Roundcube
Roundcube is a full-featured, PHP web-based mail client.
Contents
Installation
Install the roundcubemail package. Further you will need a database (e.g. MariaDB) and a web server with PHP-support (this guide will assume the Apache HTTP Server).
Configuration
MariaDB
Here's an example on how you could setup a database for Roundcube with MariaDB called roundcubemail
for the user roundcube
identified by the password password
:
$ mysql -u root -p
CREATE DATABASE roundcubemail; GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube'@'localhost' IDENTIFIED BY 'password';
For any database you use, you will need to initialize the roundcubemail database tables. Here is an example of how to do this with MariaDB:
$ mysql -u root -p roundcubemail < /usr/share/webapps/roundcubemail/SQL/mysql.initial.sql
SQLite
A SQLite DB will be created automagically by Roundcube. Ensure the file specified in the config is located in a basedir location. Consider adding /var/lib/roundcubemail to your basedir definition. This implies creating the directory and chowning it to http.
Other Databases
Roundcubemail has installation scripts for mssql, Oracle, and Postgres.
Roundcube
Copy the example configuration file and adjust it to your configuration:
# cp /etc/webapps/roundcubemail/config/config.inc.php.sample /etc/webapps/roundcubemail/config/config.inc.php
Set your mail server settings, and set enable_installer
to enable the setup wizard:
/etc/webapps/roundcubemail/config/config.inc.php
$config['db_dsnw'] = 'mysql://roundcube:****@localhost/roundcubemail'; $config['default_host'] = 'tls://localhost'; $config['smtp_server'] = 'localhost'; $config['des_key'] = 'some_awesome_long_semi_random_string'; $config['enable_installer'] = true;
PHP
Make sure to adjust following variables to these minimal values in your PHP config:
/etc/php/php.ini
date.timezone = "UTC"
and uncomment
extension=iconv.so
You also need to make sure that PHP can access /etc/webapps
and /usr/share/webapps
. Add them to open_basedir
in /etc/php/php.ini
if open_basedir is not yet configured:
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/
Webserver (Apache)
Copy the configuration file for Apache to its configuration directory:
# cp /etc/webapps/roundcubemail/apache.conf /etc/httpd/conf/extra/roundcube.conf
And include it at the bottom of
/etc/httpd/conf/httpd.conf
Include conf/extra/roundcube.conf
Restart Apache (httpd.service
).
Webserver (Nginx)
Add a location block for RoundCube
/etc/nginx.conf
location /webmail { alias /usr/share/webapps/roundcubemail; access_log /var/log/nginx/roundcube_access.log; error_log /var/log/nginx/roundcube_error.log; # Favicon location ~ ^/webmail/favicon.ico$ { root /usr/share/webapps/roundcubemail/skins/classic/images; log_not_found off; access_log off; expires max; } # Robots file location ~ ^/webmail/robots.txt { allow all; log_not_found off; access_log off; } # Deny Protected directories location ~ ^/webmail/(config|temp|logs)/ { deny all; } location ~ ^/webmail/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { deny all; } location ~ ^/webmail/(bin|SQL)/ { deny all; } # Hide .md files location ~ ^/webmail/(.+\.md)$ { deny all; } # Hide all dot files location ~ ^/webmail/\. { deny all; access_log off; log_not_found off; } #Roundcube fastcgi config location ~ /webmail(/.*\.php)$ { include fastcgi.conf; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_split_path_info ^/webmail/(.+\.php)(/.*)$; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/webapps/roundcubemail/$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PHP_VALUE open_basedir="/tmp/:/var/cache/roundcubemail:/usr/share/webapps/roundcubemail:/etc/webapps/roundcubemail:/usr/share/pear/:/var/log/roundcubemail"; } }
Finally restart the nginx.service
unit.
Install Roundcube
Finally you can visit the Roundcube installation wizard in your browser: http://localhost/roundcube/installer
For security reasons, you should disable the installer when you have completed the wizard: remove $config['enable_installer'] = true;
from config.inc.php
.
Because the ~/roundcube/config
directory contains sensitive information about your server, it's also a good idea to disallow access to this directory by adding these lines, too.
/etc/httpd/conf/extra/roundcube.conf
<Directory /usr/share/webapps/roundcubemail/config> Options -FollowSymLinks AllowOverride None Require all denied </Directory>
Tips and tricks
Setting Roundcube up for use with an IMAP server that only allows TLS authentication
It's quite common for modern IMAP servers to only allow encrypted authentication, say using STARTTLS. If you are setting Roundcube up for TLS authentication, the web-based installer won't help you. You will need to edit the /etc/webapps/roundcubemail/config/config.inc.php
by hand, adding the following lines:
$config['default_host'] = 'tls://mail.my_domain.org';
$config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => true, 'allow_self_signed' => true, 'peer_name' => 'mail.my_domain.org', 'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH', 'cafile' => '/etc/ssl/certs/ssl-cert-cyrus.my_domain.org.pem', ), );
where mail.my_domain.org
is the CN
host name in your SSL certificate (i.e. the hostname of your IMAP server), and /etc/ssl/certs/ssl-cert-cyrus.my_domain.org.pem
is the path to your SSL certificate. You might need to adjust the ciphers
element to correspond to the ciphers allowed by your IMAP server.
A complete list of PHP SSL configuration options can be found here.
PDF and OpenDocument file preview
Following Roundcube extensions enables you to preview PDF or OpenDocument file attachements. Install roundcubemail-plugins-kolabAUR from the AUR and adjust following configuration file to enable the extensions:
/etc/webapps/roundcubemail/config/config.inc.php
$config['plugins'] = array( 'pdfviewer', 'odfviewer' );
If you encounter any file permission issues, than try this command:
chown -R http:http /usr/share/webapps/roundcubemail/plugins/odfviewer/files
Synchronize address book with CardDav contacts
It's useful to use the Roundcube address book to have auto-completion features for address fields etc. If you have your contacts stored somewhere else and the remote application offers a CardDav server for synchronization, then you can use the roundcube-rcmcarddavAUR extension from the AUR to access your remote address book in Roundcube. To enable it, adjust following lines in your config file:
/etc/webapps/roundcubemail/config/config.inc.php
$config['plugins'] = array( 'carddav' );
Further usage instructions can be found here.
Troubleshooting
SMTP Error: Authentication failure
You may first try to disable(comment) the following settings in config.inc.php as shown:
//$config['smtp_user'] = '%u'; //$config['smtp_pass'] = '%p';