User Tools
web_интерфейс_к_почте
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
web_интерфейс_к_почте [2023/03/03 13:08] val [roundcube] |
web_интерфейс_к_почте [2025/10/26 08:14] (current) val |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Web интерфейс к протоколу imap4 ===== | ===== Web интерфейс к протоколу imap4 ===== | ||
| - | ==== roundcube ==== | + | ==== Roundcube ==== |
| * [[https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.php|roundcubemail/config/defaults.inc.php]] | * [[https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.php|roundcubemail/config/defaults.inc.php]] | ||
| Line 21: | Line 21: | ||
| $config['default_host'] = 'localhost'; | $config['default_host'] = 'localhost'; | ||
| $rcmail_config['mail_domain'] = 'corpX.un'; | $rcmail_config['mail_domain'] = 'corpX.un'; | ||
| + | ... | ||
| + | //https://treeone.ru/roundcube-smtp-error-code-1-connection-failed-after-upgrade-debian/ | ||
| + | //or add port 587 to mta | ||
| + | $config['smtp_server'] = 'localhost:25'; | ||
| ... | ... | ||
| </code><code> | </code><code> | ||
| Line 50: | Line 54: | ||
| 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. | 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. | ||
| - | 'base_dn' => 'ou=People,dc=corpX,dc=un', | + | // 'base_dn' => 'ou=People,dc=corpX,dc=un', |
| - | //// 'base_dn' => 'cn=Users,dc=corpX,dc=un', | + | 'base_dn' => 'cn=Users,dc=corpX,dc=un', |
| // 'base_dn' => 'dc=corpX,dc=un', | // 'base_dn' => 'dc=corpX,dc=un', | ||
| - | // 'bind_dn' => 'cn=Administrator,cn=Users,dc=corpX,dc=un', | + | 'bind_dn' => 'cn=Administrator,cn=Users,dc=corpX,dc=un', |
| - | // 'bind_pass' => 'Pa$$w0rd', | + | 'bind_pass' => 'Pa$$w0rd', |
| 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' | 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' | ||
| Line 104: | Line 108: | ||
| </code> | </code> | ||
| - | === OAuth2 аутентификация === | + | === OpenID аутентификация === |
| * [[https://goauthentik.io/integrations/services/roundcube/|This integration describes how to use Roundcube's oauth support with authentik to automatically sign into an email account]] | * [[https://goauthentik.io/integrations/services/roundcube/|This integration describes how to use Roundcube's oauth support with authentik to automatically sign into an email account]] | ||
| * [[https://github-wiki-see.page/m/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2 - roundcube/roundcubemail Wiki]] | * [[https://github-wiki-see.page/m/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2 - roundcube/roundcubemail Wiki]] | ||
| * [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]] | * [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]] | ||
| + | * [[https://www.roundcubeforum.net/index.php?topic=29984.0|[SOLVED] Keycloak and Roundcube problem]] | ||
| + | |||
| + | <code> | ||
| + | debian12# cat /var/lib/roundcube/config/config.inc.php | ||
| + | </code><code> | ||
| + | ... | ||
| + | $config['oauth_provider'] = 'generic'; | ||
| + | $config['oauth_provider_name'] = 'Keycloak corp13'; | ||
| + | $config['oauth_client_id'] = "any-client"; | ||
| + | $config['oauth_client_secret'] = "anystring"; | ||
| + | $config['oauth_auth_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/auth"; | ||
| + | $config['oauth_token_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token"; | ||
| + | $config['oauth_identity_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo"; | ||
| + | $config['oauth_verify_peer'] = false; | ||
| + | $config['oauth_scope'] = "email profile openid"; | ||
| + | $config['oauth_auth_parameters'] = []; | ||
| + | $config['oauth_identity_fields'] = ['preferred_username']; | ||
| + | $config['oauth_login_redirect'] = false; | ||
| + | $config['login_password_maxlen'] = 4096; | ||
| + | </code><code> | ||
| + | debian12# cat /usr/share/roundcube/program/include/rcmail_oauth.php | ||
| + | </code><code> | ||
| + | ... | ||
| + | //$oauth_token_uri = $this->options['token_uri']; | ||
| + | //$oauth_client_id = $this->options['client_id']; | ||
| + | //$oauth_client_secret = $this->options['client_secret']; | ||
| + | //$oauth_identity_uri = $this->options['identity_uri']; | ||
| + | |||
| + | $oauth_token_uri = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token"; | ||
| + | $oauth_client_id = "any-client"; | ||
| + | $oauth_client_secret = "anystring"; | ||
| + | $oauth_identity_uri = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo"; | ||
| + | ... | ||
| + | </code> | ||
| + | |||
| + | * Сервер dovecot [[Сервер dovecot#OAuth аутентификация]] | ||
| + | |||
| + | === Roundcube PGP Enigma === | ||
| + | <code> | ||
| + | # apt install roundcube-plugins php-crypt-gpg | ||
| + | |||
| + | # find /var/lib/roundcube/plugins/enigma/ | ||
| + | |||
| + | # cat /var/lib/roundcube/config/config.inc.php | ||
| + | ... | ||
| + | $config['plugins'] = array( | ||
| + | 'enigma' | ||
| + | ); | ||
| + | $config['enigma_pgp_homedir']='/tmp/' ??? | ||
| + | ... | ||
| + | |||
| + | # tail -f /var/log/roundcube/errors.log | ||
| + | |||
| + | |||
| + | # gpg --output public.pgp --armor --export user1@corp13.un | ||
| + | |||
| + | # gpg --output private.pgp --armor --export-secret-key user1@corp13.un | ||
| + | |||
| + | # cat public.pgp private.pgp > /disk2/samba/user1.pubpriv | ||
| + | </code> | ||
| ===== Дополнительные материалы ===== | ===== Дополнительные материалы ===== | ||
| + | ==== В новой версии roundcube может понадобиться ==== | ||
| + | <code> | ||
| + | 1. права доступа к директории /var/lib/roundcube: | ||
| + | |||
| + | chown -R www-data:www-data /var/lib/roundcube | ||
| + | chmod -R 755 /var/lib/roundcube | ||
| + | |||
| + | |||
| + | 2. в конфигурационном файле `/etc/apache2/conf-enabled/roundcube.conf` добавить | ||
| + | Alias /mail /var/lib/roundcube | ||
| + | |||
| + | <Directory /var/lib/roundcube> | ||
| + | Options Indexes FollowSymLinks MultiViews | ||
| + | AllowOverride All | ||
| + | Require all granted | ||
| + | </Directory> | ||
| + | |||
| + | 3. проверить, что модуль Apache `mod_alias` включен: | ||
| + | sudo a2enmod alias | ||
| + | |||
| + | 4. Проверить в /etc/apache2/apache2.conf наличие правил для `/var/lib/roundcube`. | ||
| + | |||
| + | <Directory /var/lib/roundcube> | ||
| + | Options Indexes FollowSymLinks | ||
| + | AllowOverride None | ||
| + | Require all granted | ||
| + | </Directory> | ||
| + | |||
| + | 5. systemctl restart apache2 | ||
| + | </code> | ||
| ==== squirrelmail ==== | ==== squirrelmail ==== | ||
web_интерфейс_к_почте.1677838130.txt.gz · Last modified: 2023/03/03 13:08 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
