Installing Horde in Debian 5 Rumi, January 7, 2011 Default installation is with Apache + mod_php5 + php-mysql: # aptitude install horde3 Packages installed looks like: apache2-mpm-prefork apache2-utils apache2.2-common fckeditor horde3 libapache2-mod-php5 libmcrypt4 php-cache php-date php-db php-file php-http-request php-log php-mail php-mail-mime php-mail-mimedecode php-net-dime php-net-ftp php-net-smtp php-net-socket php-net-url php-pear php-services-weather php-soap php-xml-parser php-xml-serializer php-xml-util php5-cli php5-common php5-gd php5-mcrypt php5-mysql Note that Apache/PHP/MySQL is installed by default but you can use another SQL server or HTTP server. For using php-pgsql : # aptitude install horde3 php5-pgsql For using lighttpd : # aptitude install horde3 lighttpd php5-cgi After installation, please read carefully /usr/share/doc/horde3/README.Debian. Configuring your HTTP server For Apache, in your VirtualHost file (perhaps 000-default), secure (mod_access, mod_ssl, …) and enable Horde access. Be sure to have Indexes option and index.php in DirectoryIndex. For example: Alias /horde3 /usr/share/horde3 <Directory /usr/share/horde3> Options FollowSymLinks AllowOverride Limit deny from all allow from YOUR_IP </Directory> <Files ~ "\.(inc|bak)$"> deny from all </Files> If you don't use "Alias /horde3", you need update $webroot variable in registry.php file. With "Alias /foo", set 'webroot' => '/foo' and if /usr/share/horde3 is your documentroot, set 'webroot' => ' ' . For Lighttpd, ensure cgi and alias module are enabled and add: $HTTP["remoteip"] == "YOUR_IP" { alias.url += ( "/horde3/" => "/usr/share/horde3/" ) } Configuring Horde When your web access is secure, remove the second and third lines from /etc/horde/horde3/conf.php file and prepare file permissions for web configuration: # chmod 777 /etc/horde/horde3/conf.php # touch /etc/horde/horde3/conf.bak.php # chmod 777 /etc/horde/horde3/conf.bak.php Prepare your log file if you want it: # touch /var/log/horde/horde3.log # chown root.www-data /var/log/horde/horde3.log # chmod 770 /var/log/horde/horde3.log Prepare your backend. For example, if you use a local MySQL server, change password and inject this file: # gunzip < /usr/share/doc/horde3/examples/scripts/\ sql/create.mysql.sql.gz \ | mysql -u MYSQL_ADMIN -p NOTE: The command above injects a trivial SQL password. Do not use it without restricting access to this file and changing the SQL password. Of course, you can also use PostgreSQL or sqlite. For Postgresql (at least on lenny) you need to add a line in /etc/postgresql/8.3/main/pg_hba.conf: local horde horde ident hordemap make sure it comes before the line saying # "local" is for Unix domain socket connections only local all all ident sameuser Otherwise it will silently be ignored. (There go another two hours of my life :-/) Now append two lines to /etc/postgresql/8.3/main/pg_ident.conf # echo -e "hordemap postgres postgres\nhordemap postgres horde" \ >>/etc/postgresql/8.3/main/pg_ident.conf # /etc/init.d/postgresql reload For the curious: The first command allows access from "local" (via domain sockets) to the database "horde" as user "horde" as defined in the ident map "hordemap". The second command adds that hordemap and makes sure that the user ident(ed) user postgres can impersonate the database users "postgres" and "horde". Then run # gunzip /usr/share/doc/horde3/examples/scripts/sql/create.pgsql.sql.gz Edit the file create.pgsql.sql to change the horde database user's password and remove the '–' comment from of that line. Then become the postgres user and run that script: # su postgres - $ cd /usr/share/doc/horde3/examples/scripts/sql/ $ psql -d template1 -f create.pgsql.sql Then your are ready to browse Horde setup in http(s?)://YOUR_SERVEUR/horde3 With default configuration, you MUST configure the database, the preferences system and the users. If you fail to configure the users, you WILL NOT be able to log in. In addition, these parameters need more attention: cookie/path (in your web example case, change (or let) to '/horde3') cookie/domain session/use_only_cookies (in some cases, you must disable it to avoid infinite loops) Generate your configuration and change permissions of configuration files : # chmod 644 /etc/horde/horde3/conf.php # chmod 600 /etc/horde/horde3/conf.bak.php Now you can authorize all clients in your web server configuration. Upgrading Horde Secure your web server access and begin the upgrade. Change permissions for conf.php and conf.bak.php and regenerate configuration AND upgrade your database schema (yes, you read well, database schema upgrades are not supported in Debian packages for now). Adjust permissions and re-open web server access. Installing and configuring IMP IMP is a webmail client. # aptitude install imp4 Note APT installs PHP IMAP extension (reload your http server after install) and libc-client (you can probably ignore debconf question about it). Now prepare file permissions for web configuration: # chmod 777 /etc/horde/imp4/conf.php # touch /etc/horde/imp4/conf.bak.php # chmod 777 /etc/horde/imp4/conf.bak.php Generate your configuration (GPG/PGP, user constraints, enable spam/ham report, hooks…). Change permissions of configuration files: # chmod 644 /etc/horde/imp4/conf.php # chmod 700 /etc/horde/imp4/conf.bak.php And specify your mail server(s) in /etc/horde/imp4/servers.php file. There are a lot of examples in original files (don't forget to remove/comment examples). When you are ready, enable IMP in /etc/horde/horde3/registry.php file and verify if all is right. Yes, you read well, you MUST enable manually module in registry.php file after configuration! Installing and configuring Ingo Ingo is a mail filter component for IMP. # aptitude install ingo1 Prepare file permissions for web configuration: # chmod 777 /etc/horde/ingo1/conf.php # touch /etc/horde/ingo1/conf.bak.php # chmod 777 /etc/horde/ingo1/conf.bak.php Generate your configuration, it's easy because there are a few minor parameters. And specify your backend(s) in /etc/horde/ingo1/backends.php file. Backend could be null (apply rules on demand) or rules for Sieve, Procmail or Maildrop. Here is classic backends.php file: $backends['imap'] = array( 'driver' => 'null', 'preferred' => 'example.com', 'hordeauth' => true, 'params' => array(), 'script' => 'imap', 'scriptparams' => array() ); Change permissions of configuration files: # chmod 644 /etc/horde/ingo1/conf.php # chmod 700 /etc/horde/ingo1/conf.bak.php When you are ready, enable Ingo in /etc/horde/horde3/registry.php file and verify if all is right. Installing and configuring Turba Turba is a contact management. For security reasons, disable Turba in /etc/horde/horde3/registry.php file, and install: # aptitude install turba2 Prepare file permissions for web configuration: # chmod 777 /etc/horde/turba2/conf.php # touch /etc/horde/turba2/conf.bak.php # chmod 777 /etc/horde/turba2/conf.bak.php Generate your configuration, it's easy because there are only four parameters (cache could be broken in some situation then you should disable it). Change permissions of configuration files: # chmod 644 /etc/horde/turba2/conf.php # chmod 700 /etc/horde/turba2/conf.bak.php And specify your backend(s) in /etc/horde/turba2/sources.php file. There are a lot of examples in original files (don't forget to remove/comment examples). Example for browse Debian LDAP with all developers: $cfgSources['debianldap'] = array( 'title' => _("Debian Adress Book"), 'type' => 'ldap', 'params' => array( 'server' => 'db.debian.org', 'root' => 'ou=users,dc=debian,dc=org', 'dn' => array('uid'), 'objectclass' => array('top', 'debianDeveloper'), 'charset' => 'utf-8', 'version' => 3 ), 'map' => array( '__key' => 'dn', 'name' => 'gecos', 'firstname' => 'cn', 'lastname' => 'sn', 'nickname' => 'uid' ), 'search' => array( 'name', 'lastname', ), 'export' => true, 'browse' => true ); Note that using LDAP source, you will be sure to have LDAP extension for PHP and PEAR Net::LDAP (php-net-ldap package). If you choose SQL backend, don't forget to create tables on your database. For example, if you use a local MySQL server: # mysql -u MYSQL_ADMIN -p DATABASE < \ /usr/share/doc/turba2/examples/scripts/sql/turba.mysql.sql When you are ready, enable Turba in /etc/horde/horde3/registry.php file and verify if all is right. Installing and configuring Kronolith Kronolith is a calendar component. For security reasons, disable Kronolith in /etc/horde/horde3/registry.php file, and install: # aptitude install kronolith2 Prepare file permissions for web configuration: # chmod 777 /etc/horde/kronolith2/conf.php # touch /etc/horde/kronolith2/conf.bak.php # chmod 777 /etc/horde/kronolith2/conf.bak.php Generate your configuration. Most important choice is storage driver. You will probably choose SQL driver, with Default Horde parameters. You need now create SQL tables. For example, if you use a local MySQL server: # mysql -u MYSQL_ADMIN -p DATABASE < \ /usr/share/doc/kronolith2/examples/scripts/sql/kronolith.mysql.sql Change permissions of configuration files: # chmod 644 /etc/horde/kronolith2/conf.php # chmod 700 /etc/horde/kronolith2/conf.bak.php When you are ready, enable Kronolith in /etc/horde/horde3/registry.php file and verify if all is right. Installing and configuring Gollem Gollem is a file manager. # aptitude install gollem Prepare file permissions for web configuration. Generate your configuration and change permissions of configuration files. And specify your backend(s) in /etc/horde/gollem/backends.php file. And enable Gollem in /etc/horde/horde3/registry.php file. Installing and configuring Nag Nag is a task list manager. For security reasons, disable Nag in /etc/horde/horde3/registry.php file, and install: # aptitude install nag2 Prepare file permissions for web configuration: # chmod 777 /etc/horde/nag2/conf.php # touch /etc/horde/nag2/conf.bak.php # chmod 777 /etc/horde/nag2/conf.bak.php Generate your configuration. Most important choice is storage driver. You will probably choose SQL driver, with Default Horde parameters. You need now create SQL tables. For example, if you use a local MySQL server: # mysql -u MYSQL_ADMIN -p DATABASE < \ /usr/share/doc/nag2/examples/scripts/sql/nag.sql Change permissions of configuration files: # chmod 644 /etc/horde/nag2/conf.php # chmod 700 /etc/horde/nag2/conf.bak.php When you are ready, enable Nag in /etc/horde/horde3/registry.php file and verify if all is right. Installing and configuring Mnemo Mnemo is a notes/memos manager. # aptitude install mnemo2 Prepare file permissions for web configuration. Generate your configuration and change permissions of configuration files. And enable Mnemo in /etc/horde/horde3/registry.php file. Installing and configuring Forwards Forwards is an autoforward component. # aptitude install sork-forwards-h3 Prepare file permissions, and generate configuration with Horde setup. Choose how you want to setup your forward email address (FTP, LDAP, SQL…). And enable Gollem in /etc/horde/horde3/registry.php file. Installing and configuring Vacation Vacation is autovacation component. # aptitude install sork-vacation-h3 Prepare file permissions, and generate configuration with Horde setup. If you use Vacation with vacation package, don't forget to correct vacation path to '/usr/bin/vacation' and use 'Berkeley DB 4.x hash, (little|big) endian' for type of database. Don't forget to adjust file permissions. Choose how you want to setup your vacation (FTP, LDAP). An easy way is to install ftp package. And enable Vacation in /etc/horde/horde3/registry.php file. Installing and configuring Passwd Passwd is a module for users to change their password. # aptitude install sork-passwd-h3 Prepare file permissions, and generate configuration with Horde setup. Choose backends in /etc/horde/passwd3/backends.php file to set up password (LDAP, SQL, SMB, Poppassd, Expect, Vmailgr, Vpopmail, Pine…). And enable Passwd in /etc/horde/horde3/registry.php file. Installing and configuring SAM SAM is a module for users to change their spam prefs. # aptitude install horde-sam Prepare file permissions, and generate configuration with Horde setup. And specify your backend in /etc/horde/sam/backends.php file (LDAP or SQL for Amavis, SQL or FTP for SpamAssassin). And enable SAM in /etc/horde/horde3/registry.php file. Administrations Configurations (Linux)