "x-webobjects-server-port" "443"
  RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e" env=HTTP_HOST
  RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e" env=HTTP_HOST
 
## When using proxy-side autentication, you need to uncomment and
## adjust the following line:
  RequestHeader unset "x-webobjects-remote-user"
#  RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" env=REMOTE_USER
 
  RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
</IfModule>
 
  AddDefaultCharset UTF-8
 
    <IfVersion < 2.4>
        Order deny,allow
        Allow from all
    </IfVersion>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
</Proxy>
 
# For Apple autoconfiguration
<IfModule rewrite_module>
  RewriteEngine On
  RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
  RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
</IfModule>

Ezt követően a szolgáltatásokat újra kell indítani:

a2enconf sogo
systemctl restart apache2
systemctl enable sogo
systemctl restart sogo
systemctl restart dovecot

Konklúzió

  • A webes felület elérése nálam a: https://mx.zsoltina.eu:8080/SOGo linken érhető el
  • Thunderbird használatához telepíteni kell a Sogo connector kiegészítőt
  • A CalDav szolgáltatás ilyen módon érhető el: https://mail.domain.de/SOGo/dav/name@domain.de/Calendar/personal/

Ezzel elkészültünk. A cikk eredeti forrásául ez a leírás szolgált.