Ubuntu: Groupware with SOGo

From ReceptiveIT
Jump to: navigation, search

Installation

sources.list

deb http://inverse.ca/ubuntu precise precise
apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4
apt-get update
apt-get install sope4.9-gdl1-postgresql postgresql sogo memcached

Server Configuration

SOGo

possible tmpreaper config changes

vi /etc/tmpreaper.conf
SHOWWARNING=false

opensogo configuration

su - sogo
defaults write sogod SOGoMailDomain "acme.com"
defaults write sogod SOGoTimeZone "Australia/Sydney"
defaults write sogod SOGoLanguage English 
defaults write sogod SOGoAppointmentSendEMailNotifications YES 
defaults write sogod SOGoFoldersSendEMailNotifications YES 
defaults write sogod SOGoACLsSendEMailNotifications YES
defaults write sogod SOGoMailingMechanism smtp
defaults write sogod SOGoSMTPServer localhost
defaults write sogod SOGoSieveServer sieve://localhost:2000
defaults write sogod SOGoDraftsFolderName INBOX/Drafts
defaults write sogod SOGoSentFolderName INBOX/Sent
defaults write sogod SOGoTrashFolderName INBOX/Trash
defaults write sogod SOGoIMAPServer localhost
defaults write sogod SOGoVacationEnabled YES
defaults write sogod SOGoForwardEnabled YES
defaults write sogod SOGoSieveScriptsEnabled YES
defaults write sogod SOGoEnableEMailAlarms YES
exit

Apache

<VirtualHost *:443>
   ServerAdmin [email protected]

   DocumentRoot /var/www/https
   <Directory />
           Options FollowSymLinks
           AllowOverride None
   </Directory>
   <Directory /var/www/https/>
           Options Indexes FollowSymLinks MultiViews
           AllowOverride None
           Order allow,deny
           allow from all
   </Directory>

   SSLEngine on
   SSLCertificateFile /etc/apache2/certs/ssl-cert-mail.pem
   SSLCertificateKeyFile /etc/apache2/certs/ssl-cert-mail.key

   Alias /SOGo.woa/WebServerResources/ \
       /usr/lib/GNUstep/SOGo/WebServerResources/
   Alias /SOGo/WebServerResources/ \
       /usr/lib/GNUstep/SOGo/WebServerResources/
   AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \
       /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2

   <Directory /usr/lib/GNUstep/SOGo/>
       AllowOverride None
       Order deny,allow
       Allow from all
   </Directory>

   <LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
     SetHandler default-handler
   </LocationMatch>

   ## Uncomment the following to enable proxy-side authentication, you will then
   ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
   ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
   ## below.
   #<Location /SOGo>
   #  AuthType XXX
   #  Require valid-user
   #  SetEnv proxy-nokeepalive 1
   #  Allow from all
   #</Location>

   ProxyRequests Off
   SetEnv proxy-nokeepalive 1
   ProxyPreserveHost On

   # When using CAS, you should uncomment this and install cas-proxy-validate.py
   # in /usr/lib/cgi-bin to reduce server overloading
   #
   # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
   # <Proxy http://localhost/app/cas-proxy-validate.py>
   #   Order deny,allow
   #   Allow from your-cas-host-addr
   # </Proxy>

   ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0

   <Proxy http://127.0.0.1:20000/SOGo>
   ## adjust the following to your configuration
     RequestHeader set "x-webobjects-server-port" "443"
     RequestHeader set "x-webobjects-server-name" "yourhostname"
     RequestHeader set "x-webobjects-server-url" "https://yourhostname"

   ## When using proxy-side autentication, you need to uncomment and
   ## adjust the following line:
   #  RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"

     RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
     RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST

     AddDefaultCharset UTF-8

     Order allow,deny
     Allow from all
   </Proxy>

   ## We use mod_rewrite to pass remote address to the SOGo proxy.
   # The remote address will appear in SOGo's log files and in the X-Forward
   # header of emails.
   RewriteEngine On
   RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]

   ErrorLog /var/log/apache2/sogo-error.log
   CustomLog /var/log/apache2/sogo-access.log combined
</VirtualHost>

<VirtualHost *:8843>
   SSLEngine on
   SSLCertificateFile /etc/apache2/certs/ssl-cert-mail.pem
   SSLCertificateKeyFile /etc/apache2/certs/ssl-cert-mail.key
   
   RewriteEngine Off
   ProxyRequests Off
   SetEnv proxy-nokeepalive 1
   ProxyPreserveHost On
   ProxyPassInterpolateEnv On
   ProxyPass /principals http://127.0.0.1:20000/SOGo/dav/ interpolate
   ProxyPass /SOGo http://127.0.0.1:20000/SOGo interpolate
   ProxyPass / http://127.0.0.1:20000/SOGo/dav/ interpolate

   <Location />
       Order allow,deny
       Allow from all
   </Location>

   <Proxy http://127.0.0.1:20000>
       RequestHeader set "x-webobjects-server-port" "8843"
       RequestHeader set "x-webobjects-server-name" "www.domain.com.au:8843"
       RequestHeader set "x-webobjects-server-url" "https://www.domain.com.au:8843"
       RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
       RequestHeader set "x-webobjects-remote-host" "127.0.0.1"
       AddDefaultCharset UTF-8
   </Proxy>

   ErrorLog /var/log/apache2/ab-error.log
   CustomLog /var/log/apache2/ab-access.log combined
</VirtualHost>
a2enmod proxy proxy_http headers rewrite
/etc/init.d/apache2 restart

Postgres

su - postgres
createuser --no-superuser --no-createdb --no-createrole --encrypted --pwprompt sogo
(specify “sogo” as password)
createdb -O sogo sogo

pg_hba.conf

host    sogo        sogo        127.0.0.1/32          md5

sogo conf

su - sogo
defaults write sogod SOGoProfileURL 'postgresql://sogo:[email protected]:5432/sogo/sogo_user_profile'
defaults write sogod OCSFolderInfoURL 'postgresql://sogo:[email protected]:5432/sogo/sogo_folder_info'
defaults write sogod OCSSessionsFolderURL 'postgresql://sogo:[email protected]:5432/sogo/sogo_sessions_folder'
defaults write sogod OCSEMailAlarmsFolderURL 'postgresql://sogo:[email protected]:5432/sogo/sogo_alarms_folder'

LDAP

su - sogo
defaults write sogod SOGoUserSources '({CNFieldName = cn;
IDFieldName = uid; UIDFieldName = uid; IMAPHostFieldName = mailHost; 
baseDN = "ou=users,dc=acme,dc=com"; bindDN = "uid=sogo,ou=users,dc=acme,dc=com"; 
bindPassword = qwerty; canAuthenticate = YES; displayName ="Shared Addresses"; 
hostname = "localhost"; id = public; isAddressBook = YES; port=389})'

Email alerts

cron.d/sogo

* * * * * sogo /usr/sbin/sogo-ealarms-notify

SOGo Integrator

chrome/content/extensions.rdf

<?xml version="1.0"?>
<!DOCTYPE RDF>
<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 xmlns:isi="http://inverse.ca/sogo-integrator/"
 xmlns:em="http://www.mozilla.org/2004/em-rdf#"
 xmlns:NC="http://home.netscape.com/NC-rdf#">
 <Seq about="http://inverse.ca/sogo-integrator/extensions"
   isi:updateURL="https://mail.domain.com.au/plugins/updates.php?plugin=%ITEM_ID%&version=%ITEM_VERSION%&platform=%PLATFORM%">
  • <Description em:id="[email protected]" em:name="SOGo Integrator"/>
  • <Description em:id="[email protected]" em:name="SOGo Connector"/>
  • <Description em:id="{e2fda1a4-762b-4020-b5ad-a41df1933103}" em:name="Lightning"/>
  • <Description em:id="[email protected]" em:name="English Australia Dictionary"/>
  • <Description em:id="[email protected]" em:name="LookOut"/>
  •  </Seq>
    </RDF>
    

    Funambol

    Funambol is basically a sync service that uses SyncML.

    sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner"
    sudo apt-get update
    sudo apt-get install sun-java6-jdk
    

    Postgres

    su - postgres
    createuser --no-superuser --no-createdb --no-createrole --encrypted --pwprompt funambol
    Enter password for new role: 
    Enter it again: 
    createdb -O funambol funambol
    exit
    

    pg_hba.conf

    host    funambol    funambol    127.0.0.1/32          md5
    

    Installation

    Download and install v8.7 as per the SOGo documentation. You will need to agree to the license terms for the installation to continue. At the end, do not start the Funambol server.

    cd /opt
    wget http://sourceforge.net/projects/funambol/files/bundle/v87/funambol-8.7.0-x64.bin
    ./funambol-8.7.0-x64.bin
    

    We will need to install some extra libraries and the SOGo connector.

    cd /opt/Funambol/tools/tomcat/lib/
    wget http://json-simple.googlecode.com/files/json_simple-1.1.jar
    wget http://jdbc.postgresql.org/download/postgresql-9.0-801.jdbc4.jar
    cd /opt/Funambol/ds-server/modules
    wget http://www.sogo.nu/uploads/Funambol/funambol-sogo-1.0.8.s4j
    

    Apache Commons Library

    wget http://www.apache.org/dist/commons/collections/binaries/commons-collections-3.2.1-bin.zip
    unzip commons-collections-3.2.1-bin.zip
    cp -p commons-collections-3.2.1/commons-collections-3.2.1.jar /opt/Funambol/tools/tomcat/lib/
    rm -rf commons-collections-3.2.1
    
    wget http://www.apache.org/dist/commons/configuration/binaries/commons-configuration-1.6.zip
    unzip commons-configuration-1.6.zip 
    cp -p commons-configuration-1.6/commons-configuration-1.6.jar /opt/Funambol/tools/tomcat/lib/
    rm -rf commons-configuration-1.6
    
    wget http://www.apache.org/dist/commons/logging/binaries/commons-logging-1.1.1-bin.zip
    unzip commons-logging-1.1.1-bin.zip 
    cp -p commons-logging-1.1.1/commons-logging-1.1.1.jar /opt/Funambol/tools/tomcat/lib/
    rm -rf commons-logging-1.1.1
    
    wget http://www.apache.org/dist/commons/lang/binaries/commons-lang-2.6-bin.zip
    unzip commons-lang-2.6-bin.zip
    cp -p commons-lang-2.6/commons-lang-2.6.jar /opt/Funambol/tools/tomcat/lib/
    rm -rf commons-lang-2.6
    

    Config

    edit /opt/Funambol/ds-server/install.properties

    # ==============================================================================
    # Funambol Data Synchronization Server
    # ==============================================================================
    # Installation properties
    # ==============================================================================
    
    #
    # The server URI
    #
    # This parameter is optional: if empty the server will use the
    # client request uri
    #
    server-uri=
    
    # The context path to use to access SyncServer
    context-path=/funambol
    
    #
    # The DBMS name. One of:
    #   - hypersonic
    #   - postgresql
    #   - mysql
    #
    dbms=postgresql
    
    # PostgreSQL
    # ==========
    #
    jdbc.classpath=../tools/tomcat/lib/postgresql-9.0-801.jdbc4.jar
    jdbc.driver=org.postgresql.Driver
    jdbc.url=jdbc:postgresql://localhost/funambol
    jdbc.user=funambol
    jdbc.password=qwerty
    
    #
    # Modules definitions
    #
    modules-to-install=content-provider-8.7.0,email-connector-8.7.0,foundation-8.7.0,phones-support-8.7.0,webdemo-8.7.0,funambol-sogo-1.0.8
    
    cd /opt/Funambol/
    ./bin/install
    

    Administration

    /opt/Funambol/admin/bin/funamboladmin
    

    - Login - Go to Modules > sogo > FunambolSOGoConnector > SOGo SyncSource - Add a sync source for each data type

    Source URI: sogo-card
    Name: sogo-card
    Supported Type: text/x-vcard
    Database URL: jdbc:postgresql://localhost/sogo
    Database Username: sogo
    Database Password: sogo
    

    Automatic User Creation

    In the Funambol Administration tool, modify Server Settings > Officer to

    ca/inverse/sogo/security/SOGoOfficer.xml
    

    Modify /opt/Funambol/config/ca/inverse/sogo/security/SOGoOfficer.xml and make sure the correct SOGo port number is being used.

    <void property="port">
     <string>20000</string>
    </void>
    

    Client Configuration

    Calendar

    Apple iCal

    http://localhost/SOGo/dav/jdoe/