YunoHost-Apps/z-push_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/z-push_ynh.git synced 2024-09-03 18:05:58 +02:00
Code Issues Activity Actions

Adding config files

Browse source
This commit is contained in:
Yalh 2019-01-27 04:03:17 +01:00
parent 3776ce6cf4
commit 6b55b42948
18 changed files with 1430 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
conf/autodiscover.conf.php Normal file
View file

@ -0,0 +1,110 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Autodiscover configuration file
*
* Created : 30.07.2014
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Replace zpush.example.com with your z-push's host name and uncomment the line below.
// define('ZPUSH_HOST', 'zpush.example.com');
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '__TIMEZONE__');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* Possible values:
* false - use the username only (default).
* true - use the complete email address.
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/*
* AutoDiscover requires the username to match either the email address
* or the local part of the email address.
* This is not always possible as the username might have a different
* schema than email address. Configure this parameter to match your
* username settings.
* @see https://wiki.z-hub.io/display/ZP/Configuring+Z-Push+Autodiscover#ConfiguringZ-PushAutodiscover-Configuration
* @see https://jira.z-hub.io/browse/ZP-1209
*
* Possible values:
* AUTODISCOVER_LOGIN_EMAIL - uses the email address as provided when setting up the account
* AUTODISCOVER_LOGIN_NO_DOT - removes the '.' from email address:
* email: first.last@domain.com -> resulting username: firstlast
* AUTODISCOVER_LOGIN_F_NO_DOT_LAST - cuts the first part before '.' after the first letter and
* removes the '.' from email address:
* email: first.last@domain.com -> resulting username: flast
* AUTODISCOVER_LOGIN_F_DOT_LAST - cuts the part before '.' after the first letter and
* leaves the part after '.' as is:
* email: first.last@domain.com -> resulting username: f.last
*/
define('AUTODISCOVER_LOGIN_TYPE', AUTODISCOVER_LOGIN_EMAIL);
/**********************************************************************************
* Logging settings
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*/
define('LOGBACKEND', 'filelog');
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGUSERLEVEL', LOGLEVEL);
$specialLogUsers = array();
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '__BACKEND_PROVIDER__');

57
conf/caldav.conf.php Normal file
View file

@ -0,0 +1,57 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : CalDAV backend configuration file
*
* Created : 27.11.2012
*
* Copyright 2012 - 2014 Jean-Louis Dupond
*
* Jean-Louis Dupond released this code as AGPLv3 here: https://github.com/dupondje/PHP-Push-2/issues/93
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// ************************
// BackendCalDAV settings
// ************************
// Server protocol: http or https
define('CALDAV_PROTOCOL', 'https');
// Server name
define('CALDAV_SERVER', '__DOMAIN__');
// Server port
define('CALDAV_PORT', '443');
// Path
//define('CALDAV_PATH', '/caldav.php/%u/');
define('CALDAV_PATH', '__CALDAV_PATH__');
// Default CalDAV folder (calendar folder/principal). This will be marked as the default calendar in the mobile
define('CALDAV_PERSONAL', 'PRINCIPAL');
// If the CalDAV server supports the sync-collection operation
// DAViCal, SOGo and SabreDav support it
// SabreDav version must be at least 1.9.0, otherwise set this to false
// Setting this to false will work with most servers, but it will be slower
define('CALDAV_SUPPORTS_SYNC', false);
// Maximum period to sync.
// Some servers don't support more than 10 years so you will need to change this
define('CALDAV_MAX_SYNC_PERIOD', 2147483647);

93
conf/carddav.conf.php Normal file
View file

@ -0,0 +1,93 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : CardDAV backend configuration file
*
* Created : 16.03.2013
*
* Copyright 2013 - 2016 Francisco Miguel Biete
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// ************************
// BackendCardDAV settings
// ************************
// Server protocol: http or https
define('CARDDAV_PROTOCOL', 'https');
// Server name
define('CARDDAV_SERVER', '__DOMAIN__');
// Server port
define('CARDDAV_PORT', '443');
// Server path to the addressbook, or the principal with the addressbooks
// If your user has more than 1 addressbook point it to the principal.
// Example: user test@domain.com will have 2 addressbooks
// http://localhost/caldav.php/test@domain.com/addresses/personal
// http://localhost/caldav.php/test@domain.com/addresses/work
// You set the CARDDAV_PATH to '/caldav.php/%u/addresses/' and personal and work will be autodiscovered
// %u: replaced with the username
// %d: replaced with the domain
// Add the trailing /
//define('CARDDAV_PATH', '/caldav.php/%u/');
define('CARDDAV_PATH', '__CARDDAV_PATH__');
// Server path to the default addressbook
// Mobile device will create new contacts here. It must be under CARDDAV_PATH
// %u: replaced with the username
// %d: replaced with the domain
// Add the trailing /
//define('CARDDAV_DEFAULT_PATH', '/caldav.php/%u/addresses/');
define('CARDDAV_DEFAULT_PATH', '__CARDDAV_DEFAULT_PATH__');
// Server path to the GAL addressbook. This addressbook is readonly and searchable by the user, but it will NOT be synced.
// If you don't want GAL, comment it
// %u: replaced with the username
// %d: replaced with the domain
// Add the trailing /
define('CARDDAV_GAL_PATH', '/caldav.php/%d/GAL/');
// Minimal length for the search pattern to do the real search.
define('CARDDAV_GAL_MIN_LENGTH', 5);
// Addressbook display name, the name showed in the mobile device
// %u: replaced with the username
// %d: replaced with the domain
define('CARDDAV_CONTACTS_FOLDER_NAME', '%u Addressbook');
// If the CardDAV server supports the sync-collection operation
// DAViCal and SabreDav support it, but Owncloud, SOGo don't
// SabreDav version must be at least 1.9.0, otherwise set this to false
// Setting this to false will work with most servers, but it will be slower: 1 petition for the href of vcards, and 1 petition for each vcard
define('CARDDAV_SUPPORTS_SYNC', false);
// If the CardDAV server supports the FN attribute for searches
// DAViCal supports it, but SabreDav, Owncloud and SOGo don't
// Setting this to true will search by FN. If false will search by sn, givenName and email
// It's safe to leave it as false
define('CARDDAV_SUPPORTS_FN_SEARCH', false);
// If your carddav server needs to use file extension to recover a vcard.
// Davical needs it
// SOGo official demo online needs it, but some SOGo installation don't need it, so test it
define('CARDDAV_URL_VCARD_EXTENSION', '.vcf');

96
conf/combined.conf.php Normal file
View file

@ -0,0 +1,96 @@
<?php
/***********************************************
* File : backend/combined/config.php
* Project : Z-Push
* Descr : configuration file for the
* combined backend.
*
* Created : 29.11.2010
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
class BackendCombinedConfig {
// *************************
// BackendCombined settings
// *************************
/**
* Returns the configuration of the combined backend
*
* @access public
* @return array
*
*/
public static function GetBackendCombinedConfig() {
//use a function for it because php does not allow
//assigning variables to the class members (expecting T_STRING)
return array(
//the order in which the backends are loaded.
//login only succeeds if all backend return true on login
//sending mail: the mail is sent with first backend that is able to send the mail
'backends' => array(
'i' => array(
'name' => 'BackendIMAP',
),
'z' => array(
'name' => 'BackendKopano',
),
'm' => array(
'name' => 'BackendMaildir',
),
'v' => array(
'name' => 'BackendVCardDir',
),
'l' => array(
'name' => 'BackendLDAP',
),
'd' => array(
'name' => 'BackendCardDAV',
),
'c' => array(
'name' => 'BackendCalDAV',
),
),
'delimiter' => '/',
//force one type of folder to one backend
//it must match one of the above defined backends
'folderbackend' => array(
SYNC_FOLDER_TYPE_INBOX => 'i',
SYNC_FOLDER_TYPE_DRAFTS => 'i',
SYNC_FOLDER_TYPE_WASTEBASKET => 'i',
SYNC_FOLDER_TYPE_SENTMAIL => 'i',
SYNC_FOLDER_TYPE_OUTBOX => 'i',
SYNC_FOLDER_TYPE_TASK => 'c',
SYNC_FOLDER_TYPE_APPOINTMENT => 'c',
SYNC_FOLDER_TYPE_CONTACT => 'd',
SYNC_FOLDER_TYPE_NOTE => 'c',
SYNC_FOLDER_TYPE_JOURNAL => 'c',
SYNC_FOLDER_TYPE_OTHER => 'i',
SYNC_FOLDER_TYPE_USER_MAIL => 'i',
SYNC_FOLDER_TYPE_USER_APPOINTMENT => 'c',
SYNC_FOLDER_TYPE_USER_CONTACT => 'd',
SYNC_FOLDER_TYPE_USER_TASK => 'c',
SYNC_FOLDER_TYPE_USER_JOURNAL => 'c',
SYNC_FOLDER_TYPE_USER_NOTE => 'c',
SYNC_FOLDER_TYPE_UNKNOWN => 'i',
),
//creating a new folder in the root folder should create a folder in one backend
'rootcreatefolderbackend' => 'i',
);
}
}

40
conf/etc/z-push/ldap.conf.php Normal file
View file

@ -0,0 +1,40 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : LDAP backend configuration file
*
* Created : 27.11.2012
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// **********************
// BackendLDAP settings
// **********************
// Server address
define('LDAP_SERVER', 'localhost');
// Server Port
define('LDAP_SERVER_PORT', '389');
// LDAP USER DN
define('LDAP_USER_DN', 'uid=%u,ou=mailaccount,dc=phppush,dc=com');
// LDAP BASE DNS
define('LDAP_BASE_DNS', 'Contacts:ou=addressbook,uid=%u,ou=mailaccount,dc=phppush,dc=com'); //Multiple values separator is |

56
conf/galsearch-ldap.conf.php Normal file
View file

@ -0,0 +1,56 @@
<?php
/***********************************************
* File : searchldap/config.php
* Project : Z-Push
* Descr : configuration file for the
* BackendSearchLDAP backend.
*
* Created : 03.08.2010
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// LDAP host and port
define("LDAP_HOST", "ldap://127.0.0.1/");
define("LDAP_PORT", "389");
// Set USER and PASSWORD if not using anonymous bind
define("ANONYMOUS_BIND", true);
define("LDAP_BIND_USER", "cn=searchuser,dc=test,dc=net");
define("LDAP_BIND_PASSWORD", "");
// Search base & filter
// the SEARCHVALUE string is substituded by the value inserted into the search field
define("LDAP_SEARCH_BASE", "ou=users,dc=yunohost,dc=org");
define("LDAP_SEARCH_FILTER", "(|(cn=*SEARCHVALUE*)(mail=*SEARCHVALUE*))");
// LDAP field mapping.
// values correspond to an inetOrgPerson class
global $ldap_field_map;
$ldap_field_map = array(
SYNC_GAL_DISPLAYNAME => 'cn',
SYNC_GAL_PHONE => 'telephonenumber',
SYNC_GAL_OFFICE => '',
SYNC_GAL_TITLE => 'title',
SYNC_GAL_COMPANY => 'ou',
SYNC_GAL_ALIAS => 'uid',
SYNC_GAL_FIRSTNAME => 'givenname',
SYNC_GAL_LASTNAME => 'sn',
SYNC_GAL_HOMEPHONE => 'homephone',
SYNC_GAL_MOBILEPHONE => 'mobile',
SYNC_GAL_EMAILADDRESS => 'mail',
);

218
conf/imap.conf.php Normal file
View file

@ -0,0 +1,218 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : IMAP backend configuration file
*
* Created : 27.11.2012
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// ************************
// BackendIMAP settings
// ************************
// Defines the server to which we want to connect
define('IMAP_SERVER', 'localhost');
// connecting to default port (143)
define('IMAP_PORT', 993);
// best cross-platform compatibility (see http://php.net/imap_open for options)
define('IMAP_OPTIONS', '/ssl/novalidate-cert');
// Mark messages as read when moving to Trash.
// BE AWARE that you will lose the unread flag, but some mail clients do this so the Trash folder doesn't get boldened
define('IMAP_AUTOSEEN_ON_DELETE', false);
// IMPORTANT: BASIC IMAP FOLDERS [ask your mail admin]
// We can have diferent cases (case insensitive):
// 1.
// inbox
// sent
// drafts
// trash
// 2.
// inbox
// common.sent
// common.drafts
// common.trash
// 3.
// common.inbox
// common.sent
// common.drafts
// common.trash
// 4.
// common
// common.sent
// common.drafts
// common.trash
//
// gmail is a special case, where the default folders are under the [gmail] prefix and the folders defined by the user are under INBOX.
// This configuration seems to work:
// define('IMAP_FOLDER_PREFIX', '');
// define('IMAP_FOLDER_PREFIX_IN_INBOX', false);
// define('IMAP_FOLDER_INBOX', 'INBOX');
// define('IMAP_FOLDER_SENT', '[Gmail]/Sent');
// define('IMAP_FOLDER_DRAFT', '[Gmail]/Drafts');
// define('IMAP_FOLDER_TRASH', '[Gmail]/Trash');
// define('IMAP_FOLDER_SPAM', '[Gmail]/Spam');
// define('IMAP_FOLDER_ARCHIVE', '[Gmail]/All Mail');
// Since I know you won't configure this, I will raise an error unless you do.
// When configured set this to true to remove the error
define('IMAP_FOLDER_CONFIGURED', true);
// Folder prefix is the common part in your names (3, 4)
define('IMAP_FOLDER_PREFIX', '');
// Inbox will have the preffix preppend (3 & 4 to true)
define('IMAP_FOLDER_PREFIX_IN_INBOX', false);
// Inbox folder name (case doesn't matter) - (empty in 4)
define('IMAP_FOLDER_INBOX', 'INBOX');
// Sent folder name (case doesn't matter)
define('IMAP_FOLDER_SENT', 'SENT');
// Draft folder name (case doesn't matter)
define('IMAP_FOLDER_DRAFT', 'DRAFTS');
// Trash folder name (case doesn't matter)
define('IMAP_FOLDER_TRASH', 'TRASH');
// Spam folder name (case doesn't matter). Only showed as special by iOS devices
define('IMAP_FOLDER_SPAM', 'SPAM');
// Archive folder name (case doesn't matter). Only showed as special by iOS devices
define('IMAP_FOLDER_ARCHIVE', 'ARCHIVE');
// forward messages inline (default true - inlined)
define('IMAP_INLINE_FORWARD', true);
// list of folders we want to exclude from sync. Names, or part of it, separated by |
// example: dovecot.sieve|archive|spam
define('IMAP_EXCLUDED_FOLDERS', '');
// overwrite the "from" header with some value
// options:
// '' - do nothing, use the From header
// 'username' - the username will be set (usefull if your login is equal to your emailaddress)
// 'domain' - the value of the "domain" field is used
// 'sql' - the username will be the result of a sql query. REMEMBER TO INSTALL PHP-PDO AND PHP-DATABASE
// 'ldap' - the username will be the result of a ldap query. REMEMBER TO INSTALL PHP-LDAP!!
// '@mydomain.com' - the username is used and the given string will be appended
define('IMAP_DEFAULTFROM', '');
// DSN: formatted PDO connection string
// mysql:host=xxx;port=xxx;dbname=xxx
// USER: username to DB
// PASSWORD: password to DB
// OPTIONS: array with options needed
// QUERY: query to execute
// FIELDS: columns in the query
// FROM: string that will be the from, replacing the column names with the values
//define('IMAP_FROM_SQL_DSN', '');
//define('IMAP_FROM_SQL_USER', '');
//define('IMAP_FROM_SQL_PASSWORD', '');
//define('IMAP_FROM_SQL_OPTIONS', serialize(array(PDO::ATTR_PERSISTENT => true)));
//define('IMAP_FROM_SQL_QUERY', "select first_name, last_name, mail_address from users where mail_address = '#username@#domain'");
//define('IMAP_FROM_SQL_FIELDS', serialize(array('first_name', 'last_name', 'mail_address')));
//define('IMAP_FROM_SQL_EMAIL', '#mail_address');
//define('IMAP_FROM_SQL_FROM', '#first_name #last_name <#mail_address>');
//define('IMAP_FROM_SQL_FULLNAME', '#first_name #last_name');
// SERVER: ldap server
// SERVER_PORT: ldap port
// USER: dn to use for connecting
// PASSWORD: password
// QUERY: query to execute
// FIELDS: columns in the query
// FROM: string that will be the from, replacing the field names with the values
//define('IMAP_FROM_LDAP_SERVER', 'localhost');
//define('IMAP_FROM_LDAP_SERVER_PORT', '389');
//define('IMAP_FROM_LDAP_USER', 'cn=zpush,ou=servers,dc=zpush,dc=org');
//define('IMAP_FROM_LDAP_PASSWORD', 'password');
//define('IMAP_FROM_LDAP_BASE', 'dc=zpush,dc=org');
//define('IMAP_FROM_LDAP_QUERY', '(mail=#username@#domain)');
//define('IMAP_FROM_LDAP_FIELDS', serialize(array('givenname', 'sn', 'mail')));
//define('IMAP_FROM_LDAP_EMAIL', '#mail');
//define('IMAP_FROM_LDAP_FROM', '#givenname #sn <#mail>');
//define('IMAP_FROM_LDAP_FULLNAME', '#givenname #sn');
// Method used for sending mail
// mail => mail() php function
// sendmail => sendmail executable
// smtp => direct connection against SMTP
define('IMAP_SMTP_METHOD', 'smtp');
global $imap_smtp_params;
// SMTP Parameters
// mail : no params
//$imap_smtp_params = array();
// sendmail
//$imap_smtp_params = array('sendmail_path' => '/usr/bin/sendmail', 'sendmail_args' => '-i');
// smtp
// "host" - The server to connect. Default is localhost.
// "port" - The port to connect. Default is 25.
// "auth" - Whether or not to use SMTP authentication. Default is FALSE.
// "username" - The username to use for SMTP authentication. "imap_username" for using the same username as the imap server
// "password" - The password to use for SMTP authentication. "imap_password" for using the same password as the imap server
// "localhost" - The value to give when sending EHLO or HELO. Default is localhost
// "timeout" - The SMTP connection timeout. Default is NULL (no timeout).
// "verp" - Whether to use VERP or not. Default is FALSE.
// "debug" - Whether to enable SMTP debug mode or not. Default is FALSE.
// "persist" - Indicates whether or not the SMTP connection should persist over multiple calls to the send() method.
// "pipelining" - Indicates whether or not the SMTP commands pipelining should be used.
// "verify_peer" - Require verification of SSL certificate used. Default is TRUE.
// "verify_peer_name" - Require verification of peer name. Default is TRUE.
// "allow_self_signed" - Allow self-signed certificates. Requires verify_peer. Default is FALSE.
//$imap_smtp_params = array('host' => 'localhost', 'port' => 25, 'auth' => false);
// If you want to use SSL with port 25 or port 465 you must preppend "ssl://" before the hostname or IP of your SMTP server
// IMPORTANT: To use SSL you must use PHP 5.1 or later, install openssl libs and use ssl:// within the host variable
// IMPORTANT: To use SSL with PHP 5.6 you should set verify_peer, verify_peer_name and allow_self_signed
//$imap_smtp_params = array('host' => 'ssl://localhost', 'port' => 465, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password');
$imap_smtp_params = array('host' => 'tcp://__DOMAIN__', 'port' => 587, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password', 'localhost' => '__DOMAIN__', 'verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true);
// If you are using IMAP_SMTP_METHOD = mail or sendmail and your sent messages are not correctly displayed you can change this to "\n".
// BUT, it doesn't comply with RFC 2822 and will break if using smtp method
define('MAIL_MIMEPART_CRLF', "\r\n");
// A file containing file mime types->extension mappings.
// SELINUX users: make sure the file has a security context accesible by your apache/php-fpm process
define('SYSTEM_MIME_TYPES_MAPPING', '/etc/mime.types');
// Use BackendCalDAV for Meetings. You cannot hope to get that functionality working without a caldav backend.
//define('IMAP_MEETING_USE_CALDAV', false);
define('IMAP_MEETING_USE_CALDAV', __IMAP_MEETING_USE_CALDAV__);
// If your IMAP server allows authenticating via GSSAPI, php-imap will not fall back properly to other authentication
// methods and you will be unable to log in. Uncomment the following line to disable that authentication method.
// Multiple methods can be specified as a comma-separated string.
// define('IMAP_DISABLE_AUTHENTICATOR', 'GSSAPI');

2
conf/backend/config-caldav.php → conf/old-backend/config-caldav.php
View file

@ -33,7 +33,7 @@
define('CALDAV_PROTOCOL', 'https');
// Server name
define('CALDAV_SERVER', 'BAIKALDOMAIN');
define('CALDAV_SERVER', '__DOMAIN__');
// Server port
define('CALDAV_PORT', '443');

0
conf/backend/config-carddav.php → conf/old-backend/config-carddav.php
View file

0
conf/backend/config-combined.php → conf/old-backend/config-combined.php
View file

0
conf/backend/config-imap.php → conf/old-backend/config-imap.php
View file

0
conf/config.php → conf/old-backend/config.php
View file

47
conf/old-backend/z-push.conf Normal file
View file

@ -0,0 +1,47 @@
server {
server_name localhost; # Put your server name
# Uncomment the following lines to enable SSL support if not configured yet
#listen 443 ssl;
#listen [::]:443 ssl;
#ssl on;
#ssl_certificate /path/to/ssl.crt; # Put in the correct path
#ssl_certificate_key /path/to/ssl.key; # Put in the correct path
# If you're using PHP-FPM uncomment the following lines.
#include fastcgi_params;
#fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param REQUEST_URI $1;
#fastcgi_param PHP_FLAG "magic_quotes_gpc=off \n register_globals=off \n magic_quotes_runtime=off \n short_open_tag=on";
#fastcgi_param PHP_VALUE "post_max_size=20M \n upload_max_filesize=20M \n max_execution_time=3660";
#fastcgi_param HTTP_PROXY ""; # Mitigate https://httpoxy.org/ vulnerabilities
#fastcgi_read_timeout 3660; # Z-Push Ping might run 3600s, but to be safe
location /Microsoft-Server-ActiveSync {
alias /usr/share/z-push/index.php;
access_log /var/log/nginx/z-push-access.log;
error_log /var/log/nginx/z-push-error.log;
# Attachments ca 15MB max (since binary data needs to be base64 encoded in mine, which results in in about 33% overhead)
client_max_body_size 20m;
client_body_buffer_size 128k;
# Select one of the fastcgi_pass values or adapt to your configuration
include snippets/z-push-php.conf;
}
location /AutoDiscover/AutoDiscover.xml {
include snippets/z-push-autodiscover.conf;
include snippets/z-push-php.conf;
}
location /Autodiscover/Autodiscover.xml {
include snippets/z-push-autodiscover.conf;
include snippets/z-push-php.conf;
}
location /autodiscover/autodiscover.xml {
include snippets/z-push-autodiscover.conf;
include snippets/z-push-php.conf;
}
}

234
conf/policies.ini Normal file
View file

@ -0,0 +1,234 @@
;;;;;;;;;;;;;;;;;;;;;;;;
; About policies.ini ;
;;;;;;;;;;;;;;;;;;;;;;;;
; Z-Push policies' file holds the configuration to be applied
; during the provisioning of a mobile device.
; Check Z-Push wiki page regarding the provisioning policies:
; https://wiki.z-hub.io/x/eYAa
; For more information see the ActiveSync documentation at:
; https://msdn.microsoft.com/en-us/library/dd299443.aspx
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The default ActiveSync policy. Do not change its name.
[default]
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.0 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Specifies if a device requires a password to unlock it.
; 0 - Password not required.
; 1 - Password is required.
devpwenabled = 0
; Specifies if a device requires an alphanumeric password to unlock it.
; 0 - Alphanumeric password not required.
; 1 - Alphanumeric password required.
alphanumpwreq = 0
; Deprecated. Specifies if the device encrypts the content of the storage card.
; 0 - Storage card encryption not enabled.
; 1 - Storage card encryption enabled.
devencenabled = 0
; Specifies if the server supports storing a recovery password which could be
; sent by the client using the Settings command.
; This policy is currently not supported by Z-Push.
; 0 - Password recovery not enabled on the server.
; 1 - Password recovery enabled on the server.
; pwrecoveryenabled = 0
; Deprecated.
docbrowseenabled =
; Specifies if email attachments are enabled for download.
; 0 - Attachments not allowed for download.
; 1 - Attachments allowed for download.
attenabled = 1
; Specifies the minimum client password length to unlock it.
; The mindevpwlenngth can be empty or have a value between 1 and 16.
; If the value is empty or 1, there is no minimum length for the device password.
mindevpwlenngth = 4
; The maximum number of seconds of inactivity before the device locks itself.
; If this value is greater than or equal to 9999, the client interprets it as unlimited.
maxinacttimedevlock = 900
; The maximum number of failed password attempts to unlock the device.
; The client SHOULD perform a local wipe or enter a timed lock out mode if the maximum
; number of failed password attempts is reached.
; The maxdevpwfailedattempts can be empty or have a value between 4 and 16.
; If the value is empty, the client interprets this as no maximum number of
; failed password attempts has been set by the security policy.
maxdevpwfailedattempts = 8
; The maximum attachment size in bytes as determined by security policy.
maxattsize = ''
; Specifies if the device allows simple passwords. A simple password contains
; repeated ("0000") or sequential ("xyz") characters only.
allowsimpledevpw = 1
; The maximum number of days until a password expires.
; Empty or 0 devpwexpiration value indicates that the password will not expire.
devpwexpiration = 0
; The minimum number of previously used passwords stored to prevent reuse by the device.
; 0 - Do not store previously used passwords.
; >0 - Store the minimum number of previously used passwords.
devpwhistory = 0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.1 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The device allows to use a storage card.
; 0 - SD card not allowed.
; 1 - SD card allowed.
allowstoragecard = 1
; The device allows to use the built-in camera.
; 0 - Usage of the built-in camera not allowed.
; 1 - Usage of built-in the camera allowed.
allowcam = 1
; Specifies if the client uses encryption.
; 0 - Encryption not required.
; 1 - Encryption required.
reqdevenc = 0
; Specifies if the device allows unsigned applications to execute.
; 0 - Unsigned applications not allowed to execute.
; 1 - Unsigned applications allowed to execute.
allowunsignedapps = 1
; The required complexity level of the device password.
; Valid values for mindevcomplexchars are between 1 and 4. The value specifies
; the number of character groups to be contained in the password.
; The character groups are:
; - Lower case alphabetical characters
; - Upper case alphabetical characters
; - Numbers
; - Non-alphanumeric characters
; For example, if the value of mindevcomplexchars is 2, a password may contain
; lower case and upper case characters. A password with numbers and non-alphanumeric
; characters would be also valid.
mindevcomplexchars = 3
; The device allows the use of Wi-Fi connections.
; 0 - The use of Wi-Fi connections not allowed.
; 1 - The use of Wi-Fi connections allowed.
allowwifi = 1
; The device allows the use of SMS or text messaging.
; 0 - SMS or text messaging not allowed.
; 1 - SMS or text messaging allowed.
allowtextmessaging = 1
; The device allows access to POP or IMAP email.
; 0 - POP or IMAP email access not allowed.
; 1 - POP or IMAP email access allowed.
allowpopimapemail = 1
; The use of Bluetooth on the device.
; 0 - Disable Bluetooth.
; 1 - Disable Bluetooth, but allow the configuration of hands-free profiles.
; 2 - Allow Bluetooth.
allowbluetooth = 2
; The device allows the use of IrDA (infrared) connections.
; 0 - Disable IrDA.
; 1 - Allow IrDA.
allowirda = 1
; The device requires manual synchronization when the device is roaming.
; 0 - Do not require manual sync; allow direct push when roaming.
; 1 - Require manual sync when roaming.
reqmansyncroam = 0
; The maximum number of calendar days that can be synchronized.
; 0 - All days
; 4 - 2 weeks
; 5 - 1 month
; 6 - 3 months
; 7 - 6 months
maxcalagefilter = 0
; Specifies if the client uses HTML-formatted email.
; 0 - HTML-formatted email not allowed.
; 1 - HTML-formatted email allowed.
allowhtmlemail = 1
; The email age limit for synchronization.
; 0 - Sync all
; 1 - 1 day
; 2 - 3 days
; 3 - 1 week
; 4 - 2 weeks
; 5 - 1 month
maxemailagefilter = 0
; The maximum truncation size for plain textformatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailbodytruncsize = -1
; The maximum truncation size for HTML-formatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailhtmlbodytruncsize = -1
; Specifies if the client sends signed S/MIME messages.
; 0 - Signed S/MIME messages not required.
; 1 - Signed S/MIME messages required.
reqsignedsmimemessages = 0
; Specifies if the client sends encrypted email messages.
; 0 - Encrypted email messages not required.
; 1 - Email messages required to be encrypted.
reqencsmimemessages = 0
; The algorithm used to sign S/MIME messages.
; 0 - Use SHA1.
; 1 - Use MD5.
reqsignedsmimealgorithm = 0
; The algorithm used to encrypt S/MIME messages.
; 0 - TripleDES algorithm
; 1 - DES algorithm
; 2 - RC2128bit
; 3 - RC264bit
; 4 - RC240bit
reqencsmimealgorithm = 0
; Controls negotiation of the encryption algorithm.
; 0 - Do not negotiate.
; 1 - Negotiate a strong algorithm.
; 2 - Negotiate any algorithm.
allowsmimeencalgneg = 2
; Specifies if the client can use soft certificates to sign outgoing messages.
; 0 - Soft certificates are not allowed.
; 1 - Soft certificates are allowed.
allowsmimesoftcerts = 1
; Specifies if the device allows the use of a web browser.
; 0 - Do not allow the use of a web browser.
; 1 - Allow the use of a web browser.
allowbrowser = 1
; Specifies if the device allows the user to configure a personal email account.
; 0 - Do not allow the user to configure a personal email account.
; 1 - Allow the user to configure a personal email account.
allowconsumeremail = 1
; Specifies if the device allows the use of Internet Sharing.
; 0 - Do not allow the use of Internet Sharing.
; 1 - Allow the use of Internet Sharing.
allowinternetsharing = 1

389
conf/z-push.conf.php Normal file
View file

@ -0,0 +1,389 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '__TIMEZONE__');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// Use a custom header to determinate the remote IP of a client.
// By default, the server provided REMOTE_ADDR is used. If the header here set
// is available, the provided value will be used, else REMOTE_ADDR is maintained.
// set to false to disable this behaviour.
// common values: 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP' (casing is ignored)
define('USE_CUSTOM_REMOTE_IP_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', true);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '__BACKEND_PROVIDER__');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', 'BackendSearchLDAP');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// Delivery receipt requests
define('KOE_CAPABILITY_RECEIPTS', true);
// Impersonate other users
define('KOE_CAPABILITY_IMPERSONATE', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
* flags: sets additional options on the shared folder. Supported are:
* DeviceManager::FLD_FLAGS_NONE
* No flags configured, default flag to be set
* DeviceManager::FLD_FLAGS_SENDASOWNER
* When replying in this folder, automatically do Send-As
* DeviceManager::FLD_FLAGS_CALENDARREMINDERS
* If set, Outlook shows reminders for these shares with KOE
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
'flags' => DeviceManager::FLD_FLAGS_NONE,
),
*/
);

109
scripts/install
View file

@ -25,12 +25,18 @@ ynh_abort_if_errors
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/Microsoft-Server-ActiveSync"
path_url="/"
#admin=$YNH_APP_ARG_ADMIN
is_public="1"
#language=$YNH_APP_ARG_LANGUAGE
#password=$YNH_APP_ARG_PASSWORD
path_url_activesync="/Microsoft-Server-ActiveSync"
path_url_autodiscover1="/AutoDiscover"
path_url_autodiscover2="/Autodiscover"
path_url_autodiscover3="/autodiscover"
### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
@ -50,6 +56,8 @@ app=$YNH_APP_INSTANCE_NAME
### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
final_path=/usr/share/z-push
config_path=/etc/z-push/
state_path=/var/lib/z-push/
#test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax
@ -57,6 +65,10 @@ path_url=$(ynh_normalize_url_path $path_url)
# Register (book) web path
ynh_webpath_register $app $domain $path_url
ynh_webpath_register $app $domain $path_url_activesync
ynh_webpath_register $app $domain $path_url_autodiscover1
ynh_webpath_register $app $domain $path_url_autodiscover2
ynh_webpath_register $app $domain $path_url_autodiscover3
#=================================================
# STORE SETTINGS FROM MANIFEST
@ -65,7 +77,7 @@ ynh_webpath_register $app $domain $path_url
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
#ynh_app_setting_set $app admin $admin
#ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app is_public $is_public
#ynh_app_setting_set $app language $language
#=================================================
@ -128,6 +140,8 @@ ynh_install_app_dependencies php-memcached php-cli php-soap
### `ynh_setup_source` use the file conf/app.src
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set $app config_path $config_path
ynh_app_setting_set $app state_path $state_path
# Download, check integrity, uncompress and patch the source from app.src
#ynh_setup_source "$final_path"
@ -227,10 +241,14 @@ ynh_add_fpm_config
#ynh_replace_string "match_string" "replace_string" "$final_path/conf/config.php"
# Configuration
#sed -i "s^define('TIMEZONE', .*^define('TIMEZONE', '$(cat /etc/timezone)');^" /etc/z-push/z-push.conf.php
ynh_replace_string "define('TIMEZONE', '');" "define('TIMEZONE', '$(cat /etc/timezone)');" /etc/z-push/z-push.conf.php
sudo cp ../conf/policies.ini $config_path/policies.ini
sudo cp ../conf/z-push.conf.php $config_path/z-push.conf.php
sudo cp ../conf/galsearch-ldap.conf.php $config_path/galsearch-ldap.conf.php
sudo cp ../conf/autodiscover.conf.php $config_path/autodiscover.conf.php
# Configuration of timezone
ynh_replace_string "__TIMEZONE__" "$(cat /etc/timezone)" "$config_path/z-push.conf.php"
ynh_replace_string "__TIMEZONE__" "$(cat /etc/timezone)" "$config_path/autodiscover.conf.php"
# Enable caldav carddav support
@ -241,43 +259,47 @@ if sudo yunohost app list --installed -f baikal | grep -q id ; then
baikalpath=${baikalpath%/}
# Configuration of backend
#sed -i "s@BACKENDTOCHANGE@BackendCombined@g" /etc/z-push/z-push.conf.php
ynh_replace_string "define('BACKEND_PROVIDER', '');" "define('BACKEND_PROVIDER', 'BackendCombined');" /etc/z-push/z-push.conf.php
ynh_replace_string "__BACKEND_PROVIDER__" "BackendCombined" "$config_path/z-push.conf.php"
ynh_replace_string "__BACKEND_PROVIDER__" "BackendCombined" "$config_path/autodiscover.conf.php"
sudo cp ../conf/combined.conf.php $config_path/combined.conf.php
# Configuration baikal
#sed -i "s@BAIKALDOMAIN@$caldavdomain@g" /etc/z-push/caldav.conf.php
ynh_replace_string "caldavserver.domain.com" $baikaldomain /etc/z-push/caldav.conf.php
#sed -i "s@BAIKALPATH@$caldavpath@g" /etc/z-push/caldav.conf.php
ynh_replace_string "define('CALDAV_PATH', '/caldav.php/%u/');" "define('CALDAV_PATH', '$baikalpath/cal.php/calendars/%u/');" /etc/z-push/caldav.conf.php
#sed -i "s@BAIKALDOMAIN@$caldavdomain@g" /etc/z-push/carddav.conf.php
ynh_replace_string "define('CARDDAV_SERVER', 'localhost');" "define('CARDDAV_SERVER', '$baikaldomain');" /etc/z-push/carddav.conf.php
#sed -i "s@BAIKALPATH@$caldavpath@g" /etc/z-push/carddav.conf.php
ynh_replace_string "define('CARDDAV_PATH', '/caldav.php/%u/');" "define('CARDDAV_PATH', '$baikalpath/card.php/addressbooks/%u/');" /etc/z-push/carddav.conf.php
#sed -i "s@DOMAINTOCHANGE@$domain@g" /etc/z-push/imap.conf.php
ynh_replace_string "//\$imap_smtp_params = array('host' => 'ssl://localhost', 'port' => 465, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password');" "\$imap_smtp_params = array('host' => 'tcp://$domain', 'port' => 587, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password', 'localhost' => '$domain', 'verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true);" /etc/z-push/imap.conf.php
#sed -i "s@FLAGTOCHANGE@true@g" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_MEETING_USE_CALDAV', false);" "define('IMAP_MEETING_USE_CALDAV', true);" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_PORT', 143);" "define('IMAP_PORT', 993);" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_OPTIONS', '/notls/norsh');" "define('IMAP_OPTIONS', '/ssl/novalidate-cert');" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_FOLDER_CONFIGURED', false);" "define('IMAP_FOLDER_CONFIGURED', true);" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_SMTP_METHOD', 'mail');" "define('IMAP_SMTP_METHOD', 'smtp');" /etc/z-push/imap.conf.php
# Configuration of caldav
sudo cp ../conf/caldav.conf.php $config_path/caldav.conf.php
ynh_replace_string "__DOMAIN__" "$baikaldomain" "$config_path/caldav.conf.php"
ynh_replace_string "__CALDAV_PATH__" "$baikalpath/cal.php/calendars/%u/" "$config_path/caldav.conf.php"
ynh_store_file_checksum "/etc/z-push/caldav.conf.php"
ynh_store_file_checksum "/etc/z-push/carddav.conf.php"
ynh_store_file_checksum "/etc/z-push/combined.conf.php"
# Configuration of carddav
sudo cp ../conf/carddav.conf.php $config_path/carddav.conf.php
ynh_replace_string "__DOMAIN__" "$baikaldomain" "$config_path/carddav.conf.php"
ynh_replace_string "__CARDDAV_PATH_" "baikalpath/card.php/addressbooks/%u/" "$config_path/carddav.conf.php"
ynh_replace_string "__CARDDAV_DEFAULT_PATH__" "baikalpath/card.php/addressbooks/%u/default" "$config_path/carddav.conf.php"
# Configuration of imap
sudo cp ../conf/imap.conf.php $config_path/imap.conf.php
ynh_replace_string "__DOMAIN__" "$baikaldomain" "$config_path/imap.conf.php"
ynh_replace_string "__IMAP_MEETING_USE_CALDAV__" "true" "$config_path/imap.conf.php"
# Checksum of config files
ynh_store_file_checksum "$config_path/combined.conf.php"
ynh_store_file_checksum "$config_path/caldav.conf.php"
ynh_store_file_checksum "$config_path/carddav.conf.php"
ynh_store_file_checksum "$config_path/imap.conf.php"
else
# Configuration of backend
#sed -i "s@BACKENDTOCHANGE@BackendIMAP@g" /etc/z-push/z-push.conf.php
ynh_replace_string "define('BACKEND_PROVIDER', '');" "define('BACKEND_PROVIDER', 'BackendIMAP');" /etc/z-push/z-push.conf.php
# Configuration of backend
ynh_replace_string "__BACKEND_PROVIDER__" "BackendIMAP" "$config_path/z-push.conf.php"
ynh_replace_string "__BACKEND_PROVIDER__" "BackendIMAP" "$config_path/autodiscover.conf.php"
# Configuration of imap
sudo cp ../conf/imap.conf.php $config_path/imap.conf.php
ynh_replace_string "__DOMAIN__" "$domainn" "$config_path/imap.conf.php"
ynh_replace_string "__IMAP_MEETING_USE_CALDAV__" "false" "$config_path/imap.conf.php"
# Checksum of config files
ynh_store_file_checksum "$config_path/imap.conf.php"
# Copy config
#sed -i "s@DOMAINTOCHANGE@$domain@g" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_PORT', 143);" "define('IMAP_PORT', 993);" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_OPTIONS', '/notls/norsh');" "define('IMAP_OPTIONS', '/ssl/novalidate-cert');" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_FOLDER_CONFIGURED', false);" "define('IMAP_FOLDER_CONFIGURED', true);" /etc/z-push/imap.conf.php
ynh_replace_string "define('IMAP_SMTP_METHOD', 'mail');" "define('IMAP_SMTP_METHOD', 'smtp');" /etc/z-push/imap.conf.php
ynh_replace_string "//\$imap_smtp_params = array('host' => 'ssl://localhost', 'port' => 465, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password');" "\$imap_smtp_params = array('host' => 'tcp://$domain', 'port' => 587, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password', 'localhost' => '$domain', 'verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true);" /etc/z-push/imap.conf.php
fi
@ -290,8 +312,10 @@ fi
### you can make a backup of this file before modifying it again if the admin had modified it.
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum "/etc/z-push/z-push.conf.php"
ynh_store_file_checksum "/etc/z-push/imap.conf.php"
ynh_store_file_checksum "$config_path/policies.ini"
ynh_store_file_checksum "$config_path/z-push.conf.php"
ynh_store_file_checksum "$config_path/galsearch-ldap.conf.php"
ynh_store_file_checksum "$config_path/autodiscover.conf.php"
#=================================================
# GENERIC FINALIZATION
@ -337,7 +361,7 @@ ynh_use_logrotate
#yunohost service add $app --log "/var/log/$app/APP.log"
# if using yunohost version 3.2 or more in the 'manifest.json', a description can be added
#yunohost service add $app --description "$app daemon for XXX" --log "/var/log/$app/APP.log"
yunohost service add $app --description "$app daemon for XXX" --log "/var/log/$app/$app.log"
#=================================================
# SETUP SSOWAT
@ -348,9 +372,10 @@ if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set $app unprotected_uris "/AutoDiscover"
ynh_app_setting_set $app unprotected_uris "/Autodiscover"
ynh_app_setting_set $app unprotected_uris "/autodiscover"
ynh_app_setting_set $app unprotected_uris $path_url_activesync
ynh_app_setting_set $app unprotected_uris $path_url_autodiscover1
ynh_app_setting_set $app unprotected_uris $path_url_autodiscover2
ynh_app_setting_set $app unprotected_uris $path_url_autodiscover3
fi
#=================================================

9
scripts/remove
View file

@ -20,7 +20,8 @@ domain=$(ynh_app_setting_get $app domain)
#db_name=$(ynh_app_setting_get $app db_name)
#db_user=$db_name
final_path=$(ynh_app_setting_get $app final_path)
statedir=$(ynh_app_setting_get $app statedir)
config_path=$(ynh_app_setting_get $app config_path)
state_path=$(ynh_app_setting_get $app state_path)
#=================================================
# STANDARD REMOVE
@ -103,16 +104,14 @@ ynh_remove_logrotate
#ynh_secure_remove "/etc/cron.d/$app"
# Remove a directory securely
rm -rf /etc/z-push/
rm -rf /var/log/z-push/
rm -rf /var/lib/z-push/
ynh_secure_remove "/etc/$app/"
# Remove the log files
ynh_secure_remove "/var/log/$app/"
# Remove the statedir
ynh_secure_remove "$statedir"
ynh_secure_remove "$state_path"
ynh_secure_remove "$config_path"
ynh_secure_remove /etc/apt/sources.list.d/z-push.list
#=================================================