Dovecot Baikal Z-Push: Difference between revisions
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
I'll assume you already have working Dovecot and Baikal setups running, so i'll skip those parts and go straight to the Z-Push configurations. | I'll assume you already have working Dovecot and Baikal setups running, so i'll skip those parts and go straight to the Z-Push configurations. | ||
= Webserver = | |||
My box runs Apache2 with FPM (don't ask...), which explains why my vHost config looks a bit different, but as long as you have a webserver with PHP support and some general understanding of how Rewrites and/or Aliases work, you should be able to get to the same result as me. | |||
When in doubt, consult the respective setup instructions. The following config only serves to explain my folder structure. | |||
== sites-available/push.faked.org.conf == | |||
<nowiki> | |||
<VirtualHost *:80> | |||
ServerName push.faked.org | |||
RewriteEngine On | |||
RewriteCond %{HTTPS} !=on | |||
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L] | |||
</VirtualHost> | |||
<IfModule mod_ssl.c> | |||
<VirtualHost *:443> | |||
ServerName push.faked.org | |||
ServerAdmin jan@faked.org | |||
SSLEngine on | |||
SSLCertificateFile /etc/ssl/local/wildcard.faked.org.cert | |||
SSLCertificateKeyFile /etc/ssl/private/wildcard.faked.org.key | |||
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 | |||
RewriteEngine On | |||
RewriteRule /.well-known/carddav /card.php [R,L] | |||
RewriteRule /.well-known/caldav /cal.php [R,L] | |||
RewriteRule .* - [E=HTTP_MS_ASPROTOCOLVERSION:%{HTTP:Ms-Asprotocolversion}] | |||
RewriteRule .* - [E=HTTP_X_MS_POLICYKEY:%{HTTP:X-Ms-Policykey}] | |||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |||
ProxyPassMatch ^(?i)/(.*\.php(/.*)?)$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/baikal/html/$1 | |||
ProxyPassMatch ^(?i)/autodiscover/autodiscover.xml$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/z-push/autodiscover/autodiscover.php | |||
ProxyPassMatch ^(?i)/microsoft-server-activesync$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/z-push/index.php | |||
ProxyPassMatch ^(?i)/microsoft-server-activesync$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/baikal/html/card.php | |||
<Directory /srv/www/push.faked.org/> | |||
Options -Indexes | |||
AllowOverride all | |||
Require all granted | |||
</Directory> | |||
DocumentRoot /srv/www/push.faked.org/baikal/html | |||
<Directory /> | |||
Options FollowSymLinks | |||
AllowOverride All | |||
</Directory> | |||
<Directory /srv/www/push.faked.org/baikal/html/> | |||
Options FollowSymLinks MultiViews | |||
AllowOverride All | |||
Require all granted | |||
</Directory> | |||
ErrorLog /var/log/apache2/error.log | |||
CustomLog /var/log/apache2/push-access.log combined | |||
</VirtualHost> | |||
</IfModule></nowiki> | |||
So as you can see, Z-Push is installed to '''/srv/www/push.faked.org/z-push''', and Baikal to '''/srv/www/push.faked.org/baikal''', with the DocumentRoot pointing to '''/srv/www/push.faked.org/baikal/html''' | |||
= Z-Push = | = Z-Push = | ||
Revision as of 22:55, 20 May 2015
Introduction
I was asked by somebody if i could share my configuration for Z-Push, which i am using with Dovecot as the IMAP backend and Baikal Server (v0.2.7, NOT 2.0) as the CardDAV and CalDAV backend.
Some of these configuration settings may be deprecated or renamed in the future, as Z-Push is constantly being improved, but they work fine right now (May 2015), and should give you a general guide how to get it running yourself.
I'll assume you already have working Dovecot and Baikal setups running, so i'll skip those parts and go straight to the Z-Push configurations.
Webserver
My box runs Apache2 with FPM (don't ask...), which explains why my vHost config looks a bit different, but as long as you have a webserver with PHP support and some general understanding of how Rewrites and/or Aliases work, you should be able to get to the same result as me.
When in doubt, consult the respective setup instructions. The following config only serves to explain my folder structure.
sites-available/push.faked.org.conf
<VirtualHost *:80>
ServerName push.faked.org
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName push.faked.org
ServerAdmin jan@faked.org
SSLEngine on
SSLCertificateFile /etc/ssl/local/wildcard.faked.org.cert
SSLCertificateKeyFile /etc/ssl/private/wildcard.faked.org.key
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
RewriteEngine On
RewriteRule /.well-known/carddav /card.php [R,L]
RewriteRule /.well-known/caldav /cal.php [R,L]
RewriteRule .* - [E=HTTP_MS_ASPROTOCOLVERSION:%{HTTP:Ms-Asprotocolversion}]
RewriteRule .* - [E=HTTP_X_MS_POLICYKEY:%{HTTP:X-Ms-Policykey}]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
ProxyPassMatch ^(?i)/(.*\.php(/.*)?)$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/baikal/html/$1
ProxyPassMatch ^(?i)/autodiscover/autodiscover.xml$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/z-push/autodiscover/autodiscover.php
ProxyPassMatch ^(?i)/microsoft-server-activesync$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/z-push/index.php
ProxyPassMatch ^(?i)/microsoft-server-activesync$ fcgi://127.0.0.1:5080/srv/www/push.faked.org/baikal/html/card.php
<Directory /srv/www/push.faked.org/>
Options -Indexes
AllowOverride all
Require all granted
</Directory>
DocumentRoot /srv/www/push.faked.org/baikal/html
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /srv/www/push.faked.org/baikal/html/>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/push-access.log combined
</VirtualHost>
</IfModule>
So as you can see, Z-Push is installed to /srv/www/push.faked.org/z-push, and Baikal to /srv/www/push.faked.org/baikal, with the DocumentRoot pointing to /srv/www/push.faked.org/baikal/html
Z-Push
Checkout the master branch of Z-Push from Github and make sure that's it accessible on your webserver. Basically follow the provided installation instructions so that it's theoretically usable, maybe take it for a spin with just the IMAP backend.
Below are only the settings i changed from their defaults, without comments.
config.php
I am using SQL for the State Machine, but FILE should work just as well. Ignore those SQL-related settings if you stick to the default.
define('USE_FULLEMAIL_FOR_LOGIN', true);
define('PRE_AUTHORIZE_USERS', true);
define('PRE_AUTHORIZE_NEW_USERS', true);
define('PRE_AUTHORIZE_NEW_DEVICES', true);
define('STATE_MACHINE', 'SQL');
define('STATE_SQL_DSN', 'mysql:host=localhost;port=3306;dbname=z-push');
define('STATE_SQL_USER', 'z-push');
define('STATE_SQL_PASSWORD', '<password>');
define('LOGLEVEL', LOGLEVEL_WARN);
define('LOGAUTHFAIL', true);
define('LOOSE_PROVISIONING', true);
define('BACKEND_PROVIDER', 'BackendCombined');
backend/combined/config.php
SYNC_FOLDER_TYPE_TASK => 'c', SYNC_FOLDER_TYPE_APPOINTMENT => 'c', SYNC_FOLDER_TYPE_CONTACT => 'd', SYNC_FOLDER_TYPE_NOTE => 'c', SYNC_FOLDER_TYPE_JOURNAL => 'c', SYNC_FOLDER_TYPE_USER_APPOINTMENT => 'c', SYNC_FOLDER_TYPE_USER_CONTACT => 'd', SYNC_FOLDER_TYPE_USER_TASK => 'c', SYNC_FOLDER_TYPE_USER_JOURNAL => 'c', SYNC_FOLDER_TYPE_USER_NOTE => 'c', SYNC_FOLDER_TYPE_UNKNOWN => 'i',
backend/imap/config.php
define('IMAP_FOLDER_CONFIGURED', true);
define('IMAP_FOLDER_SPAM', 'JUNK');
define('IMAP_INLINE_FORWARD', false);
define('IMAP_EXCLUDED_FOLDERS', 'sieve');
define('IMAP_SMTP_METHOD', 'smtp');
$imap_smtp_params = array('host' => 'localhost', 'port' => 587, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password');
backend/caldav/config.php
define('CALDAV_SERVER', 'https://push.faked.org');
define('CALDAV_PORT', '443');
define('CALDAV_PATH', '/cal.php/calendars/%u/');
define('CALDAV_PERSONAL', 'default');
backend/carddav/config.php
define('CARDDAV_SERVER', 'push.faked.org');
define('CARDDAV_PATH', '/card.php/addressbooks/%u/');
define('CARDDAV_DEFAULT_PATH', '/card.php/addressbooks/%u/default/');