Differences

This shows you the differences between two versions of the page.

--- web_интерфейс_к_почте [2023/03/03 13:08]
val [roundcube]
+++ web_интерфейс_к_почте [2025/03/12 06:31] (current)
val [Дополнительные материалы]
@@ Line 3: / Line 3: @@
 ===== Web интерфейс к протоколу imap4 =====
-==== roundcube ====
+==== Roundcube ====
   * [[https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.php|roundcubemail/config/defaults.inc.php]]
@@ Line 21: / Line 21: @@
 $config['default_host'] = 'localhost';
 $rcmail_config['mail_domain'] = 'corpX.un';
+...
+//https://treeone.ru/roundcube-smtp-error-code-1-connection-failed-after-upgrade-debian/
+//or add port 587 to mta
+$config['smtp_server'] = 'localhost:25';
 ...
 </code><code>
@@ Line 50: / Line 54: @@
   'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
-  'base_dn'       => 'ou=People,dc=corpX,dc=un',
+//  'base_dn'       => 'ou=People,dc=corpX,dc=un',
-////  'base_dn'       => 'cn=Users,dc=corpX,dc=un',
+  'base_dn'       => 'cn=Users,dc=corpX,dc=un',
 //  'base_dn'       => 'dc=corpX,dc=un',
-//  'bind_dn'       => 'cn=Administrator,cn=Users,dc=corpX,dc=un',
+  'bind_dn'       => 'cn=Administrator,cn=Users,dc=corpX,dc=un',
-//  'bind_pass'     => 'Pa$$w0rd',
+  'bind_pass'     => 'Pa$$w0rd',
   'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
@@ Line 104: / Line 108: @@
 </code>
-=== OAuth2 аутентификация ===
+=== OpenID аутентификация ===
   * [[https://goauthentik.io/integrations/services/roundcube/|This integration describes how to use Roundcube's oauth support with authentik to automatically sign into an email account]]
   * [[https://github-wiki-see.page/m/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2 - roundcube/roundcubemail Wiki]]
   * [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]]
+  * [[https://www.roundcubeforum.net/index.php?topic=29984.0|[SOLVED] Keycloak and Roundcube problem]]
+<code>
+debian12# cat /var/lib/roundcube/config/config.inc.php
+</code><code>
+...
+$config['oauth_provider'] = 'generic';
+$config['oauth_provider_name'] = 'Keycloak corp13';
+$config['oauth_client_id'] = "any-client";
+$config['oauth_client_secret'] = "anystring";
+$config['oauth_auth_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/auth";
+$config['oauth_token_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token";
+$config['oauth_identity_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo";
+$config['oauth_verify_peer'] = false;
+$config['oauth_scope'] = "email profile openid";
+$config['oauth_auth_parameters'] = [];
+$config['oauth_identity_fields'] = ['preferred_username'];
+$config['oauth_login_redirect'] = false;
+$config['login_password_maxlen'] = 4096;
+</code><code>
+debian12# cat /usr/share/roundcube/program/include/rcmail_oauth.php
+</code><code>
+...
+         //$oauth_token_uri     = $this->options['token_uri'];
+         //$oauth_client_id     = $this->options['client_id'];
+         //$oauth_client_secret = $this->options['client_secret'];
+         //$oauth_identity_uri  = $this->options['identity_uri'];
+       $oauth_token_uri     = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token";
+       $oauth_client_id     = "any-client";
+       $oauth_client_secret = "anystring";
+       $oauth_identity_uri  = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo";
+...
+</code>
+  * Сервер dovecot [[Сервер dovecot#OAuth аутентификация]]
 ===== Дополнительные материалы =====
+==== В новой версии roundcube может понадобиться ====
+<code>
+. права доступа к директории /var/lib/roundcube:
+chown -R www-data:www-data /var/lib/roundcube
+chmod -R 755 /var/lib/roundcube
+. в конфигурационном файле `/etc/apache2/conf-enabled/roundcube.conf` добавить
+Alias /mail /var/lib/roundcube
+<Directory /var/lib/roundcube>
+    Options Indexes FollowSymLinks MultiViews
+    AllowOverride All
+    Require all granted
+</Directory>
+. проверить, что модуль Apache `mod_alias` включен:
+sudo a2enmod alias
+. Проверить в /etc/apache2/apache2.conf наличие правил для `/var/lib/roundcube`.
+<Directory /var/lib/roundcube>
+    Options Indexes FollowSymLinks
+    AllowOverride None
+    Require all granted
+</Directory>
+. systemctl restart apache2
+</code>
 ==== squirrelmail ====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools