# $OpenBSD: README,v 1.9 2012/12/16 16:36:26 sebastia Exp $ +----------------------------------------------------------------------- | Running ${FULLPKGNAME} on OpenBSD +----------------------------------------------------------------------- General setup and configuration information about SOGo can be found in ${TRUEPREFIX}/share/doc/sogo/. SOGo is designed with scalability in mind. All of the dependent components like mail-, database-, or web server can run on different hosts, and you can even choose to install your preferred software to fulfill those tasks. You have to install those components manually on the servers where you want to run them. An overview is given in the list below. For your SOGo installation you would need the following components installed somewhere. Either on the same host where you install SOGo, or distributed over multiple systems, related to your needs: - Memcached to speed up SOGo: * install the memcached package - Web Server: * you can use httpd from the OpenBSD base system - or install the apache-httpd package - Database Server: * install postgresql-server package - or install mysql-server package - LDAP Server for user authentication shared addressbooks: * install openldap-server package - or use ldapd from base - IMAP Server: * install cyrus-imapd package - or install dovecot package - or install courier-imap package - or install imap-uw package - SMTP Server or local sendmail compatible binary: * install postfix package - or use smtpd or sendmail from base The alternatives marked with * are recommended. They are tested and verified to work together by the SOGo port maintainer. For the configuration of those components you should take a look at their respective documentation. The SOGo system user ====================================== The system user and group intended to run the SOGo application server is called _sogo. The users home directory is /var/sogo. The SOPE database adaptor ===================================== The SOPE PostgreSQL database adaptor is automatically installed. If you want to use a MySQL database as backend, you have to install the sope-mysql package on the host where SOPE and SOGo are installed. SGOo with httpd from OpenBSD base ====================================== Since the httpd 1.3 configuration is slightly different than the Apache 2 configuration explained in the SOGo Manual, here is an example. It's assumed that the httpd and SOGo run on the same host. The httpd listens on port 80, and SOGo is listening on its default port 20000. The OpenBSD httpd runs in a chroot environment, therefore you have to copy some files into the server's chroot environment: # mkdir -p /var/www/lib/sogo # cp -R ${TRUEPREFIX}/lib/GNUstep/SOGo/WebServerResources /var/www/lib/sogo/www Edit /var/www/conf/httpd.conf: You should make sure the proxy and header modules are loaded: LoadModule proxy_module /usr/lib/apache/modules/libproxy.so LoadModule headers_module /usr/lib/apache/modules/mod_headers.so Alias /SOGo.woa/WebServerResources/ \ /lib/sogo/www/ Alias /SOGo/WebServerResources/ \ /lib/sogo/www/ AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \ /lib/sogo/$1.SOGo/Resources/$2 SetHandler default-handler ## Uncomment the following to enable proxy-side authentication, you will then ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section ## below. # # AuthType XXX # Require valid-user # SetEnv proxy-nokeepalive 1 # Allow from all # ProxyRequests Off SetEnv proxy-nokeepalive 1 ProxyPreserveHost On # When using CAS, you should uncomment this and install cas-proxy-validate.py # in /var/www/cgi-bin to reduce server overloading # # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py # # Order deny,allow # Allow from your-cas-host-addr # ProxyPass /SOGo http://127.0.0.1:20000/SOGo ProxyPassReverse /SOGo http://127.0.0.1:20000/SOGo RequestHeader set "x-webobjects-server-port" "443" RequestHeader set "x-webobjects-server-name" "127.0.0.1" RequestHeader set "x-webobjects-server-url" "http://127.0.0.1" RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0" RequestHeader set "x-webobjects-remote-host" "127.0.0.1" AddDefaultCharset UTF-8 # To be able to use iPhone a vhost on port 8800 should be configured and those redirects must be set RedirectMatch ^/principals/users/(.*)$ http://127.0.0.1:8800/SOGo/dav/$1 RedirectMatch ^/principals/$ http://127.0.0.1:8800/SOGo/dav/ RedirectMatch ^/.well-known/(caldav|carddav)$ http://127.0.0.1:8800/SOGo/dav/ A note on using CAS ======================= Using CAS with the base httpd is not tested by the maintainer. You have to copy ${TRUEPREFIX}/share/doc/sogo/cas-proxy-validate.py to /var/www/cgi-bin. Within the script, you have to edit the config array and the path to your python to fit your configurtaion. Since the httpd runs in a chroot environment you at least have to copy Python and its dependencies into the chroot environment. Further you have to make sure the following python modules are also available in the chroot environment: cgi, memcache, os, sys. For the memcache module you have to install the py-memcached package. A note on using Thunderbird integrator ======================= If you are going to use Thunderbird integrator you will need the php script installed on ${TRUEPREFIX}/share/doc/sogo/updates.php. You should copy it under /var/www/htdocs, install the php package and follow the instuctions under ${TRUEPREFIX}/share/doc/sogo/SOGo_Mozilla_Thunderbird_Configuration.odt. SOGo configuration example =================================== Below you see an example SOGo configuration. The example assumes you have the recommended server components installed as mentioned above. You have to apply them as user _sogo using the defaults command, i.e: defaults write sogod In the example below it is assumed that all components run on the same host. For details to each of the defaults consult the SOGo Administration manual. sogod SOGoUserSources '( { CNFieldName = cn; IDFieldName = uid; IMAPHostFieldName = mailHost; UIDFieldName = uid; baseDN = "ou=people,dc=intern"; bindDN = "cn=Manager,dc=intern"; bindPassword = ManagerLDAPPassword; canAuthenticate = YES; displayName = "SOGo Accounts"; hostname = localhost; id = public; isAddressBook = YES; port = 389; } )' sogod SOGoSMTPServer localhost sogod SOGoIMAPServer localhost sogod SOGoLanguage English sogod SOGoTimeZone Europe/Berlin sogod SOGoFoldersSendEMailNotifications YES sogod SOGoMemcachedHost localhost sogod SOGoMailingMechanism smtp sogod WOLogFile /var/log/sogo/sogod.log sogod WOPidFile /var/sogo/sogod.pid sogod SOGoMailDomain my-domain.com sogod OCSFolderInfoURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_folder_info sogod SOGoProfileURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_user_profile sogod OCSSessionsFolderURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_sessions_folder sogod SOGoACLsSendEMailNotifications YES sogod SOGoAppointmentSendEMailNotifications YES sogod WOWorkersCount 4 sogod SOGoDraftsFolderName INBOX.Drafts sogod SOGoTrashFolderName INBOX.Trash sogod SOGoSentFolderName INBOX.Sent sogod SOGoZipPath /usr/local/bin/zip Upgrading from older SOGo versions ======================================== Update the files in the chroot environment of apache as root: $ sudo rm -rf /var/www/lib/sogo $ sudo mkdir -p /var/www/lib/sogo $ sudo cp -R ${TRUEPREFIX}/lib/GNUstep/SOGo/WebServerResources /var/www/lib/sogo/www Upgrade SOGo from < 1.3.5 ======================================== Since version 1.3.5, SOGo requires to have a OCSSessionsFolderURL default set, which you need to create. For example run the following command as user _sogo: $ defaults write sogod OCSSessionsFolderURL \ postgresql://_sogo:sogo@localhost:5432/sogo/sogo_sessions_folder Upgrade SOGo from < 1.3.12 ======================================== With version 1.3.12, the database schema got some enhancements, for example to permit syncs of cards with big photos in them. Run one of the following scripts as the SOGo system user _sogo. Depending on the database you use, choose the postgres or mysql variant. The scripts will ask you for the database credentials. $ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.11_to_1.3.12-postgres.sh $ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.11_to_1.3.12-mysql.sh Upgrade SOGo from < 1.3.16 ======================================= New password schemes were introduced. You may want to set the userPasswordAlgorithm default, i.e.: $ sudo -u _sogo defaults write sogod userPasswordAlgorithm ssha Upgrade SOGo from < 1.3.17 ======================================= With version 1.3.17, the "cycle info" field of the calendar tables was enlarged. Run one of the following scripts as the SOGo system user _sogo. Depending on the database you use, choose the postgres or mysql variant. The scripts will ask you for the database credentials. $ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.16_to_1.3.17-postgres.sh $ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.16_to_1.3.17-mysql.sh