Packaging Kopano and related packages
Kopano is the free open source variant of the Kopano Collaboration Platform from Kopano packaged for Debian. Kopano is the renamed Zarafa Collaboration Platform (ZCP) by Zarafa B.V. as a consequence started by a complete license change to AGPL started in 2015. Some parts are completely rewritten (like the archiver functions) and got integrated in the Kopano release from scratch.
- Packaging Kopano and related packages
- Using KVM for testing
- pkg-giraffe package repository
- Creating remote repository for pkg-giraffe on Alioth
Alioth Project: https://alioth.debian.org/projects/pkg-giraffe/
Kopano-WebApp SCM: https://anonscm.debian.org/cgit/pkg-giraffe/kopano-webapp.git
Mailing List (Discussing): https://lists.alioth.debian.org/mailman/listinfo/pkg-giraffe-discuss
Mailing List (Maintaining/Packaging): https://lists.alioth.debian.org/pipermail/pkg-giraffe-maintainers
- Upstream Source:
Upstream Documentation: https://documentation.kopano.io/
kopanocore version 8.3.4-1 is in unstable (sid) and testing.
kopano-webapp version 3.3.1-1 is in experimental.
z-push version 2.3.7-1 is in unstable (sid) and testing.
- Other kopano-* packages aren't packaged yet or prepared.
repackage done libvmime
prepare libVMime 0.9.2
kopano-server, kopano-utils, kopano-dagent, ...
Please don't add any further TODOs here but report them as bugs against the kopanocore package.
Review and Forward patches against libical
- Test full functionality
- We'd need some Outlook users here, too...
- test and fix init scripts
- systemd compatibility
error out when database is missing
often hangs on stop
- systemd unit files (partially done)
- MTA integration
- check package descriptions
- logrotate (upstream available in installer/linux/kopano.logrotate, put in zarafa-common, split it per package)
- check pre-/postinstall scripts: they do no error handling, don't include debhelper snippets
- kopano-common: kill it with fire, no useful parts, still true?
- Add mechanism to not conflict with packages from upstream
- check for unneeded linked libraries and forward upstream
- full hardening support
Further possible improvements:
- Tweak default SSL settings in gateway.cfg and server.cfg
Add some security features to systemd service files (PrivateTmp=True, etc.)
- Apparmor support
Check place of the database while install (local or remote) -> Debconf (dbconfig-common)
Review and Forward patches against libvmime
Fix Lintian errors and warnings
do not run as UID 0 (problematic for kopano-search, otherwise it is configurable in the config files and done in the Debian packages)
import upstream version 8.3.2
switch to debhelper 9
Use dbconfig-common/Debconf to generate the initial configuration
- database name
- database user
- database login
Adding some basic autopkgtests
- Lintian is complaining about
tinymce (TinyMCE currently overridden as Debian version is to old)
- Fonts in the package (related to TinyMCE)
- Adding mechanism to not conflict with packages from upstream
Basic packaging, Alioth git repo: https://anonscm.debian.org/cgit/pkg-giraffe/kopano-webapp.git/
- Lintian was complaining about
- Support typical web server configurations basically, due the sensibility of the login data and the finally needed full configuration for https we don't enable the website configuration while install, the user needs to enable the configuration(s) explicitly afterwards.
Default website is available via https, http is redirected to https (This requires finally a valid vhost!)
Default website is available via http, currently no redirection to https right now!
The d-push packages (the de-branded Debian version of z-push) are outdated and were removed in testing. The license for z-push has been changed to AGPL3 by Zarafa/Kopano so the re-branding isn't needed any more and Debian can use the upstream names.
- Transmigrate the existing d-push packages into z-push variants
Use package names from upstream, but decrease to a minimum if possible
- Create autopkgtests tests where possible
- Ensure a smooth update on the user side
Move d-push.git to z-push.git
Update the [https://anonscm.debian.org/cgit/pkg-giraffe/z-push.git|package repository] to a recent version
Update the Debian packaging stuff to recent versions and workflow
Roel van Meer is currently working on the z-push packages and has prepared version 2.3.7-1 that has entered experimental. https://github.com/roelvanmeer/z-push-packaging
The original source of this topics was long ago provided by GuidoGünther in https://honk.sigxcpu.org/piki/agx/publications/2011-06-debian-groupware-zs.pdf.
There was also a talk given on the Zarafa Tour 2015 in Hannover (in German)Talk-Hannover-ZarafaTour2015.pdf. On the Kopano Conference in 2016 Guido was giving also a talk about the current state of Kopano in Debian.
Using KVM for testing
You probably wont use your current system to test the kopano packages and that's a good idea so far. KVM is a good alternative for testing because it's supporting snapshot mechanism for easy using and resetting of installations.
Installing needed KVM components
Installation is easy as it's simply a one liner.
$ sudo apt-get install qemu-kvm bridge-utils virt-manager virtinst
After this ensure you are a member of the group 'libvirt'
$ sudo usermod -aG libvirt [YOUR_USERNAME]
The virtual network adapter inside the libvirt environment is disabled per default so before to continue start it.
$ virsh -c qemu:///system net-autostart default $ virsh -c qemu:///system net-start default
The next calls maybe not really needed, but on the other hand it's no problem if the storage pools already up, so just to throw possible issues away.
$ virsh -c qemu:///system pool-start default $ virsh -c qemu:///system pool-start boot-scratch
Installation of a virtual image
After the finishing of the preparation from above you can install a first image. The installation can be done as known done fully automated by a preseed file, Guido has prepared file preseed.cfg. Download the file for example to the 'Downloads' folder within your home directory.
$ wget -P $HOME/Downloads http://honk.sigxcpu.org/projects/libvirt/preseed/preseed.cfg
Next you can set up a install, for example based on the unstable release amd64 and named unstable-amd64-kopano.
$ RELEASE=unstable $ NAME=kopano $ DIST=amd64 $ virt-install --connect=qemu:///system \ --cpu host \ --os-variant linux \ --location="http://ftp.us.debian.org/debian/dists/$RELEASE/main/installer-$DIST" \ --initrd-inject=$HOME/Downloads/preseed.cfg \ --extra-args="auto" \ --name $RELEASE-$DIST-$NAME --ram=512 \ --disk=pool=default,size=10,format=qcow2,bus=virtio
This will install a image named 'unstable-amd64-kopano.qcow2' with a size of 10GB under /var/lib/libvirt/images/. After the install the image will boot automatically.
Usage of KVM images
to fill out
pkg-giraffe package repository
Using packages from Alioth
Packages are available at https://pkg-giraffe.alioth.debian.org/packages/ . These can be included into a file /etc/apt/sources.list.d/pkg-giraffe.list, for unstable on AMD64 for example, via
deb http://pkg-giraffe.alioth.debian.org/packages unstable/amd64/ deb http://pkg-giraffe.alioth.debian.org/packages unstable/all/
Releases are signed with GPG key 0xAE3AAB3E2F45C0A0 which can be added to a system as trusted key using apt-key by the following command:
wget -O - https://pkg-giraffe.alioth.debian.org/0xAE3AAB3E2F45C0A0.asc | sudo apt-key add -
The fingerprint of the key is:
pub rsa2048/0xAE3AAB3E2F45C0A0 2016-10-27 [SC] [expires: 2021-10-26] Key fingerprint = 87A1 0F8A 9174 E939 F4AB C2A7 AE3A AB3E 2F45 C0A0 uid [ultimate] Debian pkg-giraffe archive key <firstname.lastname@example.org>
To delete the key in the local key store run:
sudo apt-key del 0xAE3AAB3E2F45C0A0
Uploading packages to Alioth
In order to upload packages to the repo on Alioth you need to be member of the pkg-giraffe group and have Alioth ssh access set up. Uploads can be done via dput using the following addition to your local dput configuration:
# ~/.dput.cf # dput configuration for pkg-giraffe [pkg-giraffe] fqdn = alioth.debian.org incoming = /home/groups/pkg-giraffe/htdocs/packages/mini-dinstall/incoming method = scp allow_unsigned_uploads = 0 post_upload_command = ssh alioth.debian.org "mini-dinstall -b -c /home/groups/pkg-giraffe/.mini-dinstall.conf" # Local variables: # coding: utf-8 # mode: conf # End: # vim: fileencoding=utf-8 filetype=config :
As signed uploads are needed, your key needs to be in the keyring file "pkg-giraffe-keyring.gpg" on Alioth.
Creating remote repository for pkg-giraffe on Alioth
In case a new repository is needed the creation on Alioth is easy due git-buildpackage. The current state of the git tree will also be pushed.
$ gbp create-remote-repo --remote-url-pattern="ssh://git.debian.org/git/pkg-giraffe/%(pkg)s" --remote-name=alioth