IRedMail com Nginx

De MochilaWiki
Revisão de 04h49min de 11 de novembro de 2012 por Banto Palmarino (discussão | contribs)
Ir para navegaçãoIr para pesquisar

instalando

echo deb http://php53.dotdeb.org lenny all >> /etc/apt/sources.list
gpg --keyserver keys.gnupg.net --recv-key 89DF5277
gpg -a --export 89DF5277 | apt-key add -
apt-get update

apt-get install libpcre3-dev libssl-dev build-essential php5-fpm 

sed -i 's/post_max_size\ =\ 8M/post_max_size\ =\ 10M/g' /etc/php5/fpm/php.ini
sed -i 's/upload_max_filesize\ =\ 2M/upload_max_filesize\ =\ 10M/g' /etc/php5/fpm/php.ini
echo cgi.fix_pathinfo = 1 >> /etc/php5/fpm/php.ini
echo suhosin.session.encrypt = Off >> /etc/php5/fpm/php.ini
echo 'date.timezone = "America/Sao_paulo"' > /etc/php5/conf.d/date.ini
rm /etc/php5/fpm/conf.d/mhash.ini

cd /usr/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54/
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
--without-mail_smtp_module --with-http_stub_status_module \
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
--conf-path=/etc/nginx/nginx.conf  --pid-path=/var/run/nginx.pid \
--with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \
--with-http_stub_status_module
make
make install

cd /usr/src
mkdir /etc/nginx/sites-enabled
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
wget http://pub.nkosi.org/iredmail/nginx.conf-iredmail
wget http://pub.nkosi.org/iredmail/nginx.conf
mv nginx-init /etc/init.d/nginx
mv nginx.conf /etc/nginx/
mv nginx.conf-iredmail /etc/nginx/sites-enabled
chmod 755 /etc/init.d/nginx
update-rc.d -f apache2 remove
update-rc.d nginx defaults
/etc/init.d/apache2 stop

wget -c http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.5.1/roundcubemail-0.5.1.tar.gz/download -O roundcubemail-0.5.1.tar.gz
tar zxvf roundcubemail-0.5.1.tar.gz
mv roundcubemail-0.5.1 /usr/share/apache2/
cd /usr/share/apache2/
cp roundcubemail/config/* roundcubemail-0.5.1/config/
chown -R root\: roundcubemail-0.5.1
sed -i 's/roundcubemail/roundcube/g' roundcubemail-0.5.1/config/db.inc.php

mysql -u root -p
create database roundcube;
use roundcube;
source roundcubemail-0.5.1/SQL/mysql.initial.sql
grant all on roundcube.* to roundcube@localhost;
quit

ln -s /usr/share/apache2/roundcubemail-0.5.1/ /usr/share/apache2/webmail
ln -s /usr/share/apache2/roundcubemail-0.5.1/ /usr/share/apache2/mail
/etc/init.d/php5-fpm start
/etc/init.d/nginx start

funciona

  1. roundcube

conf geral

server {
    listen          80;
    server_name mail.example.com;

    location / {
            rewrite ^ https://mail.example.com permanent;
    }

    location ~ \.php$ {
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME /usr/share/apache2/roundcubemail$fastcgi_script_name;
    }

}

server {
    listen       443;
    server_name  mail.example.com;

    location / {
        root   /usr/share/apache2/roundcubemail/;
        index  index.php index.html;
    }

     location ~ \.php$ {
        root            /usr/share/apache2/roundcubemail/;
        include         fastcgi_params;
        fastcgi_pass    127.0.0.1:9000;
        fastcgi_index   index.php;
        fastcgi_param   SCRIPT_FILENAME /usr/share/apache2/roundcubemail$fastcgi_script_name;
        fastcgi_param   SERVER_NAME $http_host;
        fastcgi_ignore_client_abort on;
    }

    ssl                  on;
    ssl_certificate      /etc/ssl/certs/iRedMail_CA.pem;
    ssl_certificate_key  /etc/ssl/private/iRedMail.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;
}

phpLDAPadmin

#phpLDAPadmin
server {
    listen       443;
    server_name  ldap.example.com;

    location / {
        root   /usr/share/phpldapadmin/;
        index  index.php index.html;
    }

     location ~ \.php$ {
        root            /usr/share/phpldapadmin/;
        include         fastcgi_params;
        fastcgi_pass    127.0.0.1:9000;
        fastcgi_index   index.php;
        fastcgi_param   SCRIPT_FILENAME /usr/share/phpldapadmin$fastcgi_script_name;
        fastcgi_param   SERVER_NAME $http_host;
        fastcgi_ignore_client_abort on;
    }

    ssl                  on;
    ssl_certificate      /etc/ssl/certs/iRedMail_CA.pem;
    ssl_certificate_key  /etc/ssl/private/iRedMail.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;
}


iRedAdmin

sudo -s
add-apt-repository ppa:nginx/stable
add-apt-repository ppa:uwsgi/release
apt-get update
apt-get install nginx uwsgi-python python-virtualenv

cat >/etc/uwsgi-python/apps-enabled/uwsgi.xml << EOF
<uwsgi>
  <limit-as>256</limit-as>
  <processes>6</processes>
  <memory-report/>
  <vhost/>
  <no-site/>
</uwsgi>
EOF

mkdir /usr/share/apache2/iredadmin/python-home
virtualenv /usr/share/apache2/iredadmin/python-home
chown www-data:www-data /usr/share/apache2/iredadmin/* -R
# iRedAdmin
server {
    listen          80;
    server_name iredadmin.example.com;

    location / {
        rewrite ^(.*) https://$server_name$1 permanent;
    }
}

server {
    listen 443;
    server_name ira.example.com;

    access_log  /var/log/nginx/iredadmin.access_log;
    error_log   /var/log/nginx/iredadmin.error_log;

    location / {
        root /usr/share/apache2/iredadmin;
        uwsgi_pass unix:///var/run/uwsgi-python/uwsgi/socket;
        uwsgi_param UWSGI_PYHOME /usr/share/apache2/iredadmin/python-home;
        uwsgi_param UWSGI_CHDIR /usr/share/apache2/iredadmin;
        uwsgi_param UWSGI_SCRIPT iredadmin;
        include uwsgi_params;
    }

    location /static {
        alias /usr/share/apache2/iredadmin/static/;
    }

    ssl                  on;
    ssl_certificate      /etc/ssl/certs/iRedMail_CA.pem;
    ssl_certificate_key  /etc/ssl/private/iRedMail.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;
}
/etc/init.d/nginx restart
/etc/init.d/uwsgi-python restart

funciona

referências:

IRedMail with Nginx