|
0
|
1 INTRODUCTION
|
|
|
2 ============
|
|
|
3
|
|
|
4 This file describes the basic steps to install Roundcube Webmail on your
|
|
|
5 web server. For additional information, please also consult the project's
|
|
|
6 wiki page at https://github.com/roundcube/roundcubemail/wiki
|
|
|
7
|
|
|
8
|
|
|
9 REQUIREMENTS
|
|
|
10 ============
|
|
|
11
|
|
|
12 * An IMAP, HTTP and SMTP server
|
|
|
13 * .htaccess support allowing overrides for DirectoryIndex
|
|
|
14 * PHP Version 5.4 or greater including:
|
|
|
15 - PCRE, DOM, JSON, Session, Sockets, OpenSSL, Mbstring (required)
|
|
|
16 - PHP PDO with driver for either MySQL, PostgreSQL, SQL Server, Oracle or SQLite (required)
|
|
|
17 - Iconv, Zip, Fileinfo, Intl, Exif (recommended)
|
|
|
18 - LDAP for LDAP addressbook support (optional)
|
|
|
19 - GD, Imagick (optional thumbnails generation, QR-code)
|
|
|
20 * PEAR and PEAR packages distributed with Roundcube or external:
|
|
|
21 - Mail_Mime 1.10.0 or newer
|
|
|
22 - Net_SMTP 1.7.1 or newer
|
|
|
23 - Net_Socket 1.0.12 or newer
|
|
|
24 - Net_IDNA2 0.1.1 or newer
|
|
|
25 - Auth_SASL 1.0.6 or newer
|
|
|
26 - Net_Sieve 1.3.2 or newer (for managesieve plugin)
|
|
|
27 - Crypt_GPG 1.6.0 or newer (for enigma plugin)
|
|
|
28 - Endroid/QrCode 1.6.0 or newer (https://github.com/endroid/QrCode)
|
|
|
29 * php.ini options (see .htaccess file):
|
|
|
30 - error_reporting E_ALL & ~E_NOTICE & ~E_STRICT
|
|
|
31 - memory_limit > 16MB (increase as suitable to support large attachments)
|
|
|
32 - file_uploads enabled (for attachment upload features)
|
|
|
33 - session.auto_start disabled
|
|
|
34 - suhosin.session.encrypt disabled
|
|
|
35 - mbstring.func_overload disabled
|
|
|
36 * A MySQL, PostgreSQL, MS SQL Server (2005 or newer), Oracle database
|
|
|
37 or SQLite support in PHP - with permission to create tables
|
|
|
38 * Composer installed either locally or globally (https://getcomposer.org)
|
|
|
39
|
|
|
40
|
|
|
41 INSTALLATION
|
|
|
42 ============
|
|
|
43
|
|
|
44 1. Decompress and put this folder somewhere inside your document root
|
|
|
45 2. In case you don't use the so-called "complete" release package,
|
|
|
46 you have to install PHP and javascript dependencies.
|
|
|
47 2.1. Install PHP dependencies using composer:
|
|
|
48 - get composer from https://getcomposer.org/download/
|
|
|
49 - rename the composer.json-dist file into composer.json
|
|
|
50 - if you want to use LDAP address books, enable the LDAP libraries in your
|
|
|
51 composer.json file by moving the items from "suggest" to the "require"
|
|
|
52 section (remove the explanation texts after the version!).
|
|
|
53 - run `php composer.phar install --no-dev`
|
|
|
54 2.2. Install Javascript dependencies by executing `bin/install-jsdeps.sh` script.
|
|
|
55 3. Make sure that the following directories (and the files within)
|
|
|
56 are writable by the webserver
|
|
|
57 - /temp
|
|
|
58 - /logs
|
|
|
59 4. Create a new database and a database user for Roundcube (see DATABASE SETUP)
|
|
|
60 5. Point your browser to http://url-to-roundcube/installer/
|
|
|
61 6. Follow the instructions of the install script (or see MANUAL CONFIGURATION)
|
|
|
62 7. After creating and testing the configuration, remove the installer directory
|
|
|
63 8. Check Known Issues section of this file
|
|
|
64
|
|
|
65
|
|
|
66 CONFIGURATION HINTS
|
|
|
67 ===================
|
|
|
68
|
|
|
69 IMPORTANT! Read all comments in defaults.inc.php, understand them
|
|
|
70 and configure your installation to be not surprised by default behaviour.
|
|
|
71
|
|
|
72 Roundcube writes internal errors to the 'errors' log file located in the logs
|
|
|
73 directory which can be configured in config/config.inc.php. If you want ordinary
|
|
|
74 PHP errors to be logged there as well, enable the 'php_value error_log' line
|
|
|
75 in the .htaccess file and set the path to the log file accordingly.
|
|
|
76
|
|
|
77 By default the session_path settings of PHP are not modified by Roundcube.
|
|
|
78 However if you want to limit the session cookies to the directory where
|
|
|
79 Roundcube resides you can uncomment and configure the according line
|
|
|
80 in the .htaccess file.
|
|
|
81
|
|
|
82
|
|
|
83 DATABASE SETUP
|
|
|
84 ==============
|
|
|
85
|
|
|
86 Note: Database for Roundcube must use UTF-8 character set.
|
|
|
87 Note: See defaults.inc.php file for examples of DSN configuration.
|
|
|
88
|
|
|
89 * MySQL
|
|
|
90 -------
|
|
|
91 Setting up the mysql database can be done by creating an empty database,
|
|
|
92 importing the table layout and granting the proper permissions to the
|
|
|
93 roundcube user. Here is an example of that procedure:
|
|
|
94
|
|
|
95 # mysql
|
|
|
96 > CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE utf8_general_ci */;
|
|
|
97 > GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost
|
|
|
98 IDENTIFIED BY 'password';
|
|
|
99 > quit
|
|
|
100
|
|
|
101 # mysql roundcubemail < SQL/mysql.initial.sql
|
|
|
102
|
|
|
103 Note 1: 'password' is the master password for the roundcube user. It is strongly
|
|
|
104 recommended you replace this with a more secure password. Please keep in
|
|
|
105 mind: You need to specify this password later in 'config/db.inc.php'.
|
|
|
106
|
|
|
107
|
|
|
108 * SQLite
|
|
|
109 --------
|
|
|
110 Versions of sqlite database engine older than 3 aren't supported.
|
|
|
111 Database file and structure is created automatically by Roundcube.
|
|
|
112 Make sure your configuration points to some file location and that the
|
|
|
113 webserver can write to the file and the directory containing the file.
|
|
|
114
|
|
|
115
|
|
|
116 * PostgreSQL
|
|
|
117 ------------
|
|
|
118 To use Roundcube with PostgreSQL support you have to follow these
|
|
|
119 simple steps, which have to be done as the postgres system user (or
|
|
|
120 which ever is the database superuser):
|
|
|
121
|
|
|
122 $ createuser -P roundcube
|
|
|
123 $ createdb -O roundcube -E UNICODE roundcubemail
|
|
|
124 $ psql -U roundcube -f SQL/postgres.initial.sql roundcubemail
|
|
|
125
|
|
|
126 Note: in some system configurations you might need to add '-U postgres' to
|
|
|
127 createuser and createdb commands.
|
|
|
128
|
|
|
129
|
|
|
130 * Microsoft SQL Server
|
|
|
131 ----------------------
|
|
|
132 Language/locale of the database must be set to us_english (1033). More info
|
|
|
133 on this at https://github.com/roundcube/roundcubemail/issues/4078.
|
|
|
134
|
|
|
135
|
|
|
136 Database cleaning
|
|
|
137 -----------------
|
|
|
138 To keep your database slick and clean we recommend to periodically execute
|
|
|
139 bin/cleandb.sh which finally removes all records that are marked as deleted.
|
|
|
140 Best solution is to install a cronjob running this script daily.
|
|
|
141
|
|
|
142
|
|
|
143 MANUAL CONFIGURATION
|
|
|
144 ====================
|
|
|
145
|
|
|
146 First of all, copy the sample configuration file config/config.inc.php.sample
|
|
|
147 to config/config.inc.php and make the necessary adjustments according to your
|
|
|
148 environment and your needs. More configuration options can be copied from the
|
|
|
149 config/defaults.inc.php file into your local config.inc.php file as needed.
|
|
|
150 Read the comments above the individual configuration options to find out what
|
|
|
151 they do or read https://github.com/roundcube/roundcubemail/wiki/Installation
|
|
|
152 for even more guidance.
|
|
|
153
|
|
|
154 You can also modify the default .htaccess file. This is necessary to
|
|
|
155 increase the allowed size of file attachments, for example:
|
|
|
156
|
|
|
157 php_value upload_max_filesize 5M
|
|
|
158 php_value post_max_size 6M
|
|
|
159
|
|
|
160
|
|
|
161 SECURE YOUR INSTALLATION
|
|
|
162 ========================
|
|
|
163
|
|
|
164 Access through the webserver to the following directories should be denied:
|
|
|
165
|
|
|
166 /config
|
|
|
167 /temp
|
|
|
168 /logs
|
|
|
169
|
|
|
170 Roundcube uses .htaccess files to protect these directories, so be sure to
|
|
|
171 allow override of the Limit directives to get them taken into account. The
|
|
|
172 package also ships a .htaccess file in the root directory which defines some
|
|
|
173 rewrite rules. In order to properly secure your installation, please enable
|
|
|
174 mod_rewrite for Apache webserver and double check access to the above listed
|
|
|
175 directories and their contents is denied.
|
|
|
176
|
|
|
177 NOTE: In Apache 2.4, support for .htaccess files has been disabled by
|
|
|
178 default. Therefore you first need to enable this in your Apache main or
|
|
|
179 virtual host config by with:
|
|
|
180
|
|
|
181 AllowOverride all
|
|
|
182
|
|
|
183 For non-apache web servers add equivalent configuration parameters to deny
|
|
|
184 direct access to these private resources.
|
|
|
185
|
|
|
186 It is also recommended to change the document root to <install path>/public_html
|
|
|
187 after installation if Roundcube runs at root of a dedicated virtual host. This
|
|
|
188 will automatically keep sensitive files out of reach for http requests.
|
|
|
189
|
|
|
190
|
|
|
191 UPGRADING
|
|
|
192 =========
|
|
|
193
|
|
|
194 If you already have a previous version of Roundcube installed,
|
|
|
195 please refer to the instructions in UPGRADING guide.
|
|
|
196
|
|
|
197
|
|
|
198 OPTIMISING
|
|
|
199 ==========
|
|
|
200
|
|
|
201 There are two forms of optimisation here, compression and caching, both aimed
|
|
|
202 at increasing an end user's experience using Roundcube Webmail. Compression
|
|
|
203 allows the static web pages to be delivered with less bandwidth. The index.php
|
|
|
204 of Roundcube Webmail already enables compression on its output. The settings
|
|
|
205 below allow compression to occur for all static files. Caching sets HTTP
|
|
|
206 response headers that enable a user's web client to understand what is static
|
|
|
207 and how to cache it.
|
|
|
208
|
|
|
209 The caching directives used are:
|
|
|
210 * Etags - sets at tag so the client can request is the page has changed
|
|
|
211 * Cache-control - defines the age of the page and that the page is 'public'
|
|
|
212 This enables clients to cache javascript files that don't have private
|
|
|
213 information between sessions even if using HTTPS. It also allows proxies
|
|
|
214 to share the same cached page between users.
|
|
|
215 * Expires - provides another hint to increase the lifetime of static pages.
|
|
|
216
|
|
|
217 For more information refer to RFC 2616.
|
|
|
218
|
|
|
219 Side effects:
|
|
|
220 -------------
|
|
|
221 These directives are designed for production use. If you are using this in
|
|
|
222 a development environment you may get horribly confused if your webclient
|
|
|
223 is caching stuff that you changed on the server. Disabling the expires
|
|
|
224 parts below should save you some grief.
|
|
|
225
|
|
|
226 If you are changing the skins, it is recommended that you copy content to
|
|
|
227 a different directory apart from 'default'.
|
|
|
228
|
|
|
229 Apache:
|
|
|
230 -------
|
|
|
231 To enable these features in apache the following modules need to be enabled:
|
|
|
232 * mod_deflate
|
|
|
233 * mod_expires
|
|
|
234 * mod_headers
|
|
|
235
|
|
|
236 The optimisation is already included in the .htaccess file in the top
|
|
|
237 directory of your installation.
|
|
|
238
|
|
|
239 If you are using Apache version 2.2.9 and later, in the .htaccess file
|
|
|
240 change the 'append' word to 'merge' for a more correct response. Keeping
|
|
|
241 as 'append' shouldn't cause any problems though changing to merge will
|
|
|
242 eliminate the possibility of duplicate 'public' headers in Cache-control.
|
|
|
243
|
|
|
244 Lighttpd:
|
|
|
245 ---------
|
|
|
246 With Lightty the addition of Expire: tags by mod_expire is incompatible with
|
|
|
247 the addition of "Cache-control: public". Using Cache-control 'public' is
|
|
|
248 used below as it is assumed to give a better caching result.
|
|
|
249
|
|
|
250 Enable modules in server.modules:
|
|
|
251 "mod_setenv"
|
|
|
252 "mod_compress"
|
|
|
253
|
|
|
254 Mod_compress is a server side cache of compressed files to improve its performance.
|
|
|
255
|
|
|
256 $HTTP["host"] == "www.example.com" {
|
|
|
257
|
|
|
258 static-file.etags = "enable"
|
|
|
259 # http://redmine.lighttpd.net/projects/lighttpd/wiki/Etag.use-mtimeDetails
|
|
|
260 etag.use-mtime = "enable"
|
|
|
261
|
|
|
262 # http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModSetEnv
|
|
|
263 $HTTP["url"] =~ "^/roundcubemail/(plugins|skins|program)" {
|
|
|
264 setenv.add-response-header = ( "Cache-Control" => "public, max-age=2592000")
|
|
|
265 }
|
|
|
266
|
|
|
267 # http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModCompress
|
|
|
268 # set compress.cache-dir to somewhere outside the docroot.
|
|
|
269 compress.cache-dir = var.statedir + "/cache/compress"
|
|
|
270
|
|
|
271 compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css", "text/xml", "image/gif", "image/png")
|
|
|
272 }
|
|
|
273
|
|
|
274
|
|
|
275 KNOWN ISSUES
|
|
|
276 ============
|
|
|
277
|
|
|
278 Installations with uw-imap server should set imap_disabled_caps = array('ESEARCH')
|
|
|
279 in main configuration file. ESEARCH implementation in this server is broken (#1489184).
|
