openbsd-ports/www/sogo/pkg
2013-02-06 17:35:51 +00:00
..
DESCR
PLIST Update to 2.0.4b, bugfix update to the bugfix update 2013-02-06 17:35:51 +00:00
README update to 2.0.3a 2012-12-16 16:36:26 +00:00
sogod.rc

# $OpenBSD: README,v 1.9 2012/12/16 16:36:26 sebastia Exp $

+-----------------------------------------------------------------------
| Running ${FULLPKGNAME} on OpenBSD
+-----------------------------------------------------------------------

General setup and configuration information about SOGo can be found 
in ${TRUEPREFIX}/share/doc/sogo/.

SOGo is designed with scalability in mind. All of the dependent components
like mail-, database-, or web server can run on different hosts, and 
you can even choose to install your preferred software to fulfill those tasks.
You have to install those components manually on the servers where you
want to run them. An overview is given in the list below.

For your SOGo installation you would need the following components installed
somewhere. Either on the same host where you install SOGo, or distributed
over multiple systems, related to your needs:
- Memcached to speed up SOGo:
  * install the memcached package
- Web Server:
  * you can use httpd from the OpenBSD base system
  - or install the apache-httpd package
- Database Server:
  * install postgresql-server package
  - or install mysql-server package
- LDAP Server for user authentication shared addressbooks:
  * install openldap-server package
  - or use ldapd from base
- IMAP Server:
  * install cyrus-imapd package
  - or install dovecot package
  - or install courier-imap package
  - or install imap-uw package
- SMTP Server or local sendmail compatible binary:
  * install postfix package
  - or use smtpd or sendmail from base
The alternatives marked with * are recommended. They are tested and verified
to work together by the SOGo port maintainer. 
For the configuration of those components you should take a look at their
respective documentation.

The SOGo system user
======================================
The system user and group intended to run the SOGo application server
is called _sogo. The users home directory is /var/sogo.

The SOPE database adaptor
=====================================
The SOPE PostgreSQL database adaptor is automatically installed. 
If you want to use a MySQL database as backend, you have to install
the sope-mysql package on the host where SOPE and SOGo are installed.

SGOo with httpd from OpenBSD base
======================================
Since the httpd 1.3 configuration is slightly different than the Apache 2 
configuration explained in the SOGo Manual, here is an example. It's assumed
that the httpd and SOGo run on the same host. The httpd listens on port 80,
and SOGo is listening on its default port 20000.

The OpenBSD httpd runs in a chroot environment, therefore you have to
copy some files into the server's chroot environment:

# mkdir -p /var/www/lib/sogo
# cp -R ${TRUEPREFIX}/lib/GNUstep/SOGo/WebServerResources /var/www/lib/sogo/www

Edit /var/www/conf/httpd.conf:
You should make sure the proxy and header modules are loaded:
LoadModule proxy_module /usr/lib/apache/modules/libproxy.so
LoadModule headers_module /usr/lib/apache/modules/mod_headers.so

Alias /SOGo.woa/WebServerResources/ \
      /lib/sogo/www/
Alias /SOGo/WebServerResources/ \
      /lib/sogo/www/
AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \
           /lib/sogo/$1.SOGo/Resources/$2

<LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
  SetHandler default-handler
</LocationMatch>

## Uncomment the following to enable proxy-side authentication, you will then
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
## below.
#<Location /SOGo>
#  AuthType XXX
#  Require valid-user
#  SetEnv proxy-nokeepalive 1
#  Allow from all
#</Location>

ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On

# When using CAS, you should uncomment this and install cas-proxy-validate.py
# in /var/www/cgi-bin to reduce server overloading
#
# ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
# <Proxy http://localhost/app/cas-proxy-validate.py>
#   Order deny,allow
#   Allow from your-cas-host-addr
# </Proxy>

ProxyPass /SOGo http://127.0.0.1:20000/SOGo
ProxyPassReverse /SOGo http://127.0.0.1:20000/SOGo

RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "127.0.0.1"
RequestHeader set "x-webobjects-server-url" "http://127.0.0.1"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" "127.0.0.1"

AddDefaultCharset UTF-8

# To be able to use iPhone a vhost on port 8800 should be configured and those redirects must be set
RedirectMatch ^/principals/users/(.*)$ http://127.0.0.1:8800/SOGo/dav/$1
RedirectMatch ^/principals/$ http://127.0.0.1:8800/SOGo/dav/
RedirectMatch ^/.well-known/(caldav|carddav)$ http://127.0.0.1:8800/SOGo/dav/

A note on using CAS 
=======================
Using CAS with the base httpd is not tested by the maintainer. You
have to copy ${TRUEPREFIX}/share/doc/sogo/cas-proxy-validate.py to
/var/www/cgi-bin. Within the script, you have to edit the config
array and the path to your python to fit your configurtaion. Since
the httpd runs in a chroot environment you at least have to copy Python
and its dependencies into the chroot environment. Further you have to
make sure the following python modules are also available in the
chroot environment: cgi, memcache, os, sys. For the memcache
module you have to install the py-memcached package.

A note on using Thunderbird integrator
=======================
If you are going to use Thunderbird integrator you will need the php
script installed on ${TRUEPREFIX}/share/doc/sogo/updates.php.
You should copy it under /var/www/htdocs, install the php package and
follow the instuctions under ${TRUEPREFIX}/share/doc/sogo/SOGo_Mozilla_Thunderbird_Configuration.odt.

SOGo configuration example
===================================
Below you see an example SOGo configuration. The example assumes you have
the recommended server components installed as mentioned above.
You have to apply them as user _sogo using the defaults command, i.e:
defaults write sogod <key> <value>
In the example below it is assumed that all components run on the same host.
For details to each of the defaults consult the SOGo Administration manual.

sogod SOGoUserSources '(
    {
        CNFieldName = cn;
        IDFieldName = uid;
        IMAPHostFieldName = mailHost;
        UIDFieldName = uid;
        baseDN = "ou=people,dc=intern";
        bindDN = "cn=Manager,dc=intern";
        bindPassword = ManagerLDAPPassword;
        canAuthenticate = YES;
        displayName = "SOGo Accounts";
        hostname = localhost;
        id = public;
        isAddressBook = YES;
        port = 389;
    }
)'
sogod SOGoSMTPServer localhost
sogod SOGoIMAPServer localhost
sogod SOGoLanguage English
sogod SOGoTimeZone Europe/Berlin
sogod SOGoFoldersSendEMailNotifications YES
sogod SOGoMemcachedHost localhost
sogod SOGoMailingMechanism smtp
sogod WOLogFile /var/log/sogo/sogod.log
sogod WOPidFile /var/sogo/sogod.pid
sogod SOGoMailDomain my-domain.com
sogod OCSFolderInfoURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_folder_info
sogod SOGoProfileURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_user_profile
sogod OCSSessionsFolderURL postgresql://_sogo:sogo@localhost:5432/sogo/sogo_sessions_folder
sogod SOGoACLsSendEMailNotifications YES
sogod SOGoAppointmentSendEMailNotifications YES
sogod WOWorkersCount 4
sogod SOGoDraftsFolderName INBOX.Drafts
sogod SOGoTrashFolderName INBOX.Trash
sogod SOGoSentFolderName INBOX.Sent
sogod SOGoZipPath /usr/local/bin/zip

Upgrading from older SOGo versions
========================================
Update the files in the chroot environment of apache as root:

$ sudo rm -rf /var/www/lib/sogo
$ sudo mkdir -p /var/www/lib/sogo
$ sudo cp -R ${TRUEPREFIX}/lib/GNUstep/SOGo/WebServerResources /var/www/lib/sogo/www

Upgrade SOGo from < 1.3.5
========================================
Since version 1.3.5, SOGo requires to have a OCSSessionsFolderURL default set, 
which you need to create. For example run the following command as user _sogo:

$ defaults write sogod OCSSessionsFolderURL \
postgresql://_sogo:sogo@localhost:5432/sogo/sogo_sessions_folder

Upgrade SOGo from < 1.3.12
========================================
With version 1.3.12, the database schema got some enhancements, for example
to permit syncs of cards with big photos in them.

Run one of the following scripts as the SOGo system user _sogo. Depending on 
the database you use, choose the postgres or mysql variant. The scripts
will ask you for the database credentials.

$ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.11_to_1.3.12-postgres.sh
$ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.11_to_1.3.12-mysql.sh

Upgrade SOGo from < 1.3.16
=======================================
New password schemes were introduced. You may want to set the
userPasswordAlgorithm default, i.e.:

$ sudo -u _sogo defaults write sogod userPasswordAlgorithm ssha

Upgrade SOGo from < 1.3.17
=======================================
With version 1.3.17, the "cycle info" field of the calendar tables
was enlarged. 

Run one of the following scripts as the SOGo system user _sogo. Depending on
the database you use, choose the postgres or mysql variant. The scripts
will ask you for the database credentials.

$ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.16_to_1.3.17-postgres.sh
$ sudo -u _sogo ${TRUEPREFIX}/share/doc/sogo/sql-update-1.3.16_to_1.3.17-mysql.sh