Nethence Newdoc Olddoc Lab Your IP BBDock  

Setting up Roundcube with NGINX

Introduction

For a small install you might be happy-happy with SQlite, otherwise you might need to go tru the MariaDB guide first.

Preparing PHP for NGINX

apt install php7.0-fpm php7.0
apt install php7.0-xml php7.0-mbstring php7.0-intl php7.0-ldap php7.0-sqlite3 php7.0-mysql php7.0-pspell php7.0-curl
cp -pi /etc/php/7.0/fpm/php.ini /etc/php/7.0/fpm/php.ini.dist
vi /etc/php/7.0/fpm/php.ini

;cgi.fix_pathinfo=1
cgi.fix_pathinfo=0

;date.timezone =
date.timezone = Europe/Paris

;upload_max_filesize = 2M
upload_max_filesize = 5M

post_max_size = 8M

service php7.0-fpm restart
ls -lhF /var/run/php/php7.0-fpm.sock

Preparing NGINX

Assuming the compression log format has already been defined, add this virtual host,

cd /etc/nginx/conf.d/
vi mail.conf

server {
        listen 80;
        server_name mail.nethence.com;
        return 301 https://mail.nethence.com$request_uri;
}

server {
        listen 443 ssl;
        server_name mail.nethence.com;
        access_log logs/mail.nethence.com.access.log compression;
        error_log  logs/mail.nethence.com.error.log warn;

        root /data/www/$server_name;
        index index.php;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
                deny all;
        }

        location ~ ^/(config|temp|logs)/ {
                deny all;
        }

        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }
        ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
        ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
        ssl_prefer_server_ciphers On;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 10m;
        add_header Strict-Transport-Security "max-age=31536000";
}

Preparing Roundcube

Fetch and extract the latest beta (I choose dependent version),

#wget "https://github.com/roundcube/roundcubemail/releases/download/1.3-rc/roundcubemail-1.3-rc.tar.gz"
#tar xzf roundcubemail-1.3-rc.tar.gz

wget "https://github.com/roundcube/roundcubemail/releases/download/1.3-rc/roundcubemail-1.3-rc-complete.tar.gz"
tar xzf roundcubemail-1.3-rc-complete.tar.gz 

mv roundcubemail-1.3-rc/ mail.nethence.com/
chown -R www-data:root mail.nethence.com/

mkdir mail.nethence.com.sqlite/
chown -R www-data:root mail.nethence.com.sqlite/

Ready to go

Watch the logs,

tail -F /var/log/nginx/mail.nethence.com.error.log &

check that you get to the DEFAULT BLANK PAGE and no error in the logs,

(http://mail.nethence.com/ should redirect to)
https://mail.nethence.com/

then proceed with the online installer,

https://mail.nethence.com/installer/

(I'm happy with most of the defaults but log_driver should be syslog and page sizes should rather be 100+)

when finished, eventually tweak the config manually, then disable the installer and remove its folder,

cd /root/www/mail.nethence.com/
cp -pi config/config.inc.php config/config.inc.php.done
vi config/config.inc.php

$config['enable_installer'] = false;
$config['default_host'] = 'tls://localhost';
$config['db_dsnw'] = 'sqlite:////data/www/mail.nethence.com.sqlite/roundcubemail.db?mode=0646';

rm -rf installer/

custom logo

apt install imagemagick
identify skins/classic/images/roundcube_logo.png

cd images/
convert -resize 178x47 nethence-5lineoblique.png nethence-5lineoblique.178x47.png
convert -resize 178x47 nethence-bigchief.png nethence-bigchief.178x47.png
ln -sf nethence-bigchief.178x47.png nethence.png
cd ../

vi config/config.inc.php

$config['skin'] = 'classic';
$config['skin_logo'] = 'images/nethence.png';

Note. don’t forget either symlink or use the images/ folder within the roundcube served folder or use full https url, otherwise you might get ssl warnings that part of the content is not secured.

References


Home | GitHub | Donate | Contact