| commit | author | age | ||
| a89845 | 1 | INTRODUCTION |
| T | 2 | ============ |
| 3 | ||
| e019f2 | 4 | This file describes the basic steps to install Roundcube Webmail on your |
| a89845 | 5 | web server. For additional information, please also consult the project's |
| 83ce4b | 6 | wiki page at http://trac.roundcube.net/wiki |
| T | 7 | |
| 4e17e6 | 8 | |
| 535da2 | 9 | REQUIREMENTS |
| T | 10 | ============ |
| 11 | ||
| 5d62d9 | 12 | * The Apache, Lighttpd, Cherokee or Hiawatha web server |
| 535da2 | 13 | * .htaccess support allowing overrides for DirectoryIndex |
| c2269d | 14 | * PHP Version 5.3.7 or greater (but not PHP 7) including |
| 25fb97 | 15 | - PCRE, DOM, JSON, Session, Sockets (required) |
| a84efc | 16 | - PHP Data Objects (PDO) with driver for either MySQL, PostgreSQL or SQLite (required) |
| TB | 17 | - Libiconv, Zip (recommended) |
| 6c1c60 | 18 | - OpenSSL, Fileinfo, Mcrypt, mbstring (optional) |
| 91790e | 19 | * PEAR packages distributed with Roundcube or external: |
| dddc98 | 20 | - Mail_Mime 1.9.0 or newer |
| 86bc1f | 21 | - Net_SMTP 1.7.1 or newer |
| AM | 22 | - Net_Socket 1.0.12 or newer |
| 50d7d3 | 23 | - Net_IDNA2 0.1.1 or newer |
| 114cf1 | 24 | - Auth_SASL 1.0.6 or newer |
| 52674e | 25 | - Net_Sieve 1.3.2 or newer (for managesieve plugin) |
| 4daaa0 | 26 | - Crypt_GPG 1.2.0 or newer (for enigma plugin) |
| 7d3406 | 27 | * php.ini options (see .htaccess file): |
| 535da2 | 28 | - error_reporting E_ALL & ~E_NOTICE (or lower) |
| 29640b | 29 | - memory_limit > 16MB (increase as suitable to support large attachments) |
| 067763 | 30 | - file_uploads enabled (for attachment upload features) |
| A | 31 | - session.auto_start disabled |
| 7d3406 | 32 | - suhosin.session.encrypt disabled |
| A | 33 | - mbstring.func_overload disabled |
| 140abb | 34 | - magic_quotes_runtime disabled |
| 0b6d02 | 35 | - magic_quotes_sybase disabled |
| 0314bf | 36 | - register_globals disabled (PHP < 5.4) |
| 6c1c60 | 37 | * PHP compiled with OpenSSL to use secure (tls/ssl) connections and to use the spell checker |
| ec6a77 | 38 | * A MySQL (4.0.8 or newer), PostgreSQL, MS SQL Server (2005 or newer) database engine |
| d239ee | 39 | or SQLite support in PHP |
| 1fb2c8 | 40 | * One of the above databases with permission to create tables |
| 7d3406 | 41 | * An SMTP server (recommended) or PHP configured for mail delivery |
| d4a820 | 42 | * Composer installed either locally or globally (https://getcomposer.org) |
| 535da2 | 43 | |
| T | 44 | |
| 4e17e6 | 45 | INSTALLATION |
| T | 46 | ============ |
| 47 | ||
| 48 | 1. Decompress and put this folder somewhere inside your document root | |
| 1985eb | 49 | 2. Install dependencies using composer: |
| TB | 50 | - get composer from https://getcomposer.org/download/ |
| 51 | - rename the composer.json-dist file into composer.json | |
| 408194 | 52 | - if you want to use LDAP address books, enable the LDAP libraries in your |
| TB | 53 | composer.json file by moving the items from "suggest" to the "require" |
| 54 | section (remove the explanation texts after the version!). | |
| 0c137f | 55 | - run `php composer.phar install --no-dev` |
| 1985eb | 56 | 3. Make sure that the following directories (and the files within) |
| 10a699 | 57 | are writable by the webserver |
| 4e17e6 | 58 | - /temp |
| T | 59 | - /logs |
| 1985eb | 60 | 4. Create a new database and a database user for Roundcube (see DATABASE SETUP) |
| TB | 61 | 5. Point your browser to http://url-to-roundcube/installer/ |
| 62 | 6. Follow the instructions of the install script (or see MANUAL CONFIGURATION) | |
| 63 | 7. After creating and testing the configuration, remove the installer directory | |
| 64 | 8. Check Known Issues section of this file | |
| 42b113 | 65 | |
| T | 66 | |
| 4b20e2 | 67 | CONFIGURATION HINTS |
| T | 68 | =================== |
| 69 | ||
| 233622 | 70 | Roundcube writes internal errors to the 'errors' log file located in the logs |
| 461a30 | 71 | directory which can be configured in config/config.inc.php. If you want ordinary |
| 4b20e2 | 72 | PHP errors to be logged there as well, enable the 'php_value error_log' line |
| T | 73 | in the .htaccess file and set the path to the log file accordingly. |
| 74 | ||
| 29640b | 75 | By default the session_path settings of PHP are not modified by Roundcube. |
| T | 76 | However if you want to limit the session cookies to the directory where |
| 77 | Roundcube resides you can uncomment and configure the according line | |
| 78 | in the .htaccess file. | |
| 79 | ||
| 4b20e2 | 80 | |
| 10a699 | 81 | DATABASE SETUP |
| T | 82 | ============== |
| 83 | ||
| 233622 | 84 | Note: Database for Roundcube must use UTF-8 character set. |
| 0ba548 | 85 | |
| fa898a | 86 | * MySQL |
| T | 87 | ------- |
| 10a699 | 88 | Setting up the mysql database can be done by creating an empty database, |
| T | 89 | importing the table layout and granting the proper permissions to the |
| 90 | roundcube user. Here is an example of that procedure: | |
| 91 | ||
| 92 | # mysql | |
| ad5600 | 93 | > CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE utf8_general_ci */; |
| 10a699 | 94 | > GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost |
| 6ae6e4 | 95 | IDENTIFIED BY 'password'; |
| 10a699 | 96 | > quit |
| fa898a | 97 | |
| 10a699 | 98 | # mysql roundcubemail < SQL/mysql.initial.sql |
| 535da2 | 99 | |
| fa898a | 100 | Note 1: 'password' is the master password for the roundcube user. It is strongly |
| 3cf664 | 101 | recommended you replace this with a more secure password. Please keep in |
| T | 102 | mind: You need to specify this password later in 'config/db.inc.php'. |
| fa898a | 103 | |
| 1cded8 | 104 | |
| 10a699 | 105 | * SQLite |
| T | 106 | -------- |
| 8da072 | 107 | Versions of sqlite database engine older than 3 aren't supported. |
| AM | 108 | Database file and structure is created automatically by Roundcube. |
| 109 | Make sure your configuration points to some file location and that the | |
| 83ce4b | 110 | webserver can write to the file and the directory containing the file. |
| 10a699 | 111 | |
| T | 112 | |
| 1cded8 | 113 | * PostgreSQL |
| T | 114 | ------------ |
| 233622 | 115 | To use Roundcube with PostgreSQL support you have to follow these |
| a89845 | 116 | simple steps, which have to be done as the postgres system user (or |
| 1cded8 | 117 | which ever is the database superuser): |
| T | 118 | |
| b91bc1 | 119 | $ createuser -P roundcube |
| ad5600 | 120 | $ createdb -O roundcube -E UNICODE roundcubemail |
| b91bc1 | 121 | $ psql -U roundcube -f SQL/postgres.initial.sql roundcubemail |
| 1cded8 | 122 | |
| b91bc1 | 123 | Note: in some system configurations you might need to add '-U postgres' to |
| AM | 124 | createuser and createdb commands. |
| 233622 | 125 | |
| T | 126 | |
| c72f69 | 127 | * Microsoft SQL Server |
| AM | 128 | ---------------------- |
| 129 | Language/locale of the database must be set to us_english (1033). More info | |
| 130 | on this at http://trac.roundcube.net/ticket/1488918. | |
| 131 | ||
| 132 | ||
| 233622 | 133 | Database cleaning |
| T | 134 | ----------------- |
| c72f69 | 135 | To keep your database slick and clean we recommend to periodically execute |
| 30aa4c | 136 | bin/cleandb.sh which finally removes all records that are marked as deleted. |
| 233622 | 137 | Best solution is to install a cronjob running this script daily. |
| 1cded8 | 138 | |
| T | 139 | |
| 190e97 | 140 | MANUAL CONFIGURATION |
| T | 141 | ==================== |
| 535da2 | 142 | |
| 9bacb2 | 143 | First of all, copy the sample configuration file config/config.inc.php.sample |
| TB | 144 | to config/config.inc.php and make the necessary adjustments according to your |
| 145 | environment and your needs. More configuration options can be copied from the | |
| 146 | config/defaults.inc.php file into your local config.inc.php file as needed. | |
| 147 | Read the comments above the individual configuration options to find out what | |
| 148 | they do or read http://trac.roundcube.net/wiki/Howto_Install for even more | |
| 149 | guidance. | |
| 535da2 | 150 | |
| 4b9efb | 151 | You can also modify the default .htaccess file. This is necessary to |
| S | 152 | increase the allowed size of file attachments, for example: |
| 153 | php_value upload_max_filesize 2M | |
| 535da2 | 154 | |
| 83ce4b | 155 | |
| 16640c | 156 | SECURE YOUR INSTALLATION |
| TB | 157 | ======================== |
| 158 | ||
| 159 | Access through the webserver to the following directories should be denied: | |
| 160 | ||
| 161 | /config | |
| 162 | /temp | |
| 163 | /logs | |
| 164 | ||
| 165 | Roundcube uses .htaccess files to protect these directories, so be sure to | |
| 166 | allow override of the Limit directives to get them taken into account. The | |
| 167 | package also ships a .htaccess file in the root directory which defines some | |
| 168 | rewrite rules. In order to properly secure your installation, please enable | |
| 169 | mod_rewrite for Apache webserver and double check access to the above listed | |
| 170 | directories and their contents is denied. | |
| 171 | ||
| 62ee42 | 172 | NOTE: In Apache 2.4, support for .htaccess files has been disabled by |
| TB | 173 | default. Therefore you first need to enable this in your Apache main or |
| 174 | virtual host config by with: | |
| 175 | ||
| 176 | AllowOverride all | |
| 177 | ||
| 16640c | 178 | |
| 42b113 | 179 | UPGRADING |
| T | 180 | ========= |
| 6ae6e4 | 181 | |
| 233622 | 182 | If you already have a previous version of Roundcube installed, |
| 42b113 | 183 | please refer to the instructions in UPGRADING guide. |
| 4e17e6 | 184 | |
| T | 185 | |
| d7f49d | 186 | OPTIMISING |
| T | 187 | ========== |
| 188 | ||
| 189 | There are two forms of optimisation here, compression and caching, both aimed | |
| 233622 | 190 | at increasing an end user's experience using Roundcube Webmail. Compression |
| d7f49d | 191 | allows the static web pages to be delivered with less bandwidth. The index.php |
| 233622 | 192 | of Roundcube Webmail already enables compression on its output. The settings |
| d7f49d | 193 | below allow compression to occur for all static files. Caching sets HTTP |
| T | 194 | response headers that enable a user's web client to understand what is static |
| 195 | and how to cache it. | |
| 196 | ||
| 197 | The caching directives used are: | |
| 198 | * Etags - sets at tag so the client can request is the page has changed | |
| 199 | * Cache-control - defines the age of the page and that the page is 'public' | |
| 200 | This enables clients to cache javascript files that don't have private | |
| 201 | information between sessions even if using HTTPS. It also allows proxies | |
| 202 | to share the same cached page between users. | |
| 203 | * Expires - provides another hint to increase the lifetime of static pages. | |
| 204 | ||
| 205 | For more information refer to RFC 2616. | |
| 206 | ||
| 207 | Side effects: | |
| 208 | ------------- | |
| 209 | These directives are designed for production use. If you are using this in | |
| 210 | a development environment you may get horribly confused if your webclient | |
| 211 | is caching stuff that you changed on the server. Disabling the expires | |
| 212 | parts below should save you some grief. | |
| 213 | ||
| 214 | If you are changing the skins, it is recommended that you copy content to | |
| 215 | a different directory apart from 'default'. | |
| 216 | ||
| 217 | Apache: | |
| 218 | ------- | |
| 219 | To enable these features in apache the following modules need to be enabled: | |
| a5c2ad | 220 | * mod_deflate |
| A | 221 | * mod_expires |
| d7f49d | 222 | * mod_headers |
| T | 223 | |
| 224 | The optimisation is already included in the .htaccess file in the top | |
| 225 | directory of your installation. | |
| 226 | ||
| 227 | If you are using Apache version 2.2.9 and later, in the .htaccess file | |
| 228 | change the 'append' word to 'merge' for a more correct response. Keeping | |
| 229 | as 'append' shouldn't cause any problems though changing to merge will | |
| 230 | eliminate the possibility of duplicate 'public' headers in Cache-control. | |
| 231 | ||
| 232 | Lighttpd: | |
| 233 | --------- | |
| 234 | With Lightty the addition of Expire: tags by mod_expire is incompatible with | |
| 235 | the addition of "Cache-control: public". Using Cache-control 'public' is | |
| 236 | used below as it is assumed to give a better caching result. | |
| 237 | ||
| 238 | Enable modules in server.modules: | |
| 239 | "mod_setenv" | |
| 240 | "mod_compress" | |
| 241 | ||
| 242 | Mod_compress is a server side cache of compressed files to improve its performance. | |
| 243 | ||
| 244 | $HTTP["host"] == "www.example.com" { | |
| 245 | ||
| 246 | static-file.etags = "enable" | |
| 247 | # http://redmine.lighttpd.net/projects/lighttpd/wiki/Etag.use-mtimeDetails | |
| 248 | etag.use-mtime = "enable" | |
| 249 | ||
| 250 | # http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModSetEnv | |
| 251 | $HTTP["url"] =~ "^/roundcubemail/(plugins|skins|program)" { | |
| 252 | setenv.add-response-header = ( "Cache-Control" => "public, max-age=2592000") | |
| 253 | } | |
| 254 | ||
| 255 | # http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModCompress | |
| 256 | # set compress.cache-dir to somewhere outside the docroot. | |
| 257 | compress.cache-dir = var.statedir + "/cache/compress" | |
| 258 | ||
| 259 | compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css", "text/xml", "image/gif", "image/png") | |
| 260 | } | |
| ed3e51 | 261 | |
| AM | 262 | |
| 263 | KNOWN ISSUES | |
| 264 | ============ | |
| 265 | ||
| 266 | Installations with uw-imap server should set imap_disabled_caps = array('ESEARCH') | |
| 267 | in main configuration file. ESEARCH implementation in this server is broken (#1489184). | |
