Commits

Zhang Huangbin committed 6e190b4

iRedAdmin now works with Nginx under /iredadmin, not a separate sub-domain (e.g. iredadmin.domain.ltd).

Comments (0)

Files changed (6)

iRedMail/conf/nginx

 # along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
 #---------------------------------------------------------------------
 
+# RC scripts
 export NGINX_RC_SCRIPT_NAME='nginx'
 export PHP_FPM_RC_SCRIPT_NAME='php-fpm'
 export UWSGI_RC_SCRIPT_NAME='uwsgi'
 export NGINX_MIME_TYPES="${NGINX_CONF_ROOT}/mime.types"
 
 # php-fpm
-export FASTCGI_PASS='unix:/var/run/php5-fpm.sock'
+export PHP_FASTCGI_SOCKET='/var/run/php5-fpm.socket'
+export PHP_FASTCGI_SOCKET_FULL="unix:${PHP_FASTCGI_SOCKET}"
 export NGINX_PHP_INI="${APACHE_PHP_INI}"
+export PHP_FPM_POOL_WWW_CONF='/etc/php-fpm.d/www.conf'
+
+# uWSGI
+export UWSGI_SOCKET_IREDADMIN='unix:/var/run/uwsgi_iredadmin.socket'
 
 if [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then
     export NGINX_PHP_INI='/etc/php5/fpm/php.ini'
+    export PHP_FPM_POOL_WWW_CONF='/etc/php5/fpm/pool.d/www.conf'
 
 elif [ X"${DISTRO}" == X"FREEBSD" ]; then
     export NGINX_CONF_ROOT="/usr/local/etc/nginx"

iRedMail/functions/nginx.sh

     perl -pi -e 's#PH_HTTPD_PORT#$ENV{HTTPD_PORT}#g' ${NGINX_CONF_DEFAULT}
     perl -pi -e 's#PH_HTTPD_SERVERROOT#$ENV{HTTPD_SERVERROOT}#g' ${NGINX_CONF_DEFAULT}
     perl -pi -e 's#PH_HTTPD_DOCUMENTROOT#$ENV{HTTPD_DOCUMENTROOT}#g' ${NGINX_CONF_DEFAULT}
-    perl -pi -e 's#PH_FASTCGI_PASS#$ENV{FASTCGI_PASS}#g' ${NGINX_CONF_DEFAULT}
+    perl -pi -e 's#PH_PHP_FASTCGI_SOCKET_FULL#$ENV{PHP_FASTCGI_SOCKET_FULL}#g' ${NGINX_CONF_DEFAULT}
 
     # ssl
     perl -pi -e 's#PH_HTTPS_PORT#$ENV{HTTPS_PORT}#g' ${NGINX_CONF_DEFAULT}
     perl -pi -e 's#PH_PLA_HTTPD_ROOT_SYMBOL_LINK#$ENV{PLA_HTTPD_ROOT_SYMBOL_LINK}#g' ${NGINX_CONF_DEFAULT}
     # phpMyAdmin
     perl -pi -e 's#PH_PHPMYADMIN_HTTPD_ROOT_SYMBOL_LINK#$ENV{PHPMYADMIN_HTTPD_ROOT_SYMBOL_LINK}#g' ${NGINX_CONF_DEFAULT}
+    # iRedAdmin
+    perl -pi -e 's#PH_IREDADMIN_HTTPD_ROOT_SYMBOL_LINK#$ENV{IREDADMIN_HTTPD_ROOT_SYMBOL_LINK}#g' ${NGINX_CONF_DEFAULT}
+
+    # php-fpm listen socket
+    perl -pi -e 's#^(listen *=).*#${1} $ENV{PHP_FASTCGI_SOCKET}#g' ${PHP_FPM_POOL_WWW_CONF}
+
+    # Copy uwsgi config file for iRedAdmin
+    if [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then
+        cp ${SAMPLE_DIR}/nginx/uwsgi_iredadmin.ini /etc/uwsgi/apps-available/iredadmin.ini
+        ln -s /etc/uwsgi/apps-available/iredadmin.ini /etc/uwsgi/apps-enabled/iredadmin.ini
+        perl -pi -e 's#PH_HTTPD_USER#$ENV{HTTPD_USER}#g' /etc/uwsgi/apps-enabled/iredadmin.ini
+        perl -pi -e 's#PH_HTTPD_GROUP#$ENV{HTTPD_GROUP}#g' /etc/uwsgi/apps-enabled/iredadmin.ini
+    fi
 
     cat >> ${TIP_FILE} <<EOF
 Nginx:

iRedMail/functions/packages.sh

     ENABLED_SERVICES="${ENABLED_SERVICES} ${ENABLED_HTTPD_SERVICES}"
     DISABLED_SERVICES="${DISABLED_SERVICES} ${DISABLED_HTTPD_SERVICES}"
 
-    # Apache
-    if [ X"${USE_APACHE}" == X'YES' ]; then
-        if [ X"${DISTRO}" == X"RHEL" ]; then
-            ALL_PKGS="${ALL_PKGS} httpd mod_ssl"
-        elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then
-            # Will be installed as dependency of 'libapache2-mod-php5'
-            ALL_PKGS="${ALL_PKGS} libapache2-mod-php5"
-        elif [ X"${DISTRO}" == X'OPENBSD' ]; then
-            # Apache is available in base system
-            :
-        fi
+    # Apache. Always install Apache.
+    if [ X"${DISTRO}" == X"RHEL" ]; then
+        ALL_PKGS="${ALL_PKGS} httpd mod_ssl"
+    elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then
+        # Will be installed as dependency of 'libapache2-mod-php5'
+        ALL_PKGS="${ALL_PKGS} libapache2-mod-php5"
+    elif [ X"${DISTRO}" == X'OPENBSD' ]; then
+        # Apache is available in base system
+        :
     fi
 
     # Nginx

iRedMail/functions/roundcubemail.sh

         ${MYSQL_CLIENT_ROOT} <<EOF
 -- Create database and grant privileges
 CREATE DATABASE ${RCM_DB} DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-GRANT CREATE,SELECT,INSERT,UPDATE,DELETE ON ${RCM_DB}.* TO "${RCM_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY '${RCM_DB_PASSWD}';
+GRANT CREATE,SELECT,INSERT,UPDATE,DELETE,ALTER ON ${RCM_DB}.* TO "${RCM_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY '${RCM_DB_PASSWD}';
 
 -- Import Roundcubemail SQL template
 USE ${RCM_DB};

iRedMail/samples/nginx/default.conf

 upstream php_workers {
-    server PH_FASTCGI_PASS;
+    server PH_PHP_FASTCGI_SOCKET_FULL;
 }
 
 # HTTP
     listen PH_HTTPD_PORT;
     server_name  _;
 
-    root PH_HTTPD_SERVERROOT;
+    root PH_HTTPD_DOCUMENTROOT;
     index index.php index.html index.htm;
 
     location / {
         fastcgi_pass php_workers;
     }
 
-    # Redirect /mail/ to https
+    # Redirect /mail/, /iredadmin/ to https
     location ~ /mail/ {
         rewrite ^ https://$host$request_uri?;
     }
+    location ~ /iredadmin/ {
+        rewrite ^ https://$host$request_uri?;
+    }
 
     # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
     location ~ /\. { deny all; access_log off; log_not_found off; }
         fastcgi_pass php_workers;
     }
 
-    #location ~ /iredadmin(.*) {
-    #    include uwsgi_params;
-    #    uwsgi_pass unix:/var/run/uwsgi/app/iredmail/socket;
-    #    uwsgi_param UWSGI_PYHOME /usr/share/apache2/iredadmin/python-home;
-    #    uwsgi_param UWSGI_CHDIR /usr/share/apache2/iredadmin;
-    #    uwsgi_param UWSGI_SCRIPT iredadmin;
-    #}
-
-    #location ~ /iredadmin(.*) {
-    #    alias /var/www/iredadmin$1;
-    #}
-
-    #location /iredadmin/static {
-    #    alias /var/www/iredadmin/static;
-    #}
+    # iRedAdmin: static files under /iredadmin/static
+    location ~ ^/iredadmin/static/(.*)\.(png|jpg|gif|css|js) {
+        alias PH_IREDADMIN_HTTPD_ROOT_SYMBOL_LINK/static/$1.$2;
+    }
+    # iRedAdmin: Python scripts
+    location ~ ^/iredadmin(.*) {
+        rewrite ^/iredadmin(/.*)$ $1 break;
+        include uwsgi_params;
+        uwsgi_pass unix:/var/run/uwsgi_iredadmin.socket;
+        uwsgi_param UWSGI_CHDIR PH_IREDADMIN_HTTPD_ROOT_SYMBOL_LINK;
+        uwsgi_param UWSGI_SCRIPT iredadmin;
+        uwsgi_param SCRIPT_NAME /iredadmin;
+    }
+    # iRedAdmin: redirect /iredadmin to /iredadmin/
+    location = /iredadmin {
+        rewrite ^ /iredadmin/;
+    }
 }

iRedMail/samples/nginx/uwsgi_iredadmin.ini

 [uwsgi]
 plugins = python
 vhost = true
-chown-socket = www-data:www-data
-socket=/var/run/uwsgi_iredadmin.socket
+socket = /var/run/uwsgi_iredadmin.socket
+chown-socket = PH_HTTPD_USER:PH_HTTPD_GROUP
+chmod-socket = 660
 uid = iredadmin
 gid = iredadmin