braveo:docinstallroundcube
Différences
Ci-dessous, les différences entre deux révisions de la page.
— | braveo:docinstallroundcube [2024/04/16 22:20] (Version actuelle) – créée - modification externe 127.0.0.1 | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | =====Installation de apache et roundcube ==== | ||
+ | (source : http:// | ||
+ | |||
+ | installation de apache, | ||
+ | aptitude install apache2 mysql-server php5 php5-mysql phpmyadmin | ||
+ | |||
+ | paramétrage du mode sécurisé pour apache : | ||
+ | |||
+ | Activation du ssl : | ||
+ | a2enmod ssl | ||
+ | |||
+ | Création du virtualhost : | ||
+ | cd / | ||
+ | vi ssl | ||
+ | |||
+ | Et on colle : | ||
+ | NameVirtualHost *:443 | ||
+ | < | ||
+ | ServerAdmin webmaster@mdl29.net | ||
+ | ServerName www.mdl29.net | ||
+ | DocumentRoot /var/www/ | ||
+ | < | ||
+ | Options FollowSymLinks | ||
+ | AllowOverride None | ||
+ | </ | ||
+ | < | ||
+ | Options Indexes FollowSymLinks MultiViews | ||
+ | AllowOverride All | ||
+ | Order allow,deny | ||
+ | allow from all | ||
+ | # This directive allows us to have apache2' | ||
+ | # in / | ||
+ | # Commented out for Ubuntu | ||
+ | # | ||
+ | </ | ||
+ | | ||
+ | ScriptAlias /cgi-bin/ / | ||
+ | < | ||
+ | AllowOverride AuthConfig | ||
+ | Options ExecCGI -MultiViews +SymLinksIfOwnerMatch | ||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </ | ||
+ | | ||
+ | ErrorLog / | ||
+ | | ||
+ | # Possible values include: debug, info, notice, warn, error, crit, | ||
+ | # alert, emerg. | ||
+ | LogLevel warn | ||
+ | | ||
+ | CustomLog / | ||
+ | ServerSignature On | ||
+ | | ||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | | ||
+ | SetEnvIf User-Agent " | ||
+ | </ | ||
+ | |||
+ | Edition du fichier ports.conf afin de vérifier que le port 443 y figure (ce qui devrait être le cas) : | ||
+ | vi / | ||
+ | |||
+ | et on ajoute la ligne (si besoin) | ||
+ | listen 443 | ||
+ | |||
+ | Activation du virtualhost : | ||
+ | a2ensite ssl | ||
+ | |||
+ | Génération des certificats : | ||
+ | |||
+ | On édite la configuration de ssl pour pouvoir signer des certificats sur 10 ans, au lieu d’1 an par défaut (comme çà, on est tranquille plus longtemps) : | ||
+ | vi / | ||
+ | |||
+ | on change la ligne default_days en | ||
+ | default_days | ||
+ | |||
+ | Création du Certificat Racine : | ||
+ | cd ~ | ||
+ | mkdir CERT | ||
+ | / | ||
+ | |||
+ | Entrez les paramètres requis et choississez un pass phrase laissez " | ||
+ | |||
+ | CA certificate filename (or enter to create) | ||
+ | | ||
+ | Making CA certificate ... | ||
+ | Generating a 1024 bit RSA private key | ||
+ | ....... | ||
+ | ......................................... | ||
+ | writing new private key to ' | ||
+ | Enter PEM pass phrase: | ||
+ | Verifying - Enter PEM pass phrase: | ||
+ | | ||
+ | You are about to be asked to enter information that will be incorporated | ||
+ | into your certificate request. | ||
+ | What you are about to enter is what is called a Distinguished Name or a DN. | ||
+ | There are quite a few fields but you can leave some blank | ||
+ | For some fields there will be a default value, | ||
+ | If you enter ' | ||
+ | | ||
+ | Country Name (2 letter code) [AU]:FR | ||
+ | State or Province Name (full name) [Some-State]: | ||
+ | Locality Name (eg, city) []:Brest | ||
+ | Organization Name (eg, company) [Internet Widgits Pty Ltd]: | ||
+ | Organizational Unit Name (eg, section) []: | ||
+ | Common Name (eg, YOUR name) []: | ||
+ | Email Address []: | ||
+ | | ||
+ | Please enter the following ' | ||
+ | to be sent with your certificate request | ||
+ | A challenge password []: | ||
+ | An optional company name []: | ||
+ | Using configuration from / | ||
+ | Enter pass phrase for ./ | ||
+ | Check that the request matches the signature | ||
+ | Signature ok | ||
+ | Certificate Details: | ||
+ | // | ||
+ | Data Base Updated | ||
+ | |||
+ | Création d'une clé privée pour le serveur et d' | ||
+ | |||
+ | Il est important de créer un certificat avec le même nom que celui utilisé pour la connexion (ex : si on se connecte au serveur web par www.mdl29.net, | ||
+ | |||
+ | Création d'un certificat public non signé et une clé, puis signature avec le CA : | ||
+ | cd ~/CERT | ||
+ | openssl req -new -nodes -keyout mdl29-key-www.pem -out mdl29-req-www.pem -days 3650 | ||
+ | |||
+ | On entre les informations en prenant soin de bien spécifier le Common Name en www.mdl29.net. Il faut également mettre les mêmes informations entrées dans le CA plus tôt. | ||
+ | cd ~ | ||
+ | openssl ca -out CERT/ | ||
+ | cd CERT/ | ||
+ | cat mdl29-key-www.pem mdl29-cert-www.pem > | ||
+ | mkdir / | ||
+ | cp mdl29-certkey-www.pem / | ||
+ | chmod 600 / | ||
+ | |||
+ | On redémarre Apache : | ||
+ | / | ||
+ | |||
+ | On peut vérifier la connexion en ssl sur l' | ||
+ | |||
+ | =====Installation et paramétrage de roundcube===== | ||
+ | |||
+ | installation de roundcube : | ||
+ | aptitude install roundcube php5-ldap roundcube-mysql | ||
+ | on redémarre apache : | ||
+ | / | ||
+ | (voir si l' | ||
+ | |||
+ | L' | ||
+ | |||
+ | paramétrage de roundcube : | ||
+ | |||
+ | ouverture de l' | ||
+ | vi / | ||
+ | décommentez les 2 lignes d' | ||
+ | # Those aliases do not work properly with several hosts on your apache server | ||
+ | # Uncomment them to use it or adapt them to your configuration | ||
+ | Alias / | ||
+ | Alias /roundcube / | ||
+ | |||
+ | Il faut adapter le fichier de configuration (/ | ||
+ | |||
+ | <?php | ||
+ | | ||
+ | /* | ||
+ | | ||
+ | | Main configuration file | | ||
+ | | ||
+ | | This file is part of the RoundCube Webmail client | ||
+ | | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | ||
+ | | Licensed under the GNU GPL | | ||
+ | | ||
+ | | ||
+ | | ||
+ | */ | ||
+ | $rcmail_config = array(); | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | ?> | ||
+ | |||
+ | il faut modifier le fichier / | ||
+ | $rcmail_config[' | ||
+ | (pas forcement à faire) | ||
+ | |||
+ | On redémarre apache : | ||
+ | / | ||
+ | |||
+ | Il ne reste plus qu'à tester la connexion avec roundcube sur https:// | ||
+ | |||
+ | |||
+ | =====Récupération d'un carnet d' | ||
+ | |||
+ | il faut installer le paquet 2vcard. | ||
+ | |||
+ | Puis exporter le carnet d' | ||
+ | |||
+ | Ensuite dans un terminal : | ||
+ | 2vcard -f ldif -i fichier.ldif -o fichier.vcard | ||
+ | (en remplaçant fichier par le nom du fichier) | ||
+ | |||
+ | Il ne reste plus qu'à importer le carnet d' | ||