braveo:docinstallroundcube_lenny
no way to compare when less than two revisions
Différences
Ci-dessous, les différences entre deux révisions de la page.
— | braveo:docinstallroundcube_lenny [2024/04/16 22:20] (Version actuelle) – créée - modification externe 127.0.0.1 | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | =====Doc en cours de construction !==== | ||
+ | |||
+ | =====Installation de apache et roundcube sous lenny==== | ||
+ | (source : http:// | ||
+ | http:// | ||
+ | installation de apache, | ||
+ | aptitude install apache2 mysql-server php5 php5-mysql phpmyadmin | ||
+ | |||
+ | paramétrage du mode sécurisé pour apache : | ||
+ | |||
+ | Activation du ssl : | ||
+ | a2enmod ssl | ||
+ | |||
+ | Création du virtualhost : | ||
+ | cd / | ||
+ | vi ssl | ||
+ | |||
+ | Et on colle : | ||
+ | NameVirtualHost *:443 | ||
+ | < | ||
+ | ServerAdmin webmaster@mdl29.net | ||
+ | ServerName www.mdl29.net | ||
+ | DocumentRoot /var/www/ | ||
+ | < | ||
+ | Options FollowSymLinks | ||
+ | AllowOverride None | ||
+ | </ | ||
+ | < | ||
+ | Options Indexes FollowSymLinks MultiViews | ||
+ | AllowOverride All | ||
+ | Order allow,deny | ||
+ | allow from all | ||
+ | # This directive allows us to have apache2' | ||
+ | # in / | ||
+ | # Commented out for Ubuntu | ||
+ | # | ||
+ | </ | ||
+ | | ||
+ | ScriptAlias /cgi-bin/ / | ||
+ | < | ||
+ | AllowOverride AuthConfig | ||
+ | Options ExecCGI -MultiViews +SymLinksIfOwnerMatch | ||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </ | ||
+ | | ||
+ | ErrorLog / | ||
+ | | ||
+ | # Possible values include: debug, info, notice, warn, error, crit, | ||
+ | # alert, emerg. | ||
+ | LogLevel warn | ||
+ | | ||
+ | CustomLog / | ||
+ | ServerSignature On | ||
+ | | ||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | | ||
+ | SetEnvIf User-Agent " | ||
+ | </ | ||
+ | |||
+ | Edition du fichier ports.conf afin de vérifier que le port 443 y figure (ce qui devrait être le cas) : | ||
+ | vi / | ||
+ | |||
+ | et on ajoute la ligne (si besoin) | ||
+ | listen 443 | ||
+ | |||
+ | Activation du virtualhost : | ||
+ | a2ensite ssl | ||
+ | |||
+ | Génération des certificats : | ||
+ | |||
+ | On édite la configuration de ssl pour pouvoir signer des certificats sur 10 ans, au lieu d’1 an par défaut (comme çà, on est tranquille plus longtemps) : | ||
+ | vi / | ||
+ | |||
+ | on change la ligne default_days en | ||
+ | default_days | ||
+ | |||
+ | Création du Certificat Racine : | ||
+ | cd ~ | ||
+ | mkdir CERT | ||
+ | / | ||
+ | |||
+ | Entrez les paramètres requis et choississez un pass phrase laissez " | ||
+ | |||
+ | CA certificate filename (or enter to create) | ||
+ | | ||
+ | Making CA certificate ... | ||
+ | Generating a 1024 bit RSA private key | ||
+ | ....... | ||
+ | ......................................... | ||
+ | writing new private key to ' | ||
+ | Enter PEM pass phrase: | ||
+ | Verifying - Enter PEM pass phrase: | ||
+ | | ||
+ | You are about to be asked to enter information that will be incorporated | ||
+ | into your certificate request. | ||
+ | What you are about to enter is what is called a Distinguished Name or a DN. | ||
+ | There are quite a few fields but you can leave some blank | ||
+ | For some fields there will be a default value, | ||
+ | If you enter ' | ||
+ | | ||
+ | Country Name (2 letter code) [AU]:FR | ||
+ | State or Province Name (full name) [Some-State]: | ||
+ | Locality Name (eg, city) []:Brest | ||
+ | Organization Name (eg, company) [Internet Widgits Pty Ltd]: | ||
+ | Organizational Unit Name (eg, section) []: | ||
+ | Common Name (eg, YOUR name) []: | ||
+ | Email Address []: | ||
+ | | ||
+ | Please enter the following ' | ||
+ | to be sent with your certificate request | ||
+ | A challenge password []: | ||
+ | An optional company name []: | ||
+ | Using configuration from / | ||
+ | Enter pass phrase for ./ | ||
+ | Check that the request matches the signature | ||
+ | Signature ok | ||
+ | Certificate Details: | ||
+ | // | ||
+ | Data Base Updated | ||
+ | |||
+ | Création d'une clé privée pour le serveur et d' | ||
+ | |||
+ | Il est important de créer un certificat avec le même nom que celui utilisé pour la connexion (ex : si on se connecte au serveur web par www.mdl29.net, | ||
+ | |||
+ | Création d'un certificat public non signé et une clé, puis signature avec le CA : | ||
+ | cd ~/CERT | ||
+ | openssl req -new -nodes -keyout mdl29-key-www.pem -out mdl29-req-www.pem -days 3650 | ||
+ | |||
+ | On entre les informations en prenant soin de bien spécifier le Common Name en www.mdl29.net. Il faut également mettre les mêmes informations entrées dans le CA plus tôt. | ||
+ | cd ~ | ||
+ | openssl ca -out CERT/ | ||
+ | cd CERT/ | ||
+ | cat mdl29-key-www.pem mdl29-cert-www.pem > | ||
+ | mkdir / | ||
+ | cp mdl29-certkey-www.pem / | ||
+ | chmod 600 / | ||
+ | |||
+ | On redémarre Apache : | ||
+ | / | ||
+ | |||
+ | On peut vérifier la connexion en ssl sur l' | ||
+ | |||
+ | =====Installation et paramétrage de roundcube===== | ||
+ | |||
+ | installation de roundcube : | ||
+ | |||
+ | aptitude install php5-ldap | ||
+ | on redémarre apache : | ||
+ | / | ||
+ | (voir si cette partie est nécessaire car pas de connexion ldap avec roundcube) | ||
+ | |||
+ | sous lenny, il n'y a pas de paquet pour roundcube, nous allons récupérer la dernière version (0.3.1) : | ||
+ | |||
+ | cd /var/www | ||
+ | wget http:// | ||
+ | tar -xzvf roundcubemail-0.3.1.tar.gz | ||
+ | |||
+ | |||
+ | L' | ||
+ | |||
+ | On renomme le répertoire (histoire de rendre plus facile l' | ||
+ | mv roundcubemail-0.3.1 roundcube | ||
+ | |||
+ | paramétrage de roundcube : | ||
+ | |||
+ | cd / | ||
+ | mv db.inc.php.dist db.inc.php | ||
+ | mv main.inc.php.dist main.inc.php | ||
+ | |||
+ | On créé la base et l' | ||
+ | mysql -u root -p | ||
+ | create database roundcube; | ||
+ | GRANT SELECT, INSERT, UPDATE, DELETE ON roundcube.* TO ' | ||
+ | FLUSH PRIVILEGES; | ||
+ | quit | ||
+ | (remplacer les '* * * * *' par votre mot de passe) | ||
+ | |||
+ | On importe la base de données : | ||
+ | mysql -u root -p roundcube < ../ | ||
+ | |||
+ | |||
+ | Il faut adapter les fichiers de configuration (/ | ||
+ | |||
+ | db.inc.php : il faut modifier le fichier en indiquant le mot de passe choisi pour l' | ||
+ | vi / | ||
+ | et modifier la ligne : | ||
+ | $rcmail_config[' | ||
+ | en remplaçant pass par le password choisi plus haut (attention à la modification de la fin de la ligne aussi). | ||
+ | |||
+ | main.inc.php : | ||
+ | ce fichier contient beaucoup de commentaire qui explique chaque paramètre. En voici un fonctionnel (purgé des commentaires pour une lecture plus facile sur la doc) : | ||
+ | |||
+ | <?php | ||
+ | | ||
+ | /* | ||
+ | | ||
+ | | Main configuration file | | ||
+ | | ||
+ | | This file is part of the RoundCube Webmail client | ||
+ | | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | ||
+ | | Licensed under the GNU GPL | | ||
+ | | ||
+ | | ||
+ | | ||
+ | */ | ||
+ | $rcmail_config = array(); | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | $rcmail_config[' | ||
+ | ?> | ||
+ | |||
+ | enfin il reste à faire : | ||
+ | chown -R www-data: | ||
+ | |||
+ | Il ne reste plus qu'à tester la connexion avec roundcube sur https:// | ||
+ | |||
+ | =====Récupération du carnet d' | ||
+ | |||
+ | il faut installer le paquet 2vcard. | ||
+ | |||
+ | Puis exporter le carnet d' | ||
+ | |||
+ | Ensuite dans un terminal : | ||
+ | 2vcard -f ldif -i fichier.ldif -o fichier.vcard | ||
+ | (en remplaçant fichier par le nom du fichier) | ||
+ | |||
+ | Il ne reste plus qu'à importer le carnet d' | ||
braveo/docinstallroundcube_lenny.txt · Dernière modification : 2024/04/16 22:20 de 127.0.0.1