YunoHost-Apps/cypht_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cypht_ynh.git synced 2024-09-03 18:26:09 +02:00
Code Issues Activity Actions

Merge pull request #71 from YunoHost-Apps/add-.env-on-upgrade

Browse source 
Add .env on upgrade
This commit is contained in:
eric_G 2024-05-22 10:54:00 +02:00 committed by GitHub
commit ae5bf6ee7a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 219 additions and 987 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

197
conf/.env.example Normal file
View file

@ -0,0 +1,197 @@
APP_NAME=Cypht
DB_CONNECTION_TYPE=host
DB_DRIVER=mysql
DB_PORT=3306
DB_HOST=127.0.0.1
DB_NAME=__DB_NAME__
DB_USER=__DB_USER__
DB_PASS=__DB_PWD__
DB_SOCKET=/var/lib/mysqld/mysqld.sock
SESSION_TYPE=PHP
AUTH_TYPE=DB
IMAP_AUTH_NAME=localhost
IMAP_AUTH_SERVER=localhost
IMAP_AUTH_PORT=143
IMAP_AUTH_TLS=
IMAP_AUTH_SIEVE_CONF_HOST=
DEFAULT_SMTP_NAME=
DEFAULT_SMTP_SERVER=
DEFAULT_SMTP_PORT=
DEFAULT_SMTP_TLS=
DEFAULT_SMTP_NO_AUTH=
USER_CONFIG_TYPE=file
USER_SETTINGS_DIR=__DATA_DIR__/users
ATTACHMENT_DIR=__DATA_DIR__/attachments
APP_DATA_DIR=__DATA_DIR__/app_data
DISABLE_ORIGIN_CHECK=false
ADMIN_USERS=__ADMIN__
COOKIE_DOMAIN=
COOKIE_PATH=
DEFAULT_EMAIL_DOMAIN=
AUTO_CREATE_PROFILE=
REDIRECT_AFTER_LOGIN=
ALWAYS_MOBILE_UI=
DEFAULT_LANGUAGE=__LANGUAGE__
JS_COMPRESS=false
CSS_COMPRESS=false
ALLOW_SESSION_CACHE=false
CACHE_CLASS=
ENABLE_REDIS=true
REDIS_SERVER='127.0.0.1'
REDIS_PORT=6379
REDIS_INDEX=1
REDIS_PASS=
REDIS_SOCKET=/var/run/redis/redis-server.sock
ENABLE_MEMCACHED=true
MEMCACHED_SERVER='127.0.0.1'
MEMCACHED_PORT=11211
MEMCACHED_AUTH=false
MEMCACHED_USER=
MEMCACHED_PASS=
ALLOW_LONG_SESSION=false
LONG_SESSION_LIFETIME=30
ENCRYPT_AJAX_REQUESTS=
ENCRYPT_LOCAL_STORAGE=
ENCRYPT_LOCAL_STORAGE=
DISABLE_IP_CHECK=false
DISABLE_ORIGIN_CHECK=true
ALLOW_EXTERNAL_IMAGE_SOURCES=true
SINGLE_SERVER_MODE=false
DISABLE_EMPTY_SUPERGLOBALS=false
DISABLE_OPEN_BASE_DIR=false
DISABLE_INI_SETTINGS=false
DISABLE_FINGERPRINT=false
AUTH_CLASS=
SESSION_CLASS=
API_LOGIN_KEY=
DEFAULT_SETTING_NO_PASSWORD_SAVE=false
DEFAULT_SETTING_IMAP_PER_PAGE=20
DEFAULT_SETTING_SIMPLE_MSG_PARTS=false
DEFAULT_SETTING_PAGINATE_LINKS=true
DEFAULT_SETTING_MSG_PART_ICONS=true
DEFAULT_SETTING_TEXT_ONLY=true
DEFAULT_SETTING_SENT_PER_SOURCE=20
DEFAULT_SETTING_SENT_SINCE='-1 week'
DEFAULT_SETTING_SHOW_LIST_ICONS=true
DEFAULT_SETTING_START_PAGE=none
DEFAULT_SETTING_DISABLE_DELETE_PROMPT=false
DEFAULT_SETTING_FLAGGED_PER_SOURCE=20
DEFAULT_SETTING_NO_FOLDER_ICONS=false
DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE=20
DEFAULT_SETTING_ALL_EMAIL_SINCE='-1 week'
DEFAULT_SETTING_ALL_SINCE='-1 week'
DEFAULT_SETTING_ALL_PER_SOURCE=20
DEFAULT_SETTING_UNREAD_PER_SOURCE=20
DEFAULT_SETTING_FLAGGED_SINCE='-1 week'
DEFAULT_SETTING_UNREAD_SINCE='-1 week'
DEFAULT_SETTING_TIMEZONE='__TIMEZONE__'
DEFAULT_SETTING_LIST_STYLE='email_style'
DEFAULT_SETTING_LANGUAGE=__LANGUAGE__
DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS=false
DEFAULT_SETTING_FEED_LIMIT=20
DEFAULT_SETTING_FEED_SINCE='-1 week'
DEFAULT_SETTING_SMTP_COMPOSE_TYPE=0
DEFAULT_SETTING_SMTP_AUTO_BCC=false
DEFAULT_SETTING_THEME='default'
DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS=false
DEFAULT_SETTING_WORDPRESS_SINCE='-1 week'
DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB=false
DEFAULT_SETTING_GITHUB_LIMIT=20
DEFAULT_SETTING_GITHUB_SINCE='-1 weeks'
DEFAULT_SETTING_INLINE_MESSAGE=false
DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS=1
DEFAULT_SETTING_ENABLE_SIEVE_FILTER=false
APP_2FA_SECRET=""
APP_2FA_SIMPLE=false
CARD_DAV_SERVER=http://localhost:5232
#DYNAMIC LOGIN
DYNAMIC_HOST=true
DYNAMIC_HOST_SUBDOMAIN=""
DYNAMIC_USER=false
DYNAMIC_SMTP_SUBDOMAIN=""
DYNAMIC_MAIL_SUBDOMAIN=""
#github.com
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GITHUB_REDIRECT_URI=
GITHUB_AUTH_URL=https://github.com/login/oauth/authorize
GITHUB_AUTH_URL=https://github.com/login/oauth/access_token
#gmail
GMAIL_CLIENT_ID=
GMAIL_CLIENT_SECRET=
GMAIL_CLIENT_URI=
GMAIL_AUTH_URI=https://accounts.google.com/o/oauth2/auth
GMAIL_TOKEN_URI=https://www.googleapis.com/oauth2/v3/token
GMAIL_REFRESH_URI=https://www.googleapis.com/oauth2/v3/token
#aoutlook
OUTLOOK_CLIENT_ID=
OUTLOOK_CLIENT_SECRET=
OUTLOOK_CLIENT_URI=
OUTLOOK_AUTH_URI=https://login.live.com/oauth20_authorize.srf
OUTLOOK_TOKEN_URI=https://login.live.com/oauth20_token.srf
OUTLOOK_REFRESH_URI=https://login.live.com/oauth20_token.srf
#ldap.php
LDAP_SERVER=localhost
LDAP_ENABLE_TLS=true
LDAP_PORT=389
LDAP_BASE_DN="dc=example,dc=com"
LDAP_SEARCH_TERM="objectclass=inetOrgPerson"
LDAP_AUTH=false
LDAP_USER=''
LDAP_PASS=''
LDAP_OBJECT_CLASS="top,person,organizationalperson,inetorgperson"
LDAP_READ_WRITE=true
#app.php
LDAP_AUTH_PORT=389
LDAP_AUTH_SERVER=127.0.0.1
LDAP_AUTH_TLS=false
LDAP_AUTH_BASE_DN="ou=users,dc=yunohost,dc=org"
#WordPress
WORDPRESS_CLIENT_ID=
WORDPRESS_CLIENT_SECRET=
WORDPRESS_CLIENT_URI=
RECAPTCHA_SECRET=
RECAPTCHA_SITE_KEY=
CYPHT_MODULES="core,contacts,local_contacts,ldap_contacts,gmail_contacts,feeds,jmap,imap,smtp,account,idle_timer,desktop_notifications,calendar,themes,nux,developer,sievefilters"
#LoginPage
FANCY_LOGIN=false

922
conf/hm3.sample.ini
View file

@ -1,922 +0,0 @@
; -----------------------------------------------------------------------------
; General settings
; -----------------------------------------------------------------------------
; Session Type
; ------------
; Sessions are how the server maintains your logged in state. Cypht supports
; standard PHP sessions, as well as its own completely independent session
; system that uses memcached or a database for storage. In order to use
; database sessions, the database must be correctly configured in the "DB
; Support" section and the hm_user_session table must be created. In order to
; use Memcached sessions, the memcached server must be correctly configured
; in the "Memcached Support" section. In order to use Redis session, the
; Redis server must be configured in the "Redis Support" section.
;
; Valid values for this setting:
;
; PHP Standard PHP session handlers
; DB Custom database based sessions
; MEM Custom Memcached based sessions
; REDIS Custom Redis based sessions
; custom Create your own session class. See the modules/site/lib.php file for
; more info
;
session_type=PHP
; Authentication Type
; -------------------
; This setting defines how Cypht will authenticate your username and password
; when you login. If you want to use a database it must be correctly configured
; in the "DB Support" section and the hm_user table must be created. There are
; 3 PHP cli scripts to help manage database users in the scripts/ directory (
; create_account.php, delete_account.php, and update_password.php). If you want
; to authenticate against an IMAP server, you must setup the imap_auth_* settings
; below. If you want to authenticate against a POP3 server, you must setup the
; pop3_auth_* settings below. If you want to authenticate against an LDAP server,
; you must setup the ldap_auth_* settings. Finally, if you want to let users
; pick from a list of popular mail services or try to auto-discover a mail
; system, set this to dynamic and make sure the dynamic_login module set is
; enabled in the "Module Sets" section of this file.
;
; Valid values for this setting:
;
; DB Authenticate against the database
; LDAP Authenticate against an LDAP server
; IMAP Authenticate using an IMAP server
; POP3 Authenticate using a POP3 server
; dynamic Let the user choose from a list, or try to auto discover the mail
; services based on the email domain
; custom Create your own auth class. See the modules/site/lib.php file for
; more info
;
auth_type=DB
; LDAP Authentication
; -------------------
; If auth_type is set to LDAP, configure the LDAP server to authenticate against
; with the following settings, otherwise these are ignored.
;
; The hostname or IP address of the LDAP server to authenticate to
ldap_auth_server=127.0.0.1
; The port the LDAP server is listening on.
ldap_auth_port=389
; Enable TLS/SSL connections. Leave blank or set to false to disable. Set to
; true to enable TLS connections.
ldap_auth_tls=false
; The "base dn" of the LDAP server
ldap_auth_base_dn="ou=users,dc=yunohost,dc=org"
; IMAP Authentication
; -------------------
; If auth_type is set to IMAP, configure the IMAP server to authenticate against
; with the following settings, otherwise these are ignored.
;
; This is just a label used in the UI. It can be set to anything
imap_auth_name=localhost
; The hostname or IP address of the IMAP server to authenticate to
imap_auth_server=localhost
; The port the IMAP server is listening on.
imap_auth_port=143
; Enable TLS/SSL connections. Leave blank or set to false to disable. Set to
; true to enable TLS connections. If you want to use IMAP STARTTLS, do NOT
; enable this. This is only for TLS enabled sockets (typically on port 993).
imap_auth_tls=
; The hostname/IP address and port sieve is listening on. Example: example.org:4190
imap_auth_sieve_conf_host=
; POP3 Authentication
; -------------------
; if auth_type is set to POP3, configure the POP3 server to authenticate against
; with the following settings, otherwise these are ignored.
;
; This is just a label used in the UI. It can be set to anything
pop3_auth_name=localhost
; The hostname or IP address of the POP3 server to authenticate to
pop3_auth_server=localhost
; The port the POP3 server is listening on.
pop3_auth_port=110
; Enable TLS/SSL connections. Leave blank or set to false to disable. Set to
; true to enable TLS connections.
pop3_auth_tls=
; Default SMTP Server
; -------------------
; You can set a default SMTP server for all Cypht users. Authentication will be
; done with the users login credentials, so this only makes sense if you are
; using POP3 or IMAP for authentication. Leave these values blank to disable a
; default SMTP server, otherwise fill in the required values below
;
; This is just a label used in the UI. It can be set to anything
default_smtp_name=
; The hostname or IP address of the SMTP server
default_smtp_server=
; The port the SMTP server is listening on.
default_smtp_port=
; Enable TLS/SSL connections. Leave blank or set to false to disable. Set to
; true to enable TLS connections.
default_smtp_tls=
; If your SMTP service does not require authentication, you can disable it
; by setting the following to true.
default_smtp_no_auth=
; Settings Storage
; ----------------
; Cypht supports 3 methods for saving user settings between logins. File based
; settings, database table or custom implementation. To store settings in a
; database, it must be configured in the "DB Support" section and the
; hm_user_settings table must be created. To store settings on the filesystem,
; the user_settings_dir must be created and the webserver software must be able
; to write to it. For custom implementations, see Hm_User_Config_File.
;
; Valid values for this setting:
;
; file Store user settings in the filesystem
; DB Store user settings in a database
; custom Store user settings via custom implementation. Specify class name
; after colon, e.g. custom:Custom_User_Config
;
user_config_type=file
; Settings Location
; -----------------
; If user_config_type is set to file, this must be set to an existing directory
; that the webserver software can read and write to. If settings storage is set
; to DB, this is ignored. It should not be inside the webserver document root.
user_settings_dir=__DATA_DIR__/users
; Attachment Location
; -------------------
; Cypht needs a temporary place to store attachments that are to be sent with
; an outgoing message. This folder must exist and be writable by the webserver
; software. It should not be inside the webserver document root.
attachment_dir=__DATA_DIR__/attachments
; Application Data Location
; -------------------------
; Some Cypht module sets have their own ini files that need to be readable by
; the webserver software, but not writable, and definitely not inside the
; webserver document root.
app_data_dir=__DATA_DIR__/app_data
; Disable origin check
; --------------------
; To help protect against CSRF attacks, Cypht checks origin headers to confirm
; that the source and target origin domains match. If you are using proxies this
; could create a problem making it impossible to login. Change this to true to
; disable the origin check.
disable_origin_check=false
; Admin Users
; ----------
; You can define a comma delimited list of admin users that Cypht will grant
; special rights to. Currently this only enables the "create account" link in
; the account module set that provides a form to create a new account. This is
; only used if the auth_type is set to DB. Leave this blank if you don't want
; to define any admin users, or are using IMAP or POP3 authentication.
admin_users=__ADMIN__
; Cookie Domain
; -------------
; By default Cypht uses the server name used in the request to determine
; the domain name to set the cookie for. Configurations that use a reverse
; proxy might need to define the domain name used for cookies. Leave this
; blank to let Cypht automatically determine the domain. You can also use
; the special value of "none" to force Cypht to NOT set the cookie domain
; property at all. This is not recommended unless you know what you are
; doing!
cookie_domain=
; Cookie Path
; -------------
; By default Cypht uses the request URI to determine the cookie path to set
; the cookie for. Configurations that use mod_rewrite might need to define
; the path used for cookies. E.g. /cypht/embedded?page=compose will set path
; to /cypht/embedded/ which won't send the cookies back to the server. In that
; case set cookie_path=/cypht/. Leave this blank to let Cypht automatically
; determine the path. You can also use the special value of "none" to force
; Cypht to NOT set the cookie path property at all. This is not recommended
; unless you know what you are doing!
cookie_path=
; Outbound Email Domain
; ----------------------
; Default domain used for outbound email addresses when using IMAP auth and
; users don't login with a full email address. Users can customize this with
; the profiles module which will override this default
default_email_domain=
; Auto-Create Profile
; -------------------
; When a user logs in and they have only 1 IMAP server and 1 SMTP server, and
; no configured profiles - enabling this option will auto-create a profile for
; them. Email and reply-to addresses will use the default_email_domain if
; set, otherwise it will fallback to the domain Cypht is hosted on.
autocreate_profile=
; Redirect After Login
; --------------------
; You can login directly to any page in Cypht by going to the correct url before
; logging in, but that is not very user-friendly. To redirect users to a url
; after login, add the url arguments below (everything in the url after, but
; including, the question mark). You must use double quotes around the value
; otherwise it will cause an ini parsing error. To redirect users after login
; to the combined unread view you would use:
;
; redirect_after_login="?page=message_list&list_path=unread"
redirect_after_login=
; Application Name
; ----------------
; This label is used in the UI to reference the program - you can change it to
; "Your awesome webmail" to replace the Cypht name used in various places.
app_name=Cypht
; Force Mobile UI
; ---------------
; Cypht will detect mobile devices and display a mobile optimized UI. If you want
; to aways use this UI regardless of device, set this to true
always_mobile_ui=
; Default Language
; ----------------
; Users can select from available interface languages on the site settings page.
; This sets the default for a user who has not done so. Valid values are 2 character
; langauge codes that have matching language definitions in the language/ folder.
default_language=__LANGUAGE__
; JavaScript Compression
; ----------------------
; When the configuration script is run, all JavaScript files are concatenated
; and optionally compressed. To compress the content, define a command and its
; options below. Cypht does not come with compresson software, so you must
; install and configure that separately. Leave blank or set to false to disable
; external compression. Compression software must be able to handle ES6.
;
; Example:
; js_compress='uglifyjs.terser -c -m --verbose --warn'
;
js_compress=false
; CSS Compression
; ---------------
; When the configuration script is run, all CSS files are concatenated and
; optionally compressed. To compress the content, define a command and its
; options below. Cypht does not come with compresson software, so you must
; install and configure that separately. Leave blank or set to false to disable
; external compression.
;
; Example:
; css_compress='java -jar /usr/local/lib/yuicompressor-2.4.8.jar --type css'
;
css_compress=false
; Caching Server Support
; ---------------------
; Cypht can use Redis or Memcache to improve performance, as well as to store
; user sessions. Configure Redis or Memcached below and Cypht will
; automatically use them for caching. All data cached for a user in either
; system is encrypted. Currently, the feeds, POP3, and IMAP modules will use
; the configured cache. If both Redis and Memcached are configured, Redis will
; be used for the cache.
;
; If you want to use the user session as a cache, uncomment the line below and
; set to true. THIS IS NOT RECOMMENDED. Cypht uses parallel requests to the
; server, and using the session as a cache is likely to cause race conditions
; and integrity issues. If you are running Cypht in an "embedded" mode with
; only one email source, this option is less likely to be a problem.
; allow_session_cache=false
; cache_class=
; Redis Support
; -------------
; Configure Redis details below to use it for caching
enable_redis=true
redis_server=127.0.0.1
redis_port=6379
redis_index=1
redis_pass=
redis_socket=/var/run/redis/redis-server.sock
; Memcached Support
; -----------------
; Configure Memcached details below to use it for caching
enable_memcached=true
memcached_server=127.0.0.1
memcached_port=11211
; If you need SASL authentication for memcached, set the following to true
; and add the username and password to authenticate with
memcached_auth=false
memcached_user=
memcached_pass=
; Allow Long Sessions
; -------------------
; Cypht logins only last as long as the browser is open. Closing the browser,
; or moving to a new network, will cause you to be logged out. This setting
; provides users with a "stay logged in" option during login that will set the
; sesison lifetime to a default of 30 days, and disable the IP address check.
;
; USE WITH CAUTION SINCE THIS DISABLES SOME SESSION PROTECTIONS.
;
; Specifically:
;
; - Session cookies stay active after a browser restart making them more
; susceptible to snooping
; - The browser "fingerprint" was use to help protect against session hijacking
; includes the client's IP. With this option enabled a client IP can change
; mid-session and it won't log them out
allow_long_session=false
; Set the session lifetime in days. Only applies if allow_long_session is set to
; true, and a user checks the box to "stay logged in" during login.
long_session_lifetime=30
; Browser Encryption Options
; --------------------------
; Cypht can use the Forge JavaScript encryption library to encrypt AJAX
; responses and data stored in browser local storage. Enabling either one of
; these options causes the Forge JavaScript library to be included. This adds
; about 70KB to the page size (when gzipped).
; Use AES encryption for AJAX responses. Set to true to enable, leave blank or
; set to false to disable.
encrypt_ajax_requests=
; Use AES encryption for data stored in the browser local storage. Set to true
; to enable, or leave blank or set to false to disable.
encrypt_local_storage=
; Allow client IP changes
; -----------------------
; By default Cypht will log you out if your client IP address changes. This is
; an extra layer of protection against session hijacking, but it's not uncommon
; for your client IP to change. Change this to true if you want to disable this
; check
disable_ip_check=false
; Allow remote image sources
; --------------------------
;
; WARNING: Using this feature could leak information to external sources.
;
; By default, Cypht will not allow external images to be loaded when viewing an
; HTML formatted email message. A Content Security Policy header limits images
; sources to "self" only and the message content is filtered to remove any external
; resource. If you really want the ability to view external images in an email,
; you first need to change the following setting to true. When viewing an HTML
; formatted message, you will now have a link before the message body called "Allow
; Images" that will reload the message part with external images visible.
allow_external_image_sources=false
;
; Single server mode
; ------------------
; This setting restricts Cypht to only using a single email source (POP3 or
; IMAP) and the default SMTP server defined in this file. It modifies the UI to
; remove the ability to add other email sources, and removes the password
; restriction when saving data between logins. You must use either IMAP or POP3
; authentication for this setting to be enforced, and auth server will be the
; single email source users have access to. If you enable this after users
; have saved any settings, they will be lost (or if you disable it after they
; have saved any settings). WARNING: USER SETTINGS SAVED TO THE SERVER WILL NOT
; BE ENCRYPTED WITH THIS ENABLED
single_server_mode=false
; Integration options
; -------------------
; Cypht does a few things to make it more secure by default, but these features
; can make it difficult to integrate Cypht into 3rd party software. Specifically,
; Cypht disables PHP "super globals", and sets a restrictive PHP "open basedir"
; setting, tweaks PHP ini settings to increase security, and uses a browser
; "fingerprint" to improve session security. You can disable each with the
; following options:
; Don't empty PHP super globals
disable_empty_superglobals=false
; Don't apply open basedir restrictions
disable_open_basedir=false
; Don't tweak ini settings
disable_ini_settings=false
; Don't use a browser fingerprint
disable_fingerprint=false
; You can create your own custom authentication and session classes using the
; site module set, however you might want those classes located somewhere else
; outside of the Cypht code base. By setting session_type and auth_type to custom,
; you can control what class is used with the following settings
; auth_class=
; session_class=
; -----------------------------------------------------------------------------
; DB Support
; -----------------------------------------------------------------------------
; Database Support
; ----------------
; Cypht can use a database for 3 different purposes: authentication, sessions,
; and user settings. Each requires the following settings to be configured and
; the correct table to be created. CREATE TABLE SQL statements for MySQL and
; Postgresql are below.
;
; Connection type. Can be "host" to connect to a hostname, or "socket" to
; connect to a unix socket.
db_connection_type=host
; Database host name or ip address. If db_connection_type is set to "socket",
; this value is ignored
db_host=127.0.0.1
; Database port. Only needed if your database is running on a non-standard
; port
db_port=3306
; If db_connection_type is set to "socket", this should be the filesystem
; location of the unix socket file. If db_connection_type is set to "host"
; this value is ignored.
db_socket=/var/lib/mysqld/mysqld.sock
; Name of the database with the required tables
db_name=__DB_NAME__
; User to connect to the database with
db_user=__DB_USER__
; Password to connect to the database with
db_pass=__DB_PWD__
; Database type. can be any supported PDO driver ; (http://php.net/manual/en/pdo.drivers.php)
db_driver=mysql
; DB Sessions
; -----------
; If your session_type is set to DB, the following table must exist in the DB
; defined above, and the db user must have read-write access to it:
;
; Postgresql:
; CREATE TABLE hm_user_session (hm_id varchar(250) primary key not null, data text, date timestamp);
;
; MySQL or SQLite:
; CREATE TABLE hm_user_session (hm_id varchar(180), data longblob, date timestamp, primary key (hm_id));
; DB Authentication
; -----------------
; If your auth_type is set to DB, the following table must exist in the DB
; defined above, and the db user must have read-write access to it:
;
; Postgresql:
; CREATE TABLE hm_user (username varchar(255) primary key not null, hash varchar(255));
;
; MySQL or SQLite:
; CREATE TABLE hm_user (username varchar(250), hash varchar(250), primary key (username));
; DB Settings
; -----------
; If your user_config_type is set to DB, the following table must exist in the
; DB defined above, and the db user must have read-write access to it:
;
; Postgresql:
; CREATE TABLE hm_user_settings (username varchar(250) primary key not null, settings text);
;
; MySQL or SQLite:
; CREATE TABLE hm_user_settings(username varchar(250), settings longblob, primary key (username));
; -----------------------------------------------------------------------------
; Modules
; -----------------------------------------------------------------------------
; Module Sets
; -----------
; Cypht uses module sets to separate functionality in the program. Module sets
; can be enabled and disabled independently by commenting out or uncommenting
; the assignments below. Add a new assignment to enable your own module sets.
; Core
; ----
; Handles page layout, login/logout, and the default settings pages. This set
; is required.
modules[]=core
; Contacts
; -------
; Contact support. This module requires that at least one "backend" contacts
; module be enabled (ldap_contacts, gmail_contacts, or local_contacts). You
; can enable all the backends you want to support.
modules[]=contacts
; Local contact support. Simple, locally stored contacts backend
modules[]=local_contacts
; LDAP contact support. Use an LDAP server to store contacts. This module
; uses its own ini file in modules/ldap_contacts/. This file must be edited
; and moved to your app_data_dir to configure LDAP access.
; modules[]=ldap_contacts
; Gmail contact support. Read-only support for Gmail contacts. Only available
; if you have a Gmail account enabled that uses OAuth2 authentication
; modules[]=gmail_contacts
; Feeds
; -----
; RSS/ATOM feed support
modules[]=feeds
; POP3
; ----
; POP3 email account support
modules[]=pop3
; JMAP
; ----
; JSON Meta Application Protocol for emails
;modules[]=jmap
; IMAP
; ----
; IMAP email account support. If you want to use OAuth2 over IMAP (currently
; only supported by Gmail and Outlook.com), you will need to edit the oauth2.ini
; file in modules/imap/, and move it to your app_data_dir location.
modules[]=imap
; 2 factor authentication
; -----------------------
; This module enables 2 factor authentication using TOTP (compatible with
; Google Authenticator). You must edit the ini file in modules/2fa/ to
; configure a shared secret, then move that file to your app_data_dir.
; modules[]=2fa
; SMTP
; ----
; Send outbound email using SMTP servers
modules[]=smtp
; Account
; ------
; UI features for admins to create accounts, and for users to update passwords
; (when using the built-in DB authentication)
modules[]=account
; Idle timer
; ---------
; Controls idle time and automatic logout
modules[]=idle_timer
; Desktop notifications
; ---------------------
; Enable desktop notifications for new messages
; modules[]=desktop_notifications
; Calendar
; -------
; Basic calendar
modules[]=calendar
; Themes
; ------
; Change the UI using CSS
modules[]=themes
; NUX
; ---
; Friendly new user experience. Quickly add common email services, and view
; development updates
modules[]=nux
; Developer
; ---------
; For development, provides resources and installation details. Only available
; in "debug mode"
modules[]=developer
; Github
; ------
; Github repository tracking. This module has its own ini file located in
; modules/github/. You must edit this file, and move it to your app_data_dir
; to establish communication with github.
; modules[]=github
; reCAPTCHA
; ---------
; Use the reCAPTCHA server on login. This module has its own ini file in
; modules/recaptcha/. You must edit this file, and move it to the location
; defined in app_data_dir to gain access to the WordPress notification API.
; modules[]=recaptcha
; WordPress
; ---------
; WordPress.com notifications. This module has its own ini file in
; modules/wordpress/. You must edit this file, and move it to the location
; defined in app_data_dir to gain access to the WordPress notification API.
; modules[]=wordpress
; History
; -------
; Simple list of messages read since login
modules[]=history
; Saved searches
; --------------
; Save and re-run searches easily
modules[]=saved_searches
; Advanced search
; ---------------
; Enable the advanced search form
modules[]=advanced_search
; Message highlighting
; --------------------
; Create custom rules to highlight messages in lists with different colors
modules[] = highlights
; NASA
; ----
; Access the NASA APOD API content
; modules[]=nasa
; Profiles
; --------
; Profiles to set reply-to, name, and signature to associated email accounts
modules[]=profiles
; Inline message
; --------------
; View messages inline in a reading pane instead of on a new page
modules[]=inline_message
; IMAP folders
; -----------
; Support for adding/renaming/deleting folders in IMAP accounts
modules[]=imap_folders
; Keyboard Shortcuts
; ------------------
; Enables configurable keyboard shortcuts for navigations and actions
modules[]=keyboard_shortcuts
; Sieve Filters
; ------------------
; Enables configurable Sieve based IMAP filters
modules[]=sievefilters
; Site
; ----
; Site specific overrides. Used to control other module sets without hacking
; the code.
; modules[]=site
; Dynamic login
; -------------
; Allows user to authenticate against a list of popular mail services, or to
; auto-discover the services for the specified email address. The auth_type
; setting must be set to "dynamic", otherwise this module set does not do
; anything
; modules[]=dynamic_login
; API login
; --------
; Allows an API based login that returns a JSON response containing the session
; and hm_id values needed to create a login session. You will need to set the
; api_login_key value to something unique and include that in the POST request.
; modules[]=api_login
; api_login_key=
; Recover settings
; ----------------
; When using IMAP or POP3 authentication, if a user's password is changed, we
; can't decrypt the existing user settings. This module detects that situation
; and provides a page where a user can enter their old and new passwords to
; recover their previous settings.
; modules[]=recover_settings
; Hello World
; -----------
; Example module set with lots of comments
; modules[]=hello_world
; -----------------------------------------------------------------------------
; User Defaults
; All of these settings can be changed by users, but you can uncomment and set
; the default behavior using the following options. This will only effect new
; users or ones that have never saved their settings.
;
; Per source time limits have valid values of:
; -1 day
; -1 week
; -2 weeks
; -4 weeks
; -6 weeks
; -6 months
; -1 year
; -5 years
;
; Per source maximums can be from 1 to 1000
; -----------------------------------------------------------------------------
; If set to true, passwords for email accounts will never be saved between logins
; Defaults to false
; default_setting_no_password_save=false
; Number of messages per page when viewing IMAP folders
; Defaults to 20
; default_setting_imap_per_page=20
; Amount of IMAP message structure detail on the message view page
; Defaults to full structure
; default_setting_simple_msg_parts=false
; Next and Previous emails on the message view page
; Defaults to full structure
; default_setting_pagination_links=true
; Show icons for each IMAP message part type
; Defaults to true
; default_setting_msg_part_icons=true
; Prefer text parts when viewing a message
; Defaults to false
; default_setting_text_only=false
; Per source max for the combined sent view
; Defaults to 20
; default_setting_sent_per_source=20
; Per source time limit for the combined sent view
; Defaults to 1 week
; default_setting_sent_since='-1 week'
; Display source icons in message lists
; Defaults to true
; default_setting_show_list_icons=true
; Redirect to this page on login
; Defaults to none
; default_setting_start_page=none
; Don't prompt when deleting something
; Defaults to false
; default_setting_disable_delete_prompt=false
; Hide icons in the folder list
; Defaults to false
; default_setting_no_folder_icons=false
; Source max for the all email combined view
; Defaults to 20
; default_setting_all_email_per_source=20
; Per source time limit for the all email combined view
; Defaults to 1 week
; default_setting_all_email_since='-1 week'
; Per source time limit for the everything combined view
; Defaults to 1 week
; default_setting_all_since='-1 week'
; Per source max for the everything combined view
; Defaults to 20
; default_setting_all_per_source=20
; Per source max for the unread combined view
; Defaults to 20
; default_setting_unread_per_source=20
; Per source max for the flagged combined view
; Defaults to 20
; default_setting_flagged_per_source=20
; Per source time limit for the flagged combined view
; Defaults to 1 week
; default_setting_flagged_since='-1 week'
; Per source time limit for the unread combined view
; Defaults to 1 week
; default_setting_unread_since='-1 week'
; Timezone for date displays
; Defaults to UTC
default_setting_timezone='__TIMEZONE__'
; Message list format style
; Defaults to email client style
; default_setting_list_style='email_style'
; Interface language
; Defaults to en (English)
default_setting_language='__LANGUAGE__'
; Hide new news feed items from the unread combined view
; Defaults to false
; default_setting_unread_exclude_feeds=false
; Per source max for news feeds
; Defaults to 20
; default_setting_feed_limit=20
; Per source time limit for news feeds
; Defaults to 1 week
; default_setting_feed_since='-1 week'
; Toggle between plain text or HTML formatted mail on the compose page
; Defaults to 0 (plain text)
; default_setting_smtp_compose_type=0
; BCC a copy of outbound mail to the sender
; Defaults to false
; default_setting_smtp_auto_bcc=false
; UI theme
; Defaults to the default white one ("White Bread")
; default_setting_theme='default'
; Hide WordPress notifications from the unread combined view
; Defaults to false
; default_setting_unread_exclude_wordpress=false
; Time limit for WordPress notifications
; Defaults to 1 week
; default_setting_wordpress_since='-1 week'
; Hide Github notifications from the unread combined view
; Defaults to false
; default_setting_unread_exclude_github=false
; Max per source for Github notifications
; Defaults to 20
; default_setting_github_limit=20
; Per source time limit for Github notifications
; Defaults to 1 week
; default_setting_github_since='-1 weeks'
; Display message details inline from the message list
; Defaults to false
; default_setting_inline_message=false
; Enable keyboard shortcuts
; Defaults to false
; default_setting_enable_keyboard_shortcuts=1
; Enable sieve filter
; Defaults to false
; default_setting_enable_sieve_filter=true

0
config_panel.toml → config_panel.toml.example
View file

2
scripts/_common.sh
View file

@ -7,7 +7,7 @@
#=================================================
# Composer version
YNH_COMPOSER_VERSION="2.5.8"
YNH_COMPOSER_VERSION="2.7.6"
#=================================================
# PERSONAL HELPERS

6
scripts/backup
View file

@ -28,15 +28,11 @@ ynh_backup --src_path="$install_dir"
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
# SYSTEM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================

21
scripts/install
View file

@ -10,17 +10,6 @@ source _common.sh
source /usr/share/yunohost/helpers
timezone=$(cat /etc/timezone)
fpm_footprint="low"
fpm_free_footprint=0
fpm_usage="low"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
#=================================================
# CREATE A MYSQL DATABASE
@ -44,10 +33,10 @@ chown -R $app:www-data "$install_dir"
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app ..." --weight=3
ynh_script_progression --message="Adding system configurations related to $app..." --weight=3
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
ynh_add_fpm_config
# Create a dedicated NGINX config
ynh_add_nginx_config
@ -66,10 +55,10 @@ ynh_install_composer --install_args="--ignore-platform-reqs"
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
ynh_add_config --template="../conf/hm3.sample.ini" --destination="$install_dir/hm3.ini"
ynh_add_config --template=".env.example" --destination="$install_dir/.env"
chmod 400 "$install_dir/hm3.ini"
chown $app:$app "$install_dir/hm3.ini"
chmod 400 "$install_dir/.env"
chown $app:$app "$install_dir/.env"
#=================================================
# ADD AN ADMIN USER

58
scripts/upgrade
View file

@ -15,48 +15,13 @@ source /usr/share/yunohost/helpers
timezone=$(cat /etc/timezone)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If fpm_footprint doesn't exist, create it
if [ -z "${fpm_footprint:-}" ]; then
fpm_footprint=low
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi
# If fpm_free_footprint doesn't exist, create it
if [ -z "${fpm_free_footprint:-}" ]; then
fpm_free_footprint=0
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
fi
# If fpm_usage doesn't exist, create it
if [ -z "${fpm_usage:-}" ]; then
fpm_usage=low
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
fi
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=4
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=4
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir" --keep="hm3.ini"
fi
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep=".env"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
@ -67,22 +32,29 @@ chown -R $app:www-data "$install_dir"
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=3
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint
ynh_add_fpm_config
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# INSTALL CYPHT WITH COMPOSER
#=================================================
ynh_script_progression --message="Installing $app with Composer..." --weight=10
ynh_install_composer --install_args="--ignore-platform-reqs"
#=================================================
# SPECIFIC UPGRADE
#=================================================
# UPDATE A CONFIG FILE
#=================================================
#ynh_script_progression --message="Updating a configuration file..." --weight=1
ynh_script_progression --message="Adding a configuration file..." --weight=1
#ynh_add_config --template="../conf/hm3.sample.ini" --destination="$install_dir/hm3.ini"
ynh_add_config --template=".env.example" --destination="$install_dir/.env"
#chmod 400 "$install_dir/hm3.ini"
#chown $app:$app "$install_dir/hm3.ini"
chmod 400 "$install_dir/.env"
chown $app:$app "$install_dir/.env"
#=================================================
# END OF SCRIPT