The OpenNET Project / Index page

[  /+++ | | wiki | | ]

:  

8. Configuring Web-cyradm

First copy the distributions config file, and create to logfile. The logfile must be owned by user that runns the webserver. This is usually the user nobody or wwwrun.

cp config.inc.php-dist config.inc.php

touch /var/log/web-cyradm-login.log
chown nobody /var/log/web-cyradm-login.log

8.1. Cyrus setup

# The Cyrus login stuff

$CYRUS_HOST="localhost";
$CYRUS_PORT="143";
$CYRUS_USERNAME="cyrus";
$CYRUS_PASSWORD="secret";

This should be self-explanatory. Please note there is no support for SSL connections at the moment, this is especially important for users that what to like to have web-cyradm not on the same server where the cyrus-imapd resides.

8.2. Database setup

Since version 0.5.2 web-cyradm uses PEAR as a database abstraction layer. This adds more flexibility. Currently supported databases are MySQL and PostgreSQL. Please note that for PostgreSQL there is a patch needed, because Postfix does not support PostgreSQL natively. I strongly suggest to use MySQL. I know MySQL has some restrictions on transaction and stuff, but it is natively in the Postfix code.

The entries should be self explenatory

$DB_TYPE="mysql";

/* DB_TYPE

 Possible Values are:
 o mysql
 o pgsql

 To operate a mailsystem with PostgreSQL you will need a patch for
 Postfix.

 Other Databases needs to be supported by PAM and postfix

*/


$DB_HOST="localhost";
$DB_NAME="mail";
$DB_USER="mail";
$DB_PASSWD="secret";
$DB_PROTOCOL="unix"; // set to "tcp" for TCP/IP
$DSN="$DB_TYPE://$DB_USER:$DB_PASSWD@$DB_PROTOCOL+$DB_HOST/$DB_NAME";

8.3. Default Quota

The default quota to be used is set in the variable DEFAULT_QUOTA=20000 and is used when creating a new domain

8.4. Crypted passwords

Web-cyradm supports the storage of encryted passwords. I strongly suggest, to use encryption. There are two methods supported at the moment: Unix-compatible (crypt) and MySQL. The Unix-compatible encryption allows you to take over encrytped passwords from an existing /etc/shadow. This should be preferred.

Unfortunately, MySQL uses a proprietary encryption method which is only available when using MySQL. I'm currently thinking about dropping support for MySQL crypt, because it would only work with MySQL and makes a migration to another database impossible. As soon as there is a method available to re-engineer the MySQL crypt on PHP there will be a solution (Help needed in programming, legal contraints?)

Check the variable $CRYPT in the file config.inc.php. Value plain means no encryption, crypt means Shadow compatible encryption, mysql means MySQL encryption.

CautionChoose encryption method carefully
 

Since the supported crypto-methods are all one-way encryptions, there will be NO WAY to migrate from one to another. Note also, that this is a global variable, which means, it is used for all passwords, including the password of the admin users. I STRONGLY suggest to use Unix Shadow compatible encryption, because it makes you independant from any software vendor.

8.5. Usernames

There are two schemas of usernames supported which are defined in the variable DOMAIN_AS_PREFIX. The default is to have a defined prefix ($DOMAIN_AS_PREFIX=0), i.e. test for the domain expample.com. With this scheme, the first user gets the username test0001, the second test0002 and incrementing.

The other one is to have usernames like hans.mueller.example.com. If that case set $DOMAIN_AS_PREFIX=1

At the moment you can not mix both schemas, evaluate carefully with scheme matches your needs best

If you choose to have $DOMAIN_AS_PREFIX=1, be sure you uncomment the option unixhierarchysep: yes like described in Section 7.1.2




:
̣
Inferno Solutions
Hosting by Hoster.ru
:


Created 1996-2020 by Maxim Chirkov
, ,