diff options
-rw-r--r-- | .SRCINFO | 36 | ||||
-rw-r--r-- | PKGBUILD | 75 | ||||
-rw-r--r-- | composer.json | 25 | ||||
-rw-r--r-- | install | 6 | ||||
-rw-r--r-- | nginx-location.conf | 28 | ||||
-rw-r--r-- | nginx-ssl.example.conf | 56 | ||||
-rw-r--r-- | php-fpm.example.conf | 3 | ||||
-rw-r--r-- | sabre-zarafa.conf | 44 | ||||
-rw-r--r-- | sabre-zarafa.ini | 1 |
9 files changed, 274 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..68c5de081378 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,36 @@ +# Generated by makepkg 4.2.1 +# Fri May 15 16:56:35 UTC 2015 +pkgbase = sabre-zarafa + pkgdesc = provide a full CardDav backend for SabreDAV to connect with Zarafa groupware + pkgver = 0.23 + pkgrel = 2 + url = https://github.com/1afa/sabre-zarafa + install = install + arch = any + license = AGPL3 + makedepends = php-composer + depends = php + optdepends = php-fpm + optdepends = nginx + optdepends = zarafa-server + options = !strip + backup = etc/webapps/sabre-zarafa/nginx-location.conf + backup = etc/php/conf.d/sabre-zarafa.ini + backup = etc/php/fpm.d/sabre-zarafa.conf + source = sabre-zarafa-0.23.tar.gz::https://github.com/1afa/sabre-zarafa/archive/v0.23.tar.gz + source = sabre-zarafa.ini + source = sabre-zarafa.conf + source = nginx-location.conf + source = nginx-ssl.example.conf + source = php-fpm.example.conf + source = composer.json + md5sums = b2e64ec204acf44a72b34ae1cb2f92d0 + md5sums = 191c6f53107a53e3b51331282c125e63 + md5sums = b0b98696ff5b11a5f06056686dff82d6 + md5sums = e7fe86eb090b69d503f5cc28e03bf9ce + md5sums = 73451bc5c35072b22b0b2925c5920978 + md5sums = 7adcf5e023718421a5e8e07e5e9a2480 + md5sums = 67fe9a12d3bafc877100bdaea728bbce + +pkgname = sabre-zarafa + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..8be73b88b49d --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,75 @@ +# Maintainer: MartiMcFly martimcfly@autorisation.de + +pkgname=sabre-zarafa +pkgver=0.23 +pkgrel=2 +pkgdesc="provide a full CardDav backend for SabreDAV to connect with Zarafa groupware" +arch=('any') +url="https://github.com/1afa/sabre-zarafa" +license=('AGPL3') +depends=('php') +makedepends=('php-composer') +optdepends=('php-fpm' + 'nginx' + 'zarafa-server') +install=('install') +backup=('etc/webapps/sabre-zarafa/nginx-location.conf' + 'etc/php/conf.d/sabre-zarafa.ini' + 'etc/php/fpm.d/sabre-zarafa.conf') +options=('!strip') +source=("${pkgname}-${pkgver}.tar.gz::https://github.com/1afa/sabre-zarafa/archive/v${pkgver}.tar.gz" + "sabre-zarafa.ini" + "sabre-zarafa.conf" + "nginx-location.conf" + "nginx-ssl.example.conf" + "php-fpm.example.conf" + "composer.json") + +md5sums=('b2e64ec204acf44a72b34ae1cb2f92d0' + '191c6f53107a53e3b51331282c125e63' + 'b0b98696ff5b11a5f06056686dff82d6' + 'e7fe86eb090b69d503f5cc28e03bf9ce' + '73451bc5c35072b22b0b2925c5920978' + '7adcf5e023718421a5e8e07e5e9a2480' + '67fe9a12d3bafc877100bdaea728bbce') + +package() { + # according to https://wiki.archlinux.org/index.php/Web_application_package_guidelines + mkdir -p ${pkgdir}/usr/share/webapps/${pkgname} + cp -r ${srcdir}/${pkgname}-${pkgver}/* ${pkgdir}/usr/share/webapps/${pkgname}/ + rm ${pkgdir}/usr/share/webapps/${pkgname}/config.inc.php + rm ${pkgdir}/usr/share/webapps/${pkgname}/debug.txt + rm -R ${pkgdir}/usr/share/webapps/${pkgname}/data + + mkdir -p ${pkgdir}/etc/webapps/${pkgname} + cp ${srcdir}/php-fpm.example.conf ${pkgdir}/etc/webapps/${pkgname}/ + cp ${srcdir}/nginx-ssl.example.conf ${pkgdir}/etc/webapps/${pkgname}/ + cp ${srcdir}/nginx-location.conf ${pkgdir}/etc/webapps/${pkgname}/ + cp ${srcdir}/${pkgname}-${pkgver}/config.inc.php ${pkgdir}/etc/webapps/${pkgname}/config.example.inc.php + ln -s /etc/webapps/${pkgname}/config.inc.php ${pkgdir}/usr/share/webapps/${pkgname}/config.inc.php + + mkdir -p ${pkgdir}/etc/php/conf.d + cp ${srcdir}/${pkgname}.ini ${pkgdir}/etc/php/conf.d + + mkdir -p ${pkgdir}/etc/php/fpm.d + cp ${srcdir}/${pkgname}.conf ${pkgdir}/etc/php/fpm.d + + mkdir -p ${pkgdir}/var/lib/${pkgname} + ln -s /var/lib/${pkgname} ${pkgdir}/usr/share/webapps/${pkgname}/data + + mkdir -p ${pkgdir}/var/log/${pkgname} + touch ${pkgdir}/var/log/${pkgname}/debug.txt + ln -s /var/log/${pkgname}/debug.txt ${pkgdir}/usr/share/webapps/${pkgname}/debug.txt + + # workaround for buggy dependency + rm ${pkgdir}/usr/share/webapps/${pkgname}/composer.json + cp ${srcdir}/composer.json ${pkgdir}/usr/share/webapps/${pkgname}/composer.json + + # workaround for php. its impossible to provide several ini files. + cd ${pkgdir}/usr/share/webapps/${pkgname}/ + cat ${srcdir}/${pkgname}.ini > /tmp/composer.ini + echo >> /tmp/composer.ini + cat /usr/share/php-composer/php.ini >> /tmp/composer.ini + $(which php) -nc/tmp/composer.ini $(which composer) install + rm /tmp/composer.ini +} diff --git a/composer.json b/composer.json new file mode 100644 index 000000000000..917480991623 --- /dev/null +++ b/composer.json @@ -0,0 +1,25 @@ +{ + "name": "bokxing-it/sabre-zarafa", + "require": { + "sabre/dav" : "<=2.1.2", + "apache/log4php" : "~2.3.0" + }, + "license": "agpl", + "authors": [ + { + "name": "Alfred Klomp", + "email": "alfred@1afa.com", + "role": "Developer" + }, + { + "name": "Guillaume Lapierre", + "role": "Developer" + } + ], + "autoload" : { + "psr-0" : { + "SabreZarafa" : "lib/" + } + }, + "minimum-stability": "stable" +} diff --git a/install b/install new file mode 100644 index 000000000000..0d09933b09c2 --- /dev/null +++ b/install @@ -0,0 +1,6 @@ +post_install() { + cp -n /etc/webapps/sabre-zarafa/config.example.inc.php /etc/webapps/sabre-zarafa/config.inc.php + chown -R http:http /var/log/sabre-zarafa + chown -R http:http /var/lib/sabre-zarafa +} + diff --git a/nginx-location.conf b/nginx-location.conf new file mode 100644 index 000000000000..6f79bc043151 --- /dev/null +++ b/nginx-location.conf @@ -0,0 +1,28 @@ + + ### + ## In order to run this component you need to define a server-context in. + ## /etc/nginx/nginx.conf: + ## + ## http { + ## server { + ## listen 80; + ## include ${PATH_TO_THIS_LOCATION_FILE}; + ## } + ## } + ## + ## Or include this file in your existing server-context. + ## + location /carddav { + root /usr/share/webapps/sabre-zarafa; + + ## [WARNING] The following header states that the browser should only communicate + ## with your server over a secure connection for the next 24 months. + add_header Strict-Transport-Security max-age=63072000; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + + fastcgi_pass unix:/run/php-fpm/sabre-zarafa.sock; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/server.php; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + }
\ No newline at end of file diff --git a/nginx-ssl.example.conf b/nginx-ssl.example.conf new file mode 100644 index 000000000000..a37c2447634a --- /dev/null +++ b/nginx-ssl.example.conf @@ -0,0 +1,56 @@ + + server { + # server_name YOUR_SERVER_FQDN; ## uncomment replace this with something like www.example.com + listen 443; + + server_tokens off; ## Don't show the nginx version number, a security best practice + root /var/lib/nginx/http + + ## Strong SSL Security + ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/ + ## + ## Generate a strong SSL-Certificate and DHE parameter: + ## openssl genrsa -out /etc/ssl/private/zarafa.key 4096 + ## openssl req -new -sha512 -key /etc/ssl/private/zarafa.key -out /tmp/zarafa.csr + ## openssl x509 -req -days 3650 -in /tmp/zarafa.csr -signkey /etc/ssl/private/zarafa.key -out /etc/ssl/private/zarafa.crt + ## openssl dhparam -out /etc/ssl/private/zarafa.dh 4096 + ## chmod go-rwx /etc/ssl/private/zarafa.*; + ## chmod u+rw /etc/ssl/private/zarafa.* + ## chown root:root /etc/ssl/private/zarafa.* + ## + ssl on; + ssl_certificate_key /etc/ssl/private/zarafa.key; + ssl_certificate /etc/ssl/private/zarafa.crt; + ssl_dhparam /etc/ssl/private/zarafa.dh; + + ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html + ## The recommended cipher suite for backwards compatibility (IE6/WinXP): + ssl_ciphers 'AES256+EECDH:AES256+EDH:!aNULL'; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:50m; + ssl_session_timeout 5m; + + ## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL. + ## Replace with your ssl_trusted_certificate. For more info see: + ## - https://medium.com/devops-programming/4445f4862461 + ## - https://www.ruby-forum.com/topic/4419319 + ## - https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx + ## - https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html + ## - http://freiburg79.de/ocsp-stapling-mit-nginx/ + # ssl_stapling on; + # ssl_stapling_verify on; + # ssl_stapling_file /etc/ssl/private/de-autorisation-m.ocsp; + # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired + # resolver_timeout 5s; + + # HIDDEN FILES AND FOLDERS + rewrite ^(.*)\/\.(.*)$ @404 break; + + location = @404 { + return 404; + } + + include ${PATH_TO_ATTACHED_LOCATION_FILE}; + include ${PATH_TO_ANOTHER_LOCATION_FILE}; + }
\ No newline at end of file diff --git a/php-fpm.example.conf b/php-fpm.example.conf new file mode 100644 index 000000000000..9c70c26482fd --- /dev/null +++ b/php-fpm.example.conf @@ -0,0 +1,3 @@ +[global] +pid = /run/php-fpm/php-fpm.pid +include = /etc/php/fpm.d/*.conf
\ No newline at end of file diff --git a/sabre-zarafa.conf b/sabre-zarafa.conf new file mode 100644 index 000000000000..c55ef6a7cd6a --- /dev/null +++ b/sabre-zarafa.conf @@ -0,0 +1,44 @@ +[sabre-zarafa] +listen = /run/php-fpm/sabre-zarafa.sock +listen.owner = http +listen.group = http +listen.mode = 0666 + + +user = http +group = http + +# 5 sabre-zarafa users +pm = ondemand +pm.max_children = 15 +pm.max_requests = 500 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp +env[HOME] = /home + +php_admin_value[memory_limit] = 128M +php_admin_value[open_basedir] = ${open_basedir}:/usr/share/webapps/sabre-zarafa:/etc/webapps/sabre-zarafa:/var/lib/sabre-zarafa:/var/log/sabre-zarafa:/usr/share/php/mapi + +php_admin_value[upload_max_filesize] = 20M +php_admin_value[post_max_size] = 20M +php_admin_value[date.timezone] = Europe/Berlin + +## http://sabre.io/dav/webservers/ +## + +## Output buffering needs to be off, to prevent high memory usage +php_flag[output_buffering] = off + +## This is also to prevent high memory usage +php_flag[always_populate_raw_post_data] = off + +## This is almost a given, but magic quotes is *still* on on some +## linux distributions +php_flag[magic_quotes_gpc] = off + +## SabreDAV is not compatible with mbstring function overloading +php_flag[mbstring.func_overload] = off diff --git a/sabre-zarafa.ini b/sabre-zarafa.ini new file mode 100644 index 000000000000..1acd40780a65 --- /dev/null +++ b/sabre-zarafa.ini @@ -0,0 +1 @@ +extension=iconv.so
\ No newline at end of file |