Differences between revisions 52 and 88 (spanning 36 versions)
Revision 52 as of 2016-04-10 09:02:07
Size: 7719
Comment:
Revision 88 as of 2021-10-23 07:36:01
Size: 9414
Comment: Update Git tree information for z-push
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
#language en

## page was renamed from Groupware/Giraffe
Line 2: Line 5:
= Packaging Giraffe = = Packaging Kopano and related packages =
Line 4: Line 7:
Giraffe is the free open source variant of the Zarafa Collaboration Platform packaged for Debian. Kopano is the free open source variant of the Kopano Collaboration Platform from Kopano packaged for Debian.
Kopano is the renamed Zarafa Collaboration Platform (ZCP) by Zarafa B.V. as a consequence started by a complete license change to AGPL started in 2015. Some parts are completely rewritten (like the archiver functions) and got integrated in the Kopano release from scratch.
Line 11: Line 15:
 * Zarafa SCM: https://anonscm.debian.org/cgit/pkg-giraffe/giraffe.git
 * Zarafa-!WebApp SCM: https://anonscm.debian.org/cgit/pkg-giraffe/zarafa-webapp.git
 * Kopano SCM: https://salsa.debian.org/giraffe-team/kopanocore
 * Kopano-!WebApp SCM: https://salsa.debian.org/giraffe-team/kopano-webapp
 * z-push SCM: https://salsa
.debian.org/giraffe-team/z-push
Line 15: Line 20:
 * Upstream: https://community.zarafa.com/
 * Upstream Source: https://download.zarafa.com/community/
 * Upstream: https://kopano.com/
 * Upstream Source:
  * https://stash.kopano.io/projects/KC
  * https://download.kopano.io/community/
  * https://stash.kopano.io/projects/ZHUB/repos/z-push/browse
 * Upstream Documentation: https://documentation.kopano.io/
Line 19: Line 28:
The packages of Zarafa (server) where uploaded for a first time to experimental NEW, but the package was rejected by the ftpmasters due small issues in debian/copyright. zarafa-webapp isn't finally packaged and not available by the Debian repositories, the packaging process is mostly finished, but a upload makes no sense without the Zarafa main packages.  * [[http://packages.debian.org/src:kopanocore|kopanocore]] version 8.3.4-1 is in unstable (sid) and testing.
 * [[http://packages.debian.org/src:kopano-webapp|kopano-webapp]] version 3.3.1-1 is in experimental.
 * [[http://packages.debian.org/src:z-push|z-push]] version 2.3.7-1 is in unstable (sid) and testing.
 * Other kopano-* packages aren't packaged yet or prepared.

----
Line 24: Line 38:
 * (./) prepare libVMime 0.9.2
Line 25: Line 40:
=== zarafa-server, ... === ----

=== kopano-server, kopano-utils, kopano-dagent, ... ===
Line 27: Line 44:
 * Check place of the database while install (local or remote) -> Debconf
 * Fix Lintian errors and warnings
 * Review and forward patches against DebPkg:libical (and DebPkg:libvmime, see above) on upstream. For now it seems we can run with the versions of the revitalized package.
 * Move dlopen'ed libs to private directory
 * To be re done with version 7.2.x

 /!\ Please don't add any further TODOs here but report them as bugs against the [[http://bugs.debian.org/src:kopanocore|kopanocore]] package.

 * Review and Forward patches against DebPkg:libical
Line 34: Line 50:
 * fix init script  * test and fix init scripts
Line 36: Line 52:
  * error out when database is missing
  * often hangs on stop
 * systemd unit file (partially done)
  * (./) error out when database is missing
  * (./) often hangs on stop
 * systemd unit files (partially done)
Line 41: Line 57:
 * logrotate (upstream available in installer/linux/zarafa.logrotate, put in zarafa-common, split it per package)  * logrotate (upstream available in installer/linux/kopano.logrotate, put in zarafa-common, split it per package)
Line 43: Line 59:
 * z-push upstream update
 * do not run as UID 0 (problematic for zarafa-search, otherwise it is configurable in the config files)
 * zarafa-common: kill it with fire, no useful parts
 * Adding mechanism to not conflict with packages from upstream
 * kopano-common: kill it with fire, no useful parts, still true?
 * Add mechanism to not conflict with packages from upstream
 * Autopkgtests
  * gateway IMAP / POP3 (JellevanderWaa has a branch with gateway tests on his GitHub https://github.com/jelly/giraffe )
  * Caldav (kopano-ical)
 * check for unneeded linked libraries and forward upstream
 * full hardening support

Further possible improvements:
 * Tweak default SSL settings in gateway.cfg and server.cfg
 * Add some security features to systemd service files (!PrivateTmp=True, etc.)
 * Apparmor support
Line 49: Line 73:
 * (./) import upstream version 7.2.0
 * (./) switch to debhelper
 * (./) Check place of the database while install (local or remote) -> Debconf (dbconfig-common)
 * (./) Review and Forward patches against DebPkg:libvmime
 * (./) Fix Lintian errors and warnings
 * (./) do not run as UID 0 (problematic for kopano-search, otherwise it is configurable in the config files and done in the Debian packages)
 * (./) import upstream version 8.3.2
 * (./) switch to debhelper 9
Line 55: Line 83:
 * zarafa-client:
     * (./) Rename zarafa-client to libzarafa-client0 since it contains no client programs
     * (./) make libzarafaclient a proper versioned shared lib (or a private one)
 * (./) Adding some basic autopkgtests
 * (./) Remove embedded copies of fckeditor via the dfsg-clean branch in git, (use DebPkg:fckeditor package) (webaccess is not packaged anymore)
 * (./) Adding some basic [[https://anonscm.debian.org/cgit/pkg-giraffe/kopanocore.git/tree/debian/tests|autopkgtests]]
Line 61: Line 85:
----
Line 62: Line 87:
=== WebApp === === kopano-webapp ===
Line 64: Line 89:
 * Support more web server configurations (currently only Apache2)
Line 67: Line 91:
   * Fonts in the package (related to TinyMCE)
Line 70: Line 95:
 * (./) Basic packaging, Alioth git repo: https://anonscm.debian.org/cgit/pkg-giraffe/zarafa-webapp.git/
  * ITP DebianBug:783640
 * (./) Basic packaging, Alioth git repo: https://anonscm.debian.org/cgit/pkg-giraffe/kopano-webapp.git/
Line 76: Line 100:
 * (./) Adding some basic autopkgtests (DebPkg:python-selenium, DebPkg:chromdriver DebPkg:phantomjs needed)
 * (./) Default website is available via https, http is redirected to https (This requires finally a valid vhost!)
 * (./) Adding some basic autopkgtests (DebPkg:python-selenium, DebPkg:chromium-driver DebPkg:phantomjs needed)
 * Support typical web server configurations basically, due the sensibility of the login data and the finally needed full configuration for https we don't enable the website configuration while install, the user needs to enable the configuration(s) explicitly afterwards.
  * (./) Apache2
   * (./) Default website is available via https, http is redirected to https (This requires finally a valid vhost!)
  * (./) NGinx
   * (./) Default website is available via https, http is redirected to https (This requires finally a valid vhost!)
  * (./) Lighttpd
   * (./) Default website is available via http, currently no redirection to https right now!
Line 79: Line 109:
The origin of this list is provided by GuidoGünther in https://honk.sigxcpu.org/piki/agx/publications/2011-06-debian-groupware-zs.pdf. ----
Line 81: Line 111:
There was also a talk given on the Zarafa Tour 2015 in Hannover (in german)[[attachment:Talk-Hannover-ZarafaTour2015.pdf]]. === z-push/d-push ===
The DebPkg:d-push packages (the de-branded Debian version of z-push) are outdated and were removed in testing. The license for z-push has been changed to AGPL3 by Zarafa/Kopano so the re-branding isn't needed any more and Debian can use the upstream names.
Line 83: Line 114:
== Using KVM for testing ==
You probably wont use your current system to test the zarafa packages and that's a good idea so far. KVM is a good alternative for testing because it's supporting snapshot mechanism for easy using and resetting of installations.
==== ToDo ====
 * Transmigrate the existing d-push packages into z-push variants
 * Use package names from [[https://wiki.z-hub.io/display/ZP/Installation|upstream]], but decrease to a minimum if possible
 * Create autopkgtests tests where possible
 * Ensure a smooth update on the user side
Line 86: Line 120:
=== Installing needed KVM components === ==== Done ====
 * (./) Move d-push.git to z-push.git
 * (./) Update the [https://anonscm.debian.org/cgit/pkg-giraffe/z-push.git|package repository] to a recent version
 * (./) Update the Debian packaging stuff to recent versions and workflow

Roel van Meer is currently working on the z-push packages and has prepared version 2.3.7-1 that has entered experimental.
https://github.com/roelvanmeer/z-push-packaging

-----

The original source of this topics was long ago provided by GuidoGünther in https://honk.sigxcpu.org/piki/agx/publications/2011-06-debian-groupware-zs.pdf.

There was also a talk given on the Zarafa Tour 2015 in Hannover (in German)[[attachment:Talk-Hannover-ZarafaTour2015.pdf]]. On the [[https://kopano.com/conference/|Kopano Conference]] in 2016 Guido was giving also a talk [[https://git.sigxcpu.org/cgit/talks/2016-10-kopano-conference/|about the current state]] of Kopano in Debian.

-----

= Using KVM for testing =
You probably wont use your current system to test the kopano packages and that's a good idea so far. KVM is a good alternative for testing because it's supporting snapshot mechanism for easy using and resetting of installations.

== Installing needed KVM components ==
Line 89: Line 142:
$ sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager virtinst $ sudo apt-get install qemu-kvm bridge-utils virt-manager virtinst
Line 92: Line 145:
=== Further preparations === == Further preparations ==
Line 108: Line 161:
=== Installation of a virtual image ===
After the finishing of the preparation from above you can install a first image. The installation can be as known done fully automated by a preseed file, Guido has prepared file preseed.cfg. Download the file for example to the 'Downloads' folder within your home directory.
== Installation of a virtual image ==
After the finishing of the preparation from above you can install a first image. The installation can be done as known done fully automated by a preseed file, Guido has prepared file preseed.cfg. Download the file for example to the 'Downloads' folder within your home directory.
Line 113: Line 166:
Next you can set up a install, for example based on the Jessie release amd64 and named unstable-amd64-zarafa. Next you can set up a install, for example based on the unstable release amd64 and named unstable-amd64-kopano.
Line 116: Line 169:
$ NAME=zarafa $ NAME=kopano
Line 119: Line 172:
               --cpu host \
               --os-variant linux \
Line 125: Line 180:
This will install a image named 'unstable-amd64-zarafa.qcow2' with a size of 10GB under /var/lib/libvirt/images/. After the install the image will boot automatically. This will install a image named 'unstable-amd64-kopano.qcow2' with a size of 10GB under /var/lib/libvirt/images/. After the install the image will boot automatically.
Line 127: Line 182:
=== Usage of KVM images === You can't do it remote

-----

== Usage of KVM images ==
Line 129: Line 188:


== pkg-giraffe package repository ==
=== Using packages from Alioth ===

Packages are available at https://pkg-giraffe.alioth.debian.org/packages/
These can be included into sources.list, for sid on AMD64 for example, via
{{{
deb http://pkg-giraffe.alioth.debian.org/packages sid/amd64/
deb http://pkg-giraffe.alioth.debian.org/packages sid/all/
}}}

Releases are signed with GPG key AF90BD8F which can be added to a system as trusted key using apt-key


=== Uploading packages to Alioth ===

In order to upload packages to the repo on Alioth you need to be member of the
pkg-giraffe group and have Alioth ssh access set up.
Uploads can be done via dput using the following configuration:

{{{
[pkg-giraffe]
fqdn = alioth.debian.org
incoming = /home/groups/pkg-giraffe/htdocs/packages/mini-dinstall/incoming
method = scp
allow_unsigned_uploads = 0
post_upload_command = ssh alioth "mini-dinstall -b -c /home/groups/pkg-giraffe/.mini-dinstall.conf"
}}}

As signed uploads are needed, your key needs to be in the keyring file
"pkg-giraffe-keyring.gpg" on Alioth.

Packaging Kopano and related packages

Kopano is the free open source variant of the Kopano Collaboration Platform from Kopano packaged for Debian. Kopano is the renamed Zarafa Collaboration Platform (ZCP) by Zarafa B.V. as a consequence started by a complete license change to AGPL started in 2015. Some parts are completely rewritten (like the archiver functions) and got integrated in the Kopano release from scratch.

Resources

Current State

  • kopanocore version 8.3.4-1 is in unstable (sid) and testing.

  • kopano-webapp version 3.3.1-1 is in experimental.

  • z-push version 2.3.7-1 is in unstable (sid) and testing.

  • Other kopano-* packages aren't packaged yet or prepared.


libvmime


kopano-server, kopano-utils, kopano-dagent, ...

ToDo

  • /!\ Please don't add any further TODOs here but report them as bugs against the kopanocore package.

  • Review and Forward patches against libical

  • Test full functionality
    • We'd need some Outlook users here, too...
  • test and fix init scripts
    • systemd compatibility
    • (./) error out when database is missing

    • (./) often hangs on stop

  • systemd unit files (partially done)
  • MTA integration
  • check package descriptions
  • logrotate (upstream available in installer/linux/kopano.logrotate, put in zarafa-common, split it per package)
  • check pre-/postinstall scripts: they do no error handling, don't include debhelper snippets
  • kopano-common: kill it with fire, no useful parts, still true?
  • Add mechanism to not conflict with packages from upstream
  • Autopkgtests
  • check for unneeded linked libraries and forward upstream
  • full hardening support

Further possible improvements:

  • Tweak default SSL settings in gateway.cfg and server.cfg
  • Add some security features to systemd service files (PrivateTmp=True, etc.)

  • Apparmor support

Done

  • (./) Check place of the database while install (local or remote) -> Debconf (dbconfig-common)

  • (./) Review and Forward patches against libvmime

  • (./) Fix Lintian errors and warnings

  • (./) do not run as UID 0 (problematic for kopano-search, otherwise it is configurable in the config files and done in the Debian packages)

  • (./) import upstream version 8.3.2

  • (./) switch to debhelper 9

  • (./) Use dbconfig-common/Debconf to generate the initial configuration

    • database name
    • database user
    • database login
  • (./) Adding some basic autopkgtests


kopano-webapp

ToDo

  • Lintian is complaining about
    • tinymce (TinyMCE currently overridden as Debian version is to old)

    • Fonts in the package (related to TinyMCE)
  • Adding mechanism to not conflict with packages from upstream

Done

  • (./) Basic packaging, Alioth git repo: https://anonscm.debian.org/cgit/pkg-giraffe/kopano-webapp.git/

  • Lintian was complaining about
    • (./) jquery-1.6.2.min.js (removed and symlinked to libjs-jquery)

    • (./) player.swf and moxieplayer.swf (Upstream want to ship this, removed within Debian packaging)

    • (./) ext-{base,all}.js, prettify.js (removed and symlinked to libjs-extjs libjs-jac libjs-prettify)

  • (./) Adding some basic autopkgtests (python-selenium, chromium-driver phantomjs needed)

  • Support typical web server configurations basically, due the sensibility of the login data and the finally needed full configuration for https we don't enable the website configuration while install, the user needs to enable the configuration(s) explicitly afterwards.
    • (./) Apache2

      • (./) Default website is available via https, http is redirected to https (This requires finally a valid vhost!)

    • (./) NGinx

      • (./) Default website is available via https, http is redirected to https (This requires finally a valid vhost!)

    • (./) Lighttpd

      • (./) Default website is available via http, currently no redirection to https right now!


z-push/d-push

The d-push packages (the de-branded Debian version of z-push) are outdated and were removed in testing. The license for z-push has been changed to AGPL3 by Zarafa/Kopano so the re-branding isn't needed any more and Debian can use the upstream names.

ToDo

  • Transmigrate the existing d-push packages into z-push variants
  • Use package names from upstream, but decrease to a minimum if possible

  • Create autopkgtests tests where possible
  • Ensure a smooth update on the user side

Done

Roel van Meer is currently working on the z-push packages and has prepared version 2.3.7-1 that has entered experimental. https://github.com/roelvanmeer/z-push-packaging


The original source of this topics was long ago provided by GuidoGünther in https://honk.sigxcpu.org/piki/agx/publications/2011-06-debian-groupware-zs.pdf.

There was also a talk given on the Zarafa Tour 2015 in Hannover (in German)Talk-Hannover-ZarafaTour2015.pdf. On the Kopano Conference in 2016 Guido was giving also a talk about the current state of Kopano in Debian.


Using KVM for testing

You probably wont use your current system to test the kopano packages and that's a good idea so far. KVM is a good alternative for testing because it's supporting snapshot mechanism for easy using and resetting of installations.

Installing needed KVM components

Installation is easy as it's simply a one liner.

$ sudo apt-get install qemu-kvm bridge-utils virt-manager virtinst

Further preparations

After this ensure you are a member of the group 'libvirt'

$ sudo usermod -aG libvirt [YOUR_USERNAME]

The virtual network adapter inside the libvirt environment is disabled per default so before to continue start it.

$ virsh -c qemu:///system net-autostart default
$ virsh -c qemu:///system net-start default

The next calls maybe not really needed, but on the other hand it's no problem if the storage pools already up, so just to throw possible issues away.

$ virsh -c qemu:///system pool-start default
$ virsh -c qemu:///system pool-start boot-scratch

Installation of a virtual image

After the finishing of the preparation from above you can install a first image. The installation can be done as known done fully automated by a preseed file, Guido has prepared file preseed.cfg. Download the file for example to the 'Downloads' folder within your home directory.

$ wget -P $HOME/Downloads http://honk.sigxcpu.org/projects/libvirt/preseed/preseed.cfg

Next you can set up a install, for example based on the unstable release amd64 and named unstable-amd64-kopano.

$ RELEASE=unstable
$ NAME=kopano
$ DIST=amd64
$ virt-install --connect=qemu:///system \
               --cpu host \
               --os-variant linux \
               --location="http://ftp.us.debian.org/debian/dists/$RELEASE/main/installer-$DIST" \
               --initrd-inject=$HOME/Downloads/preseed.cfg \
               --extra-args="auto" \
               --name $RELEASE-$DIST-$NAME --ram=512 \
               --disk=pool=default,size=10,format=qcow2,bus=virtio

This will install a image named 'unstable-amd64-kopano.qcow2' with a size of 10GB under /var/lib/libvirt/images/. After the install the image will boot automatically.

You can't do it remote


Usage of KVM images

to fill out