1 |
brianr |
1.1 |
Additional installation and update information: |
2 |
|
|
|
3 |
|
|
Upstream documentation: http://trac.roundcube.net/wiki |
4 |
|
|
|
5 |
|
|
Notice |
6 |
|
|
- temporary files are stored in /var/lib/roundcubemail |
7 |
|
|
- logs files are stored in /var/log/roundcubemail |
8 |
|
|
- configuration files are stored in /etc/roundcubemail |
9 |
|
|
|
10 |
|
|
As those directories are not served by the web server, |
11 |
|
|
there is no need to protect them. |
12 |
|
|
|
13 |
|
|
Databases |
14 |
|
|
|
15 |
|
|
Roundcube supports various database providers, including SQLite, MySQL and |
16 |
|
|
PostgreSQL. The package depends only on php-pdo, which provides SQLite |
17 |
|
|
support. However, the default configuration is for a MySQL database, for |
18 |
|
|
performance reasons. To use the MySQL database, ensure php-mysql is |
19 |
|
|
installed. If you want to use another database, adjust the configuration |
20 |
|
|
file, and ensure the appropriate PDO plugin is installed. If necessary. |
21 |
|
|
|
22 |
|
|
|
23 |
|
|
The installer is available at http://localhost/roundcubemail/installer |
24 |
|
|
The webmail is available at http://localhost/roundcubemail |
25 |
|
|
|
26 |
|
|
By default, access to Roundcube and the installer is only allowed from the |
27 |
|
|
server, locally, in /etc/httpd/conf.d/roundcubemail.conf . Best practice is |
28 |
|
|
to create a new file - e.g. /etc/httpd/conf.d/z-roundcubemail-allow.conf - |
29 |
|
|
to adjust the access permissions. You can also edit roundcubemail.conf directly, |
30 |
|
|
but then any changes to it in future package updates will cause the creation |
31 |
|
|
of a .rpmnew file, and you will have to merge the changes manually: creating |
32 |
|
|
a new config file to configure access permissions avoids that. |
33 |
|
|
|
34 |
|
|
First use the installer to configure Roundcube, ideally from the server so you |
35 |
|
|
do not need to allow any wider access to the installer, but you can use a new |
36 |
|
|
config file to grant wider access to /usr/share/roundcubemail and |
37 |
|
|
/usr/share/roundcubemail/installer if necessary. Once you have completed |
38 |
|
|
deployment, you should restrict access to the /installer subdirectory again, as |
39 |
|
|
an attacker could use it to do anything they liked to your Roundcube |
40 |
|
|
installation. |
41 |
|
|
|
42 |
|
|
UPGRADING: when upgrading from < 1.0 the old configuration files named |
43 |
|
|
main.inc.php and db.inc.php are now deprecated and should be replaced with one |
44 |
|
|
single config.inc.php file. Run the /usr/share/roundcube/bin/update.sh script |
45 |
|
|
as root to get this conversion done or manually merge the files. The update |
46 |
|
|
script will also update the database configuration. Check the permissions of |
47 |
|
|
the config.inc.php file and all backups the script creates! Make sure they |
48 |
|
|
are not world-readable, as they may contain sensitive information (e.g. |
49 |
|
|
database passwords). |
50 |
|
|
|
51 |
|
|
NOTE: the new config.inc.php should only contain options that differ from the |
52 |
|
|
ones listed in defaults.inc.php. |