Little roadmap nethserver SOGo module

mark_nl · October 28, 2016, 1:06pm

@dev_team or others

is the sAMAccountName the full username ie user@domain or just user?

asking to get nethserver-sogo-delete-user working.

davidep · October 28, 2016, 1:45pm

IIRC that attribute stores the old NT username. Thus it has no @domain suffix.

I’m trying to configure sssd to support also the traditional “short” username. Please comment here:

mark_nl · October 28, 2016, 7:56pm

More Votes … last thing to round up

mark_nl · October 30, 2016, 9:40am

Almost done, for none detail i like your help (no rush),
Its the Dashboard (application) module in this:

public function getInfo()
{
     $host = explode(':',$_SERVER['HTTP_HOST']);
     return array(
        'url' => "https://".$host[0]."/SOGo/"
     );
}

I need (pseudo code)

if sogod db prop 'VirtualHost' exists;
      $host = sogod db prop 'VirtualHost';
else
    $host = explode(':',$_SERVER['HTTP_HOST']);

EDIT and just ~~don’t~~ get what is wrong with this perl:
We need some of some.crt

if ($sogo_cert =~ /./) {
       $sogo_cert = (split(/./, $sogo_cert))[0];
    }

Escape the . \.

thanx in advance.

giacomo · November 2, 2016, 1:25pm

You need something like this (not very elegant):

public function getInfo()
{
     $vhost = $this->getPlatform()->getDatabase('configuration')->getProp('sogod,'VirtualHost');
     if ($vhost) {
         return array('url' => "https://".$vhost."/SOGo/");
     } else {
         $host = explode(':',$_SERVER['HTTP_HOST']);
         return array(
            'url' => "https://".$host[0]."/SOGo/"
        );
     }
}

Why not use the default certificate? Just use /etc/pki/tls/certs/localhost.crt

mark_nl · November 2, 2016, 1:35pm

Thanx!

its a changed functionality
implement exclusive virtualhost · markVnl/nethserver-sogo@04c5ef0 · GitHub[quote=“mark_nl, post:16, topic:4783”]
and is accessible
[/quote]
Oops and is not accessible

giacomo · November 2, 2016, 1:41pm

If I understand correctly, you would give the chance to choose a custom certificate for SOGo virtual host.
I’m not against it, but I can’t figure out why you need it.

Let’s assume this scenario:

Server FQDN: mymachine.nethserver.org
SOGo-only virtual host: mysogo.nethserver.org

If you need a valid SSL certificate for SOGo virtual host, you can simply create a new Let’s Encrypt certificate with multiple domain names and use it also for the specific virtual host.
Please, also take note that you should take care of the chain file

mark_nl · November 2, 2016, 1:52pm

User case i had in mind was mysogo.something.complexly.diferent.com (ie a specific mail domain)

Tnx,

giacomo · November 2, 2016, 1:55pm

LE works even with different domains

mark_nl · November 2, 2016, 2:14pm

EDIT forgot this: Still have to look in LE

I did not succeed is redirecting https: https://mysogo.nethserver.org > https://somthing_else.

The only way i figured out to get this working is warping the hole httpd sogo.conf in a virtual host,
or make a virtualhost in the service manager for this sole purpose.
And a personal preference, i dont like SOGo to be exposed to all other hosts. Note (as is) https://mysogo.nethserver.org/SOGo doesn’t get redirected.
Have to say, webthingy’s is my blind spot so open for suggestions

giacomo · November 2, 2016, 4:56pm

Have you already tried to put it inside the /etc/httpd/conf.d/default-virtualhost.inc template?

Rewrite rules are a little bit tricky

GG_jr · November 2, 2016, 5:04pm

Huge work Mark!

Even till here you deserve a big with (Heineken, Bavaria, Grolsch?)

mark_nl · November 2, 2016, 6:04pm

Noticed this, @davidep and @stephdl pointed me in the right direction
Think it’s quite clean now (dropped proxypasses for dav auto_discovery in favor of RewriteMatch) and it so far it works in all scenario’s.

I already known there are some optimizations in expanding the template, they do not change the result.

@stephdl what d you think, upload it in nethforg testing to get some feed back or invite some people to build and review this?

mark_nl · November 2, 2016, 6:14pm

Working in Germany until the end of the year, das wird ein Deutsches Bier.

GG_jr · November 2, 2016, 6:27pm

If you did this effort for us (NethServer SOGo module), we will make the effort to fill with beer from Netherlands!
It will be easier to bear being away from home!

stephdl · November 2, 2016, 8:47pm

You should propose built rpm for testing purposes, src.rpm are only for developers. Concerning Nethforge, I’m a bad boy, I don’t use it so much, I propose rpms from my own repository, but you can use a simple web folder somewhere and ask to install them by yum.

mark_nl · November 2, 2016, 9:41pm

Tested different scenarios one more time, no failures.
I have to admid 90% of the testing is done on a OpenLdap configuration.

Decided to upload them to nethforg testing.

yum upgrade --enablerepo=nethforge-testing nethserver-sogo

Login on Ldap is with full user name to (eg user@domian)

alefattorini · November 3, 2016, 9:56am

I made my tests on an AD configuration. Thanks again for your work

mark_nl · December 3, 2016, 2:36pm

which file / template does determine the permissions of the expanded template?
A workaround is a little script containing chmod 640 /etc/sogo/sogo.conf ;
Not so elegant…

davidep · December 3, 2016, 3:30pm

templates.metadata/

http://docs.nethserver.org/projects/nethserver-devel/en/latest/templates.html#template-permissions-and-ownership-templates-metadata

For instance