Horde base configuration added

ansible/group_vars/all

@@ -9,7 +9,10 @@ ispmail_mysql_mailuser_password: ChangeMe
 ispmail_mysql_root_password: ChangeMeRoot
 
 # MySQL password for storing Roundcube configuration
-ispmail_mysql_roundcube_password: ChangeMeRound
+#ispmail_mysql_roundcube_password: ChangeMeRound
+
+# MySQL password for storing Horde webmail user configuration
+ispmail_mysql_horde_password: ChangeMeHorde
 
 # Allowed authentication mechanisms for IMAP/POP3
 # See: https://wiki2.dovecot.org/Authentication/Mechanisms

ansible/ispmail.yml

@@ -19,5 +19,5 @@
 #  - ispmail-postfix
 #  - ispmail-dovecot
 #  - ispmail-webmail
-#  - ispmail-webmail-apache
+  - ispmail-webmail-apache-horde
   - ispmail-tests

ansible/roles/ispmail-database/tasks/main.yml

@@ -27,9 +27,9 @@
   mysql_db:
     name: mailserver
 
-- name: creating Roundcube MySQL database
-  mysql_db: 
-    name: roundcube
+# - name: creating Roundcube MySQL database
+#   mysql_db: 
+#     name: roundcube
 - name: copying MySQL database schema to server
   copy: 
     src: schema.sql 
@@ -44,11 +44,11 @@
     name: mailuser 
     password: "{{ispmail_mysql_mailuser_password}}"
     priv: mailserver.*:SELECT,INSERT,UPDATE,DELETE
-- name: creating MySQL user for roundcube
-  mysql_user: 
-    name: roundcube 
-    password: "{{ispmail_mysql_roundcube_password}}"
-    priv: roundcube.*:ALL
+# - name: creating MySQL user for roundcube
+#   mysql_user: 
+#     name: roundcube 
+#     password: "{{ispmail_mysql_roundcube_password}}"
+#     priv: roundcube.*:ALL
 - name: copying MySQL test data to server
   copy: 
     src: test.sql

ansible/roles/ispmail-packages/tasks/main.yml

@@ -6,14 +6,15 @@
   vars:
     packages:
     - etckeeper
+    - certbot
     - pwgen
     - mariadb-server
     - postfix
     - postfix-mysql
-    - roundcube
-    - roundcube-mysql
-    - roundcube-plugins
-    - roundcube-plugins-extra
+    # - roundcube
+    # - roundcube-mysql
+    # - roundcube-plugins
+    # - roundcube-plugins-extra
     - swaks
     - dovecot-mysql
     - dovecot-pop3d

ansible/roles/ispmail-postfix/tasks/main.yml

@@ -16,6 +16,7 @@
     src: master.cf
     dest: /etc/postfix/master.cf
     mode: 0644
+    notify: restart postfix
 
 # - name: tell Postfix to use the virtual mailbox domain mapping
 #   command: postconf virtual_mailbox_domains=mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

ansible/roles/ispmail-webmail-apache-horde/tasks/main.yml

@@ -0,0 +1,44 @@
+- name: Install required binary packages
+  apt: name={{item}} state=installed
+  with_items:
+  - apache2
+  - libapache2-mod-php
+  notify: restart apache
+- name: Create Apache vhost configuration for HTTPS (Horde and Adminer)
+  template:
+    src: apache/webmail.conf-443.j2 
+    dest: /etc/apache2/sites-available/default-ssl.conf
+  notify: restart apache
+- name: Enable Apache vhost for HTTPS
+  command: /usr/sbin/a2ensite default-ssl creates=/etc/apache2/sites-enabled/default-ssl.conf
+  notify: restart apache
+- name: Create Apache vhost configuration for HTTP (redirect to HTTPS)
+  template:
+    src: apache/webmail.conf-80.j2
+    dest: /etc/apache2/sites-available/000-default.conf
+  notify: restart apache
+- name: Enable Apache SSL module
+  command: /usr/sbin/a2enmod ssl creates=/etc/apache2/mods-enabled/ssl.conf
+  notify: restart apache
+
+- name: creating Horde MySQL database
+  mysql_db: 
+    name: horde
+- name: creating MySQL user to access the Horde database
+  mysql_user: 
+    name: horde
+    password: "{{ispmail_mysql_horde_password}}"
+    priv: horde.*:ALL
+
+- name: Generate random secret key for this Horde installation
+  command: pwgen -s 20
+  register: horde_secret_key
+- name: Generate Horde config file
+  template:
+    src: horde/conf.php.j2
+    dest: /etc/horde/horde/conf.php
+
+- name: Create Horde database schema
+  command: /usr/bin/horde-db-migrate
+
+# code: language=ansible insertSpaces=true tabSize=2

ansible/roles/ispmail-webmail-apache/templates/webmail.conf-443.j2 → ansible/roles/ispmail-webmail-apache-horde/templates/apache/webmail.conf-443.j2

@@ -3,15 +3,14 @@
 		ServerAdmin {{ ispmail_postmaster_address }}
 		ServerName {{ ispmail_webmail_hostname }}
 
-		Include /etc/roundcube/apache.conf
-		Alias / /var/lib/roundcube/
-
 		# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
 		# error, crit, alert, emerg.
 		# It is also possible to configure the loglevel for particular
 		# modules, e.g.
 		#LogLevel info ssl:warn
 
+		RedirectMatch permanent ^/$ https://{{ ispmail_webmail_hostname}}/horde/
+
 		ErrorLog ${APACHE_LOG_DIR}/webmail.error.log
 		CustomLog ${APACHE_LOG_DIR}/webmail.access.log combined
 

ansible/roles/ispmail-webmail-apache-horde/templates/horde/conf.php.j2

@@ -0,0 +1,126 @@
+<?php
+/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
+// $Id: 08fc885cd91fbae2d752e274b554c5f1645129c8 $
+$conf['vhosts'] = false;
+$conf['debug_level'] = E_ALL & ~E_NOTICE;
+$conf['max_exec_time'] = 0;
+$conf['compress_pages'] = true;
+$conf['secret_key'] = '{{horde_secret_key.stdout}}';
+$conf['umask'] = 077;
+$conf['testdisable'] = true;
+$conf['use_ssl'] = 2;
+$conf['server']['name'] = $_SERVER['SERVER_NAME'];
+$conf['urls']['token_lifetime'] = 30;
+$conf['urls']['hmac_lifetime'] = 30;
+$conf['urls']['pretty'] = false;
+$conf['safe_ips'] = array();
+$conf['session']['name'] = 'Horde';
+$conf['session']['use_only_cookies'] = true;
+$conf['session']['timeout'] = 0;
+$conf['session']['cache_limiter'] = 'nocache';
+$conf['session']['max_time'] = 72000;
+$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
+$conf['cookie']['path'] = '/';
+$conf['sql']['username'] = 'horde';
+$conf['sql']['password'] = '{{ispmail_mysql_horde_password}}';
+$conf['sql']['protocol'] = 'unix';
+$conf['sql']['database'] = 'horde';
+$conf['sql']['charset'] = 'utf-8';
+$conf['sql']['ssl'] = false;
+$conf['sql']['splitread'] = false;
+$conf['sql']['logqueries'] = false;
+$conf['sql']['phptype'] = 'mysql';
+$conf['nosql']['phptype'] = false;
+$conf['ldap']['useldap'] = false;
+$conf['auth']['admins'] = array('Administrator');
+$conf['auth']['checkip'] = true;
+$conf['auth']['checkbrowser'] = true;
+$conf['auth']['resetpassword'] = true;
+$conf['auth']['alternate_login'] = false;
+$conf['auth']['redirect_on_logout'] = false;
+$conf['auth']['list_users'] = 'list';
+$conf['auth']['params']['username'] = 'Administrator';
+$conf['auth']['params']['requestuser'] = false;
+$conf['auth']['driver'] = 'auto';
+$conf['auth']['params']['count_bad_logins'] = false;
+$conf['auth']['params']['login_block'] = false;
+$conf['auth']['params']['login_block_count'] = 5;
+$conf['auth']['params']['login_block_time'] = 5;
+$conf['signup']['allow'] = false;
+$conf['log']['priority'] = 'INFO';
+$conf['log']['ident'] = 'HORDE';
+$conf['log']['name'] = LOG_USER;
+$conf['log']['type'] = 'syslog';
+$conf['log']['enabled'] = true;
+$conf['log_accesskeys'] = false;
+$conf['prefs']['maxsize'] = 65535;
+$conf['prefs']['params']['driverconfig'] = 'horde';
+$conf['prefs']['driver'] = 'Sql';
+$conf['alarms']['params']['driverconfig'] = 'horde';
+$conf['alarms']['params']['ttl'] = 300;
+$conf['alarms']['driver'] = 'Sql';
+$conf['group']['params']['driverconfig'] = 'horde';
+$conf['group']['driver'] = 'Sql';
+$conf['perms']['driverconfig'] = 'horde';
+$conf['perms']['driver'] = 'Sql';
+$conf['share']['no_sharing'] = false;
+$conf['share']['auto_create'] = true;
+$conf['share']['world'] = true;
+$conf['share']['any_group'] = false;
+$conf['share']['hidden'] = false;
+$conf['share']['cache'] = false;
+$conf['share']['driver'] = 'Sqlng';
+$conf['cache']['default_lifetime'] = 86400;
+$conf['cache']['params']['sub'] = 0;
+$conf['cache']['driver'] = 'File';
+$conf['cache']['use_memorycache'] = '';
+$conf['cachecssparams']['url_version_param'] = true;
+$conf['cachecss'] = false;
+$conf['cachejsparams']['url_version_param'] = true;
+$conf['cachejs'] = false;
+$conf['cachethemes'] = false;
+$conf['lock']['params']['driverconfig'] = 'horde';
+$conf['lock']['driver'] = 'Sql';
+$conf['token']['params']['driverconfig'] = 'horde';
+$conf['token']['driver'] = 'Sql';
+$conf['history']['params']['driverconfig'] = 'horde';
+$conf['history']['driver'] = 'Sql';
+$conf['davstorage']['params']['driverconfig'] = 'horde';
+$conf['davstorage']['driver'] = 'Sql';
+$conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
+$conf['mailer']['params']['sendmail_args'] = '-oi';
+$conf['mailer']['type'] = 'sendmail';
+$conf['vfs']['params']['driverconfig'] = 'horde';
+$conf['vfs']['type'] = 'Sql';
+$conf['sessionhandler']['type'] = 'Builtin';
+$conf['sessionhandler']['hashtable'] = false;
+$conf['spell']['driver'] = '';
+$conf['gnupg']['keyserver'] = array('pool.sks-keyservers.net');
+$conf['gnupg']['timeout'] = 10;
+$conf['nobase64_img'] = false;
+$conf['image']['driver'] = false;
+$conf['exif']['driver'] = 'Bundled';
+$conf['timezone']['location'] = 'ftp://ftp.iana.org/tz/tzdata-latest.tar.gz';
+$conf['problems']['email'] = '{{ispmail_postmaster_address}}';
+$conf['problems']['maildomain'] = 'example.com';
+$conf['problems']['tickets'] = false;
+$conf['problems']['attachments'] = true;
+$conf['menu']['links']['help'] = 'all';
+$conf['menu']['links']['prefs'] = 'authenticated';
+$conf['menu']['links']['problem'] = 'all';
+$conf['menu']['links']['login'] = 'all';
+$conf['menu']['links']['logout'] = 'authenticated';
+$conf['portal']['fixed_blocks'] = array();
+$conf['accounts']['driver'] = 'null';
+$conf['user']['verify_from_addr'] = false;
+$conf['user']['select_view'] = true;
+$conf['facebook']['enabled'] = false;
+$conf['twitter']['enabled'] = false;
+$conf['urlshortener'] = false;
+$conf['weather']['provider'] = false;
+$conf['imap']['enabled'] = false;
+$conf['imsp']['enabled'] = false;
+$conf['kolab']['enabled'] = false;
+$conf['hashtable']['driver'] = 'none';
+$conf['activesync']['enabled'] = false;
+/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */

ansible/roles/ispmail-webmail-apache-roundcube/tasks/main.yml

@@ -0,0 +1,44 @@
+---
+- name: install required binary packages
+  apt:
+    name: "{{ packages }}"
+    update_cache: yes
+  vars:
+    packages:
+      #- roundcube 
+      #- roundcube-plugins
+      - php-horde-imp
+      - php-horde-ingo
+      - php-horde-kronolith
+      - php-horde-turba
+# - name: Creating random des_key for Roundcube
+#   shell: pwgen 24
+#   register: roundcube_random_des_key
+# - name: Deploying Roundcube configuration
+#   template:
+#     src: roundcube-config.inc.php.j2
+#     dest: /etc/roundcube/config.inc.php
+#     owner: root
+#     group: www-data
+#     mode: 0640
+# - name: Deploying Roundcube managesieve plugin configuration
+#   copy:
+#     src: roundcube-managesieve-config.inc.php 
+#     dest: /etc/roundcube/plugins/managesieve/config.inc.php 
+#     mode: 0640
+# - name: Deploying Roundcube password plugin configuration
+#   template: 
+#     src: roundcube-password-config.inc.php.j2 
+#     dest: /etc/roundcube/plugins/password/config.inc.php 
+#     owner: root 
+#     group: www-data 
+#     mode: 0640
+# - name: Copy ISPmail logo
+#   copy: 
+#     src: ispmail-logo.png 
+#     dest: /var/lib/roundcube/
+# - name: Copy Roundcube database config file
+#   template: 
+#     src: roundcube-debian-db.php.j2 
+#     dest: /etc/roundcube/debian-db.php 
+#     mode: 0640

ansible/roles/ispmail-webmail-apache/tasks/main.yml

@@ -1,18 +0,0 @@
-- name: Install required binary packages
-  apt: name={{item}} state=installed
-  with_items:
-  - apache2
-  - libapache2-mod-php
-  notify: restart apache
-- name: Create Apache vhost configuration for HTTPS (RoundCube and PHPmyadmin)
-  template: src=webmail.conf-443.j2 dest=/etc/apache2/sites-available/default-ssl.conf
-  notify: restart apache
-- name: Enable Apache vhost for HTTPS
-  command: /usr/sbin/a2ensite default-ssl creates=/etc/apache2/sites-enabled/default-ssl.conf
-  notify: restart apache
-- name: Create Apache vhost configuration for HTTP (redirect to HTTPS)
-  template: src=webmail.conf-80.j2 dest=/etc/apache2/sites-available/000-default.conf
-  notify: restart apache
-- name: Enable Apache SSL module
-  command: /usr/sbin/a2enmod ssl creates=/etc/apache2/mods-enabled/ssl.conf
-  notify: restart apache

ansible/roles/ispmail-webmail/tasks/main.yml

@@ -1,40 +0,0 @@
----
-- name: install required binary packages
-  apt:
-    name: "{{ packages }}"
-    update_cache: yes
-  vars:
-    packages:
-      - roundcube 
-      - roundcube-plugins
-- name: Creating random des_key for Roundcube
-  shell: pwgen 24
-  register: roundcube_random_des_key
-- name: Deploying Roundcube configuration
-  template:
-    src: roundcube-config.inc.php.j2
-    dest: /etc/roundcube/config.inc.php
-    owner: root
-    group: www-data
-    mode: 0640
-- name: Deploying Roundcube managesieve plugin configuration
-  copy:
-    src: roundcube-managesieve-config.inc.php 
-    dest: /etc/roundcube/plugins/managesieve/config.inc.php 
-    mode: 0640
-- name: Deploying Roundcube password plugin configuration
-  template: 
-    src: roundcube-password-config.inc.php.j2 
-    dest: /etc/roundcube/plugins/password/config.inc.php 
-    owner: root 
-    group: www-data 
-    mode: 0640
-- name: Copy ISPmail logo
-  copy: 
-    src: ispmail-logo.png 
-    dest: /var/lib/roundcube/
-- name: Copy Roundcube database config file
-  template: 
-    src: roundcube-debian-db.php.j2 
-    dest: /etc/roundcube/debian-db.php 
-    mode: 0640