Differences between revisions 20 and 21
Revision 20 as of 2011-03-04 11:22:19
Size: 11239
Editor: ?PaulvanderVlis
Comment:
Revision 21 as of 2011-03-04 21:29:39
Size: 11194
Editor: ?PaulvanderVlis
Comment: redirects gewijzigd
Deletions are marked like this. Additions are marked like this.
Line 147: Line 147:
# there are problems with this:
# RedirectMatch permanent ^/ http://sogo.vandervlis.nl/SOGo

   Redirect permanent /index.html http://sogo.vandervlis.nl/SOGo
Line 218: Line 219:
   # this does not work...
   # RedirectMatch permanent ^/ https://sogo.vandervlis.nl/SOGo
   
   Redirect permanent /index.html https://sogo.vandervlis.nl/SOG
   

I would like to write here something about the installation of SOGo on Debian Lenny and Squeeze. I do it here with MySQL (or PostgreSQL), both for authentication and data. The idea comes from an article in Linux Journal: http://www.linuxjournal.com/article/10894

Please copy the text (from "# become root") into an editor, and replace the password "secret" with another password. Further, replace the hostname "sogo.vandervlis.nl" with your own hostname, or with e.g. "localhost". When you want to install SOGo on Lenny, please replace "squeeze" with "lenny".

Read it, and make some other changes, you will want other test-users with other passwords then I have. You will want e.g. another timezone, language and maildomain. After that, you can copy/paste it in lines or parts to your terminal.

When you use PostgreSQL you can use the text for postgresql too, I expect. Do a replace from "mysql" to "postgresql" and I think you only need to change the text between "start mysql" and "end mysql" a bit. I have only tested with MySQL, please tell me about your postgresql experiences.

I am using Sogo with Icedove 3.0.11 from Debian stable, with the Sogo connector from the sogo site: http://www.sogo.nu/files/downloads/extensions/sogo-connector-0.101.xpi I don't use the Sogo-integrator (I think I don't need it), and I don't use the Mozilla Lighting Sogo edition because (it needs Icedove 3.1). I use iceowl-extension from Debian stable, so I cannot edit ACL's in Icedove. When you don't like this, you can also use Icedove 3.1 from experimental. This version does accept the Mozilla Lightning Sogo editon, and it works fine I've heard from the packager.

There is still a little problem with workarround: sometimes I cannot create a caldav calendar (the "next" button does not work then). When this happens I disable the sogo-connector extention, a restart of Icedove is needed. Then I can create the caldav calendar. After this I enable the sogo-connector extention again and everything works. This does not remove a remote calendar.

My install is fresh, I do not have much experience with it. But the webinterface and Icedove seems to work fine with mail, calendars and addressbook. A point is that the password for the mail must be the same as the password for SOGo.

A last advice: when you have strange problems with the webinterface, clear the cache of your browser.

# become root
su

# this manual assumes you allready have apache2 running
# if not please install it first.

# change sources.list
echo '# sogo:" >> /etc/apt/sources.list
echo 'deb http://inverse.ca/debian squeeze squeeze' >> /etc/apt/sources.list
apt-get update

# install sogo
apt-get install sogo sope4.9-gdl1-mysql memcached
# you will get an error about the key of the repostitory, there is no key.
# in some cases mysql is stopped, therefore I restart mysql:
/etc/init.d/mysql restart
# you will get an security message from tmpreaper, no problem.
# you will get an error when sogo starts, no problem.

# install rpl  (I use it in this manual)
apt-get install rpl

# to read more about the security-issues of tmpreader
zless /usr/share/doc/tmpreaper/README.security.gz
# to remove the warning of tmpreaper
rpl 'SHOWWARNING=true' 'SHOWWARNING=false' /etc/tmpreaper.conf

# memcached
apt-get install memcached
# this is because of IPv6 errors, do this only in Squee-ze, not in Len-ny.
rpl '127.0.0.1' localhost /etc/memcached.conf
/etc/init.d/memcached restart

# create a database and add some test-users
mysql  # start mysql client, maybe you will need the -p option

------start mysql------
CREATE DATABASE sogo CHARSET='UTF8';
CREATE USER 'sogo'@'localhost' IDENTIFIED BY 'secret';
GRANT ALL PRIVILEGES ON sogo.* TO 'sogo'@'localhost';
USE sogo;
CREATE TABLE sogo_users (c_uid VARCHAR(10) PRIMARY KEY, c_name VARCHAR(10), c_password VARCHAR(32), c_cn VARCHAR(128), mail VARCHAR(128));
INSERT INTO sogo_users VALUES ('paul', 'paul', MD5('zxc'), 'Paul van der Vlis', 'paul@vandervlis.nl');
INSERT INTO sogo_users VALUES ('piet', 'piet', MD5('zxc'), 'Piet van der Vlis', 'piet@vandervlis.nl');
INSERT INTO sogo_users VALUES ('klaas', 'klaas', MD5('zxc'), 'Klaas van der Vlis', 'klaas@vandervlis.nl');
flush privileges;
exit
----end mysql--------

# add some apache modules
a2enmod proxy
a2enmod proxy_http
a2enmod headers
a2enmod rewrite
# restart apache
/etc/init.d/apache2 restart

# sogo configuration, as user "sogo"
su sogo
defaults write sogod SOGoTimeZone "Europe/Amsterdam"
defaults write sogod SOGoMailDomain "vandervlis.nl"
defaults write sogod SOGoLanguage "Dutch"
defaults write sogod SOGoUserSources '({canAuthenticate = YES; displayName = "SOGo Users"; id = users; isAddressBook = YES; type = sql; userPasswordAlgorithm = md5; viewURL ="mysql://sogo:secret@127.0.0.1:3306/sogo/sogo_users";})'
defaults write sogod SOGoProfileURL 'mysql://sogo:secret@127.0.0.1:3306/sogo/sogo_user_profile'
defaults write sogod OCSFolderInfoURL 'mysql://sogo:secret@127.0.0.1:3306/sogo/sogo_folder_info'
defaults write sogod OCSSessionsFolderURL 'mysql://sogo:secret@127.0.0.1:3306/sogo/sogo_sessions_folder'
defaults write sogod SOGoAppointmentSendEMailNotifications NO
defaults write sogod SOGoLoginModule Calendar
# I am using Cyrus IMAP 2.2 in the default settings, I needed this 3 lines 
# for mailbox setting. I don't think you need them with other IMAP servers:
defaults write sogod SOGoDraftsFolderName "INBOX.Drafts"
defaults write sogod SOGoSentFolderName "INBOX.Sent"
defaults write sogod SOGoTrashFolderName "INBOX.Trash"
exit
/etc/init.d/sogo restart

# the default apache configuration adds an /SOGo/ to every site you run.
# if you don't like that, like me, you can use my apache-config.

# backup and remove default apache sogo configuration
mv /etc/apache2/conf.d/SOGo.conf /root/SOGo.conf-backup
echo "# disabled" >> /etc/apache2/conf.d/SOGo.conf
# copy the virtualhost apache configuration and restart apache
pico /etc/apache2/sites-available/sogo.vandervlis.nl

---begin apache config-------
<VirtualHost *:80>
   Servername sogo.vandervlis.nl
   DocumentRoot /usr/lib/GNUstep/SOGo/WebServerResources/
   ErrorLog /var/log/apache2/error.log
   Customlog /var/log/apache2/access.log combined
   ServerSignature Off

   Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
   Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
   AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2

   <Directory /usr/lib/GNUstep/SOGo/>
      AllowOverride None
      Order deny,allow
      Allow from all
   </Directory>

   <LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
     SetHandler default-handler
   </LocationMatch>

   ProxyRequests Off
   SetEnv proxy-nokeepalive 1
   ProxyPreserveHost On
   ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0

   <Proxy http://127.0.0.1:20000/SOGo>
     RequestHeader set "x-webobjects-server-port" "80"
     RequestHeader set "x-webobjects-server-name" "sogo.vandervlis.nl"
     RequestHeader set "x-webobjects-server-url" "http://sogo.vandervlis.nl"
     RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
     RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST
     AddDefaultCharset UTF-8
     Order allow,deny
     Allow from all
   </Proxy>
   ## We use mod_rewrite to pass remote address to the SOGo proxy.
   # The remote address will appear in SOGo's log files and in the X-Forward
   # header of emails.
   RewriteEngine On
   RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]

   Redirect permanent /index.html http://sogo.vandervlis.nl/SOGo

</virtualhost>
----end apache config---------

a2ensite sogo.vandervlis.nl
/etc/init.d/apache2 reload

# Now you can access SOGo on http://sogo.vanderdervlis.nl/SOGo

# Url's for Thunderbird:
# adressbook: http://sogo.vandervlis.nl/SOGo/dav/paul/Contacts/personal/ 
# calendar:   http://sogo.vandervlis.nl/SOGo/dav/paul/Calendar/personal/ 

# If everything works well, you can make it https, with something like this:
pico /etc/apache2/sites-available/sogo.vandervlis.nl

------begin apache config ssl---------
<VirtualHost *:80>
   Servername sogo.vandervlis.nl
   RedirectMatch permanent ^/ https://sogo.vandervlis.nl/SOGo
   RedirectMatch permanent ^/SOGo https://sogo.vandervlis.nl/SOGo
</VirtualHost>

<VirtualHost *:443>
   Servername sogo.vandervlis.nl
   SSLEngine On
   SSLCertificateFile /etc/apache2/ssl/sogo.vandervlis.nl.pem
   SSLCertificateChainFile /etc/apache2/ssl/sogo.vandervlis.nl.pem
   DocumentRoot /usr/lib/GNUstep/SOGo/WebServerResources/
   ErrorLog /var/log/apache2/error.log
   Customlog /var/log/apache2/access.log combined
   ServerSignature Off
   <IfModule mpm_itk_module>
       AssignUserId sogo-a sogo-a
  </IfModule>

   Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
   Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
   AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2

   <Directory /usr/lib/GNUstep/SOGo/>
      AllowOverride None
      Order deny,allow
      Allow from all
   </Directory>

   <LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
     SetHandler default-handler
   </LocationMatch>

   ProxyRequests Off
   SetEnv proxy-nokeepalive 1
   ProxyPreserveHost On
   ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0

   <Proxy http://127.0.0.1:20000/SOGo>
     RequestHeader set "x-webobjects-server-port" "443"
     RequestHeader set "x-webobjects-server-name" "sogo.vandervlis.nl"
     RequestHeader set "x-webobjects-server-url" "https://sogo.vandervlis.nl"
     RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
     RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST
     AddDefaultCharset UTF-8
     Order allow,deny
     Allow from all
   </Proxy>
   ## We use mod_rewrite to pass remote address to the SOGo proxy.
   # The remote address will appear in SOGo's log files and in the X-Forward
   # header of emails.
   RewriteEngine On
   RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]
   
   Redirect permanent /index.html https://sogo.vandervlis.nl/SOG
   
</virtualhost>
------end apache config ssl-----------------

a2ensite sogo.vandervlis.nl
/etc/init.d/apache2 reload

# Now you can access it on https://sogo.vanderdervlis.nl/SOGo

# Url's for Thunderbird:
# adressbook: https://sogo.vandervlis.nl/SOGo/dav/paul/Contacts/personal/ 
# calendar:   https://sogo.vandervlis.nl/SOGo/dav/paul/Calendar/personal/

# please write me if you have an good idea to make this manual better:
# Paul van der Vlis paul@vandervlis.nl
# please don't change the setup of this page without contact.
# I also like something like this:
echo "Your SOGo manual helped me" | mail -s Thanks paul@vandervlis.nl