Sync iRedMail upgrade tutorial.
This commit is contained in:
Zhang Huangbin
parent
3387c0e863
commit
f3cc1d70a6
|
|
@ -13,7 +13,7 @@ find it, you can still download one from iRedMail project:
|
|||
This file must be owned by user `vmail` and group `vmail`, permission `0500`.
|
||||
|
||||
Now open Dovecot config file `/etc/dovecot/dovecot.conf` (on Linux/OpenBSD)
|
||||
or `/usr/local/etc/dovecot/dovecot.conf` (FreeBSD), find parameter `sieve_before =`
|
||||
or `/usr/local/etc/dovecot/dovecot.conf` (FreeBSD), make sure you have setting
|
||||
like below:
|
||||
|
||||
```
|
||||
|
|
@ -21,18 +21,11 @@ like below:
|
|||
|
||||
plugin {
|
||||
...
|
||||
#sieve_before =
|
||||
sieve_before = /var/vmail/sieve/dovecot.sieve
|
||||
...
|
||||
}
|
||||
```
|
||||
|
||||
Uncomment it and set its value to `/var/vmail/sieve/dovecot.sieve` (Note:
|
||||
use the correct path on your server).
|
||||
|
||||
```
|
||||
sieve_before = /var/vmail/sieve/dovecot.sieve
|
||||
```
|
||||
|
||||
Restart Dovecot service to enable it.
|
||||
|
||||
Note: we don't use `sieve_default =` for global sieve script, because it
|
||||
|
|
|
|||
|
|
@ -65,6 +65,51 @@ chown mlmmj:mlmmj /opt/mlmmjadmin/settings.py
|
|||
chmod 0400 /opt/mlmmjadmin/settings.py
|
||||
```
|
||||
|
||||
### Fix improper Nginx config files for Roundcube
|
||||
|
||||
Accurate Nginx url match helps avoid namespace conflicts, we need some fixes
|
||||
for Roundcube to get accurate url match.
|
||||
|
||||
Please open file `/etc/nginx/templates/roundcube.tmpl`, find `location`
|
||||
directives like below:
|
||||
|
||||
```
|
||||
location ~ /mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
location ~ /mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
location ~ /mail/plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ /mail/plugins/enigma/home($|/.*) { deny all; }
|
||||
```
|
||||
|
||||
Add a `^` symbol before url path, this will exactly match the url begins
|
||||
with the path.
|
||||
|
||||
```
|
||||
+location ~ ^/mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
+location ~ ^/mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
+location ~ ^/mail/plugins/.*/config.inc.php.* { deny all; }
|
||||
+location ~ ^/mail/plugins/enigma/home($|/.*) { deny all; }
|
||||
```
|
||||
|
||||
Open file `/etc/nginx/templates/roundcube-subdomain.tmpl`, find `location`
|
||||
directives like below:
|
||||
|
||||
|
||||
```
|
||||
location ~ /(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
location ~ /(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
location ~ /plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ /plugins/enigma/home($|/.*) { deny all; }
|
||||
```
|
||||
|
||||
Add `^` symbol like below:
|
||||
|
||||
```
|
||||
location ~ ^/(bin|config|installer|logs|SQL|temp|vendor)/.* { deny all; }
|
||||
location ~ ^/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)$ { deny all; }
|
||||
location ~ ^/plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ ^/plugins/enigma/home($|/.*) { deny all; }
|
||||
```
|
||||
|
||||
## OpenLDAP special
|
||||
|
||||
### Update iRedMail LDAP schema file
|
||||
|
|
|
|||
|
|
@ -26,22 +26,17 @@ find it, you can still download one from iRedMail project:
|
|||
<a href="https://bitbucket.org/zhb/iredmail/src/default/iRedMail/samples/dovecot/dovecot.sieve">here</a></p>
|
||||
<p>This file must be owned by user <code>vmail</code> and group <code>vmail</code>, permission <code>0500</code>.</p>
|
||||
<p>Now open Dovecot config file <code>/etc/dovecot/dovecot.conf</code> (on Linux/OpenBSD)
|
||||
or <code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), find parameter <code>sieve_before =</code>
|
||||
or <code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), make sure you have setting
|
||||
like below:</p>
|
||||
<pre><code># Part of file: /etc/dovecot/dovecot.conf
|
||||
|
||||
plugin {
|
||||
...
|
||||
#sieve_before =
|
||||
sieve_before = /var/vmail/sieve/dovecot.sieve
|
||||
...
|
||||
}
|
||||
</code></pre>
|
||||
|
||||
<p>Uncomment it and set its value to <code>/var/vmail/sieve/dovecot.sieve</code> (Note:
|
||||
use the correct path on your server).</p>
|
||||
<pre><code> sieve_before = /var/vmail/sieve/dovecot.sieve
|
||||
</code></pre>
|
||||
|
||||
<p>Restart Dovecot service to enable it.</p>
|
||||
<p>Note: we don't use <code>sieve_default =</code> for global sieve script, because it
|
||||
will be ignored if users have their own personal sieve rule files.</p><div class="footer">
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@
|
|||
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-10">Upgrade iRedAdmin (open source edition) to the latest stable release (1.0)</a></li>
|
||||
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release-136">Upgrade Roundcube webmail to the latest stable release (1.3.6)</a></li>
|
||||
<li><a href="#fix-incorrect-file-ownergroup-of-mlmmjadmin-config-file">Fix incorrect file owner/group of mlmmjadmin config file</a></li>
|
||||
<li><a href="#fix-improper-nginx-config-files-for-roundcube">Fix improper Nginx config files for Roundcube</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
<li><a href="#openldap-special">OpenLDAP special</a><ul>
|
||||
|
|
@ -102,6 +103,40 @@ latest stable release immediately:</p>
|
|||
chmod 0400 /opt/mlmmjadmin/settings.py
|
||||
</code></pre>
|
||||
|
||||
<h3 id="fix-improper-nginx-config-files-for-roundcube">Fix improper Nginx config files for Roundcube</h3>
|
||||
<p>Accurate Nginx url match helps avoid namespace conflicts, we need some fixes
|
||||
for Roundcube to get accurate url match.</p>
|
||||
<p>Please open file <code>/etc/nginx/templates/roundcube.tmpl</code>, find <code>location</code>
|
||||
directives like below:</p>
|
||||
<pre><code>location ~ /mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
location ~ /mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
location ~ /mail/plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ /mail/plugins/enigma/home($|/.*) { deny all; }
|
||||
</code></pre>
|
||||
|
||||
<p>Add a <code>^</code> symbol before url path, this will exactly match the url begins
|
||||
with the path.</p>
|
||||
<pre><code>+location ~ ^/mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
+location ~ ^/mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
+location ~ ^/mail/plugins/.*/config.inc.php.* { deny all; }
|
||||
+location ~ ^/mail/plugins/enigma/home($|/.*) { deny all; }
|
||||
</code></pre>
|
||||
|
||||
<p>Open file <code>/etc/nginx/templates/roundcube-subdomain.tmpl</code>, find <code>location</code>
|
||||
directives like below:</p>
|
||||
<pre><code>location ~ /(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||
location ~ /(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||
location ~ /plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ /plugins/enigma/home($|/.*) { deny all; }
|
||||
</code></pre>
|
||||
|
||||
<p>Add <code>^</code> symbol like below:</p>
|
||||
<pre><code>location ~ ^/(bin|config|installer|logs|SQL|temp|vendor)/.* { deny all; }
|
||||
location ~ ^/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)$ { deny all; }
|
||||
location ~ ^/plugins/.*/config.inc.php.* { deny all; }
|
||||
location ~ ^/plugins/enigma/home($|/.*) { deny all; }
|
||||
</code></pre>
|
||||
|
||||
<h2 id="openldap-special">OpenLDAP special</h2>
|
||||
<h3 id="update-iredmail-ldap-schema-file">Update iRedMail LDAP schema file</h3>
|
||||
<p>iRedMail-0.9.9 introduces 2 new LDAP attributes for mail user account:</p>
|
||||
|
|
|
|||
Loading…
Reference in New Issue