From 73b1e9e07be43166f5bec4bcd1238cc58a78a7dd Mon Sep 17 00:00:00 2001 From: polytan02 Date: Mon, 10 Aug 2015 14:20:10 +0100 Subject: [PATCH] New config files based on latest sources - initial commit --- conf/backend/config-caldav.php | 18 +-- conf/backend/config-carddav.php | 10 +- conf/backend/config-combined.php | 53 +++--- conf/backend/config-imap.php | 151 ++++++++++++----- conf/config-combined.php | 269 ------------------------------- conf/config.php | 120 ++++++++++++-- 6 files changed, 266 insertions(+), 355 deletions(-) delete mode 100644 conf/config-combined.php diff --git a/conf/backend/config-caldav.php b/conf/backend/config-caldav.php index 6e6bc2b..c42419c 100644 --- a/conf/backend/config-caldav.php +++ b/conf/backend/config-caldav.php @@ -45,23 +45,23 @@ // BackendCalDAV settings // ************************ -// Server address -define('CALDAV_SERVER', 'https://BAIKALDOMAIN'); +// Server protocol: http or https +define('CALDAV_PROTOCOL', 'https'); -// Port +// Server name +define('CALDAV_SERVER', 'caldavserver.domain.com'); + +// Server port define('CALDAV_PORT', '443'); // Path -define('CALDAV_PATH', 'BAIKALPATH/cal.php/calendars/%u/'); +define('CALDAV_PATH', '/caldav.php/%u/'); // Default CalDAV folder (calendar folder/principal). This will be marked as the default calendar in the mobile -define('CALDAV_PERSONAL', 'default'); +define('CALDAV_PERSONAL', 'PRINCIPAL'); // If the CalDAV server supports the sync-collection operation // DAViCal, SOGo and SabreDav support it // SabreDav version must be at least 1.9.0, otherwise set this to false // Setting this to false will work with most servers, but it will be slower -define('CALDAV_SUPPORTS_SYNC', true); - - -?> +define('CALDAV_SUPPORTS_SYNC', false); \ No newline at end of file diff --git a/conf/backend/config-carddav.php b/conf/backend/config-carddav.php index aa992dd..2d24cc3 100644 --- a/conf/backend/config-carddav.php +++ b/conf/backend/config-carddav.php @@ -49,7 +49,7 @@ define('CARDDAV_PROTOCOL', 'https'); // Server name -define('CARDDAV_SERVER', 'BAIKALDOMAIN'); +define('CARDDAV_SERVER', 'localhost'); // Server port define('CARDDAV_PORT', '443'); @@ -63,7 +63,7 @@ define('CARDDAV_PORT', '443'); // %u: replaced with the username // %d: replaced with the domain // Add the trailing / -define('CARDDAV_PATH', 'BAIKALPATH/card.php/addressbooks/%u/'); +define('CARDDAV_PATH', '/caldav.php/%u/'); // Server path to the default addressbook @@ -71,14 +71,14 @@ define('CARDDAV_PATH', 'BAIKALPATH/card.php/addressbooks/%u/'); // %u: replaced with the username // %d: replaced with the domain // Add the trailing / -define('CARDDAV_DEFAULT_PATH', 'BAIKALPATH/card.php/addressbooks/%u/default'); +define('CARDDAV_DEFAULT_PATH', '/caldav.php/%u/addresses/'); // Server path to the GAL addressbook. This addressbook is readonly and searchable by the user, but it will NOT be synced. // If you don't want GAL, comment it // %u: replaced with the username // %d: replaced with the domain // Add the trailing / -define('CARDDAV_GAL_PATH', ''); +define('CARDDAV_GAL_PATH', '/caldav.php/%d/GAL/'); // Minimal length for the search pattern to do the real search. define('CARDDAV_GAL_MIN_LENGTH', 5); @@ -106,4 +106,4 @@ define('CARDDAV_SUPPORTS_FN_SEARCH', false); // If your carddav server needs to use file extension to recover a vcard. // Davical needs it // SOGo official demo online needs it, but some SOGo installation don't need it, so test it -define('CARDDAV_URL_VCARD_EXTENSION', '.vcf'); +define('CARDDAV_URL_VCARD_EXTENSION', '.vcf'); \ No newline at end of file diff --git a/conf/backend/config-combined.php b/conf/backend/config-combined.php index d63be01..ca6bd16 100644 --- a/conf/backend/config-combined.php +++ b/conf/backend/config-combined.php @@ -65,9 +65,21 @@ class BackendCombinedConfig { 'i' => array( 'name' => 'BackendIMAP', ), + 'z' => array( + 'name' => 'BackendZarafa', + ), + 'm' => array( + 'name' => 'BackendMaildir', + ), + 'v' => array( + 'name' => 'BackendVCardDir', + ), 'c' => array( 'name' => 'BackendCalDAV', ), + 'l' => array( + 'name' => 'BackendLDAP', + ), 'd' => array( 'name' => 'BackendCardDAV', ), @@ -75,29 +87,30 @@ class BackendCombinedConfig { 'delimiter' => '/', //force one type of folder to one backend //it must match one of the above defined backends - 'folderbackend' => array( - SYNC_FOLDER_TYPE_INBOX => 'i', - SYNC_FOLDER_TYPE_DRAFTS => 'i', - SYNC_FOLDER_TYPE_WASTEBASKET => 'i', - SYNC_FOLDER_TYPE_SENTMAIL => 'i', - SYNC_FOLDER_TYPE_OUTBOX => 'i', - SYNC_FOLDER_TYPE_TASK => 'c', - SYNC_FOLDER_TYPE_APPOINTMENT => 'c', - SYNC_FOLDER_TYPE_CONTACT => 'd', - SYNC_FOLDER_TYPE_NOTE => 'c', - SYNC_FOLDER_TYPE_JOURNAL => 'c', - SYNC_FOLDER_TYPE_OTHER => 'i', - SYNC_FOLDER_TYPE_USER_MAIL => 'i', - SYNC_FOLDER_TYPE_USER_APPOINTMENT => 'c', - SYNC_FOLDER_TYPE_USER_CONTACT => 'd', - SYNC_FOLDER_TYPE_USER_TASK => 'c', - SYNC_FOLDER_TYPE_USER_JOURNAL => 'c', - SYNC_FOLDER_TYPE_USER_NOTE => 'c', - SYNC_FOLDER_TYPE_UNKNOWN => 'i', + 'folderbackend' => array( + SYNC_FOLDER_TYPE_INBOX => 'i', + SYNC_FOLDER_TYPE_DRAFTS => 'i', + SYNC_FOLDER_TYPE_WASTEBASKET => 'i', + SYNC_FOLDER_TYPE_SENTMAIL => 'i', + SYNC_FOLDER_TYPE_OUTBOX => 'i', + SYNC_FOLDER_TYPE_TASK => 'z', + SYNC_FOLDER_TYPE_APPOINTMENT => 'z', + SYNC_FOLDER_TYPE_CONTACT => 'z', + SYNC_FOLDER_TYPE_NOTE => 'z', + SYNC_FOLDER_TYPE_JOURNAL => 'z', + SYNC_FOLDER_TYPE_OTHER => 'i', + SYNC_FOLDER_TYPE_USER_MAIL => 'i', + SYNC_FOLDER_TYPE_USER_APPOINTMENT => 'z', + SYNC_FOLDER_TYPE_USER_CONTACT => 'z', + SYNC_FOLDER_TYPE_USER_TASK => 'z', + SYNC_FOLDER_TYPE_USER_JOURNAL => 'z', + SYNC_FOLDER_TYPE_USER_NOTE => 'z', + SYNC_FOLDER_TYPE_UNKNOWN => 'z', ), //creating a new folder in the root folder should create a folder in one backend 'rootcreatefolderbackend' => 'i', + //enable to use username mapping for the different backends + 'usemapping' => false, ); } } -?> diff --git a/conf/backend/config-imap.php b/conf/backend/config-imap.php index 9f4f1be..8f00310 100644 --- a/conf/backend/config-imap.php +++ b/conf/backend/config-imap.php @@ -49,10 +49,88 @@ define('IMAP_SERVER', 'localhost'); // connecting to default port (143) -define('IMAP_PORT', 993); +define('IMAP_PORT', 143); // best cross-platform compatibility (see http://php.net/imap_open for options) -define('IMAP_OPTIONS', '/ssl/novalidate-cert'); +define('IMAP_OPTIONS', '/notls/norsh'); + + +// Mark messages as read when moving to Trash. +// BE AWARE that you will lose the unread flag, but some mail clients do this so the Trash folder doesn't get boldened +define('IMAP_AUTOSEEN_ON_DELETE', false); + + +// IMPORTANT: BASIC IMAP FOLDERS [ask your mail admin] + // We can have diferent cases (case insensitive): + // 1. + // inbox + // sent + // drafts + // trash + // 2. + // inbox + // common.sent + // common.drafts + // common.trash + // 3. + // common.inbox + // common.sent + // common.drafts + // common.trash + // 4. + // common + // common.sent + // common.drafts + // common.trash + // + // gmail is a special case, where the default folders are under the [gmail] prefix and the folders defined by the user are under INBOX. + // This configuration seems to work: + // define('IMAP_FOLDER_PREFIX', ''); + // define('IMAP_FOLDER_INBOX', 'INBOX'); + // define('IMAP_FOLDER_SENT', '[Gmail]/Sent'); + // define('IMAP_FOLDER_DRAFTS', '[Gmail]/Drafts'); + // define('IMAP_FOLDER_TRASH', '[Gmail]/Trash'); + // define('IMAP_FOLDER_SPAM', '[Gmail]/Spam'); + // define('IMAP_FOLDER_ARCHIVE', '[Gmail]/All Mail'); + +// Since I know you won't configure this, I will raise an error unless you do. +// When configured set this to true to remove the error +define('IMAP_FOLDER_CONFIGURED', false); + +// Folder prefix is the common part in your names (3, 4) +define('IMAP_FOLDER_PREFIX', ''); + +// Inbox will have the preffix preppend (3 & 4 to true) +define('IMAP_FOLDER_PREFIX_IN_INBOX', false); + +// Inbox folder name (case doesn't matter) - (empty in 4) +define('IMAP_FOLDER_INBOX', 'INBOX'); + +// Sent folder name (case doesn't matter) +define('IMAP_FOLDER_SENT', 'SENT'); + +// Draft folder name (case doesn't matter) +define('IMAP_FOLDER_DRAFT', 'DRAFTS'); + +// Trash folder name (case doesn't matter) +define('IMAP_FOLDER_TRASH', 'TRASH'); + +// Spam folder name (case doesn't matter). Only showed as special by iOS devices +define('IMAP_FOLDER_SPAM', 'SPAM'); + +// Archive folder name (case doesn't matter). Only showed as special by iOS devices +define('IMAP_FOLDER_ARCHIVE', 'ARCHIVE'); + + + +// forward messages inline (default true - inlined) +define('IMAP_INLINE_FORWARD', true); + +// list of folders we want to exclude from sync. Names, or part of it, separated by | +// example: dovecot.sieve|archive|spam +define('IMAP_EXCLUDED_FOLDERS', ''); + + // overwrite the "from" header with some value // options: @@ -62,7 +140,7 @@ define('IMAP_OPTIONS', '/ssl/novalidate-cert'); // 'sql' - the username will be the result of a sql query. REMEMBER TO INSTALL PHP-PDO AND PHP-DATABASE // 'ldap' - the username will be the result of a ldap query. REMEMBER TO INSTALL PHP-LDAP!! // '@mydomain.com' - the username is used and the given string will be appended -define('IMAP_DEFAULTFROM', '@DOMAINTOCHANGE'); +define('IMAP_DEFAULTFROM', ''); // DSN: formatted PDO connection string // mysql:host=xxx;port=xxx;dbname=xxx @@ -90,38 +168,15 @@ define('IMAP_FROM_SQL_FULLNAME', '#first_name #last_name'); // FROM: string that will be the from, replacing the field names with the values define('IMAP_FROM_LDAP_SERVER', 'localhost'); define('IMAP_FROM_LDAP_SERVER_PORT', '389'); -define('IMAP_FROM_LDAP_USER', ''); -define('IMAP_FROM_LDAP_PASSWORD', ''); -define('IMAP_FROM_LDAP_BASE', 'dc=yunohost,dc=org'); -define('IMAP_FROM_LDAP_QUERY', '(mail=#username)'); +define('IMAP_FROM_LDAP_USER', 'cn=zpush,ou=servers,dc=zpush,dc=org'); +define('IMAP_FROM_LDAP_PASSWORD', 'password'); +define('IMAP_FROM_LDAP_BASE', 'dc=zpush,dc=org'); +define('IMAP_FROM_LDAP_QUERY', '(mail=#username@#domain)'); define('IMAP_FROM_LDAP_FIELDS', serialize(array('givenname', 'sn', 'mail'))); define('IMAP_FROM_LDAP_FROM', '#givenname #sn <#mail>'); define('IMAP_FROM_LDAP_FULLNAME', '#givenname #sn'); -// Root folder or prefix in your IMAP server (without the separator). For example, with courier it will be INBOX, and your folder will be INBOX.Sent -// You can use the real case -define('IMAP_FOLDER_ROOT', 'INBOX'); - -// copy outgoing mail to this folder. If not set z-push will try the default folders -// You can use the real case and the full path (INBOX.Sent) -define('IMAP_FOLDER_SENT', ''); - -// Draft folder -// You can use the real case and the full path (INBOX.Draft) -define('IMAP_FOLDER_DRAFT', ''); - -// Trash folder -// You can use the real case and the full path (INBOX.Trash) -define('IMAP_FOLDER_TRASH', ''); - -// forward messages inline (default true - inlined) -define('IMAP_INLINE_FORWARD', true); - -// list of folders we want to exclude from sync. Names, or part of it, separated by | -// example: dovecot.sieve|archive|spam -define('IMAP_EXCLUDED_FOLDERS', ''); - // Method used for sending mail // mail => mail() php function @@ -136,25 +191,37 @@ $imap_smtp_params = array(); // sendmail //$imap_smtp_params = array('sendmail_path' => '/usr/bin/sendmail', 'sendmail_args' => '-i'); // smtp -// "host" - The server to connect. Default is localhost. -// "port" - The port to connect. Default is 25. -// "auth" - Whether or not to use SMTP authentication. Default is FALSE. -// "username" - The username to use for SMTP authentication. "imap_username" for using the same username as the imap server -// "password" - The password to use for SMTP authentication. "imap_password" for using the same password as the imap server -// "localhost" - The value to give when sending EHLO or HELO. Default is localhost -// "timeout" - The SMTP connection timeout. Default is NULL (no timeout). -// "verp" - Whether to use VERP or not. Default is FALSE. -// "debug" - Whether to enable SMTP debug mode or not. Default is FALSE. -// "persist" - Indicates whether or not the SMTP connection should persist over multiple calls to the send() method. -// "pipelining" - Indicates whether or not the SMTP commands pipelining should be used. +// "host" - The server to connect. Default is localhost. +// "port" - The port to connect. Default is 25. +// "auth" - Whether or not to use SMTP authentication. Default is FALSE. +// "username" - The username to use for SMTP authentication. "imap_username" for using the same username as the imap server +// "password" - The password to use for SMTP authentication. "imap_password" for using the same password as the imap server +// "localhost" - The value to give when sending EHLO or HELO. Default is localhost +// "timeout" - The SMTP connection timeout. Default is NULL (no timeout). +// "verp" - Whether to use VERP or not. Default is FALSE. +// "debug" - Whether to enable SMTP debug mode or not. Default is FALSE. +// "persist" - Indicates whether or not the SMTP connection should persist over multiple calls to the send() method. +// "pipelining" - Indicates whether or not the SMTP commands pipelining should be used. +// "verify_peer" - Require verification of SSL certificate used. Default is TRUE. +// "verify_peer_name" - Require verification of peer name. Default is TRUE. +// "allow_self_signed" - Allow self-signed certificates. Requires verify_peer. Default is FALSE. //$imap_smtp_params = array('host' => 'localhost', 'port' => 25, 'auth' => false); // If you want to use SSL with port 25 or port 465 you must preppend "ssl://" before the hostname or IP of your SMTP server // IMPORTANT: To use SSL you must use PHP 5.1 or later, install openssl libs and use ssl:// within the host variable +// IMPORTANT: To use SSL with PHP 5.6 you should set verify_peer, verify_peer_name and allow_self_signed //$imap_smtp_params = array('host' => 'ssl://localhost', 'port' => 465, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password'); + // If you are using IMAP_SMTP_METHOD = mail or sendmail and your sent messages are not correctly displayed you can change this to "\n". // BUT, it doesn't comply with RFC 2822 and will break if using smtp method define('MAIL_MIMEPART_CRLF', "\r\n"); -?> + +// A file containing file mime types->extension mappings. +// SELINUX users: make sure the file has a security context accesible by your apache/php-fpm process +define('SYSTEM_MIME_TYPES_MAPPING', '/etc/mime.types'); + + +// Use BackendCalDAV for Meetings. You cannot hope to get that functionality working without a caldav backend. +define('IMAP_MEETING_USE_CALDAV', false); \ No newline at end of file diff --git a/conf/config-combined.php b/conf/config-combined.php deleted file mode 100644 index 43b08f0..0000000 --- a/conf/config-combined.php +++ /dev/null @@ -1,269 +0,0 @@ -. -* -* Consult LICENSE file for details -************************************************/ - -/********************************************************************************** - * Default settings - */ - // Defines the default time zone, change e.g. to "Europe/London" if necessary - define('TIMEZONE', 'Europe/Paris'); - - // Defines the base path on the server - define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/'); - - // Try to set unlimited timeout - define('SCRIPT_TIMEOUT', 0); - - // When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP - define('USE_X_FORWARDED_FOR_HEADER', false); - - // When using client certificates, we can check if the login sent matches the owner of the certificate. - // This setting specifies the owner parameter in the certificate to look at. - define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN"); - -/********************************************************************************** - * Default FileStateMachine settings - */ - define('STATE_DIR', '/var/www/z-push/'); - - -/********************************************************************************** - * Logging settings - * Possible LOGLEVEL and LOGUSERLEVEL values are: - * LOGLEVEL_OFF - no logging - * LOGLEVEL_FATAL - log only critical errors - * LOGLEVEL_ERROR - logs events which might require corrective actions - * LOGLEVEL_WARN - might lead to an error or require corrective actions in the future - * LOGLEVEL_INFO - usually completed actions - * LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers - * LOGLEVEL_WBXML - also prints the WBXML sent to/from the device - * LOGLEVEL_DEVICEID - also prints the device id for every log entry - * LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack - * - * The verbosity increases from top to bottom. More verbose levels include less verbose - * ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR, - * LOGLEVEL_WARN and LOGLEVEL_INFO level entries. - */ - define('LOGFILEDIR', '/var/log/z-push/'); - define('LOGFILE', LOGFILEDIR . 'z-push.log'); - define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log'); - define('LOGLEVEL', LOGLEVEL_INFO); - define('LOGAUTHFAIL', false); - - - // To save e.g. WBXML data only for selected users, add the usernames to the array - // The data will be saved into a dedicated file per user in the LOGFILEDIR - // Users have to be encapusulated in quotes, several users are comma separated, like: - // $specialLogUsers = array('info@domain.com', 'myusername'); - define('LOGUSERLEVEL', LOGLEVEL_DEVICEID); - $specialLogUsers = array(); - - // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem' - // Uncomment and modify the following line if the validation of the certificates fails. - // define('CAINFO', '/etc/ssl/certs/EmailCA.pem'); - -/********************************************************************************** - * Mobile settings - */ - // Device Provisioning - define('PROVISIONING', true); - - // This option allows the 'loose enforcement' of the provisioning policies for older - // devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution - // false (default) - Enforce provisioning for all devices - // true - allow older devices, but enforce policies on devices which support it - define('LOOSE_PROVISIONING', false); - - // Default conflict preference - // Some devices allow to set if the server or PIM (mobile) - // should win in case of a synchronization conflict - // SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins - // SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default) - define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM); - - // Global limitation of items to be synchronized - // The mobile can define a sync back period for calendar and email items - // For large stores with many items the time period could be limited to a max value - // If the mobile transmits a wider time period, the defined max value is used - // Applicable values: - // SYNC_FILTERTYPE_ALL (default, no limitation) - // SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS, - // SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS - define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL); - - // Interval in seconds before checking if there are changes on the server when in Ping. - // It means the highest time span before a change is pushed to a mobile. Set it to - // a higher value if you have a high load on the server. - define('PING_INTERVAL', 30); - - // Interval in seconds to force a re-check of potentially missed notifications when - // using a changes sink. Default are 300 seconds (every 5 min). - // This can also be disabled by setting it to false - define('SINK_FORCERECHECK', 300); - - // Set the fileas (save as) order for contacts in the webaccess/webapp/outlook. - // It will only affect new/modified contacts on the mobile which then are synced to the server. - // Possible values are: - // SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname" - // SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename" - // SYNC_FILEAS_COMPANYONLY - fileas will be "Company" - // SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)" - // SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)" - // SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)" - // SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)" - // The company-fileas will only be set if a contact has a company set. If one of - // company-fileas is selected and a contact doesn't have a company set, it will default - // to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first - // option is selected for company). - // If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set - // SYNC_FILEAS_LASTFIRST will be used - define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST); - - // Amount of items to be synchronized per request - // Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100. - // Exporting too much items can cause mobile timeout on busy systems. - // Z-Push will use the lowest value, either set here or by the mobile. - // default: 100 - value used if mobile does not limit amount of items - define('SYNC_MAX_ITEMS', 100); - - // The devices usually send a list of supported properties for calendar and contact - // items. If a device does not includes such a supported property in Sync request, - // it means the property's value will be deleted on the server. - // However some devices do not send a list of supported properties. It is then impossible - // to tell if a property was deleted or it was not set at all if it does not appear in Sync. - // This parameter defines Z-Push behaviour during Sync if a device does not issue a list with - // supported properties. - // See also https://jira.zarafa.com/browse/ZP-302. - // Possible values: - // false - do not unset properties which are not sent during Sync (default) - // true - unset properties which are not sent during Sync - define('UNSET_UNDEFINED_PROPERTIES', false); - - // ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked - // in the semantic sanity checks and contacts with larger photos are not synchronized. - // This limitation is not being followed by the ActiveSync clients which set much bigger - // contact photos. You can override the default value of the max photo size. - // default: 49152 - 48 KB default max photo size in bytes - define('SYNC_CONTACTS_MAXPICTURESIZE', 49152); - - // Over the WebserviceUsers command it is possible to retrieve a list of all - // known devices and users on this Z-Push system. The authenticated user needs to have - // admin rights and a public folder must exist. - // In multicompany environments this enable an admin user of any company to retrieve - // this full list, so this feature is disabled by default. Enable with care. - define('ALLOW_WEBSERVICE_USERS_ACCESS', false); - -/********************************************************************************** - * Backend settings - */ - // the backend data provider - define('BACKEND_PROVIDER', 'BackendCombined'); - -/********************************************************************************** - * Search provider settings - * - * Alternative backend to perform SEARCH requests (GAL search) - * By default the main Backend defines the preferred search functionality. - * If set, the Search Provider will always be preferred. - * Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php) - */ - define('SEARCH_PROVIDER', ''); - // Time in seconds for the server search. Setting it too high might result in timeout. - // Setting it too low might not return all results. Default is 10. - define('SEARCH_WAIT', 10); - // The maximum number of results to send to the client. Setting it too high - // might result in timeout. Default is 10. - define('SEARCH_MAXRESULTS', 10); - - -/********************************************************************************** - * Synchronize additional folders to all mobiles - * - * With this feature, special folders can be synchronized to all mobiles. - * This is useful for e.g. global company contacts. - * - * This feature is supported only by certain devices, like iPhones. - * Check the compatibility list for supported devices: - * http://z-push.sf.net/compatibility - * - * To synchronize a folder, add a section setting all parameters as below: - * store: the ressource where the folder is located. - * Zarafa users use 'SYSTEM' for the 'Public Folder' - * folderid: folder id of the folder to be synchronized - * name: name to be displayed on the mobile device - * type: supported types are: - * SYNC_FOLDER_TYPE_USER_CONTACT - * SYNC_FOLDER_TYPE_USER_APPOINTMENT - * SYNC_FOLDER_TYPE_USER_TASK - * SYNC_FOLDER_TYPE_USER_MAIL - * - * Additional notes: - * - on Zarafa systems use backend/zarafa/listfolders.php script to get a list - * of available folders - * - * - all Z-Push users must have full writing permissions (secretary rights) so - * the configured folders can be synchronized to the mobile - * - * - this feature is only partly suitable for multi-tenancy environments, - * as ALL users from ALL tenents need access to the configured store & folder. - * When configuring a public folder, this will cause problems, as each user has - * a different public folder in his tenant, so the folder are not available. - - * - changing this configuration could cause HIGH LOAD on the system, as all - * connected devices will be updated and load the data contained in the - * added/modified folders. - */ - - $additionalFolders = array( - // demo entry for the synchronization of contacts from the public folder. - // uncomment (remove '/*' '*/') and fill in the folderid -/* - array( - 'store' => "SYSTEM", - 'folderid' => "", - 'name' => "Public Contacts", - 'type' => SYNC_FOLDER_TYPE_USER_CONTACT, - ), -*/ - ); - -?> diff --git a/conf/config.php b/conf/config.php index d4ad92f..9b51d70 100644 --- a/conf/config.php +++ b/conf/config.php @@ -48,11 +48,15 @@ define('TIMEZONE', ''); // Defines the base path on the server - define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/'); + define('BASE_PATH', dirname(__FILE__) . '/'); // Try to set unlimited timeout define('SCRIPT_TIMEOUT', 0); + // Your PHP could have a bug when base64 encoding: https://bugs.php.net/bug.php?id=68532 + // NOTE: Run "php testing/testing-bug68532fixed.php" to know what value put here + define('BUG68532FIXED', true); + // When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP define('USE_X_FORWARDED_FOR_HEADER', false); @@ -60,10 +64,70 @@ // This setting specifies the owner parameter in the certificate to look at. define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN"); + // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem' + // Uncomment and modify the following line if the validation of the certificates fails. + // define('CAINFO', '/etc/ssl/certs/EmailCA.pem'); + + /* + * Whether to use the complete email address as a login name + * (e.g. user@company.com) or the username only (user). + * This is required for Z-Push to work properly after autodiscover. + * Possible values: + * false - use the username only (default). + * true - use the complete email address. + */ + define('USE_FULLEMAIL_FOR_LOGIN', true); + +/********************************************************************************** + * Device pre-authorization. Useful when using Z-Push as a standalone product. + * + * It will use the STATE_MACHINE specified below, to store the users/devices + * FILE => STATE_DIR/PreAuthUserDevices + * SQL => auth_users + * + * FALSE => default + * TRUE + */ + define('PRE_AUTHORIZE_USERS', false); + + // New users are pre-authorized automatically + define('PRE_AUTHORIZE_NEW_USERS', false); + + // New devices are pre-authorized automatically for pre-authorized users + define('PRE_AUTHORIZE_NEW_DEVICES', false); + + // Max number of devices pre-authorized for user, you can pre-authorize more manually + define('PRE_AUTHORIZE_MAX_DEVICES', 5); + + +/********************************************************************************** + * Select StateMachine mechanism + * + * FILE => FileStateMachine, default + * SQL => SqlStateMachine + */ + define('STATE_MACHINE', 'FILE'); + /********************************************************************************** * Default FileStateMachine settings */ - define('STATE_DIR', 'ALIASTOCHANGE'); + define('STATE_DIR', '/var/lib/z-push/'); + + +/********************************************************************************** + * Optional SqlStateMachine settings + * + * DSN: formatted PDO connection string + * mysql:host=xxx;port=xxx;dbname=xxx + * DON'T FORGET TO INSTALL THE PHP-DRIVER PACKAGE!!! + * USER: username to DB + * PASSWORD: password to DB + * OPTIONS: array with options needed + */ + define('STATE_SQL_DSN', ''); + define('STATE_SQL_USER', ''); + define('STATE_SQL_PASSWORD', ''); + define('STATE_SQL_OPTIONS', serialize(array(PDO::ATTR_PERSISTENT => true))); /********************************************************************************** @@ -97,9 +161,18 @@ define('LOGUSERLEVEL', LOGLEVEL_DEVICEID); $specialLogUsers = array(); - // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem' - // Uncomment and modify the following line if the validation of the certificates fails. - // define('CAINFO', '/etc/ssl/certs/EmailCA.pem'); + // If you want to disable log to file, and log to syslog instead + define('LOG_SYSLOG_ENABLED', false); + // false will log to local syslog, otherwise put the remote syslog IP here + define('LOG_SYSLOG_HOST', false); + // Syslog port + define('LOG_SYSLOG_PORT', 514); + // Program showed in the syslog. Useful if you have more than one instance login to the same syslog + define('LOG_SYSLOG_PROGRAM', '[z-push]'); + + + define('LOG_MEMORY_PROFILER', true); + define('LOG_MEMORY_PROFILER_FILE', '/var/log/z-push/memory_profile'); /********************************************************************************** * Mobile settings @@ -182,8 +255,8 @@ // in the semantic sanity checks and contacts with larger photos are not synchronized. // This limitation is not being followed by the ActiveSync clients which set much bigger // contact photos. You can override the default value of the max photo size. - // default: 49152 - 48 KB default max photo size in bytes - define('SYNC_CONTACTS_MAXPICTURESIZE', 49152); + // default: 5242880 - 5 MB default max photo size in bytes + define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880); // Over the WebserviceUsers command it is possible to retrieve a list of all // known devices and users on this Z-Push system. The authenticated user needs to have @@ -192,11 +265,40 @@ // this full list, so this feature is disabled by default. Enable with care. define('ALLOW_WEBSERVICE_USERS_ACCESS', false); + // Users with many folders can use the 'partial foldersync' feature, where the server + // actively stops processing the folder list if it takes too long. Other requests are + // then redirected to the FolderSync to synchronize the remaining items. + // Device compatibility for this procedure is not fully understood. + // NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING. + define('USE_PARTIAL_FOLDERSYNC', false); + /********************************************************************************** * Backend settings */ // the backend data provider - define('BACKEND_PROVIDER', 'BackendIMAP'); + define('BACKEND_PROVIDER', ''); + + // top collector backend class name + // Default is: TopCollector + // Options: ["TopCollector", "TopCollectorRedis"] + define('TOP_COLLECTOR_BACKEND', 'TopCollector'); + + // ping tracking backend class name + // Default is: PingTracking + // Options: ["PingTracking", "PingTrackingRedis"] + define('PING_TRACKING_BACKEND', 'PingTracking'); + + // loop detection backend class name + // Default is: LoopDetection + // Options: ["LoopDetection", "LoopDetectionRedis"] + define('LOOP_DETECTION_BACKEND', 'LoopDetection'); + + // If using the Redis backends (for top, ping and lookp) make sure to set this values as necessary + define('IPC_REDIS_IP', '127.0.0.1'); + define('IPC_REDIS_PORT', 6379); + // Database name/index in Redis: 0 by default + // NOTE: this database must be exclusive for z-push, since its content will be ERASED. You are warned. + define('IPC_REDIS_DATABASE', 0); /********************************************************************************** * Search provider settings @@ -265,5 +367,3 @@ ), */ ); - -?>