diff --git a/docker-compose.yml b/docker-compose.yml
index 526e174..d881b48 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,10 +14,26 @@ services:
       - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
     volumes:
       - database:/var/lib/mysql
-      - ./mysql/etc/mysql:/etc/mysql
+      - ./mysql/etc/mysql:/etc/mysql:ro
       - ./mysql/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
     ports:
       - 3307:3306
+  webapp:
+    image: webapp
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.webapp.rule=Host(`$MAIL_DOMAIN`) && PathPrefix(`/webapp`) 
+      - traefik.http.routers.webapp.tls=true
+      - traefik.http.routers.webapp.tls.certResolver=default
+    volumes:
+      - ./etc-zntrl/kopano:/etc/kopano:ro
+    ports:
+      - 8080:80
+    depends_on:
+      - server
+    networks:
+      - default
+      - traefik
 networks:
   traefik:
     external: true
@@ -45,23 +61,11 @@ volumes:
   #     - db
   #     - server
   #   command: /usr/sbin/kopano-search
-  # webapp:
-  #   image: webapp
-  #   labels:
-  #     - traefik.enable=true
-  #     - traefik.http.routers.webapp.rule=Host(`$MAIL_DOMAIN`) && PathPrefix(`/webapp`) 
-  #     - traefik.http.routers.webapp.tls=true
-  #     - traefik.http.routers.webapp.tls.certResolver=default
-  #   depends_on:
-  #     - server
-  #   networks:
-  #     - default
-  #     - traefik
   # z-push:
   #   image: z-push
   #   labels:
   #     - traefik.enable=true
-  #     - traefik.http.routers.webapp.rule=Host(`$MAIL_DOMAIN`) && PathPrefix(`/Active-Sync-...`)
+  #     - traefik.http.routers.webapp.rule=Host(`$MAIL_DOMAIN`) && PathPrefix(`/Microsoft-Server-ActiveSync`)
   #     - traefik.http.routers.webapp.tls=true
   #     - traefik.http.routers.webapp.tls.certResolver=default
   #   volumes:
diff --git a/etc-zntrl/kopano/webapp/config.php b/etc-zntrl/kopano/webapp/config.php
index f360e53..2c5a90b 100644
--- a/etc-zntrl/kopano/webapp/config.php
+++ b/etc-zntrl/kopano/webapp/config.php
@@ -19,7 +19,7 @@
 	//           define("DEFAULT_SERVER", "http://localhost:236/kopano");
 	//           define("DEFAULT_SERVER", "https://localhost:237/kopano");
 	//           define("DEFAULT_SERVER", "file:///var/run/kopano/server.sock");
-	define("DEFAULT_SERVER", "default:");
+	define("DEFAULT_SERVER", "http://kopano-server-1:236/kopano");
 
 	// When using a Single-Sign-On (SSO) system on your webserver and Kopano Core is on another server
 	// you can use https to access the Kopano server, and authenticate using an SSL certificate.
@@ -41,7 +41,7 @@
 	define("COOKIE_NAME", "KOPANO_WEBAPP");
 
 	// Set to 'false' to disable secure session cookies and to allow log-in without HTTPS.
-	define("SECURE_COOKIES", true);
+	define("SECURE_COOKIES", false);
 
 	// Use DOMPurify to filter HTML
 	// Caution: disabling DOMPurify is a potential security risk.
diff --git a/webapp/etc/ssl/certs/002c0b4f.0 b/etc-zntrl/ssl/certs/002c0b4f.0
similarity index 100%
rename from webapp/etc/ssl/certs/002c0b4f.0
rename to etc-zntrl/ssl/certs/002c0b4f.0
diff --git a/webapp/etc/ssl/certs/02265526.0 b/etc-zntrl/ssl/certs/02265526.0
similarity index 100%
rename from webapp/etc/ssl/certs/02265526.0
rename to etc-zntrl/ssl/certs/02265526.0
diff --git a/webapp/etc/ssl/certs/03179a64.0 b/etc-zntrl/ssl/certs/03179a64.0
similarity index 100%
rename from webapp/etc/ssl/certs/03179a64.0
rename to etc-zntrl/ssl/certs/03179a64.0
diff --git a/webapp/etc/ssl/certs/062cdee6.0 b/etc-zntrl/ssl/certs/062cdee6.0
similarity index 100%
rename from webapp/etc/ssl/certs/062cdee6.0
rename to etc-zntrl/ssl/certs/062cdee6.0
diff --git a/webapp/etc/ssl/certs/064e0aa9.0 b/etc-zntrl/ssl/certs/064e0aa9.0
similarity index 100%
rename from webapp/etc/ssl/certs/064e0aa9.0
rename to etc-zntrl/ssl/certs/064e0aa9.0
diff --git a/webapp/etc/ssl/certs/06dc52d5.0 b/etc-zntrl/ssl/certs/06dc52d5.0
similarity index 100%
rename from webapp/etc/ssl/certs/06dc52d5.0
rename to etc-zntrl/ssl/certs/06dc52d5.0
diff --git a/webapp/etc/ssl/certs/09789157.0 b/etc-zntrl/ssl/certs/09789157.0
similarity index 100%
rename from webapp/etc/ssl/certs/09789157.0
rename to etc-zntrl/ssl/certs/09789157.0
diff --git a/webapp/etc/ssl/certs/0a775a30.0 b/etc-zntrl/ssl/certs/0a775a30.0
similarity index 100%
rename from webapp/etc/ssl/certs/0a775a30.0
rename to etc-zntrl/ssl/certs/0a775a30.0
diff --git a/webapp/etc/ssl/certs/0b1b94ef.0 b/etc-zntrl/ssl/certs/0b1b94ef.0
similarity index 100%
rename from webapp/etc/ssl/certs/0b1b94ef.0
rename to etc-zntrl/ssl/certs/0b1b94ef.0
diff --git a/webapp/etc/ssl/certs/0bf05006.0 b/etc-zntrl/ssl/certs/0bf05006.0
similarity index 100%
rename from webapp/etc/ssl/certs/0bf05006.0
rename to etc-zntrl/ssl/certs/0bf05006.0
diff --git a/webapp/etc/ssl/certs/0f5dc4f3.0 b/etc-zntrl/ssl/certs/0f5dc4f3.0
similarity index 100%
rename from webapp/etc/ssl/certs/0f5dc4f3.0
rename to etc-zntrl/ssl/certs/0f5dc4f3.0
diff --git a/webapp/etc/ssl/certs/0f6fa695.0 b/etc-zntrl/ssl/certs/0f6fa695.0
similarity index 100%
rename from webapp/etc/ssl/certs/0f6fa695.0
rename to etc-zntrl/ssl/certs/0f6fa695.0
diff --git a/webapp/etc/ssl/certs/1001acf7.0 b/etc-zntrl/ssl/certs/1001acf7.0
similarity index 100%
rename from webapp/etc/ssl/certs/1001acf7.0
rename to etc-zntrl/ssl/certs/1001acf7.0
diff --git a/webapp/etc/ssl/certs/106f3e4d.0 b/etc-zntrl/ssl/certs/106f3e4d.0
similarity index 100%
rename from webapp/etc/ssl/certs/106f3e4d.0
rename to etc-zntrl/ssl/certs/106f3e4d.0
diff --git a/webapp/etc/ssl/certs/14bc7599.0 b/etc-zntrl/ssl/certs/14bc7599.0
similarity index 100%
rename from webapp/etc/ssl/certs/14bc7599.0
rename to etc-zntrl/ssl/certs/14bc7599.0
diff --git a/webapp/etc/ssl/certs/1636090b.0 b/etc-zntrl/ssl/certs/1636090b.0
similarity index 100%
rename from webapp/etc/ssl/certs/1636090b.0
rename to etc-zntrl/ssl/certs/1636090b.0
diff --git a/webapp/etc/ssl/certs/18856ac4.0 b/etc-zntrl/ssl/certs/18856ac4.0
similarity index 100%
rename from webapp/etc/ssl/certs/18856ac4.0
rename to etc-zntrl/ssl/certs/18856ac4.0
diff --git a/webapp/etc/ssl/certs/1d3472b9.0 b/etc-zntrl/ssl/certs/1d3472b9.0
similarity index 100%
rename from webapp/etc/ssl/certs/1d3472b9.0
rename to etc-zntrl/ssl/certs/1d3472b9.0
diff --git a/webapp/etc/ssl/certs/1e08bfd1.0 b/etc-zntrl/ssl/certs/1e08bfd1.0
similarity index 100%
rename from webapp/etc/ssl/certs/1e08bfd1.0
rename to etc-zntrl/ssl/certs/1e08bfd1.0
diff --git a/webapp/etc/ssl/certs/1e09d511.0 b/etc-zntrl/ssl/certs/1e09d511.0
similarity index 100%
rename from webapp/etc/ssl/certs/1e09d511.0
rename to etc-zntrl/ssl/certs/1e09d511.0
diff --git a/webapp/etc/ssl/certs/244b5494.0 b/etc-zntrl/ssl/certs/244b5494.0
similarity index 100%
rename from webapp/etc/ssl/certs/244b5494.0
rename to etc-zntrl/ssl/certs/244b5494.0
diff --git a/webapp/etc/ssl/certs/2923b3f9.0 b/etc-zntrl/ssl/certs/2923b3f9.0
similarity index 100%
rename from webapp/etc/ssl/certs/2923b3f9.0
rename to etc-zntrl/ssl/certs/2923b3f9.0
diff --git a/webapp/etc/ssl/certs/2ae6433e.0 b/etc-zntrl/ssl/certs/2ae6433e.0
similarity index 100%
rename from webapp/etc/ssl/certs/2ae6433e.0
rename to etc-zntrl/ssl/certs/2ae6433e.0
diff --git a/webapp/etc/ssl/certs/2b349938.0 b/etc-zntrl/ssl/certs/2b349938.0
similarity index 100%
rename from webapp/etc/ssl/certs/2b349938.0
rename to etc-zntrl/ssl/certs/2b349938.0
diff --git a/webapp/etc/ssl/certs/32888f65.0 b/etc-zntrl/ssl/certs/32888f65.0
similarity index 100%
rename from webapp/etc/ssl/certs/32888f65.0
rename to etc-zntrl/ssl/certs/32888f65.0
diff --git a/webapp/etc/ssl/certs/349f2832.0 b/etc-zntrl/ssl/certs/349f2832.0
similarity index 100%
rename from webapp/etc/ssl/certs/349f2832.0
rename to etc-zntrl/ssl/certs/349f2832.0
diff --git a/webapp/etc/ssl/certs/3513523f.0 b/etc-zntrl/ssl/certs/3513523f.0
similarity index 100%
rename from webapp/etc/ssl/certs/3513523f.0
rename to etc-zntrl/ssl/certs/3513523f.0
diff --git a/webapp/etc/ssl/certs/3bde41ac.0 b/etc-zntrl/ssl/certs/3bde41ac.0
similarity index 100%
rename from webapp/etc/ssl/certs/3bde41ac.0
rename to etc-zntrl/ssl/certs/3bde41ac.0
diff --git a/webapp/etc/ssl/certs/3e44d2f7.0 b/etc-zntrl/ssl/certs/3e44d2f7.0
similarity index 100%
rename from webapp/etc/ssl/certs/3e44d2f7.0
rename to etc-zntrl/ssl/certs/3e44d2f7.0
diff --git a/webapp/etc/ssl/certs/3e45d192.0 b/etc-zntrl/ssl/certs/3e45d192.0
similarity index 100%
rename from webapp/etc/ssl/certs/3e45d192.0
rename to etc-zntrl/ssl/certs/3e45d192.0
diff --git a/webapp/etc/ssl/certs/3fb36b73.0 b/etc-zntrl/ssl/certs/3fb36b73.0
similarity index 100%
rename from webapp/etc/ssl/certs/3fb36b73.0
rename to etc-zntrl/ssl/certs/3fb36b73.0
diff --git a/webapp/etc/ssl/certs/40193066.0 b/etc-zntrl/ssl/certs/40193066.0
similarity index 100%
rename from webapp/etc/ssl/certs/40193066.0
rename to etc-zntrl/ssl/certs/40193066.0
diff --git a/webapp/etc/ssl/certs/4042bcee.0 b/etc-zntrl/ssl/certs/4042bcee.0
similarity index 100%
rename from webapp/etc/ssl/certs/4042bcee.0
rename to etc-zntrl/ssl/certs/4042bcee.0
diff --git a/webapp/etc/ssl/certs/40547a79.0 b/etc-zntrl/ssl/certs/40547a79.0
similarity index 100%
rename from webapp/etc/ssl/certs/40547a79.0
rename to etc-zntrl/ssl/certs/40547a79.0
diff --git a/webapp/etc/ssl/certs/406c9bb1.0 b/etc-zntrl/ssl/certs/406c9bb1.0
similarity index 100%
rename from webapp/etc/ssl/certs/406c9bb1.0
rename to etc-zntrl/ssl/certs/406c9bb1.0
diff --git a/webapp/etc/ssl/certs/4304c5e5.0 b/etc-zntrl/ssl/certs/4304c5e5.0
similarity index 100%
rename from webapp/etc/ssl/certs/4304c5e5.0
rename to etc-zntrl/ssl/certs/4304c5e5.0
diff --git a/webapp/etc/ssl/certs/48bec511.0 b/etc-zntrl/ssl/certs/48bec511.0
similarity index 100%
rename from webapp/etc/ssl/certs/48bec511.0
rename to etc-zntrl/ssl/certs/48bec511.0
diff --git a/webapp/etc/ssl/certs/4a6481c9.0 b/etc-zntrl/ssl/certs/4a6481c9.0
similarity index 100%
rename from webapp/etc/ssl/certs/4a6481c9.0
rename to etc-zntrl/ssl/certs/4a6481c9.0
diff --git a/webapp/etc/ssl/certs/4b718d9b.0 b/etc-zntrl/ssl/certs/4b718d9b.0
similarity index 100%
rename from webapp/etc/ssl/certs/4b718d9b.0
rename to etc-zntrl/ssl/certs/4b718d9b.0
diff --git a/webapp/etc/ssl/certs/4bfab552.0 b/etc-zntrl/ssl/certs/4bfab552.0
similarity index 100%
rename from webapp/etc/ssl/certs/4bfab552.0
rename to etc-zntrl/ssl/certs/4bfab552.0
diff --git a/webapp/etc/ssl/certs/4f316efb.0 b/etc-zntrl/ssl/certs/4f316efb.0
similarity index 100%
rename from webapp/etc/ssl/certs/4f316efb.0
rename to etc-zntrl/ssl/certs/4f316efb.0
diff --git a/webapp/etc/ssl/certs/5273a94c.0 b/etc-zntrl/ssl/certs/5273a94c.0
similarity index 100%
rename from webapp/etc/ssl/certs/5273a94c.0
rename to etc-zntrl/ssl/certs/5273a94c.0
diff --git a/webapp/etc/ssl/certs/5443e9e3.0 b/etc-zntrl/ssl/certs/5443e9e3.0
similarity index 100%
rename from webapp/etc/ssl/certs/5443e9e3.0
rename to etc-zntrl/ssl/certs/5443e9e3.0
diff --git a/webapp/etc/ssl/certs/54657681.0 b/etc-zntrl/ssl/certs/54657681.0
similarity index 100%
rename from webapp/etc/ssl/certs/54657681.0
rename to etc-zntrl/ssl/certs/54657681.0
diff --git a/webapp/etc/ssl/certs/57bcb2da.0 b/etc-zntrl/ssl/certs/57bcb2da.0
similarity index 100%
rename from webapp/etc/ssl/certs/57bcb2da.0
rename to etc-zntrl/ssl/certs/57bcb2da.0
diff --git a/webapp/etc/ssl/certs/5ad8a5d6.0 b/etc-zntrl/ssl/certs/5ad8a5d6.0
similarity index 100%
rename from webapp/etc/ssl/certs/5ad8a5d6.0
rename to etc-zntrl/ssl/certs/5ad8a5d6.0
diff --git a/webapp/etc/ssl/certs/5cd81ad7.0 b/etc-zntrl/ssl/certs/5cd81ad7.0
similarity index 100%
rename from webapp/etc/ssl/certs/5cd81ad7.0
rename to etc-zntrl/ssl/certs/5cd81ad7.0
diff --git a/webapp/etc/ssl/certs/5d3033c5.0 b/etc-zntrl/ssl/certs/5d3033c5.0
similarity index 100%
rename from webapp/etc/ssl/certs/5d3033c5.0
rename to etc-zntrl/ssl/certs/5d3033c5.0
diff --git a/webapp/etc/ssl/certs/5e98733a.0 b/etc-zntrl/ssl/certs/5e98733a.0
similarity index 100%
rename from webapp/etc/ssl/certs/5e98733a.0
rename to etc-zntrl/ssl/certs/5e98733a.0
diff --git a/webapp/etc/ssl/certs/5f15c80c.0 b/etc-zntrl/ssl/certs/5f15c80c.0
similarity index 100%
rename from webapp/etc/ssl/certs/5f15c80c.0
rename to etc-zntrl/ssl/certs/5f15c80c.0
diff --git a/webapp/etc/ssl/certs/5f618aec.0 b/etc-zntrl/ssl/certs/5f618aec.0
similarity index 100%
rename from webapp/etc/ssl/certs/5f618aec.0
rename to etc-zntrl/ssl/certs/5f618aec.0
diff --git a/webapp/etc/ssl/certs/607986c7.0 b/etc-zntrl/ssl/certs/607986c7.0
similarity index 100%
rename from webapp/etc/ssl/certs/607986c7.0
rename to etc-zntrl/ssl/certs/607986c7.0
diff --git a/webapp/etc/ssl/certs/626dceaf.0 b/etc-zntrl/ssl/certs/626dceaf.0
similarity index 100%
rename from webapp/etc/ssl/certs/626dceaf.0
rename to etc-zntrl/ssl/certs/626dceaf.0
diff --git a/webapp/etc/ssl/certs/653b494a.0 b/etc-zntrl/ssl/certs/653b494a.0
similarity index 100%
rename from webapp/etc/ssl/certs/653b494a.0
rename to etc-zntrl/ssl/certs/653b494a.0
diff --git a/webapp/etc/ssl/certs/68dd7389.0 b/etc-zntrl/ssl/certs/68dd7389.0
similarity index 100%
rename from webapp/etc/ssl/certs/68dd7389.0
rename to etc-zntrl/ssl/certs/68dd7389.0
diff --git a/webapp/etc/ssl/certs/6b99d060.0 b/etc-zntrl/ssl/certs/6b99d060.0
similarity index 100%
rename from webapp/etc/ssl/certs/6b99d060.0
rename to etc-zntrl/ssl/certs/6b99d060.0
diff --git a/webapp/etc/ssl/certs/6d41d539.0 b/etc-zntrl/ssl/certs/6d41d539.0
similarity index 100%
rename from webapp/etc/ssl/certs/6d41d539.0
rename to etc-zntrl/ssl/certs/6d41d539.0
diff --git a/webapp/etc/ssl/certs/6fa5da56.0 b/etc-zntrl/ssl/certs/6fa5da56.0
similarity index 100%
rename from webapp/etc/ssl/certs/6fa5da56.0
rename to etc-zntrl/ssl/certs/6fa5da56.0
diff --git a/webapp/etc/ssl/certs/706f604c.0 b/etc-zntrl/ssl/certs/706f604c.0
similarity index 100%
rename from webapp/etc/ssl/certs/706f604c.0
rename to etc-zntrl/ssl/certs/706f604c.0
diff --git a/webapp/etc/ssl/certs/749e9e03.0 b/etc-zntrl/ssl/certs/749e9e03.0
similarity index 100%
rename from webapp/etc/ssl/certs/749e9e03.0
rename to etc-zntrl/ssl/certs/749e9e03.0
diff --git a/webapp/etc/ssl/certs/75d1b2ed.0 b/etc-zntrl/ssl/certs/75d1b2ed.0
similarity index 100%
rename from webapp/etc/ssl/certs/75d1b2ed.0
rename to etc-zntrl/ssl/certs/75d1b2ed.0
diff --git a/webapp/etc/ssl/certs/76cb8f92.0 b/etc-zntrl/ssl/certs/76cb8f92.0
similarity index 100%
rename from webapp/etc/ssl/certs/76cb8f92.0
rename to etc-zntrl/ssl/certs/76cb8f92.0
diff --git a/webapp/etc/ssl/certs/76faf6c0.0 b/etc-zntrl/ssl/certs/76faf6c0.0
similarity index 100%
rename from webapp/etc/ssl/certs/76faf6c0.0
rename to etc-zntrl/ssl/certs/76faf6c0.0
diff --git a/webapp/etc/ssl/certs/7719f463.0 b/etc-zntrl/ssl/certs/7719f463.0
similarity index 100%
rename from webapp/etc/ssl/certs/7719f463.0
rename to etc-zntrl/ssl/certs/7719f463.0
diff --git a/webapp/etc/ssl/certs/773e07ad.0 b/etc-zntrl/ssl/certs/773e07ad.0
similarity index 100%
rename from webapp/etc/ssl/certs/773e07ad.0
rename to etc-zntrl/ssl/certs/773e07ad.0
diff --git a/webapp/etc/ssl/certs/7aaf71c0.0 b/etc-zntrl/ssl/certs/7aaf71c0.0
similarity index 100%
rename from webapp/etc/ssl/certs/7aaf71c0.0
rename to etc-zntrl/ssl/certs/7aaf71c0.0
diff --git a/webapp/etc/ssl/certs/7f3d5d1d.0 b/etc-zntrl/ssl/certs/7f3d5d1d.0
similarity index 100%
rename from webapp/etc/ssl/certs/7f3d5d1d.0
rename to etc-zntrl/ssl/certs/7f3d5d1d.0
diff --git a/webapp/etc/ssl/certs/8160b96c.0 b/etc-zntrl/ssl/certs/8160b96c.0
similarity index 100%
rename from webapp/etc/ssl/certs/8160b96c.0
rename to etc-zntrl/ssl/certs/8160b96c.0
diff --git a/webapp/etc/ssl/certs/8cb5ee0f.0 b/etc-zntrl/ssl/certs/8cb5ee0f.0
similarity index 100%
rename from webapp/etc/ssl/certs/8cb5ee0f.0
rename to etc-zntrl/ssl/certs/8cb5ee0f.0
diff --git a/webapp/etc/ssl/certs/8d86cdd1.0 b/etc-zntrl/ssl/certs/8d86cdd1.0
similarity index 100%
rename from webapp/etc/ssl/certs/8d86cdd1.0
rename to etc-zntrl/ssl/certs/8d86cdd1.0
diff --git a/webapp/etc/ssl/certs/8d89cda1.0 b/etc-zntrl/ssl/certs/8d89cda1.0
similarity index 100%
rename from webapp/etc/ssl/certs/8d89cda1.0
rename to etc-zntrl/ssl/certs/8d89cda1.0
diff --git a/webapp/etc/ssl/certs/930ac5d2.0 b/etc-zntrl/ssl/certs/930ac5d2.0
similarity index 100%
rename from webapp/etc/ssl/certs/930ac5d2.0
rename to etc-zntrl/ssl/certs/930ac5d2.0
diff --git a/webapp/etc/ssl/certs/93bc0acc.0 b/etc-zntrl/ssl/certs/93bc0acc.0
similarity index 100%
rename from webapp/etc/ssl/certs/93bc0acc.0
rename to etc-zntrl/ssl/certs/93bc0acc.0
diff --git a/webapp/etc/ssl/certs/9482e63a.0 b/etc-zntrl/ssl/certs/9482e63a.0
similarity index 100%
rename from webapp/etc/ssl/certs/9482e63a.0
rename to etc-zntrl/ssl/certs/9482e63a.0
diff --git a/webapp/etc/ssl/certs/988a38cb.0 b/etc-zntrl/ssl/certs/988a38cb.0
similarity index 100%
rename from webapp/etc/ssl/certs/988a38cb.0
rename to etc-zntrl/ssl/certs/988a38cb.0
diff --git a/webapp/etc/ssl/certs/9b5697b0.0 b/etc-zntrl/ssl/certs/9b5697b0.0
similarity index 100%
rename from webapp/etc/ssl/certs/9b5697b0.0
rename to etc-zntrl/ssl/certs/9b5697b0.0
diff --git a/webapp/etc/ssl/certs/9c8dfbd4.0 b/etc-zntrl/ssl/certs/9c8dfbd4.0
similarity index 100%
rename from webapp/etc/ssl/certs/9c8dfbd4.0
rename to etc-zntrl/ssl/certs/9c8dfbd4.0
diff --git a/webapp/etc/ssl/certs/9d04f354.0 b/etc-zntrl/ssl/certs/9d04f354.0
similarity index 100%
rename from webapp/etc/ssl/certs/9d04f354.0
rename to etc-zntrl/ssl/certs/9d04f354.0
diff --git a/webapp/etc/ssl/certs/ACCVRAIZ1.pem b/etc-zntrl/ssl/certs/ACCVRAIZ1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/ACCVRAIZ1.pem
rename to etc-zntrl/ssl/certs/ACCVRAIZ1.pem
diff --git a/webapp/etc/ssl/certs/AC_RAIZ_FNMT-RCM.pem b/etc-zntrl/ssl/certs/AC_RAIZ_FNMT-RCM.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AC_RAIZ_FNMT-RCM.pem
rename to etc-zntrl/ssl/certs/AC_RAIZ_FNMT-RCM.pem
diff --git a/webapp/etc/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem b/etc-zntrl/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
rename to etc-zntrl/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
diff --git a/webapp/etc/ssl/certs/ANF_Secure_Server_Root_CA.pem b/etc-zntrl/ssl/certs/ANF_Secure_Server_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/ANF_Secure_Server_Root_CA.pem
rename to etc-zntrl/ssl/certs/ANF_Secure_Server_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Actalis_Authentication_Root_CA.pem b/etc-zntrl/ssl/certs/Actalis_Authentication_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Actalis_Authentication_Root_CA.pem
rename to etc-zntrl/ssl/certs/Actalis_Authentication_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/AffirmTrust_Commercial.pem b/etc-zntrl/ssl/certs/AffirmTrust_Commercial.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AffirmTrust_Commercial.pem
rename to etc-zntrl/ssl/certs/AffirmTrust_Commercial.pem
diff --git a/webapp/etc/ssl/certs/AffirmTrust_Networking.pem b/etc-zntrl/ssl/certs/AffirmTrust_Networking.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AffirmTrust_Networking.pem
rename to etc-zntrl/ssl/certs/AffirmTrust_Networking.pem
diff --git a/webapp/etc/ssl/certs/AffirmTrust_Premium.pem b/etc-zntrl/ssl/certs/AffirmTrust_Premium.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AffirmTrust_Premium.pem
rename to etc-zntrl/ssl/certs/AffirmTrust_Premium.pem
diff --git a/webapp/etc/ssl/certs/AffirmTrust_Premium_ECC.pem b/etc-zntrl/ssl/certs/AffirmTrust_Premium_ECC.pem
similarity index 100%
rename from webapp/etc/ssl/certs/AffirmTrust_Premium_ECC.pem
rename to etc-zntrl/ssl/certs/AffirmTrust_Premium_ECC.pem
diff --git a/webapp/etc/ssl/certs/Amazon_Root_CA_1.pem b/etc-zntrl/ssl/certs/Amazon_Root_CA_1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Amazon_Root_CA_1.pem
rename to etc-zntrl/ssl/certs/Amazon_Root_CA_1.pem
diff --git a/webapp/etc/ssl/certs/Amazon_Root_CA_2.pem b/etc-zntrl/ssl/certs/Amazon_Root_CA_2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Amazon_Root_CA_2.pem
rename to etc-zntrl/ssl/certs/Amazon_Root_CA_2.pem
diff --git a/webapp/etc/ssl/certs/Amazon_Root_CA_3.pem b/etc-zntrl/ssl/certs/Amazon_Root_CA_3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Amazon_Root_CA_3.pem
rename to etc-zntrl/ssl/certs/Amazon_Root_CA_3.pem
diff --git a/webapp/etc/ssl/certs/Amazon_Root_CA_4.pem b/etc-zntrl/ssl/certs/Amazon_Root_CA_4.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Amazon_Root_CA_4.pem
rename to etc-zntrl/ssl/certs/Amazon_Root_CA_4.pem
diff --git a/webapp/etc/ssl/certs/Atos_TrustedRoot_2011.pem b/etc-zntrl/ssl/certs/Atos_TrustedRoot_2011.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Atos_TrustedRoot_2011.pem
rename to etc-zntrl/ssl/certs/Atos_TrustedRoot_2011.pem
diff --git a/webapp/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem b/etc-zntrl/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
rename to etc-zntrl/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
diff --git a/webapp/etc/ssl/certs/Baltimore_CyberTrust_Root.pem b/etc-zntrl/ssl/certs/Baltimore_CyberTrust_Root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Baltimore_CyberTrust_Root.pem
rename to etc-zntrl/ssl/certs/Baltimore_CyberTrust_Root.pem
diff --git a/webapp/etc/ssl/certs/Buypass_Class_2_Root_CA.pem b/etc-zntrl/ssl/certs/Buypass_Class_2_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Buypass_Class_2_Root_CA.pem
rename to etc-zntrl/ssl/certs/Buypass_Class_2_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Buypass_Class_3_Root_CA.pem b/etc-zntrl/ssl/certs/Buypass_Class_3_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Buypass_Class_3_Root_CA.pem
rename to etc-zntrl/ssl/certs/Buypass_Class_3_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/CA_Disig_Root_R2.pem b/etc-zntrl/ssl/certs/CA_Disig_Root_R2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/CA_Disig_Root_R2.pem
rename to etc-zntrl/ssl/certs/CA_Disig_Root_R2.pem
diff --git a/webapp/etc/ssl/certs/CFCA_EV_ROOT.pem b/etc-zntrl/ssl/certs/CFCA_EV_ROOT.pem
similarity index 100%
rename from webapp/etc/ssl/certs/CFCA_EV_ROOT.pem
rename to etc-zntrl/ssl/certs/CFCA_EV_ROOT.pem
diff --git a/webapp/etc/ssl/certs/COMODO_Certification_Authority.pem b/etc-zntrl/ssl/certs/COMODO_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/COMODO_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/COMODO_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/COMODO_ECC_Certification_Authority.pem b/etc-zntrl/ssl/certs/COMODO_ECC_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/COMODO_ECC_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/COMODO_ECC_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/COMODO_RSA_Certification_Authority.pem b/etc-zntrl/ssl/certs/COMODO_RSA_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/COMODO_RSA_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/COMODO_RSA_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/Certigna.pem b/etc-zntrl/ssl/certs/Certigna.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certigna.pem
rename to etc-zntrl/ssl/certs/Certigna.pem
diff --git a/webapp/etc/ssl/certs/Certigna_Root_CA.pem b/etc-zntrl/ssl/certs/Certigna_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certigna_Root_CA.pem
rename to etc-zntrl/ssl/certs/Certigna_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Certum_EC-384_CA.pem b/etc-zntrl/ssl/certs/Certum_EC-384_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certum_EC-384_CA.pem
rename to etc-zntrl/ssl/certs/Certum_EC-384_CA.pem
diff --git a/webapp/etc/ssl/certs/Certum_Trusted_Network_CA.pem b/etc-zntrl/ssl/certs/Certum_Trusted_Network_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certum_Trusted_Network_CA.pem
rename to etc-zntrl/ssl/certs/Certum_Trusted_Network_CA.pem
diff --git a/webapp/etc/ssl/certs/Certum_Trusted_Network_CA_2.pem b/etc-zntrl/ssl/certs/Certum_Trusted_Network_CA_2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certum_Trusted_Network_CA_2.pem
rename to etc-zntrl/ssl/certs/Certum_Trusted_Network_CA_2.pem
diff --git a/webapp/etc/ssl/certs/Certum_Trusted_Root_CA.pem b/etc-zntrl/ssl/certs/Certum_Trusted_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Certum_Trusted_Root_CA.pem
rename to etc-zntrl/ssl/certs/Certum_Trusted_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Comodo_AAA_Services_root.pem b/etc-zntrl/ssl/certs/Comodo_AAA_Services_root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Comodo_AAA_Services_root.pem
rename to etc-zntrl/ssl/certs/Comodo_AAA_Services_root.pem
diff --git a/webapp/etc/ssl/certs/Cybertrust_Global_Root.pem b/etc-zntrl/ssl/certs/Cybertrust_Global_Root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Cybertrust_Global_Root.pem
rename to etc-zntrl/ssl/certs/Cybertrust_Global_Root.pem
diff --git a/webapp/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.pem b/etc-zntrl/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.pem
similarity index 100%
rename from webapp/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.pem
rename to etc-zntrl/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.pem
diff --git a/webapp/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.pem b/etc-zntrl/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
similarity index 100%
rename from webapp/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
rename to etc-zntrl/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem b/etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem
rename to etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_G2.pem b/etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_G2.pem
rename to etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_G2.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_G3.pem b/etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Assured_ID_Root_G3.pem
rename to etc-zntrl/ssl/certs/DigiCert_Assured_ID_Root_G3.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Global_Root_CA.pem b/etc-zntrl/ssl/certs/DigiCert_Global_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Global_Root_CA.pem
rename to etc-zntrl/ssl/certs/DigiCert_Global_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Global_Root_G2.pem b/etc-zntrl/ssl/certs/DigiCert_Global_Root_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Global_Root_G2.pem
rename to etc-zntrl/ssl/certs/DigiCert_Global_Root_G2.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Global_Root_G3.pem b/etc-zntrl/ssl/certs/DigiCert_Global_Root_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Global_Root_G3.pem
rename to etc-zntrl/ssl/certs/DigiCert_Global_Root_G3.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem b/etc-zntrl/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem
rename to etc-zntrl/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/DigiCert_Trusted_Root_G4.pem b/etc-zntrl/ssl/certs/DigiCert_Trusted_Root_G4.pem
similarity index 100%
rename from webapp/etc/ssl/certs/DigiCert_Trusted_Root_G4.pem
rename to etc-zntrl/ssl/certs/DigiCert_Trusted_Root_G4.pem
diff --git a/webapp/etc/ssl/certs/E-Tugra_Certification_Authority.pem b/etc-zntrl/ssl/certs/E-Tugra_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/E-Tugra_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/E-Tugra_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/EC-ACC.pem b/etc-zntrl/ssl/certs/EC-ACC.pem
similarity index 100%
rename from webapp/etc/ssl/certs/EC-ACC.pem
rename to etc-zntrl/ssl/certs/EC-ACC.pem
diff --git a/webapp/etc/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.pem b/etc-zntrl/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.pem
rename to etc-zntrl/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.pem
diff --git a/webapp/etc/ssl/certs/Entrust_Root_Certification_Authority.pem b/etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Entrust_Root_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.pem b/etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.pem
rename to etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.pem
diff --git a/webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G2.pem b/etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G2.pem
rename to etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_G2.pem
diff --git a/webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G4.pem b/etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_G4.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G4.pem
rename to etc-zntrl/ssl/certs/Entrust_Root_Certification_Authority_-_G4.pem
diff --git a/webapp/etc/ssl/certs/GDCA_TrustAUTH_R5_ROOT.pem b/etc-zntrl/ssl/certs/GDCA_TrustAUTH_R5_ROOT.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GDCA_TrustAUTH_R5_ROOT.pem
rename to etc-zntrl/ssl/certs/GDCA_TrustAUTH_R5_ROOT.pem
diff --git a/webapp/etc/ssl/certs/GLOBALTRUST_2020.pem b/etc-zntrl/ssl/certs/GLOBALTRUST_2020.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GLOBALTRUST_2020.pem
rename to etc-zntrl/ssl/certs/GLOBALTRUST_2020.pem
diff --git a/webapp/etc/ssl/certs/GTS_Root_R1.pem b/etc-zntrl/ssl/certs/GTS_Root_R1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GTS_Root_R1.pem
rename to etc-zntrl/ssl/certs/GTS_Root_R1.pem
diff --git a/webapp/etc/ssl/certs/GTS_Root_R2.pem b/etc-zntrl/ssl/certs/GTS_Root_R2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GTS_Root_R2.pem
rename to etc-zntrl/ssl/certs/GTS_Root_R2.pem
diff --git a/webapp/etc/ssl/certs/GTS_Root_R3.pem b/etc-zntrl/ssl/certs/GTS_Root_R3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GTS_Root_R3.pem
rename to etc-zntrl/ssl/certs/GTS_Root_R3.pem
diff --git a/webapp/etc/ssl/certs/GTS_Root_R4.pem b/etc-zntrl/ssl/certs/GTS_Root_R4.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GTS_Root_R4.pem
rename to etc-zntrl/ssl/certs/GTS_Root_R4.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.pem b/etc-zntrl/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.pem
rename to etc-zntrl/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.pem b/etc-zntrl/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.pem
rename to etc-zntrl/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_CA.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_CA.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R2.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R2.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R2.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R3.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R3.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R3.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R6.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R6.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_CA_-_R6.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_CA_-_R6.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_E46.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_E46.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_E46.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_E46.pem
diff --git a/webapp/etc/ssl/certs/GlobalSign_Root_R46.pem b/etc-zntrl/ssl/certs/GlobalSign_Root_R46.pem
similarity index 100%
rename from webapp/etc/ssl/certs/GlobalSign_Root_R46.pem
rename to etc-zntrl/ssl/certs/GlobalSign_Root_R46.pem
diff --git a/webapp/etc/ssl/certs/Go_Daddy_Class_2_CA.pem b/etc-zntrl/ssl/certs/Go_Daddy_Class_2_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Go_Daddy_Class_2_CA.pem
rename to etc-zntrl/ssl/certs/Go_Daddy_Class_2_CA.pem
diff --git a/webapp/etc/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.pem b/etc-zntrl/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.pem
rename to etc-zntrl/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.pem
diff --git a/webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem b/etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
rename to etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
diff --git a/webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem b/etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
rename to etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
diff --git a/webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem b/etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
rename to etc-zntrl/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
diff --git a/webapp/etc/ssl/certs/Hongkong_Post_Root_CA_1.pem b/etc-zntrl/ssl/certs/Hongkong_Post_Root_CA_1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Hongkong_Post_Root_CA_1.pem
rename to etc-zntrl/ssl/certs/Hongkong_Post_Root_CA_1.pem
diff --git a/webapp/etc/ssl/certs/Hongkong_Post_Root_CA_3.pem b/etc-zntrl/ssl/certs/Hongkong_Post_Root_CA_3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Hongkong_Post_Root_CA_3.pem
rename to etc-zntrl/ssl/certs/Hongkong_Post_Root_CA_3.pem
diff --git a/webapp/etc/ssl/certs/ISRG_Root_X1.pem b/etc-zntrl/ssl/certs/ISRG_Root_X1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/ISRG_Root_X1.pem
rename to etc-zntrl/ssl/certs/ISRG_Root_X1.pem
diff --git a/webapp/etc/ssl/certs/IdenTrust_Commercial_Root_CA_1.pem b/etc-zntrl/ssl/certs/IdenTrust_Commercial_Root_CA_1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/IdenTrust_Commercial_Root_CA_1.pem
rename to etc-zntrl/ssl/certs/IdenTrust_Commercial_Root_CA_1.pem
diff --git a/webapp/etc/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.pem b/etc-zntrl/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.pem
rename to etc-zntrl/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.pem
diff --git a/webapp/etc/ssl/certs/Izenpe.com.pem b/etc-zntrl/ssl/certs/Izenpe.com.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Izenpe.com.pem
rename to etc-zntrl/ssl/certs/Izenpe.com.pem
diff --git a/webapp/etc/ssl/certs/Microsec_e-Szigno_Root_CA_2009.pem b/etc-zntrl/ssl/certs/Microsec_e-Szigno_Root_CA_2009.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Microsec_e-Szigno_Root_CA_2009.pem
rename to etc-zntrl/ssl/certs/Microsec_e-Szigno_Root_CA_2009.pem
diff --git a/webapp/etc/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.pem b/etc-zntrl/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.pem
rename to etc-zntrl/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.pem
diff --git a/webapp/etc/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.pem b/etc-zntrl/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.pem
rename to etc-zntrl/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.pem
diff --git a/webapp/etc/ssl/certs/NAVER_Global_Root_Certification_Authority.pem b/etc-zntrl/ssl/certs/NAVER_Global_Root_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/NAVER_Global_Root_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/NAVER_Global_Root_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem b/etc-zntrl/ssl/certs/NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
similarity index 100%
rename from webapp/etc/ssl/certs/NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
rename to etc-zntrl/ssl/certs/NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
diff --git a/webapp/etc/ssl/certs/Network_Solutions_Certificate_Authority.pem b/etc-zntrl/ssl/certs/Network_Solutions_Certificate_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Network_Solutions_Certificate_Authority.pem
rename to etc-zntrl/ssl/certs/Network_Solutions_Certificate_Authority.pem
diff --git a/webapp/etc/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.pem b/etc-zntrl/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.pem
rename to etc-zntrl/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.pem
diff --git a/webapp/etc/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.pem b/etc-zntrl/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.pem
rename to etc-zntrl/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.pem
diff --git a/webapp/etc/ssl/certs/QuoVadis_Root_CA_1_G3.pem b/etc-zntrl/ssl/certs/QuoVadis_Root_CA_1_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/QuoVadis_Root_CA_1_G3.pem
rename to etc-zntrl/ssl/certs/QuoVadis_Root_CA_1_G3.pem
diff --git a/webapp/etc/ssl/certs/QuoVadis_Root_CA_2.pem b/etc-zntrl/ssl/certs/QuoVadis_Root_CA_2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/QuoVadis_Root_CA_2.pem
rename to etc-zntrl/ssl/certs/QuoVadis_Root_CA_2.pem
diff --git a/webapp/etc/ssl/certs/QuoVadis_Root_CA_2_G3.pem b/etc-zntrl/ssl/certs/QuoVadis_Root_CA_2_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/QuoVadis_Root_CA_2_G3.pem
rename to etc-zntrl/ssl/certs/QuoVadis_Root_CA_2_G3.pem
diff --git a/webapp/etc/ssl/certs/QuoVadis_Root_CA_3.pem b/etc-zntrl/ssl/certs/QuoVadis_Root_CA_3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/QuoVadis_Root_CA_3.pem
rename to etc-zntrl/ssl/certs/QuoVadis_Root_CA_3.pem
diff --git a/webapp/etc/ssl/certs/QuoVadis_Root_CA_3_G3.pem b/etc-zntrl/ssl/certs/QuoVadis_Root_CA_3_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/QuoVadis_Root_CA_3_G3.pem
rename to etc-zntrl/ssl/certs/QuoVadis_Root_CA_3_G3.pem
diff --git a/webapp/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.pem b/etc-zntrl/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.pem
rename to etc-zntrl/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.pem
diff --git a/webapp/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.pem b/etc-zntrl/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
rename to etc-zntrl/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
diff --git a/webapp/etc/ssl/certs/SSL.com_Root_Certification_Authority_ECC.pem b/etc-zntrl/ssl/certs/SSL.com_Root_Certification_Authority_ECC.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SSL.com_Root_Certification_Authority_ECC.pem
rename to etc-zntrl/ssl/certs/SSL.com_Root_Certification_Authority_ECC.pem
diff --git a/webapp/etc/ssl/certs/SSL.com_Root_Certification_Authority_RSA.pem b/etc-zntrl/ssl/certs/SSL.com_Root_Certification_Authority_RSA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SSL.com_Root_Certification_Authority_RSA.pem
rename to etc-zntrl/ssl/certs/SSL.com_Root_Certification_Authority_RSA.pem
diff --git a/webapp/etc/ssl/certs/SZAFIR_ROOT_CA2.pem b/etc-zntrl/ssl/certs/SZAFIR_ROOT_CA2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SZAFIR_ROOT_CA2.pem
rename to etc-zntrl/ssl/certs/SZAFIR_ROOT_CA2.pem
diff --git a/webapp/etc/ssl/certs/SecureSign_RootCA11.pem b/etc-zntrl/ssl/certs/SecureSign_RootCA11.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SecureSign_RootCA11.pem
rename to etc-zntrl/ssl/certs/SecureSign_RootCA11.pem
diff --git a/webapp/etc/ssl/certs/SecureTrust_CA.pem b/etc-zntrl/ssl/certs/SecureTrust_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SecureTrust_CA.pem
rename to etc-zntrl/ssl/certs/SecureTrust_CA.pem
diff --git a/webapp/etc/ssl/certs/Secure_Global_CA.pem b/etc-zntrl/ssl/certs/Secure_Global_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Secure_Global_CA.pem
rename to etc-zntrl/ssl/certs/Secure_Global_CA.pem
diff --git a/webapp/etc/ssl/certs/Security_Communication_RootCA2.pem b/etc-zntrl/ssl/certs/Security_Communication_RootCA2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Security_Communication_RootCA2.pem
rename to etc-zntrl/ssl/certs/Security_Communication_RootCA2.pem
diff --git a/webapp/etc/ssl/certs/Security_Communication_Root_CA.pem b/etc-zntrl/ssl/certs/Security_Communication_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Security_Communication_Root_CA.pem
rename to etc-zntrl/ssl/certs/Security_Communication_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.pem b/etc-zntrl/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.pem
rename to etc-zntrl/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/Starfield_Class_2_CA.pem b/etc-zntrl/ssl/certs/Starfield_Class_2_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Starfield_Class_2_CA.pem
rename to etc-zntrl/ssl/certs/Starfield_Class_2_CA.pem
diff --git a/webapp/etc/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.pem b/etc-zntrl/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.pem
rename to etc-zntrl/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.pem
diff --git a/webapp/etc/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem b/etc-zntrl/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem
rename to etc-zntrl/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem
diff --git a/webapp/etc/ssl/certs/SwissSign_Gold_CA_-_G2.pem b/etc-zntrl/ssl/certs/SwissSign_Gold_CA_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SwissSign_Gold_CA_-_G2.pem
rename to etc-zntrl/ssl/certs/SwissSign_Gold_CA_-_G2.pem
diff --git a/webapp/etc/ssl/certs/SwissSign_Silver_CA_-_G2.pem b/etc-zntrl/ssl/certs/SwissSign_Silver_CA_-_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/SwissSign_Silver_CA_-_G2.pem
rename to etc-zntrl/ssl/certs/SwissSign_Silver_CA_-_G2.pem
diff --git a/webapp/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem b/etc-zntrl/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem
rename to etc-zntrl/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem
diff --git a/webapp/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_3.pem b/etc-zntrl/ssl/certs/T-TeleSec_GlobalRoot_Class_3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_3.pem
rename to etc-zntrl/ssl/certs/T-TeleSec_GlobalRoot_Class_3.pem
diff --git a/webapp/etc/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem b/etc-zntrl/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
rename to etc-zntrl/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
diff --git a/webapp/etc/ssl/certs/TWCA_Global_Root_CA.pem b/etc-zntrl/ssl/certs/TWCA_Global_Root_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TWCA_Global_Root_CA.pem
rename to etc-zntrl/ssl/certs/TWCA_Global_Root_CA.pem
diff --git a/webapp/etc/ssl/certs/TWCA_Root_Certification_Authority.pem b/etc-zntrl/ssl/certs/TWCA_Root_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TWCA_Root_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/TWCA_Root_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/TeliaSonera_Root_CA_v1.pem b/etc-zntrl/ssl/certs/TeliaSonera_Root_CA_v1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TeliaSonera_Root_CA_v1.pem
rename to etc-zntrl/ssl/certs/TeliaSonera_Root_CA_v1.pem
diff --git a/webapp/etc/ssl/certs/TrustCor_ECA-1.pem b/etc-zntrl/ssl/certs/TrustCor_ECA-1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TrustCor_ECA-1.pem
rename to etc-zntrl/ssl/certs/TrustCor_ECA-1.pem
diff --git a/webapp/etc/ssl/certs/TrustCor_RootCert_CA-1.pem b/etc-zntrl/ssl/certs/TrustCor_RootCert_CA-1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TrustCor_RootCert_CA-1.pem
rename to etc-zntrl/ssl/certs/TrustCor_RootCert_CA-1.pem
diff --git a/webapp/etc/ssl/certs/TrustCor_RootCert_CA-2.pem b/etc-zntrl/ssl/certs/TrustCor_RootCert_CA-2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/TrustCor_RootCert_CA-2.pem
rename to etc-zntrl/ssl/certs/TrustCor_RootCert_CA-2.pem
diff --git a/webapp/etc/ssl/certs/Trustwave_Global_Certification_Authority.pem b/etc-zntrl/ssl/certs/Trustwave_Global_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Trustwave_Global_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/Trustwave_Global_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.pem b/etc-zntrl/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.pem b/etc-zntrl/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/UCA_Extended_Validation_Root.pem b/etc-zntrl/ssl/certs/UCA_Extended_Validation_Root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/UCA_Extended_Validation_Root.pem
rename to etc-zntrl/ssl/certs/UCA_Extended_Validation_Root.pem
diff --git a/webapp/etc/ssl/certs/UCA_Global_G2_Root.pem b/etc-zntrl/ssl/certs/UCA_Global_G2_Root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/UCA_Global_G2_Root.pem
rename to etc-zntrl/ssl/certs/UCA_Global_G2_Root.pem
diff --git a/webapp/etc/ssl/certs/USERTrust_ECC_Certification_Authority.pem b/etc-zntrl/ssl/certs/USERTrust_ECC_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/USERTrust_ECC_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/USERTrust_ECC_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem b/etc-zntrl/ssl/certs/USERTrust_RSA_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/USERTrust_RSA_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/XRamp_Global_CA_Root.pem b/etc-zntrl/ssl/certs/XRamp_Global_CA_Root.pem
similarity index 100%
rename from webapp/etc/ssl/certs/XRamp_Global_CA_Root.pem
rename to etc-zntrl/ssl/certs/XRamp_Global_CA_Root.pem
diff --git a/webapp/etc/ssl/certs/a3418fda.0 b/etc-zntrl/ssl/certs/a3418fda.0
similarity index 100%
rename from webapp/etc/ssl/certs/a3418fda.0
rename to etc-zntrl/ssl/certs/a3418fda.0
diff --git a/webapp/etc/ssl/certs/a94d09e5.0 b/etc-zntrl/ssl/certs/a94d09e5.0
similarity index 100%
rename from webapp/etc/ssl/certs/a94d09e5.0
rename to etc-zntrl/ssl/certs/a94d09e5.0
diff --git a/webapp/etc/ssl/certs/aee5f10d.0 b/etc-zntrl/ssl/certs/aee5f10d.0
similarity index 100%
rename from webapp/etc/ssl/certs/aee5f10d.0
rename to etc-zntrl/ssl/certs/aee5f10d.0
diff --git a/webapp/etc/ssl/certs/b0e59380.0 b/etc-zntrl/ssl/certs/b0e59380.0
similarity index 100%
rename from webapp/etc/ssl/certs/b0e59380.0
rename to etc-zntrl/ssl/certs/b0e59380.0
diff --git a/webapp/etc/ssl/certs/b1159c4c.0 b/etc-zntrl/ssl/certs/b1159c4c.0
similarity index 100%
rename from webapp/etc/ssl/certs/b1159c4c.0
rename to etc-zntrl/ssl/certs/b1159c4c.0
diff --git a/webapp/etc/ssl/certs/b433981b.0 b/etc-zntrl/ssl/certs/b433981b.0
similarity index 100%
rename from webapp/etc/ssl/certs/b433981b.0
rename to etc-zntrl/ssl/certs/b433981b.0
diff --git a/webapp/etc/ssl/certs/b66938e9.0 b/etc-zntrl/ssl/certs/b66938e9.0
similarity index 100%
rename from webapp/etc/ssl/certs/b66938e9.0
rename to etc-zntrl/ssl/certs/b66938e9.0
diff --git a/webapp/etc/ssl/certs/b727005e.0 b/etc-zntrl/ssl/certs/b727005e.0
similarity index 100%
rename from webapp/etc/ssl/certs/b727005e.0
rename to etc-zntrl/ssl/certs/b727005e.0
diff --git a/webapp/etc/ssl/certs/b7a5b843.0 b/etc-zntrl/ssl/certs/b7a5b843.0
similarity index 100%
rename from webapp/etc/ssl/certs/b7a5b843.0
rename to etc-zntrl/ssl/certs/b7a5b843.0
diff --git a/webapp/etc/ssl/certs/b81b93f0.0 b/etc-zntrl/ssl/certs/b81b93f0.0
similarity index 100%
rename from webapp/etc/ssl/certs/b81b93f0.0
rename to etc-zntrl/ssl/certs/b81b93f0.0
diff --git a/webapp/etc/ssl/certs/balusign-signing-ca.pem b/etc-zntrl/ssl/certs/balusign-signing-ca.pem
similarity index 100%
rename from webapp/etc/ssl/certs/balusign-signing-ca.pem
rename to etc-zntrl/ssl/certs/balusign-signing-ca.pem
diff --git a/webapp/etc/ssl/certs/bf53fb88.0 b/etc-zntrl/ssl/certs/bf53fb88.0
similarity index 100%
rename from webapp/etc/ssl/certs/bf53fb88.0
rename to etc-zntrl/ssl/certs/bf53fb88.0
diff --git a/webapp/etc/ssl/certs/c01eb047.0 b/etc-zntrl/ssl/certs/c01eb047.0
similarity index 100%
rename from webapp/etc/ssl/certs/c01eb047.0
rename to etc-zntrl/ssl/certs/c01eb047.0
diff --git a/webapp/etc/ssl/certs/c28a8a30.0 b/etc-zntrl/ssl/certs/c28a8a30.0
similarity index 100%
rename from webapp/etc/ssl/certs/c28a8a30.0
rename to etc-zntrl/ssl/certs/c28a8a30.0
diff --git a/webapp/etc/ssl/certs/c3c4ec5b b/etc-zntrl/ssl/certs/c3c4ec5b
similarity index 100%
rename from webapp/etc/ssl/certs/c3c4ec5b
rename to etc-zntrl/ssl/certs/c3c4ec5b
diff --git a/webapp/etc/ssl/certs/c3c4ec5b.0 b/etc-zntrl/ssl/certs/c3c4ec5b.0
similarity index 100%
rename from webapp/etc/ssl/certs/c3c4ec5b.0
rename to etc-zntrl/ssl/certs/c3c4ec5b.0
diff --git a/webapp/etc/ssl/certs/ca-certificates.crt b/etc-zntrl/ssl/certs/ca-certificates.crt
similarity index 100%
rename from webapp/etc/ssl/certs/ca-certificates.crt
rename to etc-zntrl/ssl/certs/ca-certificates.crt
diff --git a/webapp/etc/ssl/certs/ca6e4ad9.0 b/etc-zntrl/ssl/certs/ca6e4ad9.0
similarity index 100%
rename from webapp/etc/ssl/certs/ca6e4ad9.0
rename to etc-zntrl/ssl/certs/ca6e4ad9.0
diff --git a/webapp/etc/ssl/certs/cbf06781.0 b/etc-zntrl/ssl/certs/cbf06781.0
similarity index 100%
rename from webapp/etc/ssl/certs/cbf06781.0
rename to etc-zntrl/ssl/certs/cbf06781.0
diff --git a/webapp/etc/ssl/certs/cc450945.0 b/etc-zntrl/ssl/certs/cc450945.0
similarity index 100%
rename from webapp/etc/ssl/certs/cc450945.0
rename to etc-zntrl/ssl/certs/cc450945.0
diff --git a/webapp/etc/ssl/certs/cd58d51e.0 b/etc-zntrl/ssl/certs/cd58d51e.0
similarity index 100%
rename from webapp/etc/ssl/certs/cd58d51e.0
rename to etc-zntrl/ssl/certs/cd58d51e.0
diff --git a/webapp/etc/ssl/certs/cd8c0d63.0 b/etc-zntrl/ssl/certs/cd8c0d63.0
similarity index 100%
rename from webapp/etc/ssl/certs/cd8c0d63.0
rename to etc-zntrl/ssl/certs/cd8c0d63.0
diff --git a/webapp/etc/ssl/certs/ce5e74ef.0 b/etc-zntrl/ssl/certs/ce5e74ef.0
similarity index 100%
rename from webapp/etc/ssl/certs/ce5e74ef.0
rename to etc-zntrl/ssl/certs/ce5e74ef.0
diff --git a/webapp/etc/ssl/certs/certSIGN_ROOT_CA.pem b/etc-zntrl/ssl/certs/certSIGN_ROOT_CA.pem
similarity index 100%
rename from webapp/etc/ssl/certs/certSIGN_ROOT_CA.pem
rename to etc-zntrl/ssl/certs/certSIGN_ROOT_CA.pem
diff --git a/webapp/etc/ssl/certs/certSIGN_Root_CA_G2.pem b/etc-zntrl/ssl/certs/certSIGN_Root_CA_G2.pem
similarity index 100%
rename from webapp/etc/ssl/certs/certSIGN_Root_CA_G2.pem
rename to etc-zntrl/ssl/certs/certSIGN_Root_CA_G2.pem
diff --git a/webapp/etc/ssl/certs/d4dae3dd.0 b/etc-zntrl/ssl/certs/d4dae3dd.0
similarity index 100%
rename from webapp/etc/ssl/certs/d4dae3dd.0
rename to etc-zntrl/ssl/certs/d4dae3dd.0
diff --git a/webapp/etc/ssl/certs/d6325660.0 b/etc-zntrl/ssl/certs/d6325660.0
similarity index 100%
rename from webapp/etc/ssl/certs/d6325660.0
rename to etc-zntrl/ssl/certs/d6325660.0
diff --git a/webapp/etc/ssl/certs/d7e8dc79.0 b/etc-zntrl/ssl/certs/d7e8dc79.0
similarity index 100%
rename from webapp/etc/ssl/certs/d7e8dc79.0
rename to etc-zntrl/ssl/certs/d7e8dc79.0
diff --git a/webapp/etc/ssl/certs/d887a5bb.0 b/etc-zntrl/ssl/certs/d887a5bb.0
similarity index 100%
rename from webapp/etc/ssl/certs/d887a5bb.0
rename to etc-zntrl/ssl/certs/d887a5bb.0
diff --git a/webapp/etc/ssl/certs/dc4d6a89.0 b/etc-zntrl/ssl/certs/dc4d6a89.0
similarity index 100%
rename from webapp/etc/ssl/certs/dc4d6a89.0
rename to etc-zntrl/ssl/certs/dc4d6a89.0
diff --git a/webapp/etc/ssl/certs/dd8e9d41.0 b/etc-zntrl/ssl/certs/dd8e9d41.0
similarity index 100%
rename from webapp/etc/ssl/certs/dd8e9d41.0
rename to etc-zntrl/ssl/certs/dd8e9d41.0
diff --git a/webapp/etc/ssl/certs/de6d66f3.0 b/etc-zntrl/ssl/certs/de6d66f3.0
similarity index 100%
rename from webapp/etc/ssl/certs/de6d66f3.0
rename to etc-zntrl/ssl/certs/de6d66f3.0
diff --git a/webapp/etc/ssl/certs/e-Szigno_Root_CA_2017.pem b/etc-zntrl/ssl/certs/e-Szigno_Root_CA_2017.pem
similarity index 100%
rename from webapp/etc/ssl/certs/e-Szigno_Root_CA_2017.pem
rename to etc-zntrl/ssl/certs/e-Szigno_Root_CA_2017.pem
diff --git a/webapp/etc/ssl/certs/e113c810.0 b/etc-zntrl/ssl/certs/e113c810.0
similarity index 100%
rename from webapp/etc/ssl/certs/e113c810.0
rename to etc-zntrl/ssl/certs/e113c810.0
diff --git a/webapp/etc/ssl/certs/e18bfb83.0 b/etc-zntrl/ssl/certs/e18bfb83.0
similarity index 100%
rename from webapp/etc/ssl/certs/e18bfb83.0
rename to etc-zntrl/ssl/certs/e18bfb83.0
diff --git a/webapp/etc/ssl/certs/e35234b1.0 b/etc-zntrl/ssl/certs/e35234b1.0
similarity index 100%
rename from webapp/etc/ssl/certs/e35234b1.0
rename to etc-zntrl/ssl/certs/e35234b1.0
diff --git a/webapp/etc/ssl/certs/e36a6752.0 b/etc-zntrl/ssl/certs/e36a6752.0
similarity index 100%
rename from webapp/etc/ssl/certs/e36a6752.0
rename to etc-zntrl/ssl/certs/e36a6752.0
diff --git a/webapp/etc/ssl/certs/e73d606e.0 b/etc-zntrl/ssl/certs/e73d606e.0
similarity index 100%
rename from webapp/etc/ssl/certs/e73d606e.0
rename to etc-zntrl/ssl/certs/e73d606e.0
diff --git a/webapp/etc/ssl/certs/e868b802.0 b/etc-zntrl/ssl/certs/e868b802.0
similarity index 100%
rename from webapp/etc/ssl/certs/e868b802.0
rename to etc-zntrl/ssl/certs/e868b802.0
diff --git a/webapp/etc/ssl/certs/e8de2f56.0 b/etc-zntrl/ssl/certs/e8de2f56.0
similarity index 100%
rename from webapp/etc/ssl/certs/e8de2f56.0
rename to etc-zntrl/ssl/certs/e8de2f56.0
diff --git a/webapp/etc/ssl/certs/ePKI_Root_Certification_Authority.pem b/etc-zntrl/ssl/certs/ePKI_Root_Certification_Authority.pem
similarity index 100%
rename from webapp/etc/ssl/certs/ePKI_Root_Certification_Authority.pem
rename to etc-zntrl/ssl/certs/ePKI_Root_Certification_Authority.pem
diff --git a/webapp/etc/ssl/certs/ee64a828.0 b/etc-zntrl/ssl/certs/ee64a828.0
similarity index 100%
rename from webapp/etc/ssl/certs/ee64a828.0
rename to etc-zntrl/ssl/certs/ee64a828.0
diff --git a/webapp/etc/ssl/certs/eed8c118.0 b/etc-zntrl/ssl/certs/eed8c118.0
similarity index 100%
rename from webapp/etc/ssl/certs/eed8c118.0
rename to etc-zntrl/ssl/certs/eed8c118.0
diff --git a/webapp/etc/ssl/certs/ef954a4e.0 b/etc-zntrl/ssl/certs/ef954a4e.0
similarity index 100%
rename from webapp/etc/ssl/certs/ef954a4e.0
rename to etc-zntrl/ssl/certs/ef954a4e.0
diff --git a/webapp/etc/ssl/certs/emSign_ECC_Root_CA_-_C3.pem b/etc-zntrl/ssl/certs/emSign_ECC_Root_CA_-_C3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/emSign_ECC_Root_CA_-_C3.pem
rename to etc-zntrl/ssl/certs/emSign_ECC_Root_CA_-_C3.pem
diff --git a/webapp/etc/ssl/certs/emSign_ECC_Root_CA_-_G3.pem b/etc-zntrl/ssl/certs/emSign_ECC_Root_CA_-_G3.pem
similarity index 100%
rename from webapp/etc/ssl/certs/emSign_ECC_Root_CA_-_G3.pem
rename to etc-zntrl/ssl/certs/emSign_ECC_Root_CA_-_G3.pem
diff --git a/webapp/etc/ssl/certs/emSign_Root_CA_-_C1.pem b/etc-zntrl/ssl/certs/emSign_Root_CA_-_C1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/emSign_Root_CA_-_C1.pem
rename to etc-zntrl/ssl/certs/emSign_Root_CA_-_C1.pem
diff --git a/webapp/etc/ssl/certs/emSign_Root_CA_-_G1.pem b/etc-zntrl/ssl/certs/emSign_Root_CA_-_G1.pem
similarity index 100%
rename from webapp/etc/ssl/certs/emSign_Root_CA_-_G1.pem
rename to etc-zntrl/ssl/certs/emSign_Root_CA_-_G1.pem
diff --git a/webapp/etc/ssl/certs/f081611a.0 b/etc-zntrl/ssl/certs/f081611a.0
similarity index 100%
rename from webapp/etc/ssl/certs/f081611a.0
rename to etc-zntrl/ssl/certs/f081611a.0
diff --git a/webapp/etc/ssl/certs/f0c70a8d.0 b/etc-zntrl/ssl/certs/f0c70a8d.0
similarity index 100%
rename from webapp/etc/ssl/certs/f0c70a8d.0
rename to etc-zntrl/ssl/certs/f0c70a8d.0
diff --git a/webapp/etc/ssl/certs/f249de83.0 b/etc-zntrl/ssl/certs/f249de83.0
similarity index 100%
rename from webapp/etc/ssl/certs/f249de83.0
rename to etc-zntrl/ssl/certs/f249de83.0
diff --git a/webapp/etc/ssl/certs/f30dd6ad.0 b/etc-zntrl/ssl/certs/f30dd6ad.0
similarity index 100%
rename from webapp/etc/ssl/certs/f30dd6ad.0
rename to etc-zntrl/ssl/certs/f30dd6ad.0
diff --git a/webapp/etc/ssl/certs/f3377b1b.0 b/etc-zntrl/ssl/certs/f3377b1b.0
similarity index 100%
rename from webapp/etc/ssl/certs/f3377b1b.0
rename to etc-zntrl/ssl/certs/f3377b1b.0
diff --git a/webapp/etc/ssl/certs/f387163d.0 b/etc-zntrl/ssl/certs/f387163d.0
similarity index 100%
rename from webapp/etc/ssl/certs/f387163d.0
rename to etc-zntrl/ssl/certs/f387163d.0
diff --git a/webapp/etc/ssl/certs/f39fc864.0 b/etc-zntrl/ssl/certs/f39fc864.0
similarity index 100%
rename from webapp/etc/ssl/certs/f39fc864.0
rename to etc-zntrl/ssl/certs/f39fc864.0
diff --git a/webapp/etc/ssl/certs/f51bb24c.0 b/etc-zntrl/ssl/certs/f51bb24c.0
similarity index 100%
rename from webapp/etc/ssl/certs/f51bb24c.0
rename to etc-zntrl/ssl/certs/f51bb24c.0
diff --git a/webapp/etc/ssl/certs/fa5da96b.0 b/etc-zntrl/ssl/certs/fa5da96b.0
similarity index 100%
rename from webapp/etc/ssl/certs/fa5da96b.0
rename to etc-zntrl/ssl/certs/fa5da96b.0
diff --git a/webapp/etc/ssl/certs/fc5a8f99.0 b/etc-zntrl/ssl/certs/fc5a8f99.0
similarity index 100%
rename from webapp/etc/ssl/certs/fc5a8f99.0
rename to etc-zntrl/ssl/certs/fc5a8f99.0
diff --git a/webapp/etc/ssl/certs/fe8a2cd8.0 b/etc-zntrl/ssl/certs/fe8a2cd8.0
similarity index 100%
rename from webapp/etc/ssl/certs/fe8a2cd8.0
rename to etc-zntrl/ssl/certs/fe8a2cd8.0
diff --git a/webapp/etc/ssl/certs/feffd413.0 b/etc-zntrl/ssl/certs/feffd413.0
similarity index 100%
rename from webapp/etc/ssl/certs/feffd413.0
rename to etc-zntrl/ssl/certs/feffd413.0
diff --git a/webapp/etc/ssl/certs/ff34af3f.0 b/etc-zntrl/ssl/certs/ff34af3f.0
similarity index 100%
rename from webapp/etc/ssl/certs/ff34af3f.0
rename to etc-zntrl/ssl/certs/ff34af3f.0
diff --git a/webapp/etc/ssl/certs/ssl-cert-snakeoil.pem b/etc-zntrl/ssl/certs/ssl-cert-snakeoil.pem
similarity index 100%
rename from webapp/etc/ssl/certs/ssl-cert-snakeoil.pem
rename to etc-zntrl/ssl/certs/ssl-cert-snakeoil.pem
diff --git a/webapp/etc/ssl/nuc0-full-chain.pem b/etc-zntrl/ssl/nuc0-full-chain.pem
similarity index 100%
rename from webapp/etc/ssl/nuc0-full-chain.pem
rename to etc-zntrl/ssl/nuc0-full-chain.pem
diff --git a/webapp/etc/ssl/nuc0.lan.crt b/etc-zntrl/ssl/nuc0.lan.crt
similarity index 100%
rename from webapp/etc/ssl/nuc0.lan.crt
rename to etc-zntrl/ssl/nuc0.lan.crt
diff --git a/webapp/etc/ssl/openssl.cnf b/etc-zntrl/ssl/openssl.cnf
similarity index 100%
rename from webapp/etc/ssl/openssl.cnf
rename to etc-zntrl/ssl/openssl.cnf
diff --git a/webapp/etc/ssl/private/nuc0.lan.key b/etc-zntrl/ssl/private/nuc0.lan.key
similarity index 100%
rename from webapp/etc/ssl/private/nuc0.lan.key
rename to etc-zntrl/ssl/private/nuc0.lan.key
diff --git a/webapp/etc/ssl/private/ssl-cert-snakeoil.key b/etc-zntrl/ssl/private/ssl-cert-snakeoil.key
similarity index 100%
rename from webapp/etc/ssl/private/ssl-cert-snakeoil.key
rename to etc-zntrl/ssl/private/ssl-cert-snakeoil.key
diff --git a/etc-zntrl/z-push/autodiscover.conf.php b/etc-zntrl/z-push/autodiscover.conf.php
new file mode 100644
index 0000000..232fd86
--- /dev/null
+++ b/etc-zntrl/z-push/autodiscover.conf.php
@@ -0,0 +1,88 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Autodiscover configuration file
+*
+* Created   :   30.07.2014
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+/**********************************************************************************
+ *  Default settings
+ */
+
+    // Replace zpush.example.com with your z-push's host name and uncomment the line below.
+    define('ZPUSH_HOST', 'baloghs.de');
+
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
+    define('TIMEZONE', '');
+
+    // Defines the base path on the server
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
+
+    /*
+     * Whether to use the complete email address as a login name
+     * (e.g. user@company.com) or the username only (user).
+     * Possible values:
+     * false - use the username only (default).
+     * true - use the complete email address.
+     */
+    define('USE_FULLEMAIL_FOR_LOGIN', false);
+
+/**********************************************************************************
+ *  Logging settings
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
+ *  LOGLEVEL_OFF            - no logging
+ *  LOGLEVEL_FATAL          - log only critical errors
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
+ *  LOGLEVEL_INFO           - usually completed actions
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
+ *
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
+ */
+
+    define('LOGBACKEND', 'filelog');
+
+    define('LOGFILEDIR', '/var/log/z-push/');
+    define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
+    define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
+    define('LOGLEVEL', LOGLEVEL_WBXML);
+    define('LOGUSERLEVEL', LOGLEVEL);
+    $specialLogUsers = array();
+
+    // Syslog settings
+    // false will log to local syslog, otherwise put the remote syslog IP here
+    define('LOG_SYSLOG_HOST', false);
+    // Syslog port
+    define('LOG_SYSLOG_PORT', 514);
+    // Program showed in the syslog. Useful if you have more than one instance login to the same syslog
+    define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
+    // Syslog facility - use LOG_USER when running on Windows
+    define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
+/**********************************************************************************
+ *  Backend settings
+ */
+    // the backend data provider
+    define('BACKEND_PROVIDER', '');
diff --git a/etc-zntrl/z-push/autodiscover.conf.php.dist b/etc-zntrl/z-push/autodiscover.conf.php.dist
new file mode 100644
index 0000000..4075594
--- /dev/null
+++ b/etc-zntrl/z-push/autodiscover.conf.php.dist
@@ -0,0 +1,88 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Autodiscover configuration file
+*
+* Created   :   30.07.2014
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+/**********************************************************************************
+ *  Default settings
+ */
+
+    // Replace zpush.example.com with your z-push's host name and uncomment the line below.
+    // define('ZPUSH_HOST', 'zpush.example.com');
+
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
+    define('TIMEZONE', '');
+
+    // Defines the base path on the server
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
+
+    /*
+     * Whether to use the complete email address as a login name
+     * (e.g. user@company.com) or the username only (user).
+     * Possible values:
+     * false - use the username only (default).
+     * true - use the complete email address.
+     */
+    define('USE_FULLEMAIL_FOR_LOGIN', false);
+
+/**********************************************************************************
+ *  Logging settings
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
+ *  LOGLEVEL_OFF            - no logging
+ *  LOGLEVEL_FATAL          - log only critical errors
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
+ *  LOGLEVEL_INFO           - usually completed actions
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
+ *
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
+ */
+
+    define('LOGBACKEND', 'filelog');
+
+    define('LOGFILEDIR', '/var/log/z-push/');
+    define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
+    define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
+    define('LOGLEVEL', LOGLEVEL_INFO);
+    define('LOGUSERLEVEL', LOGLEVEL);
+    $specialLogUsers = array();
+
+    // Syslog settings
+    // false will log to local syslog, otherwise put the remote syslog IP here
+    define('LOG_SYSLOG_HOST', false);
+    // Syslog port
+    define('LOG_SYSLOG_PORT', 514);
+    // Program showed in the syslog. Useful if you have more than one instance login to the same syslog
+    define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
+    // Syslog facility - use LOG_USER when running on Windows
+    define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
+/**********************************************************************************
+ *  Backend settings
+ */
+    // the backend data provider
+    define('BACKEND_PROVIDER', '');
diff --git a/etc-zntrl/z-push/gabsync.conf.php b/etc-zntrl/z-push/gabsync.conf.php
new file mode 100644
index 0000000..d9c34c1
--- /dev/null
+++ b/etc-zntrl/z-push/gabsync.conf.php
@@ -0,0 +1,86 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push - tools - GAB sync
+* Descr     :   Configuration file.
+*
+* Created   :   28.01.2016
+*
+* Copyright 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+* ************************************************/
+
+// The field to be hashed that is unique and never changes
+// in the entire lifetime of the GAB entry.
+define('HASHFIELD', 'account');
+define('AMOUNT_OF_CHUNKS', 10);
+
+// SyncWorker implementation to be used
+define('SYNCWORKER', 'Kopano');
+
+// Unique id to find a contact from the GAB (value to be supplied by -u on the command line)
+// Zarafa supports: 'account' and 'smtpAddress' (email)
+define('UNIQUEID', 'account');
+
+// Server connection settings
+// Depending on your setup, it might be advisable to change the lines below to one defined with your
+// default socket location.
+// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
+// Examples: define("SERVER", "default:");
+//           define("SERVER", "http://localhost:236/kopano");
+//           define("SERVER", "https://localhost:237/kopano");
+//           define("SERVER", "file:///var/run/kopano/server.sock");
+// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
+//           define("SERVER", "http://localhost:236/zarafa");
+//           define("SERVER", "https://localhost:237/zarafa");
+//           define("SERVER", "file:///var/run/zarafad/server.sock");
+// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
+//           define("SERVER", "file:///var/run/zarafa");
+
+define('SERVER', 'default:');
+
+define('USERNAME', 'SYSTEM');
+define('PASSWORD', '');
+define('CERTIFICATE', null);
+define('CERTIFICATE_PASSWORD', null);
+
+// Store where the hidden folder is located.
+// For the public folder, use SYSTEM
+// to use another store, use the same as USERNAME
+// or another store where USERNAME has full access to.
+define('HIDDEN_FOLDERSTORE', 'SYSTEM');
+
+/// Do not change (unless you know exactly what you do)
+define('HIDDEN_FOLDERNAME', 'Z-Push-KOE-GAB');
+
+// Types of the objects to sync to GAB.
+define('GAB_SYNC_USER', 1);
+define('GAB_SYNC_CONTACT', 2);
+define('GAB_SYNC_GROUP', 4);
+define('GAB_SYNC_ROOM', 8);
+define('GAB_SYNC_EQUIPMENT', 16);
+
+define('GAB_SYNC_ALL', GAB_SYNC_USER | GAB_SYNC_CONTACT | GAB_SYNC_GROUP | GAB_SYNC_ROOM | GAB_SYNC_EQUIPMENT);
+
+// Set which items from GAB should be synced.
+// Default value is GAB_SYNC_ALL which syncs all items.
+// In order to sync only some specific types combine them with "|", e.g.
+// to sync only users and groups use:
+// define('GAB_SYNC_TYPES', GAB_SYNC_USER | GAB_SYNC_CONTACT);
+// In order to exclude specific types combine "& ~TYPE", e.g.
+// to sync all types except rooms and equipments use:
+// define('GAB_SYNC_TYPES', GAB_SYNC_ALL & ~GAB_SYNC_ROOM & ~GAB_SYNC_EQUIPMENT);
+define('GAB_SYNC_TYPES', GAB_SYNC_ALL);
diff --git a/etc-zntrl/z-push/kopano.conf.php b/etc-zntrl/z-push/kopano.conf.php
new file mode 100644
index 0000000..fe98be5
--- /dev/null
+++ b/etc-zntrl/z-push/kopano.conf.php
@@ -0,0 +1,83 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Kopano backend configuration file
+*
+* Created   :   27.11.2012
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+// ************************
+//  BackendKopano settings
+// ************************
+
+// Defines the server to which we want to connect.
+//
+// Depending on your setup, it might be advisable to change the lines below to one defined with your
+// default socket location.
+// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
+// Examples: define("MAPI_SERVER", "default:");
+//           define("MAPI_SERVER", "http://localhost:236/kopano");
+//           define("MAPI_SERVER", "https://localhost:237/kopano");
+//           define("MAPI_SERVER", "file:///var/run/kopano/server.sock");
+// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
+//           define("MAPI_SERVER", "http://localhost:236/zarafa");
+//           define("MAPI_SERVER", "https://localhost:237/zarafa");
+//           define("MAPI_SERVER", "file:///var/run/zarafad/server.sock");
+// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
+//           define("MAPI_SERVER", "file:///var/run/zarafa");
+
+define('MAPI_SERVER', 'http://kopano-server-1:236/kopano');
+
+// Read-Only shared folders
+//   When trying to write a change on a read-only folder this data is dropped and replaced on the device of the user.
+//   Enabling the option below, sends an email to the user notifying that this happened (default enabled).
+//   If this is disabled, the data will be dropped silently and will be lost.
+//   The template of the email sent can be customized here. The placeholders can also be used in the subject.
+define('READ_ONLY_NOTIFY_LOST_DATA', true);
+// String to mark the data changed by the user (that he is trying to save)
+define('READ_ONLY_NOTIFY_YOURDATA', 'Your data');
+// Email template to be sent to the user
+define('READ_ONLY_NOTIFY_SUBJECT', "Z-Push: Writing operation not permitted - data reset");
+define('READ_ONLY_NOTIFY_BODY', <<<END
+Dear **USERFULLNAME**,
+
+on **DATE** at **TIME** you've tried to save a data in the folder '**FOLDERNAME**' on your device '**MOBILETYPE**' ID: '**MOBILEDEVICEID**'.
+
+This operation was not successful, as you lack write access to this folder.
+Your data has been dropped and replaced with the original data on your device to ensure data integrity.
+
+Below is a copy of the data you tried to save. If you want your changes to be stored permanently you should forward this email to a person with write access to this folder asking to perform these changes again.
+**DIFFERENCES**
+
+If you have questions about this email, please contact your e-mail administrator.
+
+Sincerely,
+Your Z-Push system
+END
+         );
+// Format of the **DATE** and **TIME** placeholders - more information on formats, see http://php.net/manual/en/function.strftime.php
+define('READ_ONLY_NOTIFY_DATE_FORMAT', "%d.%m.%Y");
+define('READ_ONLY_NOTIFY_TIME_FORMAT', "%H:%M:%S");
+
+// Comma separated list of folder ids as string for which the notification emails of the changes in read-only folders shouldn't be sent.
+// E.g. define('READ_ONLY_NONOTIFY', '1, 2, 3, 4');
+// When configuring $additionalFolders it is possible to use DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY in the flags bitmask
+// in order to prevent the notifications as well.
+define('READ_ONLY_NONOTIFY', '');
\ No newline at end of file
diff --git a/etc-zntrl/z-push/policies.ini b/etc-zntrl/z-push/policies.ini
new file mode 100644
index 0000000..cbd99f9
--- /dev/null
+++ b/etc-zntrl/z-push/policies.ini
@@ -0,0 +1,234 @@
+;;;;;;;;;;;;;;;;;;;;;;;;
+; About policies.ini   ;
+;;;;;;;;;;;;;;;;;;;;;;;;
+
+; Z-Push policies' file holds the configuration to be applied
+; during the provisioning of a mobile device.
+; Check Z-Push wiki page regarding the provisioning policies:
+; https://wiki.z-hub.io/x/eYAa
+; For more information see the ActiveSync documentation at:
+; https://msdn.microsoft.com/en-us/library/dd299443.aspx
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The default ActiveSync policy. Do not change its name.
+[default]
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Policies for ActiveSync version 12.0 and higher
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; Specifies if a device requires a password to unlock it.
+; 0 - Password not required.
+; 1 - Password is required.
+devpwenabled = 0
+
+; Specifies if a device requires an alphanumeric password to unlock it.
+; 0 - Alphanumeric password not required.
+; 1 - Alphanumeric password required.
+alphanumpwreq = 0
+
+; Deprecated. Specifies if the device encrypts the content of the storage card.
+; 0 - Storage card encryption not enabled.
+; 1 - Storage card encryption enabled.
+devencenabled = 0
+
+; Specifies if the server supports storing a recovery password which could be
+; sent by the client using the Settings command.
+; This policy is currently not supported by Z-Push.
+; 0 - Password recovery not enabled on the server.
+; 1 - Password recovery enabled on the server.
+; pwrecoveryenabled = 0
+
+; Deprecated.
+docbrowseenabled =
+
+; Specifies if email attachments are enabled for download.
+; 0 - Attachments not allowed for download.
+; 1 - Attachments allowed for download.
+attenabled = 1
+
+; Specifies the minimum client password length to unlock it.
+; The mindevpwlenngth can be empty or have a value between 1 and 16.
+; If the value is empty or 1, there is no minimum length for the device password.
+mindevpwlenngth = 4
+
+; The maximum number of seconds of inactivity before the device locks itself.
+; If this value is greater than or equal to 9999, the client interprets it as unlimited.
+maxinacttimedevlock = 900
+
+; The maximum number of failed password attempts to unlock the device.
+; The client SHOULD perform a local wipe or enter a timed lock out mode if the maximum
+; number of failed password attempts is reached.
+; The maxdevpwfailedattempts can be empty or have a value between 4 and 16.
+; If the value is empty, the client interprets this as no maximum number of
+; failed password attempts has been set by the security policy.
+maxdevpwfailedattempts = 8
+
+; The maximum attachment size in bytes as determined by security policy.
+maxattsize = ''
+
+; Specifies if the device allows simple passwords. A simple password contains
+; repeated ("0000") or sequential ("xyz") characters only.
+allowsimpledevpw = 1
+
+; The maximum number of days until a password expires.
+; Empty or 0 devpwexpiration value indicates that the password will not expire.
+devpwexpiration = 0
+
+; The minimum number of previously used passwords stored to prevent reuse by the device.
+; 0 - Do not store previously used passwords.
+; >0 - Store the minimum number of previously used passwords.
+devpwhistory = 0
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Policies for ActiveSync version 12.1 and higher
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; The device allows to use a storage card.
+; 0 - SD card not allowed.
+; 1 - SD card allowed.
+allowstoragecard = 1
+
+; The device allows to use the built-in camera.
+; 0 - Usage of the built-in camera not allowed.
+; 1 - Usage of built-in the camera allowed.
+allowcam = 1
+
+; Specifies if the client uses encryption.
+; 0 - Encryption not required.
+; 1 - Encryption required.
+reqdevenc = 0
+
+; Specifies if the device allows unsigned applications to execute.
+; 0 - Unsigned applications not allowed to execute.
+; 1 - Unsigned applications allowed to execute.
+allowunsignedapps = 1
+
+; The required complexity level of the device password.
+; Valid values for mindevcomplexchars are between 1 and 4. The value specifies
+; the number of character groups to be contained in the password.
+; The character groups are:
+; - Lower case alphabetical characters
+; - Upper case alphabetical characters
+; - Numbers
+; - Non-alphanumeric characters
+; For example, if the value of mindevcomplexchars is 2, a password may contain
+; lower case and upper case characters. A password with numbers and non-alphanumeric
+; characters would be also valid.
+mindevcomplexchars = 3
+
+; The device allows the use of Wi-Fi connections.
+; 0 - The use of Wi-Fi connections not allowed.
+; 1 - The use of Wi-Fi connections allowed.
+allowwifi = 1
+
+; The device allows the use of SMS or text messaging.
+; 0 - SMS or text messaging not allowed.
+; 1 - SMS or text messaging allowed.
+allowtextmessaging = 1
+
+; The device allows access to POP or IMAP email.
+; 0 - POP or IMAP email access not allowed.
+; 1 - POP or IMAP email access allowed.
+allowpopimapemail = 1
+
+; The use of Bluetooth on the device.
+; 0 - Disable Bluetooth.
+; 1 - Disable Bluetooth, but allow the configuration of hands-free profiles.
+; 2 - Allow Bluetooth.
+allowbluetooth = 2
+
+; The device allows the use of IrDA (infrared) connections.
+; 0 - Disable IrDA.
+; 1 - Allow IrDA.
+allowirda = 1
+
+; The device requires manual synchronization when the device is roaming.
+; 0 - Do not require manual sync; allow direct push when roaming.
+; 1 - Require manual sync when roaming.
+reqmansyncroam = 0
+
+; The maximum number of calendar days that can be synchronized.
+; 0 - All days
+; 4 - 2 weeks
+; 5 - 1 month
+; 6 - 3 months
+; 7 - 6 months
+maxcalagefilter = 0
+
+; Specifies if the client uses HTML-formatted email.
+; 0 - HTML-formatted email not allowed.
+; 1 - HTML-formatted email allowed.
+allowhtmlemail = 1
+
+; The email age limit for synchronization.
+; 0 - Sync all
+; 1 - 1 day
+; 2 - 3 days
+; 3 - 1 week
+; 4 - 2 weeks
+; 5 - 1 month
+maxemailagefilter = 0
+
+; The maximum truncation size for plain text–formatted email.
+; -1 - No truncation.
+; 0 - Truncate only the header.
+; >0 - Truncate the email body to the specified size.
+maxemailbodytruncsize = -1
+
+; The maximum truncation size for HTML-formatted email.
+; -1 - No truncation.
+; 0 - Truncate only the header.
+; >0 - Truncate the email body to the specified size.
+maxemailhtmlbodytruncsize = -1
+
+; Specifies if the client sends signed S/MIME messages.
+; 0 - Signed S/MIME messages not required.
+; 1 - Signed S/MIME messages required.
+reqsignedsmimemessages = 0
+
+; Specifies if the client sends encrypted email messages.
+; 0 - Encrypted email messages not required.
+; 1 - Email messages required to be encrypted.
+reqencsmimemessages = 0
+
+; The algorithm used to sign S/MIME messages.
+; 0 - Use SHA1.
+; 1 - Use MD5.
+reqsignedsmimealgorithm = 0
+
+; The algorithm used to encrypt S/MIME messages.
+; 0 - TripleDES algorithm
+; 1 - DES algorithm
+; 2 - RC2128bit
+; 3 - RC264bit
+; 4 - RC240bit
+reqencsmimealgorithm = 0
+
+; Controls negotiation of the encryption algorithm.
+; 0 - Do not negotiate.
+; 1 - Negotiate a strong algorithm.
+; 2 - Negotiate any algorithm.
+allowsmimeencalgneg = 2
+
+; Specifies if the client can use soft certificates to sign outgoing messages.
+; 0 - Soft certificates are not allowed.
+; 1 - Soft certificates are allowed.
+allowsmimesoftcerts = 1
+
+; Specifies if the device allows the use of a web browser.
+; 0 - Do not allow the use of a web browser.
+; 1 - Allow the use of a web browser.
+allowbrowser = 1
+
+; Specifies if the device allows the user to configure a personal email account.
+; 0 - Do not allow the user to configure a personal email account.
+; 1 - Allow the user to configure a personal email account.
+allowconsumeremail = 1
+
+; Specifies if the device allows the use of Internet Sharing.
+; 0 - Do not allow the use of Internet Sharing.
+; 1 - Allow the use of Internet Sharing.
+allowinternetsharing = 1
\ No newline at end of file
diff --git a/etc-zntrl/z-push/z-push.conf.php b/etc-zntrl/z-push/z-push.conf.php
new file mode 100644
index 0000000..49e1540
--- /dev/null
+++ b/etc-zntrl/z-push/z-push.conf.php
@@ -0,0 +1,373 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Main configuration file
+*
+* Created   :   01.10.2007
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+/**********************************************************************************
+ *  Default settings
+ */
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
+    define('TIMEZONE', '');
+
+    // Defines the base path on the server
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
+
+    // Try to set unlimited timeout
+    define('SCRIPT_TIMEOUT', 0);
+
+    // When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
+    define('USE_CUSTOM_REMOTE_IP_HEADER', false);
+
+    // When using client certificates, we can check if the login sent matches the owner of the certificate.
+    // This setting specifies the owner parameter in the certificate to look at.
+    define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
+
+    /*
+     * Whether to use the complete email address as a login name
+     * (e.g. user@company.com) or the username only (user).
+     * This is required for Z-Push to work properly after autodiscover.
+     * Possible values:
+     *   false - use the username only.
+     *   true  - string the mobile sends as username, e.g. full email address (default).
+     */
+    define('USE_FULLEMAIL_FOR_LOGIN', false);
+
+/**********************************************************************************
+ * StateMachine setting
+ *
+ * These StateMachines can be used:
+ *   FILE  - FileStateMachine (default). Needs STATE_DIR set as well.
+ *   SQL   - SqlStateMachine has own configuration file. STATE_DIR is ignored.
+ *           State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
+ */
+    define('STATE_MACHINE', 'FILE');
+    define('STATE_DIR', '/var/lib/z-push/');
+
+/**********************************************************************************
+ *  IPC - InterProcessCommunication
+ *
+ *  Is either provided by using shared memory on a single host or
+ *  using the memcache provider for multi-host environments.
+ *  When another implementation should be used, the class can be set here explicitly.
+ *  If empty Z-Push will try to use available providers.
+ */
+    define('IPC_PROVIDER', '');
+
+/**********************************************************************************
+ *  Logging settings
+ *
+ *  The LOGBACKEND specifies where the logs are sent to.
+ *  Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
+ *  filelog and syslog have several options that can be set below.
+ *  For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
+
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
+ *  LOGLEVEL_OFF            - no logging
+ *  LOGLEVEL_FATAL          - log only critical errors
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
+ *  LOGLEVEL_INFO           - usually completed actions
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
+ *
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
+ *
+ *  LOGAUTHFAIL is logged to the LOGBACKEND.
+ */
+    define('LOGBACKEND', 'filelog');
+    define('LOGLEVEL', LOGLEVEL_INFO);
+    define('LOGAUTHFAIL', false);
+
+    // To save e.g. WBXML data only for selected users, add the usernames to the array
+    // The data will be saved into a dedicated file per user in the LOGFILEDIR
+    // Users have to be encapusulated in quotes, several users are comma separated, like:
+    //   $specialLogUsers = array('info@domain.com', 'myusername');
+    define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
+    $specialLogUsers = array('andreas',);
+
+    // Filelog settings
+    define('LOGFILEDIR', '/var/log/z-push/');
+    define('LOGFILE', LOGFILEDIR . 'z-push.log');
+    define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
+
+    // Syslog settings
+    // false will log to local syslog, otherwise put the remote syslog IP here
+    define('LOG_SYSLOG_HOST', false);
+    // Syslog port
+    define('LOG_SYSLOG_PORT', 514);
+    // Program showed in the syslog. Useful if you have more than one instance login to the same syslog
+    define('LOG_SYSLOG_PROGRAM', 'z-push');
+    // Syslog facility - use LOG_USER when running on Windows
+    define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
+
+    // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
+    // Uncomment and modify the following line if the validation of the certificates fails.
+    // define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
+
+/**********************************************************************************
+ *  Mobile settings
+ */
+    // Device Provisioning
+    define('PROVISIONING', true);
+
+    // This option allows the 'loose enforcement' of the provisioning policies for older
+    // devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
+    // false (default) - Enforce provisioning for all devices
+    // true - allow older devices, but enforce policies on devices which support it
+    define('LOOSE_PROVISIONING', false);
+
+    // The file containing the policies' settings.
+    // Set a full path or relative to the z-push main directory
+    define('PROVISIONING_POLICYFILE', 'policies.ini');
+
+    // Default conflict preference
+    // Some devices allow to set if the server or PIM (mobile)
+    // should win in case of a synchronization conflict
+    //   SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
+    //   SYNC_CONFLICT_OVERWRITE_PIM    - PIM is overwritten, Server wins (default)
+    define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
+
+    // Global limitation of items to be synchronized
+    // The mobile can define a sync back period for calendar and email items
+    // For large stores with many items the time period could be limited to a max value
+    // If the mobile transmits a wider time period, the defined max value is used
+    // Applicable values:
+    //   SYNC_FILTERTYPE_ALL (default, no limitation)
+    //   SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
+    //   SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
+    define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
+
+    // Interval in seconds before checking if there are changes on the server when in Ping.
+    // It means the highest time span before a change is pushed to a mobile. Set it to
+    // a higher value if you have a high load on the server.
+    define('PING_INTERVAL', 30);
+
+    // Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
+    // It will only affect new/modified contacts on the mobile which then are synced to the server.
+    // Possible values are:
+    // SYNC_FILEAS_FIRSTLAST    - fileas will be "Firstname Middlename Lastname"
+    // SYNC_FILEAS_LASTFIRST    - fileas will be "Lastname, Firstname Middlename"
+    // SYNC_FILEAS_COMPANYONLY  - fileas will be "Company"
+    // SYNC_FILEAS_COMPANYLAST  - fileas will be "Company (Lastname, Firstname Middlename)"
+    // SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
+    // SYNC_FILEAS_LASTCOMPANY  - fileas will be "Lastname, Firstname Middlename (Company)"
+    // SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
+    // The company-fileas will only be set if a contact has a company set. If one of
+    // company-fileas is selected and a contact doesn't have a company set, it will default
+    // to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
+    // option is selected for company).
+    // If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
+    // SYNC_FILEAS_LASTFIRST will be used
+    define('FILEAS_ORDER', SYNC_FILEAS_LASTCOMPANY);
+
+    // Maximum amount of items to be synchronized per request.
+    // Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
+    // Exporting too much items can cause mobile timeout on busy systems.
+    // Z-Push will use the lowest provided value, either set here or by the mobile.
+    // MS Outlook 2013+ request up to 512 items to accelerate the sync process.
+    // If you detect high load (also on subsystems) you could try a lower setting.
+    // max: 512 - value used if mobile does not limit amount of items
+    define('SYNC_MAX_ITEMS', 512);
+
+    // The devices usually send a list of supported properties for calendar and contact
+    // items. If a device does not includes such a supported property in Sync request,
+    // it means the property's value will be deleted on the server.
+    // However some devices do not send a list of supported properties. It is then impossible
+    // to tell if a property was deleted or it was not set at all if it does not appear in Sync.
+    // This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
+    // supported properties.
+    // See also https://jira.z-hub.io/browse/ZP-302.
+    // Possible values:
+    // false - do not unset properties which are not sent during Sync (default)
+    // true  - unset properties which are not sent during Sync
+    define('UNSET_UNDEFINED_PROPERTIES', false);
+
+    // ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
+    // in the semantic sanity checks and contacts with larger photos are not synchronized.
+    // This limitation is not being followed by the ActiveSync clients which set much bigger
+    // contact photos. You can override the default value of the max photo size.
+    // default: 5242880 - 5 MB default max photo size in bytes
+    define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
+
+    // Over the WebserviceUsers command it is possible to retrieve a list of all
+    // known devices and users on this Z-Push system. The authenticated user needs to have
+    // admin rights and a public folder must exist.
+    // In multicompany environments this enable an admin user of any company to retrieve
+    // this full list, so this feature is disabled by default. Enable with care.
+    define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
+
+    // Users with many folders can use the 'partial foldersync' feature, where the server
+    // actively stops processing the folder list if it takes too long. Other requests are
+    // then redirected to the FolderSync to synchronize the remaining items.
+    // Device compatibility for this procedure is not fully understood.
+    // NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
+    define('USE_PARTIAL_FOLDERSYNC', false);
+
+    // The minimum accepted time in second that a ping command should last.
+    // It is strongly advised to keep this config to false. Some device
+    // might not be able to send a higher value than the one specificied here and thus
+    // unable to start a push connection.
+    // If set to false, there will be no lower bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_LOWER_BOUND_LIFETIME', false);
+
+    // The maximum accepted time in second that a ping command should last.
+    // If set to false, there will be no higher bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_HIGHER_BOUND_LIFETIME', false);
+
+    // Maximum response time
+    // Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
+    // have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
+    // the answer will not be recieved and the device will send a new one overloading the server.
+    // There are three categories
+    //   - Short timeout  - server has up within 30 seconds - is automatically applied for not categorized types
+    //   - Medium timeout - server has up to 90 seconds to respond
+    //   - Long timeout   - server has up to 4 minutes to respond
+    // If a timeout is almost reached the server will break and sent the results it has until this
+    // point. You can add DeviceType strings to the categories.
+    // In general longer timeouts are better, because more data can be streamed at once.
+    define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
+    define('SYNC_TIMEOUT_LONG_DEVICETYPES',   "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
+
+    // Time in seconds the device should wait whenever the service is unavailable,
+    // e.g. when a backend service is unavailable.
+    // Z-Push sends a "Retry-After" header in the response with the here defined value.
+    // It is up to the device to respect or not this directive so even if this option is set,
+    // the device might not wait requested time frame.
+    // Number of seconds before retry, to disable set to: false
+    define('RETRY_AFTER_DELAY', 300);
+
+/**********************************************************************************
+ *  Backend settings
+ */
+    // the backend data provider
+    define('BACKEND_PROVIDER', '');
+
+/**********************************************************************************
+ *  Search provider settings
+ *
+ *  Alternative backend to perform SEARCH requests (GAL search)
+ *  By default the main Backend defines the preferred search functionality.
+ *  If set, the Search Provider will always be preferred.
+ *  Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
+ */
+    define('SEARCH_PROVIDER', '');
+    // Time in seconds for the server search. Setting it too high might result in timeout.
+    // Setting it too low might not return all results. Default is 10.
+    define('SEARCH_WAIT', 10);
+    // The maximum number of results to send to the client. Setting it too high
+    // might result in timeout. Default is 10.
+    define('SEARCH_MAXRESULTS', 10);
+
+/**********************************************************************************
+ *  Kopano Outlook Extension - Settings
+ *
+ *  The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
+ *  functionality not provided by ActiveSync or not implemented by Outlook.
+ *  For more information, see: https://wiki.z-hub.io/x/z4Aa
+ */
+    // Global Address Book functionality
+    define('KOE_CAPABILITY_GAB', true);
+    // Synchronize mail flags from the server to Outlook/KOE
+    define('KOE_CAPABILITY_RECEIVEFLAGS', true);
+    // Encode flags when sending from Outlook/KOE
+    define('KOE_CAPABILITY_SENDFLAGS', true);
+    // Out-of-office support
+    define('KOE_CAPABILITY_OOF', true);
+    // Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
+    define('KOE_CAPABILITY_OOFTIMES', true);
+    // Notes support
+    define('KOE_CAPABILITY_NOTES', true);
+    // Shared folder support
+    define('KOE_CAPABILITY_SHAREDFOLDER', true);
+    // Send-As support for Outlook/KOE and mobiles
+    define('KOE_CAPABILITY_SENDAS', true);
+    // Secondary Contact folders (own and shared)
+    define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
+    // Copy WebApp signature into KOE
+    define('KOE_CAPABILITY_SIGNATURES', true);
+
+    // To synchronize the GAB KOE, the GAB store and folderid need to be specified.
+    // Use the gab-sync script to generate this data. The name needs to
+    // match the config of the gab-sync script.
+    // More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
+    define('KOE_GAB_STORE', 'SYSTEM');
+    define('KOE_GAB_FOLDERID', '');
+    define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
+
+/**********************************************************************************
+ *  Synchronize additional folders to all mobiles
+ *
+ *  With this feature, special folders can be synchronized to all mobiles.
+ *  This is useful for e.g. global company contacts.
+ *
+ *  This feature is supported only by certain devices, like iPhones.
+ *  Check the compatibility list for supported devices:
+ *      http://z-push.org/compatibility
+ *
+ *  To synchronize a folder, add a section setting all parameters as below:
+ *      store:      the ressource where the folder is located.
+ *                  Kopano users use 'SYSTEM' for the 'Public Folder'
+ *      folderid:   folder id of the folder to be synchronized
+ *      name:       name to be displayed on the mobile device
+ *      type:       supported types are:
+ *                      SYNC_FOLDER_TYPE_USER_CONTACT
+ *                      SYNC_FOLDER_TYPE_USER_APPOINTMENT
+ *                      SYNC_FOLDER_TYPE_USER_TASK
+ *                      SYNC_FOLDER_TYPE_USER_MAIL
+ *                      SYNC_FOLDER_TYPE_USER_NOTE
+ *
+ *  Additional notes:
+ *  - on Kopano systems use backend/kopano/listfolders.php script to get a list
+ *    of available folders
+ *
+ *  - all Z-Push users must have at least reading permissions so the configured
+ *    folders can be synchronized to the mobile. Else they are ignored.
+ *
+ *  - this feature is only partly suitable for multi-tenancy environments,
+ *    as ALL users from ALL tenents need access to the configured store & folder.
+ *    When configuring a public folder, this will cause problems, as each user has
+ *    a different public folder in his tenant, so the folder are not available.
+
+ *  - changing this configuration could cause HIGH LOAD on the system, as all
+ *    connected devices will be updated and load the data contained in the
+ *    added/modified folders.
+ */
+
+    $additionalFolders = array(
+        // demo entry for the synchronization of contacts from the public folder.
+        // uncomment (remove '/*' '*/') and fill in the folderid
+/*
+        array(
+            'store'     => "SYSTEM",
+            'folderid'  => "",
+            'name'      => "Public Contacts",
+            'type'      => SYNC_FOLDER_TYPE_USER_CONTACT,
+        ),
+*/
+    );
diff --git a/etc-zntrl/z-push/z-push.conf.php.dist b/etc-zntrl/z-push/z-push.conf.php.dist
new file mode 100644
index 0000000..08bd52b
--- /dev/null
+++ b/etc-zntrl/z-push/z-push.conf.php.dist
@@ -0,0 +1,375 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Main configuration file
+*
+* Created   :   01.10.2007
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+/**********************************************************************************
+ *  Default settings
+ */
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
+    define('TIMEZONE', '');
+
+    // Defines the base path on the server
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
+
+    // Try to set unlimited timeout
+    define('SCRIPT_TIMEOUT', 0);
+
+    // When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
+    define('USE_X_FORWARDED_FOR_HEADER', false);
+
+    // When using client certificates, we can check if the login sent matches the owner of the certificate.
+    // This setting specifies the owner parameter in the certificate to look at.
+    define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
+
+    /*
+     * Whether to use the complete email address as a login name
+     * (e.g. user@company.com) or the username only (user).
+     * This is required for Z-Push to work properly after autodiscover.
+     * Possible values:
+     *   false - use the username only.
+     *   true  - string the mobile sends as username, e.g. full email address (default).
+     */
+    define('USE_FULLEMAIL_FOR_LOGIN', true);
+
+/**********************************************************************************
+ * StateMachine setting
+ *
+ * These StateMachines can be used:
+ *   FILE  - FileStateMachine (default). Needs STATE_DIR set as well.
+ *   SQL   - SqlStateMachine has own configuration file. STATE_DIR is ignored.
+ *           State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
+ */
+    define('STATE_MACHINE', 'FILE');
+    define('STATE_DIR', '/var/lib/z-push/');
+
+/**********************************************************************************
+ *  IPC - InterProcessCommunication
+ *
+ *  Is either provided by using shared memory on a single host or
+ *  using the memcache provider for multi-host environments.
+ *  When another implementation should be used, the class can be set here explicitly.
+ *  If empty Z-Push will try to use available providers.
+ */
+    define('IPC_PROVIDER', '');
+
+/**********************************************************************************
+ *  Logging settings
+ *
+ *  The LOGBACKEND specifies where the logs are sent to.
+ *  Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
+ *  filelog and syslog have several options that can be set below.
+ *  For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
+
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
+ *  LOGLEVEL_OFF            - no logging
+ *  LOGLEVEL_FATAL          - log only critical errors
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
+ *  LOGLEVEL_INFO           - usually completed actions
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
+ *
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
+ *
+ *  LOGAUTHFAIL is logged to the LOGBACKEND.
+ */
+    define('LOGBACKEND', 'filelog');
+    define('LOGLEVEL', LOGLEVEL_INFO);
+    define('LOGAUTHFAIL', false);
+
+    // To save e.g. WBXML data only for selected users, add the usernames to the array
+    // The data will be saved into a dedicated file per user in the LOGFILEDIR
+    // Users have to be encapusulated in quotes, several users are comma separated, like:
+    //   $specialLogUsers = array('info@domain.com', 'myusername');
+    define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
+    $specialLogUsers = array();
+
+    // Filelog settings
+    define('LOGFILEDIR', '/var/log/z-push/');
+    define('LOGFILE', LOGFILEDIR . 'z-push.log');
+    define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
+
+    // Syslog settings
+    // false will log to local syslog, otherwise put the remote syslog IP here
+    define('LOG_SYSLOG_HOST', false);
+    // Syslog port
+    define('LOG_SYSLOG_PORT', 514);
+    // Program showed in the syslog. Useful if you have more than one instance login to the same syslog
+    define('LOG_SYSLOG_PROGRAM', 'z-push');
+    // Syslog facility - use LOG_USER when running on Windows
+    define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
+
+    // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
+    // Uncomment and modify the following line if the validation of the certificates fails.
+    // define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
+
+/**********************************************************************************
+ *  Mobile settings
+ */
+    // Device Provisioning
+    define('PROVISIONING', true);
+
+    // This option allows the 'loose enforcement' of the provisioning policies for older
+    // devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
+    // false (default) - Enforce provisioning for all devices
+    // true - allow older devices, but enforce policies on devices which support it
+    define('LOOSE_PROVISIONING', false);
+
+    // The file containing the policies' settings.
+    // Set a full path or relative to the z-push main directory
+    define('PROVISIONING_POLICYFILE', 'policies.ini');
+
+    // Default conflict preference
+    // Some devices allow to set if the server or PIM (mobile)
+    // should win in case of a synchronization conflict
+    //   SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
+    //   SYNC_CONFLICT_OVERWRITE_PIM    - PIM is overwritten, Server wins (default)
+    define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
+
+    // Global limitation of items to be synchronized
+    // The mobile can define a sync back period for calendar and email items
+    // For large stores with many items the time period could be limited to a max value
+    // If the mobile transmits a wider time period, the defined max value is used
+    // Applicable values:
+    //   SYNC_FILTERTYPE_ALL (default, no limitation)
+    //   SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
+    //   SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
+    define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
+
+    // Interval in seconds before checking if there are changes on the server when in Ping.
+    // It means the highest time span before a change is pushed to a mobile. Set it to
+    // a higher value if you have a high load on the server.
+    define('PING_INTERVAL', 30);
+
+    // Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
+    // It will only affect new/modified contacts on the mobile which then are synced to the server.
+    // Possible values are:
+    // SYNC_FILEAS_FIRSTLAST    - fileas will be "Firstname Middlename Lastname"
+    // SYNC_FILEAS_LASTFIRST    - fileas will be "Lastname, Firstname Middlename"
+    // SYNC_FILEAS_COMPANYONLY  - fileas will be "Company"
+    // SYNC_FILEAS_COMPANYLAST  - fileas will be "Company (Lastname, Firstname Middlename)"
+    // SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
+    // SYNC_FILEAS_LASTCOMPANY  - fileas will be "Lastname, Firstname Middlename (Company)"
+    // SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
+    // The company-fileas will only be set if a contact has a company set. If one of
+    // company-fileas is selected and a contact doesn't have a company set, it will default
+    // to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
+    // option is selected for company).
+    // If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
+    // SYNC_FILEAS_LASTFIRST will be used
+    define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
+
+    // Maximum amount of items to be synchronized per request.
+    // Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
+    // Exporting too much items can cause mobile timeout on busy systems.
+    // Z-Push will use the lowest provided value, either set here or by the mobile.
+    // MS Outlook 2013+ request up to 512 items to accelerate the sync process.
+    // If you detect high load (also on subsystems) you could try a lower setting.
+    // max: 512 - value used if mobile does not limit amount of items
+    define('SYNC_MAX_ITEMS', 512);
+
+    // The devices usually send a list of supported properties for calendar and contact
+    // items. If a device does not includes such a supported property in Sync request,
+    // it means the property's value will be deleted on the server.
+    // However some devices do not send a list of supported properties. It is then impossible
+    // to tell if a property was deleted or it was not set at all if it does not appear in Sync.
+    // This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
+    // supported properties.
+    // See also https://jira.z-hub.io/browse/ZP-302.
+    // Possible values:
+    // false - do not unset properties which are not sent during Sync (default)
+    // true  - unset properties which are not sent during Sync
+    define('UNSET_UNDEFINED_PROPERTIES', false);
+
+    // ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
+    // in the semantic sanity checks and contacts with larger photos are not synchronized.
+    // This limitation is not being followed by the ActiveSync clients which set much bigger
+    // contact photos. You can override the default value of the max photo size.
+    // default: 5242880 - 5 MB default max photo size in bytes
+    define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
+
+    // Over the WebserviceUsers command it is possible to retrieve a list of all
+    // known devices and users on this Z-Push system. The authenticated user needs to have
+    // admin rights and a public folder must exist.
+    // In multicompany environments this enable an admin user of any company to retrieve
+    // this full list, so this feature is disabled by default. Enable with care.
+    define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
+
+    // Users with many folders can use the 'partial foldersync' feature, where the server
+    // actively stops processing the folder list if it takes too long. Other requests are
+    // then redirected to the FolderSync to synchronize the remaining items.
+    // Device compatibility for this procedure is not fully understood.
+    // NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
+    define('USE_PARTIAL_FOLDERSYNC', false);
+
+    // The minimum accepted time in second that a ping command should last.
+    // It is strongly advised to keep this config to false. Some device
+    // might not be able to send a higher value than the one specificied here and thus
+    // unable to start a push connection.
+    // If set to false, there will be no lower bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_LOWER_BOUND_LIFETIME', false);
+
+    // The maximum accepted time in second that a ping command should last.
+    // If set to false, there will be no higher bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_HIGHER_BOUND_LIFETIME', false);
+
+    // Maximum response time
+    // Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
+    // have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
+    // the answer will not be recieved and the device will send a new one overloading the server.
+    // There are three categories
+    //   - Short timeout  - server has up within 30 seconds - is automatically applied for not categorized types
+    //   - Medium timeout - server has up to 90 seconds to respond
+    //   - Long timeout   - server has up to 4 minutes to respond
+    // If a timeout is almost reached the server will break and sent the results it has until this
+    // point. You can add DeviceType strings to the categories.
+    // In general longer timeouts are better, because more data can be streamed at once.
+    define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
+    define('SYNC_TIMEOUT_LONG_DEVICETYPES',   "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
+
+    // Time in seconds the device should wait whenever the service is unavailable,
+    // e.g. when a backend service is unavailable.
+    // Z-Push sends a "Retry-After" header in the response with the here defined value.
+    // It is up to the device to respect or not this directive so even if this option is set,
+    // the device might not wait requested time frame.
+    // Number of seconds before retry, to disable set to: false
+    define('RETRY_AFTER_DELAY', 300);
+
+/**********************************************************************************
+ *  Backend settings
+ */
+    // the backend data provider
+    define('BACKEND_PROVIDER', '');
+
+/**********************************************************************************
+ *  Search provider settings
+ *
+ *  Alternative backend to perform SEARCH requests (GAL search)
+ *  By default the main Backend defines the preferred search functionality.
+ *  If set, the Search Provider will always be preferred.
+ *  Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
+ */
+    define('SEARCH_PROVIDER', '');
+    // Time in seconds for the server search. Setting it too high might result in timeout.
+    // Setting it too low might not return all results. Default is 10.
+    define('SEARCH_WAIT', 10);
+    // The maximum number of results to send to the client. Setting it too high
+    // might result in timeout. Default is 10.
+    define('SEARCH_MAXRESULTS', 10);
+
+/**********************************************************************************
+ *  Kopano Outlook Extension - Settings
+ *
+ *  The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
+ *  functionality not provided by ActiveSync or not implemented by Outlook.
+ *  For more information, see: https://wiki.z-hub.io/x/z4Aa
+ */
+    // Global Address Book functionality
+    define('KOE_CAPABILITY_GAB', true);
+    // Synchronize mail flags from the server to Outlook/KOE
+    define('KOE_CAPABILITY_RECEIVEFLAGS', true);
+    // Encode flags when sending from Outlook/KOE
+    define('KOE_CAPABILITY_SENDFLAGS', true);
+    // Out-of-office support
+    define('KOE_CAPABILITY_OOF', true);
+    // Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
+    define('KOE_CAPABILITY_OOFTIMES', true);
+    // Notes support
+    define('KOE_CAPABILITY_NOTES', true);
+    // Shared folder support
+    define('KOE_CAPABILITY_SHAREDFOLDER', true);
+    // Send-As support for Outlook/KOE and mobiles
+    define('KOE_CAPABILITY_SENDAS', true);
+    // Secondary Contact folders (own and shared)
+    define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
+    // Copy WebApp signature into KOE
+    define('KOE_CAPABILITY_SIGNATURES', true);
+    // Delivery receipt requests
+    define('KOE_CAPABILITY_RECEIPTS', true);
+
+    // To synchronize the GAB KOE, the GAB store and folderid need to be specified.
+    // Use the gab-sync script to generate this data. The name needs to
+    // match the config of the gab-sync script.
+    // More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
+    define('KOE_GAB_STORE', 'SYSTEM');
+    define('KOE_GAB_FOLDERID', '');
+    define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
+
+/**********************************************************************************
+ *  Synchronize additional folders to all mobiles
+ *
+ *  With this feature, special folders can be synchronized to all mobiles.
+ *  This is useful for e.g. global company contacts.
+ *
+ *  This feature is supported only by certain devices, like iPhones.
+ *  Check the compatibility list for supported devices:
+ *      http://z-push.org/compatibility
+ *
+ *  To synchronize a folder, add a section setting all parameters as below:
+ *      store:      the ressource where the folder is located.
+ *                  Kopano users use 'SYSTEM' for the 'Public Folder'
+ *      folderid:   folder id of the folder to be synchronized
+ *      name:       name to be displayed on the mobile device
+ *      type:       supported types are:
+ *                      SYNC_FOLDER_TYPE_USER_CONTACT
+ *                      SYNC_FOLDER_TYPE_USER_APPOINTMENT
+ *                      SYNC_FOLDER_TYPE_USER_TASK
+ *                      SYNC_FOLDER_TYPE_USER_MAIL
+ *                      SYNC_FOLDER_TYPE_USER_NOTE
+ *
+ *  Additional notes:
+ *  - on Kopano systems use backend/kopano/listfolders.php script to get a list
+ *    of available folders
+ *
+ *  - all Z-Push users must have at least reading permissions so the configured
+ *    folders can be synchronized to the mobile. Else they are ignored.
+ *
+ *  - this feature is only partly suitable for multi-tenancy environments,
+ *    as ALL users from ALL tenents need access to the configured store & folder.
+ *    When configuring a public folder, this will cause problems, as each user has
+ *    a different public folder in his tenant, so the folder are not available.
+
+ *  - changing this configuration could cause HIGH LOAD on the system, as all
+ *    connected devices will be updated and load the data contained in the
+ *    added/modified folders.
+ */
+
+    $additionalFolders = array(
+        // demo entry for the synchronization of contacts from the public folder.
+        // uncomment (remove '/*' '*/') and fill in the folderid
+/*
+        array(
+            'store'     => "SYSTEM",
+            'folderid'  => "",
+            'name'      => "Public Contacts",
+            'type'      => SYNC_FOLDER_TYPE_USER_CONTACT,
+        ),
+*/
+    );
diff --git a/etc-zntrl/z-push/z-push.conf.php.dpkg-dist b/etc-zntrl/z-push/z-push.conf.php.dpkg-dist
new file mode 100644
index 0000000..7fe9cbb
--- /dev/null
+++ b/etc-zntrl/z-push/z-push.conf.php.dpkg-dist
@@ -0,0 +1,418 @@
+<?php
+/***********************************************
+* File      :   config.php
+* Project   :   Z-Push
+* Descr     :   Main configuration file
+*
+* Created   :   01.10.2007
+*
+* Copyright 2007 - 2016 Zarafa Deutschland GmbH
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License, version 3,
+* as published by the Free Software Foundation.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*
+* Consult LICENSE file for details
+************************************************/
+
+/**********************************************************************************
+ *  Default settings
+ */
+    // Defines the default time zone, change e.g. to "Europe/London" if necessary
+    define('TIMEZONE', '');
+
+    // Defines the base path on the server
+    define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
+
+    // Try to set unlimited timeout
+    define('SCRIPT_TIMEOUT', 0);
+
+    // This should be solved on THE webserver level if there are proxies
+    // between mobile client and Z-Push.
+    // IMPORTANT: This setting will be deprecated in Z-Push 2.7.0.
+    // Use a custom header to determinate the remote IP of a client.
+    // By default, the server provided REMOTE_ADDR is used. If the header here set
+    // is available, the provided value will be used, else REMOTE_ADDR is maintained.
+    // set to false to disable this behaviour.
+    // common values: 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP' (casing is ignored)
+    define('USE_CUSTOM_REMOTE_IP_HEADER', false);
+
+    // When using client certificates, we can check if the login sent matches the owner of the certificate.
+    // This setting specifies the owner parameter in the certificate to look at.
+    define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
+
+    /*
+     * Whether to use the complete email address as a login name
+     * (e.g. user@company.com) or the username only (user).
+     * This is required for Z-Push to work properly after autodiscover.
+     * Possible values:
+     *   false - use the username only.
+     *   true  - string the mobile sends as username, e.g. full email address (default).
+     */
+    define('USE_FULLEMAIL_FOR_LOGIN', true);
+
+/**********************************************************************************
+ * StateMachine setting
+ *
+ * These StateMachines can be used:
+ *   FILE  - FileStateMachine (default). Needs STATE_DIR set as well.
+ *   SQL   - SqlStateMachine has own configuration file. STATE_DIR is ignored.
+ *           State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
+ */
+    define('STATE_MACHINE', 'FILE');
+    define('STATE_DIR', '/var/lib/z-push/');
+
+/**********************************************************************************
+ *  IPC - InterProcessCommunication
+ *
+ *  Is either provided by using shared memory on a single host or
+ *  using the memcache provider for multi-host environments.
+ *  When another implementation should be used, the class can be set here explicitly.
+ *  If empty Z-Push will try to use available providers.
+
+ *  Possible values:
+ *  IpcSharedMemoryProvider - default. Requires z-push-ipc-sharedmemory package.
+ *  IpcMemcachedProvider    - requires z-push-ipc-memcached package. It is necessary to set up
+ *                            memcached server before (it won't be installed by z-push-ipc-memcached).
+ *  IpcWincacheProvider     - for windows systems.
+ */
+    define('IPC_PROVIDER', '');
+
+/**********************************************************************************
+ *  Logging settings
+ *
+ *  The LOGBACKEND specifies where the logs are sent to.
+ *  Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
+ *  filelog and syslog have several options that can be set below.
+ *  For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
+
+ *  Possible LOGLEVEL and LOGUSERLEVEL values are:
+ *  LOGLEVEL_OFF            - no logging
+ *  LOGLEVEL_FATAL          - log only critical errors
+ *  LOGLEVEL_ERROR          - logs events which might require corrective actions
+ *  LOGLEVEL_WARN           - might lead to an error or require corrective actions in the future
+ *  LOGLEVEL_INFO           - usually completed actions
+ *  LOGLEVEL_DEBUG          - debugging information, typically only meaningful to developers
+ *  LOGLEVEL_WBXML          - also prints the WBXML sent to/from the device
+ *  LOGLEVEL_DEVICEID       - also prints the device id for every log entry
+ *  LOGLEVEL_WBXMLSTACK     - also prints the contents of WBXML stack
+ *
+ *  The verbosity increases from top to bottom. More verbose levels include less verbose
+ *  ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
+ *  LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
+ *
+ *  LOGAUTHFAIL is logged to the LOGBACKEND.
+ */
+    define('LOGBACKEND', 'filelog');
+    define('LOGLEVEL', LOGLEVEL_INFO);
+    define('LOGAUTHFAIL', false);
+
+    // To save e.g. WBXML data only for selected users, add the usernames to the array
+    // The data will be saved into a dedicated file per user in the LOGFILEDIR
+    // Users have to be encapusulated in quotes, several users are comma separated, like:
+    //   $specialLogUsers = array('info@domain.com', 'myusername');
+    define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
+    $specialLogUsers = array();
+
+    // Filelog settings
+    define('LOGFILEDIR', '/var/log/z-push/');
+    define('LOGFILE', LOGFILEDIR . 'z-push.log');
+    define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
+
+    // Syslog settings
+    // false will log to local syslog, otherwise put the remote syslog IP here
+    define('LOG_SYSLOG_HOST', false);
+    // Syslog port
+    define('LOG_SYSLOG_PORT', 514);
+    // Program showed in the syslog. Useful if you have more than one instance login to the same syslog
+    define('LOG_SYSLOG_PROGRAM', 'z-push');
+    // Syslog facility - use LOG_USER when running on Windows
+    define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
+
+    // Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
+    // Uncomment and modify the following line if the validation of the certificates fails.
+    // define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
+
+/**********************************************************************************
+ *  Mobile settings
+ */
+    // Device Provisioning
+    define('PROVISIONING', true);
+
+    // This option allows the 'loose enforcement' of the provisioning policies for older
+    // devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
+    // false (default) - Enforce provisioning for all devices
+    // true - allow older devices, but enforce policies on devices which support it
+    define('LOOSE_PROVISIONING', false);
+
+    // The file containing the policies' settings.
+    // Set a full path or relative to the z-push main directory
+    define('PROVISIONING_POLICYFILE', 'policies.ini');
+
+    // Default conflict preference
+    // Some devices allow to set if the server or PIM (mobile)
+    // should win in case of a synchronization conflict
+    //   SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
+    //   SYNC_CONFLICT_OVERWRITE_PIM    - PIM is overwritten, Server wins (default)
+    define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
+
+    // Global limitation of items to be synchronized
+    // The mobile can define a sync back period for calendar and email items
+    // For large stores with many items the time period could be limited to a max value
+    // If the mobile transmits a wider time period, the defined max value is used
+    // Applicable values:
+    //   SYNC_FILTERTYPE_ALL (default, no limitation)
+    //   SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
+    //   SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
+    define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
+
+    // Interval in seconds before checking if there are changes on the server when in Ping.
+    // It means the highest time span before a change is pushed to a mobile. Set it to
+    // a higher value if you have a high load on the server.
+    define('PING_INTERVAL', 30);
+
+    // Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
+    // It will only affect new/modified contacts on the mobile which then are synced to the server.
+    // Possible values are:
+    // SYNC_FILEAS_FIRSTLAST    - fileas will be "Firstname Middlename Lastname"
+    // SYNC_FILEAS_LASTFIRST    - fileas will be "Lastname, Firstname Middlename"
+    // SYNC_FILEAS_COMPANYONLY  - fileas will be "Company"
+    // SYNC_FILEAS_COMPANYLAST  - fileas will be "Company (Lastname, Firstname Middlename)"
+    // SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
+    // SYNC_FILEAS_LASTCOMPANY  - fileas will be "Lastname, Firstname Middlename (Company)"
+    // SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
+    // The company-fileas will only be set if a contact has a company set. If one of
+    // company-fileas is selected and a contact doesn't have a company set, it will default
+    // to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
+    // option is selected for company).
+    // If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
+    // SYNC_FILEAS_LASTFIRST will be used
+    define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
+
+    // Maximum amount of items to be synchronized per request.
+    // Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
+    // Exporting too much items can cause mobile timeout on busy systems.
+    // Z-Push will use the lowest provided value, either set here or by the mobile.
+    // MS Outlook 2013+ request up to 512 items to accelerate the sync process.
+    // If you detect high load (also on subsystems) you could try a lower setting.
+    // max: 512 - value used if mobile does not limit amount of items
+    define('SYNC_MAX_ITEMS', 512);
+
+    // The devices usually send a list of supported properties for calendar and contact
+    // items. If a device does not includes such a supported property in Sync request,
+    // it means the property's value will be deleted on the server.
+    // However some devices do not send a list of supported properties. It is then impossible
+    // to tell if a property was deleted or it was not set at all if it does not appear in Sync.
+    // This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
+    // supported properties.
+    // See also https://jira.z-hub.io/browse/ZP-302.
+    // Possible values:
+    // false - do not unset properties which are not sent during Sync (default)
+    // true  - unset properties which are not sent during Sync
+    define('UNSET_UNDEFINED_PROPERTIES', false);
+
+    // ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
+    // in the semantic sanity checks and contacts with larger photos are not synchronized.
+    // This limitation is not being followed by the ActiveSync clients which set much bigger
+    // contact photos. You can override the default value of the max photo size.
+    // default: 5242880 - 5 MB default max photo size in bytes
+    define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
+
+    // Over the WebserviceUsers command it is possible to retrieve a list of all
+    // known devices and users on this Z-Push system. The authenticated user needs to have
+    // admin rights and a public folder must exist.
+    // In multicompany environments this enable an admin user of any company to retrieve
+    // this full list, so this feature is disabled by default. Enable with care.
+    define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
+
+    // Users with many folders can use the 'partial foldersync' feature, where the server
+    // actively stops processing the folder list if it takes too long. Other requests are
+    // then redirected to the FolderSync to synchronize the remaining items.
+    // Device compatibility for this procedure is not fully understood.
+    // NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
+    define('USE_PARTIAL_FOLDERSYNC', false);
+
+    // The minimum accepted time in second that a ping command should last.
+    // It is strongly advised to keep this config to false. Some device
+    // might not be able to send a higher value than the one specificied here and thus
+    // unable to start a push connection.
+    // If set to false, there will be no lower bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_LOWER_BOUND_LIFETIME', false);
+
+    // The maximum accepted time in second that a ping command should last.
+    // If set to false, there will be no higher bound to the ping lifetime.
+    // The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
+    define('PING_HIGHER_BOUND_LIFETIME', false);
+
+    // Maximum response time
+    // Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
+    // have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
+    // the answer will not be recieved and the device will send a new one overloading the server.
+    // There are three categories
+    //   - Short timeout  - server has up within 30 seconds - is automatically applied for not categorized types
+    //   - Medium timeout - server has up to 90 seconds to respond
+    //   - Long timeout   - server has up to 4 minutes to respond
+    // If a timeout is almost reached the server will break and sent the results it has until this
+    // point. You can add DeviceType strings to the categories.
+    // In general longer timeouts are better, because more data can be streamed at once.
+    define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
+    define('SYNC_TIMEOUT_LONG_DEVICETYPES',   "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
+
+    // Time in seconds the device should wait whenever the service is unavailable,
+    // e.g. when a backend service is unavailable.
+    // Z-Push sends a "Retry-After" header in the response with the here defined value.
+    // It is up to the device to respect or not this directive so even if this option is set,
+    // the device might not wait requested time frame.
+    // Number of seconds before retry, to disable set to: false
+    define('RETRY_AFTER_DELAY', 300);
+
+/**********************************************************************************
+ *  Backend settings
+ */
+    // The backend data provider.
+    // Leave this value empty and Z-Push will autoload a backend. The sequence of autoload is:
+    // BackendKopano, BackendCombined, BackendIMAP, BackendVCardDir, BackendMaildir.
+    // If BackendKopano is not installed, Z-Push will load BackendCombined. If BackendCombined
+    // also is not installed, Z-Push will load BackendIMAP and so on.
+    // If you prefer explicitly configure a backend provider, currently possible values are:
+    // BackendKopano     -  to use with the Kopano groupware. Syncs emails, calendar items,
+    //                      contacts, tasks and notes or any combination of the listed items.
+    // BackendCombined   -  combine multiple backends for different items, e.g.
+    //                      BackendIMAP for emails, BackendCalDAV for calendar items,
+    //                      BackendCardDAV for contacts etc. You can configure what backend
+    //                      syncs which items in /etc/combined.conf.php.
+    // BackendIMAP       -  to sync emails with an IMAP server.
+    // BackendCalDAV     -  to sync calendar items and / or tasks with a CalDAV server.
+    // BackendCardDAV    -  to sync contacts with a CardDAV server.
+    // BackendMaildir    -  to sync emails from a Maildir.
+    // BackendStickyNote -  to sync notes with a Postgres server.
+    // BackendVCardDir   -  to sync contacts with vcard folder.
+    define('BACKEND_PROVIDER', '');
+
+/**********************************************************************************
+ *  Search provider settings
+ *
+ *  Alternative backend to perform SEARCH requests (GAL search)
+ *  By default the main Backend defines the preferred search functionality.
+ *  If set, the Search Provider will always be preferred.
+ *  Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
+ */
+    define('SEARCH_PROVIDER', '');
+    // Time in seconds for the server search. Setting it too high might result in timeout.
+    // Setting it too low might not return all results. Default is 10.
+    define('SEARCH_WAIT', 10);
+    // The maximum number of results to send to the client. Setting it too high
+    // might result in timeout. Default is 10.
+    define('SEARCH_MAXRESULTS', 10);
+
+/**********************************************************************************
+ *  Kopano Outlook Extension - Settings
+ *
+ *  The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
+ *  functionality not provided by ActiveSync or not implemented by Outlook.
+ *  For more information, see: https://wiki.z-hub.io/x/z4Aa
+ */
+    // Global Address Book functionality
+    define('KOE_CAPABILITY_GAB', true);
+    // Synchronize mail flags from the server to Outlook/KOE
+    define('KOE_CAPABILITY_RECEIVEFLAGS', true);
+    // Encode flags when sending from Outlook/KOE
+    define('KOE_CAPABILITY_SENDFLAGS', true);
+    // Out-of-office support
+    define('KOE_CAPABILITY_OOF', true);
+    // Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
+    define('KOE_CAPABILITY_OOFTIMES', true);
+    // Notes support
+    define('KOE_CAPABILITY_NOTES', true);
+    // Shared folder support
+    define('KOE_CAPABILITY_SHAREDFOLDER', true);
+    // Send-As support for Outlook/KOE and mobiles
+    define('KOE_CAPABILITY_SENDAS', true);
+    // Secondary Contact folders (own and shared)
+    define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
+    // Copy WebApp signature into KOE
+    define('KOE_CAPABILITY_SIGNATURES', true);
+    // Delivery receipt requests
+    define('KOE_CAPABILITY_RECEIPTS', true);
+    // Impersonate other users
+    define('KOE_CAPABILITY_IMPERSONATE', true);
+
+    // To synchronize the GAB KOE, the GAB store and folderid need to be specified.
+    // Use the gab-sync script to generate this data. The name needs to
+    // match the config of the gab-sync script.
+    // More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
+    define('KOE_GAB_STORE', 'SYSTEM');
+    define('KOE_GAB_FOLDERID', '');
+    define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
+
+/**********************************************************************************
+ *  Synchronize additional folders to all mobiles
+ *
+ *  With this feature, special folders can be synchronized to all mobiles.
+ *  This is useful for e.g. global company contacts.
+ *
+ *  This feature is supported only by certain devices, like iPhones.
+ *  Check the compatibility list for supported devices:
+ *      http://z-push.org/compatibility
+ *
+ *  To synchronize a folder, add a section setting all parameters as below:
+ *      store:      the ressource where the folder is located.
+ *                  Kopano users use 'SYSTEM' for the 'Public Folder'
+ *      folderid:   folder id of the folder to be synchronized
+ *      name:       name to be displayed on the mobile device
+ *      type:       supported types are:
+ *                      SYNC_FOLDER_TYPE_USER_CONTACT
+ *                      SYNC_FOLDER_TYPE_USER_APPOINTMENT
+ *                      SYNC_FOLDER_TYPE_USER_TASK
+ *                      SYNC_FOLDER_TYPE_USER_MAIL
+ *                      SYNC_FOLDER_TYPE_USER_NOTE
+ *      flags:      sets additional options on the shared folder. Supported are:
+ *                      DeviceManager::FLD_FLAGS_NONE
+ *                          No flags configured, default flag to be set
+ *                      DeviceManager::FLD_FLAGS_SENDASOWNER
+ *                          When replying in this folder, automatically do Send-As
+ *                      DeviceManager::FLD_FLAGS_CALENDARREMINDERS
+ *                          If set, Outlook shows reminders for these shares with KOE
+ *                      DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY
+ *                          If set, Z-Push won't send notification emails for changes
+ *                          if the folder is read-only
+ *
+ *  Additional notes:
+ *  - on Kopano systems use backend/kopano/listfolders.php script to get a list
+ *    of available folders
+ *
+ *  - all Z-Push users must have at least reading permissions so the configured
+ *    folders can be synchronized to the mobile. Else they are ignored.
+ *
+ *  - this feature is only partly suitable for multi-tenancy environments,
+ *    as ALL users from ALL tenents need access to the configured store & folder.
+ *    When configuring a public folder, this will cause problems, as each user has
+ *    a different public folder in his tenant, so the folder are not available.
+
+ *  - changing this configuration could cause HIGH LOAD on the system, as all
+ *    connected devices will be updated and load the data contained in the
+ *    added/modified folders.
+ */
+
+    $additionalFolders = array(
+        // demo entry for the synchronization of contacts from the public folder.
+        // uncomment (remove '/*' '*/') and fill in the folderid
+/*
+        array(
+            'store'     => "SYSTEM",
+            'folderid'  => "",
+            'name'      => "Public Contacts",
+            'type'      => SYNC_FOLDER_TYPE_USER_CONTACT,
+            'flags'     => DeviceManager::FLD_FLAGS_NONE,
+        ),
+*/
+    );
diff --git a/migration.sh b/migration.sh
index 9984848..36e966d 100644
--- a/migration.sh
+++ b/migration.sh
@@ -2,5 +2,5 @@
 # ssh mars 'tar czf - /var/lib/kopano/attachments' | docker exec -i kopano-server-1 bash -c 'cd /var/lib/kopano/attachments; tar tvzf -'
 # docker stop kopano-server-1
 # ssh mars 'tar czf - /var/lib/kopano/attachments' | docker run --rm -i --volumes-from kopano-server-1 ubuntu:20.04 bash -c 'cd /var/lib/kopano/attachments; tar tvzf -'
-docker exec -it kopano-mysql-1 sh -c 'mysql -u root --password=\'modT9&?.\' -e \'DROP DATABASE kopano; CREATE SCHEMA kopano;\''
-ssh mars 'mysqldump --single-transaction --routines zarafa' | docker exec -i kopano-mysql-1 sh -c 'mysql -u kopano --password=\'zAKt(85&\' kopano'
\ No newline at end of file
+docker exec -i kopano-mysql-1 mysql -u root --password='modT9&?.' -e 'DROP DATABASE kopano; CREATE SCHEMA kopano;'
+ssh mars 'mysqldump -p --single-transaction --routines zarafa' | docker exec -i kopano-mysql-1 mysql -ukopano --password='zAKt(85&' kopano
\ No newline at end of file
diff --git a/postfix/etc/postfix/dynamicmaps.cf b/postfix/etc/postfix/dynamicmaps.cf
deleted file mode 100644
index 1b6c95a..0000000
--- a/postfix/etc/postfix/dynamicmaps.cf
+++ /dev/null
@@ -1 +0,0 @@
-# dict-type	so-name (pathname)	dict-function	mkmap-function
diff --git a/postfix/etc/postfix/main.cf b/postfix/etc/postfix/main.cf
deleted file mode 100644
index 4a475fc..0000000
--- a/postfix/etc/postfix/main.cf
+++ /dev/null
@@ -1,58 +0,0 @@
-# See /usr/share/postfix/main.cf.dist for a commented, more complete version
-smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
-biff = no
-
-# appending .domain is the MUA's job.
-append_dot_mydomain = no
-
-# Uncomment the next line to generate "delayed mail" warnings
-#delay_warning_time = 4h
-readme_directory = no
-
-# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
-# fresh installs.
-compatibility_level = 2
-
-# local domains
-myhostname = nuc0.fritz.box
-mydestination = $myhostname, localhost.fritz.box, localhost
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
-myorigin = /etc/mailname
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
-
-# virtual domains
-virtual_mailbox_domains = zntrl.de 
-virtual_mailbox_maps = hash:/etc/postfix/vmailbox
-virtual_alias_maps = hash:/etc/postfix/virtual
-virtual_transport = lmtp:unix:/var/spool/kopano/dagent.sock
-
-# default domains
-default_transport = smtp:[relay.zntrl.de]:465
-
-# SMPTD (inbound) TLS parameters
-smtpd_tls_CApath = /etc/ssl/certs
-smtpd_tls_CAfile = /etc/ssl/certs/balusign-signing-ca.pem
-smtpd_tls_cert_file = /etc/ssl/nuc0-full-chain.pem
-smtpd_tls_key_file = /etc/ssl/private/nuc0.lan.key
-smtpd_tls_security_level=may
-smtpd_tls_loglevel = 1
-
-smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
-
-# SMTP (outbound)
-smtp_tls_CApath=/etc/ssl/certs
-smtp_tls_key_file = /etc/ssl/private/nuc0.lan.key
-smtp_tls_cert_file = /etc/ssl/nuc0-full-chain.pem
-smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
-smtp_tls_wrappermode = yes
-smtp_tls_security_level = encrypt
-smtp_tls_loglevel = 1
-
-mailbox_size_limit = 0
-message_size_limit = 50000000
-recipient_delimiter = +
-inet_interfaces = all
-inet_protocols = all
-
-maillog_file = /dev/stdout
\ No newline at end of file
diff --git a/postfix/etc/postfix/main.cf.proto b/postfix/etc/postfix/main.cf.proto
deleted file mode 100644
index 5c0aa11..0000000
--- a/postfix/etc/postfix/main.cf.proto
+++ /dev/null
@@ -1,684 +0,0 @@
-# Global Postfix configuration file. This file lists only a subset
-# of all parameters. For the syntax, and for a complete parameter
-# list, see the postconf(5) manual page (command: "man 5 postconf").
-#
-# For common configuration examples, see BASIC_CONFIGURATION_README
-# and STANDARD_CONFIGURATION_README. To find these documents, use
-# the command "postconf html_directory readme_directory", or go to
-# http://www.postfix.org/BASIC_CONFIGURATION_README.html etc.
-#
-# For best results, change no more than 2-3 parameters at a time,
-# and test if Postfix still works after every change.
-
-# COMPATIBILITY
-#
-# The compatibility_level determines what default settings Postfix
-# will use for main.cf and master.cf settings. These defaults will
-# change over time.
-#
-# To avoid breaking things, Postfix will use backwards-compatible
-# default settings and log where it uses those old backwards-compatible
-# default settings, until the system administrator has determined
-# if any backwards-compatible default settings need to be made
-# permanent in main.cf or master.cf.
-#
-# When this review is complete, update the compatibility_level setting
-# below as recommended in the RELEASE_NOTES file.
-#
-# The level below is what should be used with new (not upgrade) installs.
-#
-compatibility_level = 2
-
-# SOFT BOUNCE
-#
-# The soft_bounce parameter provides a limited safety net for
-# testing.  When soft_bounce is enabled, mail will remain queued that
-# would otherwise bounce. This parameter disables locally-generated
-# bounces, and prevents the SMTP server from rejecting mail permanently
-# (by changing 5xx replies into 4xx replies). However, soft_bounce
-# is no cure for address rewriting mistakes or mail routing mistakes.
-#
-#soft_bounce = no
-
-# LOCAL PATHNAME INFORMATION
-#
-# The queue_directory specifies the location of the Postfix queue.
-# This is also the root directory of Postfix daemons that run chrooted.
-# See the files in examples/chroot-setup for setting up Postfix chroot
-# environments on different UNIX systems.
-#
-#queue_directory = /var/spool/postfix
-
-# The command_directory parameter specifies the location of all
-# postXXX commands.
-#
-command_directory = /usr/sbin
-
-# The daemon_directory parameter specifies the location of all Postfix
-# daemon programs (i.e. programs listed in the master.cf file). This
-# directory must be owned by root.
-#
-daemon_directory = /usr/lib/postfix/sbin
-
-# The data_directory parameter specifies the location of Postfix-writable
-# data files (caches, random numbers). This directory must be owned
-# by the mail_owner account (see below).
-#
-data_directory = /var/lib/postfix
-
-# QUEUE AND PROCESS OWNERSHIP
-#
-# The mail_owner parameter specifies the owner of the Postfix queue
-# and of most Postfix daemon processes.  Specify the name of a user
-# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
-# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM.  In
-# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
-# USER.
-#
-#mail_owner = postfix
-
-# The default_privs parameter specifies the default rights used by
-# the local delivery agent for delivery to external file or command.
-# These rights are used in the absence of a recipient user context.
-# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
-#
-#default_privs = nobody
-
-# INTERNET HOST AND DOMAIN NAMES
-# 
-# The myhostname parameter specifies the internet hostname of this
-# mail system. The default is to use the fully-qualified domain name
-# from gethostname(). $myhostname is used as a default value for many
-# other configuration parameters.
-#
-#myhostname = host.domain.tld
-#myhostname = virtual.domain.tld
-
-# The mydomain parameter specifies the local internet domain name.
-# The default is to use $myhostname minus the first component.
-# $mydomain is used as a default value for many other configuration
-# parameters.
-#
-#mydomain = domain.tld
-
-# SENDING MAIL
-# 
-# The myorigin parameter specifies the domain that locally-posted
-# mail appears to come from. The default is to append $myhostname,
-# which is fine for small sites.  If you run a domain with multiple
-# machines, you should (1) change this to $mydomain and (2) set up
-# a domain-wide alias database that aliases each user to
-# user@that.users.mailhost.
-#
-# For the sake of consistency between sender and recipient addresses,
-# myorigin also specifies the default domain name that is appended
-# to recipient addresses that have no @domain part.
-#
-# Debian GNU/Linux specific:  Specifying a file name will cause the
-# first line of that file to be used as the name.  The Debian default
-# is /etc/mailname.
-#
-#myorigin = /etc/mailname
-#myorigin = $myhostname
-#myorigin = $mydomain
-
-# RECEIVING MAIL
-
-# The inet_interfaces parameter specifies the network interface
-# addresses that this mail system receives mail on.  By default,
-# the software claims all active interfaces on the machine. The
-# parameter also controls delivery of mail to user@[ip.address].
-#
-# See also the proxy_interfaces parameter, for network addresses that
-# are forwarded to us via a proxy or network address translator.
-#
-# Note: you need to stop/start Postfix when this parameter changes.
-#
-#inet_interfaces = all
-#inet_interfaces = $myhostname
-#inet_interfaces = $myhostname, localhost
-
-# The proxy_interfaces parameter specifies the network interface
-# addresses that this mail system receives mail on by way of a
-# proxy or network address translation unit. This setting extends
-# the address list specified with the inet_interfaces parameter.
-#
-# You must specify your proxy/NAT addresses when your system is a
-# backup MX host for other domains, otherwise mail delivery loops
-# will happen when the primary MX host is down.
-#
-#proxy_interfaces =
-#proxy_interfaces = 1.2.3.4
-
-# The mydestination parameter specifies the list of domains that this
-# machine considers itself the final destination for.
-#
-# These domains are routed to the delivery agent specified with the
-# local_transport parameter setting. By default, that is the UNIX
-# compatible delivery agent that lookups all recipients in /etc/passwd
-# and /etc/aliases or their equivalent.
-#
-# The default is $myhostname + localhost.$mydomain + localhost.  On
-# a mail domain gateway, you should also include $mydomain.
-#
-# Do not specify the names of virtual domains - those domains are
-# specified elsewhere (see VIRTUAL_README).
-#
-# Do not specify the names of domains that this machine is backup MX
-# host for. Specify those names via the relay_domains settings for
-# the SMTP server, or use permit_mx_backup if you are lazy (see
-# STANDARD_CONFIGURATION_README).
-#
-# The local machine is always the final destination for mail addressed
-# to user@[the.net.work.address] of an interface that the mail system
-# receives mail on (see the inet_interfaces parameter).
-#
-# Specify a list of host or domain names, /file/name or type:table
-# patterns, separated by commas and/or whitespace. A /file/name
-# pattern is replaced by its contents; a type:table is matched when
-# a name matches a lookup key (the right-hand side is ignored).
-# Continue long lines by starting the next line with whitespace.
-#
-# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
-#
-#mydestination = $myhostname, localhost.$mydomain, localhost
-#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
-#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
-#	mail.$mydomain, www.$mydomain, ftp.$mydomain
-
-# REJECTING MAIL FOR UNKNOWN LOCAL USERS
-#
-# The local_recipient_maps parameter specifies optional lookup tables
-# with all names or addresses of users that are local with respect
-# to $mydestination, $inet_interfaces or $proxy_interfaces.
-#
-# If this parameter is defined, then the SMTP server will reject
-# mail for unknown local users. This parameter is defined by default.
-#
-# To turn off local recipient checking in the SMTP server, specify
-# local_recipient_maps = (i.e. empty).
-#
-# The default setting assumes that you use the default Postfix local
-# delivery agent for local delivery. You need to update the
-# local_recipient_maps setting if:
-#
-# - You define $mydestination domain recipients in files other than
-#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
-#   For example, you define $mydestination domain recipients in    
-#   the $virtual_mailbox_maps files.
-#
-# - You redefine the local delivery agent in master.cf.
-#
-# - You redefine the "local_transport" setting in main.cf.
-#
-# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
-#   feature of the Postfix local delivery agent (see local(8)).
-#
-# Details are described in the LOCAL_RECIPIENT_README file.
-#
-# Beware: if the Postfix SMTP server runs chrooted, you probably have
-# to access the passwd file via the proxymap service, in order to
-# overcome chroot restrictions. The alternative, having a copy of
-# the system passwd file in the chroot jail is just not practical.
-#
-# The right-hand side of the lookup tables is conveniently ignored.
-# In the left-hand side, specify a bare username, an @domain.tld
-# wild-card, or specify a user@domain.tld address.
-# 
-#local_recipient_maps = unix:passwd.byname $alias_maps
-#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
-#local_recipient_maps =
-
-# The unknown_local_recipient_reject_code specifies the SMTP server
-# response code when a recipient domain matches $mydestination or
-# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
-# and the recipient address or address local-part is not found.
-#
-# The default setting is 550 (reject mail) but it is safer to start
-# with 450 (try again later) until you are certain that your
-# local_recipient_maps settings are OK.
-#
-unknown_local_recipient_reject_code = 550
-
-# TRUST AND RELAY CONTROL
-
-# The mynetworks parameter specifies the list of "trusted" SMTP
-# clients that have more privileges than "strangers".
-#
-# In particular, "trusted" SMTP clients are allowed to relay mail
-# through Postfix.  See the smtpd_recipient_restrictions parameter
-# in postconf(5).
-#
-# You can specify the list of "trusted" network addresses by hand
-# or you can let Postfix do it for you (which is the default).
-#
-# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
-# clients in the same IP subnetworks as the local machine.
-# On Linux, this works correctly only with interfaces specified
-# with the "ifconfig" command.
-# 
-# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
-# clients in the same IP class A/B/C networks as the local machine.
-# Don't do this with a dialup site - it would cause Postfix to "trust"
-# your entire provider's network.  Instead, specify an explicit
-# mynetworks list by hand, as described below.
-#  
-# Specify "mynetworks_style = host" when Postfix should "trust"
-# only the local machine.
-# 
-#mynetworks_style = class
-#mynetworks_style = subnet
-#mynetworks_style = host
-
-# Alternatively, you can specify the mynetworks list by hand, in
-# which case Postfix ignores the mynetworks_style setting.
-#
-# Specify an explicit list of network/netmask patterns, where the
-# mask specifies the number of bits in the network part of a host
-# address.
-#
-# You can also specify the absolute pathname of a pattern file instead
-# of listing the patterns here. Specify type:table for table-based lookups
-# (the value on the table right-hand side is not used).
-#
-#mynetworks = 168.100.189.0/28, 127.0.0.0/8
-#mynetworks = $config_directory/mynetworks
-#mynetworks = hash:/etc/postfix/network_table
-mynetworks = 127.0.0.0/8
-
-# The relay_domains parameter restricts what destinations this system will
-# relay mail to.  See the smtpd_recipient_restrictions description in
-# postconf(5) for detailed information.
-#
-# By default, Postfix relays mail
-# - from "trusted" clients (IP address matches $mynetworks) to any destination,
-# - from "untrusted" clients to destinations that match $relay_domains or
-#   subdomains thereof, except addresses with sender-specified routing.
-# The default relay_domains value is $mydestination.
-# 
-# In addition to the above, the Postfix SMTP server by default accepts mail
-# that Postfix is final destination for:
-# - destinations that match $inet_interfaces or $proxy_interfaces,
-# - destinations that match $mydestination
-# - destinations that match $virtual_alias_domains,
-# - destinations that match $virtual_mailbox_domains.
-# These destinations do not need to be listed in $relay_domains.
-# 
-# Specify a list of hosts or domains, /file/name patterns or type:name
-# lookup tables, separated by commas and/or whitespace.  Continue
-# long lines by starting the next line with whitespace. A file name
-# is replaced by its contents; a type:name table is matched when a
-# (parent) domain appears as lookup key.
-#
-# NOTE: Postfix will not automatically forward mail for domains that
-# list this system as their primary or backup MX host. See the
-# permit_mx_backup restriction description in postconf(5).
-#
-#relay_domains = $mydestination
-
-# INTERNET OR INTRANET
-
-# The relayhost parameter specifies the default host to send mail to
-# when no entry is matched in the optional transport(5) table. When
-# no relayhost is given, mail is routed directly to the destination.
-#
-# On an intranet, specify the organizational domain name. If your
-# internal DNS uses no MX records, specify the name of the intranet
-# gateway host instead.
-#
-# In the case of SMTP, specify a domain, host, host:port, [host]:port,
-# [address] or [address]:port; the form [host] turns off MX lookups.
-#
-# If you're connected via UUCP, see also the default_transport parameter.
-#
-#relayhost = $mydomain
-#relayhost = [gateway.my.domain]
-#relayhost = [mailserver.isp.tld]
-#relayhost = uucphost
-#relayhost = [an.ip.add.ress]
-
-# REJECTING UNKNOWN RELAY USERS
-#
-# The relay_recipient_maps parameter specifies optional lookup tables
-# with all addresses in the domains that match $relay_domains.
-#
-# If this parameter is defined, then the SMTP server will reject
-# mail for unknown relay users. This feature is off by default.
-#
-# The right-hand side of the lookup tables is conveniently ignored.
-# In the left-hand side, specify an @domain.tld wild-card, or specify
-# a user@domain.tld address.
-# 
-#relay_recipient_maps = hash:/etc/postfix/relay_recipients
-
-# INPUT RATE CONTROL
-#
-# The in_flow_delay configuration parameter implements mail input
-# flow control. This feature is turned on by default, although it
-# still needs further development (it's disabled on SCO UNIX due
-# to an SCO bug).
-# 
-# A Postfix process will pause for $in_flow_delay seconds before
-# accepting a new message, when the message arrival rate exceeds the
-# message delivery rate. With the default 100 SMTP server process
-# limit, this limits the mail inflow to 100 messages a second more
-# than the number of messages delivered per second.
-# 
-# Specify 0 to disable the feature. Valid delays are 0..10.
-# 
-#in_flow_delay = 1s
-
-# ADDRESS REWRITING
-#
-# The ADDRESS_REWRITING_README document gives information about
-# address masquerading or other forms of address rewriting including
-# username->Firstname.Lastname mapping.
-
-# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
-#
-# The VIRTUAL_README document gives information about the many forms
-# of domain hosting that Postfix supports.
-
-# "USER HAS MOVED" BOUNCE MESSAGES
-#
-# See the discussion in the ADDRESS_REWRITING_README document.
-
-# TRANSPORT MAP
-#
-# See the discussion in the ADDRESS_REWRITING_README document.
-
-# ALIAS DATABASE
-#
-# The alias_maps parameter specifies the list of alias databases used
-# by the local delivery agent. The default list is system dependent.
-#
-# On systems with NIS, the default is to search the local alias
-# database, then the NIS alias database. See aliases(5) for syntax
-# details.
-# 
-# If you change the alias database, run "postalias /etc/aliases" (or
-# wherever your system stores the mail alias file), or simply run
-# "newaliases" to build the necessary DBM or DB file.
-#
-# It will take a minute or so before changes become visible.  Use
-# "postfix reload" to eliminate the delay.
-#
-#alias_maps = dbm:/etc/aliases
-#alias_maps = hash:/etc/aliases
-#alias_maps = hash:/etc/aliases, nis:mail.aliases
-#alias_maps = netinfo:/aliases
-
-# The alias_database parameter specifies the alias database(s) that
-# are built with "newaliases" or "sendmail -bi".  This is a separate
-# configuration parameter, because alias_maps (see above) may specify
-# tables that are not necessarily all under control by Postfix.
-#
-#alias_database = dbm:/etc/aliases
-#alias_database = dbm:/etc/mail/aliases
-#alias_database = hash:/etc/aliases
-#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
-
-# ADDRESS EXTENSIONS (e.g., user+foo)
-#
-# The recipient_delimiter parameter specifies the separator between
-# user names and address extensions (user+foo). See canonical(5),
-# local(8), relocated(5) and virtual(5) for the effects this has on
-# aliases, canonical, virtual, relocated and .forward file lookups.
-# Basically, the software tries user+foo and .forward+foo before
-# trying user and .forward.
-#
-#recipient_delimiter = +
-
-# DELIVERY TO MAILBOX
-#
-# The home_mailbox parameter specifies the optional pathname of a
-# mailbox file relative to a user's home directory. The default
-# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
-# "Maildir/" for qmail-style delivery (the / is required).
-#
-#home_mailbox = Mailbox
-#home_mailbox = Maildir/
- 
-# The mail_spool_directory parameter specifies the directory where
-# UNIX-style mailboxes are kept. The default setting depends on the
-# system type.
-#
-#mail_spool_directory = /var/mail
-#mail_spool_directory = /var/spool/mail
-
-# The mailbox_command parameter specifies the optional external
-# command to use instead of mailbox delivery. The command is run as
-# the recipient with proper HOME, SHELL and LOGNAME environment settings.
-# Exception:  delivery for root is done as $default_user.
-#
-# Other environment variables of interest: USER (recipient username),
-# EXTENSION (address extension), DOMAIN (domain part of address),
-# and LOCAL (the address localpart).
-#
-# Unlike other Postfix configuration parameters, the mailbox_command
-# parameter is not subjected to $parameter substitutions. This is to
-# make it easier to specify shell syntax (see example below).
-#
-# Avoid shell meta characters because they will force Postfix to run
-# an expensive shell process. Procmail alone is expensive enough.
-#
-# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
-# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.
-#
-#mailbox_command = /usr/bin/procmail
-#mailbox_command = /usr/bin/procmail -a "$EXTENSION"
-
-# The mailbox_transport specifies the optional transport in master.cf
-# to use after processing aliases and .forward files. This parameter
-# has precedence over the mailbox_command, fallback_transport and
-# luser_relay parameters.
-#
-# Specify a string of the form transport:nexthop, where transport is
-# the name of a mail delivery transport defined in master.cf.  The
-# :nexthop part is optional. For more details see the sample transport
-# configuration file.
-#
-# NOTE: if you use this feature for accounts not in the UNIX password
-# file, then you must update the "local_recipient_maps" setting in
-# the main.cf file, otherwise the SMTP server will reject mail for    
-# non-UNIX accounts with "User unknown in local recipient table".
-#
-# Cyrus IMAP over LMTP. Specify ``lmtpunix      cmd="lmtpd"
-# listen="/var/imap/socket/lmtp" prefork=0'' in cyrus.conf.
-#mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
-#
-# Cyrus IMAP via command line. Uncomment the "cyrus...pipe" and
-# subsequent line in master.cf.
-#mailbox_transport = cyrus
-
-# The fallback_transport specifies the optional transport in master.cf
-# to use for recipients that are not found in the UNIX passwd database.
-# This parameter has precedence over the luser_relay parameter.
-#
-# Specify a string of the form transport:nexthop, where transport is
-# the name of a mail delivery transport defined in master.cf.  The
-# :nexthop part is optional. For more details see the sample transport
-# configuration file.
-#
-# NOTE: if you use this feature for accounts not in the UNIX password
-# file, then you must update the "local_recipient_maps" setting in
-# the main.cf file, otherwise the SMTP server will reject mail for    
-# non-UNIX accounts with "User unknown in local recipient table".
-#
-#fallback_transport = lmtp:unix:/file/name
-#fallback_transport = cyrus
-#fallback_transport =
-
-# The luser_relay parameter specifies an optional destination address
-# for unknown recipients.  By default, mail for unknown@$mydestination,
-# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
-# as undeliverable.
-#
-# The following expansions are done on luser_relay: $user (recipient
-# username), $shell (recipient shell), $home (recipient home directory),
-# $recipient (full recipient address), $extension (recipient address
-# extension), $domain (recipient domain), $local (entire recipient
-# localpart), $recipient_delimiter. Specify ${name?value} or
-# ${name:value} to expand value only when $name does (does not) exist.
-#
-# luser_relay works only for the default Postfix local delivery agent.
-#
-# NOTE: if you use this feature for accounts not in the UNIX password
-# file, then you must specify "local_recipient_maps =" (i.e. empty) in
-# the main.cf file, otherwise the SMTP server will reject mail for    
-# non-UNIX accounts with "User unknown in local recipient table".
-#
-#luser_relay = $user@other.host
-#luser_relay = $local@other.host
-#luser_relay = admin+$local
-  
-# JUNK MAIL CONTROLS
-# 
-# The controls listed here are only a very small subset. The file
-# SMTPD_ACCESS_README provides an overview.
-
-# The header_checks parameter specifies an optional table with patterns
-# that each logical message header is matched against, including
-# headers that span multiple physical lines.
-#
-# By default, these patterns also apply to MIME headers and to the
-# headers of attached messages. With older Postfix versions, MIME and
-# attached message headers were treated as body text.
-#
-# For details, see "man header_checks".
-#
-#header_checks = regexp:/etc/postfix/header_checks
-
-# FAST ETRN SERVICE
-#
-# Postfix maintains per-destination logfiles with information about
-# deferred mail, so that mail can be flushed quickly with the SMTP
-# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
-# See the ETRN_README document for a detailed description.
-# 
-# The fast_flush_domains parameter controls what destinations are
-# eligible for this service. By default, they are all domains that
-# this server is willing to relay mail to.
-# 
-#fast_flush_domains = $relay_domains
-
-# SHOW SOFTWARE VERSION OR NOT
-#
-# The smtpd_banner parameter specifies the text that follows the 220
-# code in the SMTP server's greeting banner. Some people like to see
-# the mail version advertised. By default, Postfix shows no version.
-#
-# You MUST specify $myhostname at the start of the text. That is an
-# RFC requirement. Postfix itself does not care.
-#
-#smtpd_banner = $myhostname ESMTP $mail_name
-#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
-smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
-
-
-# PARALLEL DELIVERY TO THE SAME DESTINATION
-#
-# How many parallel deliveries to the same user or domain? With local
-# delivery, it does not make sense to do massively parallel delivery
-# to the same user, because mailbox updates must happen sequentially,
-# and expensive pipelines in .forward files can cause disasters when
-# too many are run at the same time. With SMTP deliveries, 10
-# simultaneous connections to the same domain could be sufficient to
-# raise eyebrows.
-# 
-# Each message delivery transport has its XXX_destination_concurrency_limit
-# parameter.  The default is $default_destination_concurrency_limit for
-# most delivery transports. For the local delivery agent the default is 2.
-
-#local_destination_concurrency_limit = 2
-#default_destination_concurrency_limit = 20
-
-# DEBUGGING CONTROL
-#
-# The debug_peer_level parameter specifies the increment in verbose
-# logging level when an SMTP client or server host name or address
-# matches a pattern in the debug_peer_list parameter.
-#
-#debug_peer_level = 2
-
-# The debug_peer_list parameter specifies an optional list of domain
-# or network patterns, /file/name patterns or type:name tables. When
-# an SMTP client or server host name or address matches a pattern,
-# increase the verbose logging level by the amount specified in the
-# debug_peer_level parameter.
-#
-#debug_peer_list = 127.0.0.1
-#debug_peer_list = some.domain
-
-# The debugger_command specifies the external command that is executed
-# when a Postfix daemon program is run with the -D option.
-#
-# Use "command .. & sleep 5" so that the debugger can attach before
-# the process marches on. If you use an X-based debugger, be sure to
-# set up your XAUTHORITY environment variable before starting Postfix.
-#
-debugger_command =
-	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
-	 ddd $daemon_directory/$process_name $process_id & sleep 5
-
-# If you can't use X, use this to capture the call stack when a
-# daemon crashes. The result is in a file in the configuration
-# directory, and is named after the process name and the process ID.
-#
-# debugger_command =
-#	PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
-#	echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
-#	>$config_directory/$process_name.$process_id.log & sleep 5
-#
-# Another possibility is to run gdb under a detached screen session.
-# To attach to the screen session, su root and run "screen -r
-# <id_string>" where <id_string> uniquely matches one of the detached
-# sessions (from "screen -list").
-#
-# debugger_command =
-#	PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
-#	-dmS $process_name gdb $daemon_directory/$process_name
-#	$process_id & sleep 1
-
-# INSTALL-TIME CONFIGURATION INFORMATION
-#
-# The following parameters are used when installing a new Postfix version.
-# 
-# sendmail_path: The full pathname of the Postfix sendmail command.
-# This is the Sendmail-compatible mail posting interface.
-# 
-sendmail_path =
-
-# newaliases_path: The full pathname of the Postfix newaliases command.
-# This is the Sendmail-compatible command to build alias databases.
-#
-newaliases_path =
-
-# mailq_path: The full pathname of the Postfix mailq command.  This
-# is the Sendmail-compatible mail queue listing command.
-# 
-mailq_path =
-
-# setgid_group: The group for mail submission and queue management
-# commands.  This must be a group name with a numerical group ID that
-# is not shared with other accounts, not even with the Postfix account.
-#
-setgid_group =
-
-# html_directory: The location of the Postfix HTML documentation.
-#
-html_directory =
-
-# manpage_directory: The location of the Postfix on-line manual pages.
-#
-manpage_directory =
-
-# sample_directory: The location of the Postfix sample configuration files.
-# This parameter is obsolete as of Postfix 2.1.
-#
-sample_directory =
-
-# readme_directory: The location of the Postfix README files.
-#
-readme_directory =
-inet_protocols = ipv4
diff --git a/postfix/etc/postfix/master.cf b/postfix/etc/postfix/master.cf
deleted file mode 100644
index 26f51e5..0000000
--- a/postfix/etc/postfix/master.cf
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# Postfix master process configuration file.  For details on the format
-# of the file, see the master(5) manual page (command: "man 5 master" or
-# on-line: http://www.postfix.org/master.5.html).
-#
-# Do not forget to execute "postfix reload" after editing this file.
-#
-# ==========================================================================
-# service type  private unpriv  chroot  wakeup  maxproc command + args
-#               (yes)   (yes)   (no)    (never) (100)
-# ==========================================================================
-smtp      inet  n       -       y       -       -       smtpd
-#smtp      inet  n       -       y       -       1       postscreen
-#smtpd     pass  -       -       y       -       -       smtpd
-#dnsblog   unix  -       -       y       -       0       dnsblog
-#tlsproxy  unix  -       -       y       -       0       tlsproxy
-#submission inet n       -       y       -       -       smtpd
-#  -o syslog_name=postfix/submission
-#  -o smtpd_tls_security_level=encrypt
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_tls_auth_only=yes
-#  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-#smtps     inet  n       -       y       -       -       smtpd
-#  -o syslog_name=postfix/smtps
-#  -o smtpd_tls_wrappermode=yes
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-#628       inet  n       -       y       -       -       qmqpd
-pickup    unix  n       -       y       60      1       pickup
-cleanup   unix  n       -       y       -       0       cleanup
-qmgr      unix  n       -       n       300     1       qmgr
-#qmgr     unix  n       -       n       300     1       oqmgr
-tlsmgr    unix  -       -       y       1000?   1       tlsmgr
-rewrite   unix  -       -       y       -       -       trivial-rewrite
-bounce    unix  -       -       y       -       0       bounce
-defer     unix  -       -       y       -       0       bounce
-trace     unix  -       -       y       -       0       bounce
-verify    unix  -       -       y       -       1       verify
-flush     unix  n       -       y       1000?   0       flush
-proxymap  unix  -       -       n       -       -       proxymap
-proxywrite unix -       -       n       -       1       proxymap
-smtp      unix  -       -       y       -       -       smtp
-relay     unix  -       -       y       -       -       smtp
-        -o syslog_name=postfix/$service_name
-#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq     unix  n       -       y       -       -       showq
-error     unix  -       -       y       -       -       error
-retry     unix  -       -       y       -       -       error
-discard   unix  -       -       y       -       -       discard
-local     unix  -       n       n       -       -       local
-virtual   unix  -       n       n       -       -       virtual
-lmtp      unix  -       -       n       -       -       lmtp
-anvil     unix  -       -       y       -       1       anvil
-scache    unix  -       -       y       -       1       scache
-postlog   unix-dgram n  -       n       -       1       postlogd
diff --git a/postfix/etc/postfix/master.cf.proto b/postfix/etc/postfix/master.cf.proto
deleted file mode 100644
index ea53632..0000000
--- a/postfix/etc/postfix/master.cf.proto
+++ /dev/null
@@ -1,127 +0,0 @@
-#
-# Postfix master process configuration file.  For details on the format
-# of the file, see the master(5) manual page (command: "man 5 master" or
-# on-line: http://www.postfix.org/master.5.html).
-#
-# Do not forget to execute "postfix reload" after editing this file.
-#
-# ==========================================================================
-# service type  private unpriv  chroot  wakeup  maxproc command + args
-#               (yes)   (yes)   (no)    (never) (100)
-# ==========================================================================
-smtp      inet  n       -       y       -       -       smtpd
-#smtp      inet  n       -       y       -       1       postscreen
-#smtpd     pass  -       -       y       -       -       smtpd
-#dnsblog   unix  -       -       y       -       0       dnsblog
-#tlsproxy  unix  -       -       y       -       0       tlsproxy
-#submission inet n       -       y       -       -       smtpd
-#  -o syslog_name=postfix/submission
-#  -o smtpd_tls_security_level=encrypt
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_tls_auth_only=yes
-#  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-#smtps     inet  n       -       y       -       -       smtpd
-#  -o syslog_name=postfix/smtps
-#  -o smtpd_tls_wrappermode=yes
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-#628       inet  n       -       y       -       -       qmqpd
-pickup    unix  n       -       y       60      1       pickup
-cleanup   unix  n       -       y       -       0       cleanup
-qmgr      unix  n       -       n       300     1       qmgr
-#qmgr     unix  n       -       n       300     1       oqmgr
-tlsmgr    unix  -       -       y       1000?   1       tlsmgr
-rewrite   unix  -       -       y       -       -       trivial-rewrite
-bounce    unix  -       -       y       -       0       bounce
-defer     unix  -       -       y       -       0       bounce
-trace     unix  -       -       y       -       0       bounce
-verify    unix  -       -       y       -       1       verify
-flush     unix  n       -       y       1000?   0       flush
-proxymap  unix  -       -       n       -       -       proxymap
-proxywrite unix -       -       n       -       1       proxymap
-smtp      unix  -       -       y       -       -       smtp
-relay     unix  -       -       y       -       -       smtp
-        -o syslog_name=postfix/$service_name
-#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq     unix  n       -       y       -       -       showq
-error     unix  -       -       y       -       -       error
-retry     unix  -       -       y       -       -       error
-discard   unix  -       -       y       -       -       discard
-local     unix  -       n       n       -       -       local
-virtual   unix  -       n       n       -       -       virtual
-lmtp      unix  -       -       y       -       -       lmtp
-anvil     unix  -       -       y       -       1       anvil
-scache    unix  -       -       y       -       1       scache
-postlog   unix-dgram n  -       n       -       1       postlogd
-#
-# ====================================================================
-# Interfaces to non-Postfix software. Be sure to examine the manual
-# pages of the non-Postfix software to find out what options it wants.
-#
-# Many of the following services use the Postfix pipe(8) delivery
-# agent.  See the pipe(8) man page for information about ${recipient}
-# and other message envelope options.
-# ====================================================================
-#
-# maildrop. See the Postfix MAILDROP_README file for details.
-# Also specify in main.cf: maildrop_destination_recipient_limit=1
-#
-maildrop  unix  -       n       n       -       -       pipe
-  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
-#
-# ====================================================================
-#
-# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
-#
-# Specify in cyrus.conf:
-#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
-#
-# Specify in main.cf one or more of the following:
-#  mailbox_transport = lmtp:inet:localhost
-#  virtual_transport = lmtp:inet:localhost
-#
-# ====================================================================
-#
-# Cyrus 2.1.5 (Amos Gouaux)
-# Also specify in main.cf: cyrus_destination_recipient_limit=1
-#
-#cyrus     unix  -       n       n       -       -       pipe
-#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
-#
-# ====================================================================
-# Old example of delivery via Cyrus.
-#
-#old-cyrus unix  -       n       n       -       -       pipe
-#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
-#
-# ====================================================================
-#
-# See the Postfix UUCP_README file for configuration details.
-#
-uucp      unix  -       n       n       -       -       pipe
-  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
-#
-# Other external delivery methods.
-#
-ifmail    unix  -       n       n       -       -       pipe
-  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
-bsmtp     unix  -       n       n       -       -       pipe
-  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
-scalemail-backend unix	-	n	n	-	2	pipe
-  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
-mailman   unix  -       n       n       -       -       pipe
-  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
-  ${nexthop} ${user}
-
diff --git a/postfix/etc/postfix/post-install b/postfix/etc/postfix/post-install
deleted file mode 100644
index 975266b..0000000
--- a/postfix/etc/postfix/post-install
+++ /dev/null
@@ -1,925 +0,0 @@
-#!/bin/sh
-
-# To view the formatted manual page of this file, type:
-#	POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man
-
-#++
-# NAME
-#	post-install
-# SUMMARY
-#	Postfix post-installation script
-# SYNOPSIS
-#	postfix post-install [name=value] command ...
-# DESCRIPTION
-#	The post-install script performs the finishing touch of a Postfix
-#	installation, after the executable programs and configuration
-#	files are installed. Usage is one of the following:
-# .IP o
-#	While installing Postfix from source code on the local machine, the
-#	script is run by the postfix-install script to update selected file
-#	or directory permissions and to update Postfix configuration files.
-# .IP o
-#	While installing Postfix from a pre-built package, the script is run
-#	by the package management procedure to set all file or directory
-#	permissions and to update Postfix configuration files.
-# .IP o
-#	The script can be used to change installation parameter settings such
-#	as mail_owner or setgid_group after Postfix is already installed.
-# .IP o
-#	The script can be used to upgrade configuration files and to upgrade
-#	file/directory permissions of a secondary Postfix instance.
-# .IP o
-#	At Postfix start-up time, the script is run from "postfix check" to
-#	create missing queue directories.
-# .PP
-#	The post-install script is controlled by installation parameters.
-#	Specific parameters are described at the end of this document.
-#	All installation parameters must be specified ahead of time via
-#	one of the methods described below.
-#
-#	Arguments
-# .IP create-missing
-#	Create missing queue directories with ownerships and permissions
-#	according to the contents of $meta_directory/postfix-files
-#	and optionally in $meta_directory/postfix-files.d/*, using
-#	the mail_owner and setgid_group parameter settings from the
-#	command line, process environment or from the installed
-#	main.cf file.
-#
-#	This is required at Postfix start-up time.
-# .IP set-permissions
-#	Set all file/directory ownerships and permissions according to the
-#	contents of $meta_directory/postfix-files and optionally
-#	in $meta_directory/postfix-files.d/*, using the mail_owner
-#	and setgid_group parameter settings from the command line,
-#	process environment or from the installed main.cf file.
-#	Implies create-missing.
-#
-#	This is required when installing Postfix from a pre-built package,
-#	or when changing the mail_owner or setgid_group installation parameter
-#	settings after Postfix is already installed.
-# .IP upgrade-permissions
-#	Update ownership and permission of existing files/directories as
-#	specified in $meta_directory/postfix-files and optionally
-#	in $meta_directory/postfix-files.d/*, using the mail_owner
-#	and setgid_group parameter settings from the command line,
-#	process environment or from the installed main.cf file.
-#	Implies create-missing.
-#
-#	This is required when upgrading an existing Postfix instance.
-# .IP upgrade-configuration
-#	Edit the installed main.cf and master.cf files, in order to account
-#	for missing services and to fix deprecated parameter settings.
-#
-#	This is required when upgrading an existing Postfix instance.
-# .IP upgrade-source
-#	Short-hand for: upgrade-permissions upgrade-configuration.
-#
-#	This is recommended when upgrading Postfix from source code.
-# .IP upgrade-package
-#	Short-hand for: set-permissions upgrade-configuration.
-#
-#	This is recommended when upgrading Postfix from a pre-built package.
-# .IP first-install-reminder
-#	Remind the user that they still need to configure main.cf and the
-#	aliases file, and that newaliases still needs to be run.
-#
-#	This is recommended when Postfix is installed for the first time.
-# MULTIPLE POSTFIX INSTANCES
-# .ad
-# .fi
-#	Multiple Postfix instances on the same machine can share command and
-#	daemon program files but must have separate configuration and queue
-#	directories.
-#
-#	To create a secondary Postfix installation on the same machine,
-#	copy the configuration files from the primary Postfix instance to
-#	a secondary configuration directory and execute:
-#
-#	postfix post-install config_directory=secondary-config-directory \e
-# .in +4
-#		queue_directory=secondary-queue-directory \e
-# .br
-#		create-missing
-# .PP
-#	This creates secondary Postfix queue directories, sets their access
-#	permissions, and saves the specified installation parameters to the
-#	secondary main.cf file.
-#
-#	Be sure to list the secondary configuration directory in the
-#	alternate_config_directories parameter in the primary main.cf file.
-#
-#	To upgrade a secondary Postfix installation on the same machine,
-#	execute:
-#
-#	postfix post-install config_directory=secondary-config-directory \e
-# .in +4
-#		upgrade-permissions upgrade-configuration
-# INSTALLATION PARAMETER INPUT METHODS
-# .ad
-# .fi
-#	Parameter settings can be specified through a variety of
-#	mechanisms.  In order of decreasing precedence these are:
-# .IP "command line"
-#	Parameter settings can be given as name=value arguments on
-#	the post-install command line. These have the highest precedence.
-#	Settings that override the installed main.cf file are saved.
-# .IP "process environment"
-#	Parameter settings can be given as name=value environment
-#	variables.
-#	Settings that override the installed main.cf file are saved.
-# .IP "installed configuration files"
-#	If a parameter is not specified via the command line or via the
-#	process environment, post-install will attempt to extract its
-#	value from the already installed Postfix main.cf configuration file.
-#	These settings have the lowest precedence.
-# INSTALLATION PARAMETER DESCRIPTION
-# .ad
-# .fi
-#	The description of installation parameters is as follows:
-# .IP config_directory
-#	The directory for Postfix configuration files.
-# .IP daemon_directory
-#	The directory for Postfix daemon programs. This directory
-#	should not be in the command search path of any users.
-# .IP command_directory
-#	The directory for Postfix administrative commands. This
-#	directory should be in the command search path of adminstrative users.
-# .IP queue_directory
-#	The directory for Postfix queues.
-# .IP data_directory
-#	The directory for Postfix writable data files (caches, etc.).
-# .IP sendmail_path
-#	The full pathname for the Postfix sendmail command.
-#	This is the Sendmail-compatible mail posting interface.
-# .IP newaliases_path
-#	The full pathname for the Postfix newaliases command.
-#	This is the Sendmail-compatible command to build alias databases
-#	for the Postfix local delivery agent.
-# .IP mailq_path
-#	The full pathname for the Postfix mailq command.
-#	This is the Sendmail-compatible command to list the mail queue.
-# .IP mail_owner
-#	The owner of the Postfix queue. Its numerical user ID and group ID
-#	must not be used by any other accounts on the system.
-# .IP setgid_group
-#	The group for mail submission and for queue management commands.
-#	Its numerical group ID must not be used by any other accounts on the
-#	system, not even by the mail_owner account.
-# .IP html_directory
-#	The directory for the Postfix HTML files.
-# .IP manpage_directory
-#	The directory for the Postfix on-line manual pages.
-# .IP sample_directory
-#	The directory for the Postfix sample configuration files.
-#	This feature is obsolete as of Postfix 2.1.
-# .IP readme_directory
-#	The directory for the Postfix README files.
-# .IP shlib_directory
-#	The directory for the Postfix shared-library files, and for
-#	the Postfix dabatase plugin files with a relative pathname
-#	in the file dynamicmaps.cf.
-# .IP meta_directory
-#	The directory for non-executable files that are shared
-#	among multiple Postfix instances, such as postfix-files,
-#	dynamicmaps.cf, as well as the multi-instance template files
-#	main.cf.proto and master.cf.proto.
-# SEE ALSO
-#	postfix-install(1) Postfix primary installation script.
-# FILES
-#	$config_directory/main.cf, Postfix installation parameters.
-#	$meta_directory/postfix-files, installation control file.
-#	$meta_directory/postfix-files.d/*, optional control files.
-#	$config_directory/install.cf, obsolete configuration file.
-# LICENSE
-# .ad
-# .fi
-#	The Secure Mailer license must be distributed with this software.
-# AUTHOR(S)
-#	Wietse Venema
-#	IBM T.J. Watson Research
-#	P.O. Box 704
-#	Yorktown Heights, NY 10598, USA
-#
-#	Wietse Venema
-#	Google, Inc.
-#	111 8th Avenue
-#	New York, NY 10011, USA
-#--
-
-umask 022
-
-PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
-SHELL=/bin/sh
-IFS=" 	
-"
-BACKUP_IFS="$IFS"
-debug=:
-#debug=echo
-MOST_PARAMETERS="command_directory daemon_directory data_directory
-    html_directory mail_owner mailq_path manpage_directory
-    newaliases_path queue_directory readme_directory sample_directory
-    sendmail_path setgid_group shlib_directory meta_directory"
-NON_SHARED="config_directory queue_directory data_directory"
-
-USAGE="Usage: $0 [name=value] command
-    create-missing          Create missing queue directories.
-    upgrade-source          When installing or upgrading from source code.
-    upgrade-package         When installing or upgrading from pre-built package.
-    first-install-reminder  Remind of mandatory first-time configuration steps.
-    name=value              Specify an installation parameter".
-
-# Process command-line options and parameter settings. Work around
-# brain damaged shells. "IFS=value command" should not make the
-# IFS=value setting permanent. But some broken standard allows it.
-
-create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder=
-obsolete=; keep_list=;
-
-for arg
-do
-    case $arg in
-	*[" 	"]*) echo $0: "Error: argument contains whitespace: '$arg'"
-		     exit 1;;
-                *=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
-     create-missing) create=1;;
-	  set-perm*) create=1; set_perms=1;;
-      upgrade-perm*) create=1; upgrade_perms=1;;
-      upgrade-conf*) upgrade_conf=1;;
-     upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;;
-    upgrade-package) create=1; upgrade_conf=1; set_perms=1;;
-     first-install*) first_install_reminder=1;;
-		  *) echo "$0: Error: $USAGE" 1>&2; exit 1;;
-    esac
-    shift
-done
-
-# Sanity checks.
-
-test -n "$create$upgrade_conf$first_install_reminder" || {
-    echo "$0: Error: $USAGE" 1>&2
-    exit 1
-}
-
-# Bootstrapping problem.
-
-if [ -n "$command_directory" ]
-then
-    POSTCONF="$command_directory/postconf"
-else
-    POSTCONF="postconf"
-fi
-
-$POSTCONF -d mail_version >/dev/null 2>/dev/null || {
-    echo $0: Error: no $POSTCONF command found. 1>&2
-    echo Re-run this command as $0 command_directory=/some/where. 1>&2
-    exit 1
-}
-
-# Also used to require license etc. files only in the default instance.
-
-def_config_directory=`$POSTCONF -d -h config_directory` || exit 1
-test -n "$config_directory" ||
-    config_directory="$def_config_directory"
-
-test -d "$config_directory" || {
-    echo $0: Error: $config_directory is not a directory. 1>&2
-    exit 1
-}
-
-# If this is a secondary instance, don't touch shared files.
-# XXX Solaris does not have "test -e".
-
-instances=`test ! -f $def_config_directory/main.cf || 
-    $POSTCONF -c $def_config_directory -h multi_instance_directories | 
-	sed 's/,/ /'` || exit 1
-
-update_shared_files=1
-for name in $instances
-do
-    case "$name" in
-    "$def_config_directory") ;;
-    "$config_directory") update_shared_files=; break;;
-    esac
-done
-
-test -f $meta_directory/postfix-files || {
-    echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2
-    exit 1
-}
-
-# SunOS5 fmt(1) truncates lines > 1000 characters.
-
-fake_fmt() {
-    sed '
-    :top
-	/^\(  *\)\([^ ][^ ]*\)  */{
-	    s//\1\2\
-\1/
-	    P
-	    D
-	    b top
-	}
-    ' | fmt
-}
-
-case `uname -s` in
-HP-UX*) FMT=cat;;
-SunOS*) FMT=fake_fmt;;
-     *) FMT=fmt;;
-esac
-
-# If a parameter is not set via the command line or environment,
-# try to use settings from installed configuration files.
-
-# Extract parameter settings from the obsolete install.cf file, as
-# a transitional aid.
-
-grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
-    test -f $config_directory/install.cf  && {
-        for name in sendmail_path newaliases_path mailq_path setgid manpages
-        do
-	eval junk=\$$name
-        case "$junk" in
-        "") eval unset $name;;
-        esac
-	   eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
-		|| exit 1
-        done
-        : ${setgid_group=$setgid}
-        : ${manpage_directory=$manpages}
-    }
-}
-
-# Extract parameter settings from the installed main.cf file.
-
-test -f $config_directory/main.cf && {
-    for name in $MOST_PARAMETERS
-    do
-	eval junk=\$$name
-        case "$junk" in
-        "") eval unset $name;;
-        esac
-        eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
-    done
-}
-
-# Sanity checks
-
-case $manpage_directory in
- no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2
-     echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;;
-esac
-
-case $setgid_group in
- no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2
-     echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;;
-esac
-
-for path in "$daemon_directory" "$command_directory" "$queue_directory" \
-    "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \
-    "$meta_directory"
-do
-   case "$path" in
-   /*) ;;
-    *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;;
-   esac
-done
-
-for path in "$html_directory" "$readme_directory" "$shlib_directory"
-do
-   case "$path" in
-   /*) ;;
-   no) ;;
-    *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;;
-   esac
-done
-
-# Find out what parameters were not specified via command line,
-# via environment, or via installed configuration files.
-
-missing=
-for name in $MOST_PARAMETERS
-do
-    eval test -n \"\$$name\" || missing="$missing $name"
-done
-
-# All parameters must be specified at this point.
-
-test -n "$non_interactive" -a -n "$missing" && {
-    cat <<EOF | ${FMT} 1>&2
-$0: Error: some required installation parameters are not defined.
-
-- Either the parameters need to be given in the $config_directory/main.cf
-file from a recent Postfix installation,
-
-- Or the parameters need to be specified through the process
-environment.
-
-- Or the parameters need to be specified as name=value arguments
-on the $0 command line,
-
-The following parameters were missing:
-
-    $missing
-
-EOF
-    exit 1
-}
-
-POSTCONF="$command_directory/postconf"
-
-# Save settings, allowing command line/environment override.
-
-# Undo MAIL_VERSION expansion at the end of a parameter value. If
-# someone really wants the expanded mail version in main.cf, then
-# we're sorry.
-
-# Confine side effects from mail_version unexpansion within a subshell.
-
-(case "$mail_version" in
-"") mail_version="`$POSTCONF -dhx mail_version`" || exit 1
-esac
-
-for name in $MOST_PARAMETERS
-do
-    eval junk=\$$name
-    case "$junk" in
-    *"$mail_version"*) 
-	case "$pattern" in
-	"") pattern=`echo "$mail_version" | sed 's/\./\\\\./g'` || exit 1
-	esac
-	val=`echo "$junk" | sed "s/$pattern"'$/${mail_version}/g'` || exit 1
-	eval ${name}='"$val"'
-    esac
-done
-
-# XXX Maybe update main.cf only with first install, upgrade, set
-# permissions, and what else? Should there be a warning otherwise?
-
-override=
-for name in $MOST_PARAMETERS
-do
-    eval junk=\"\$$name\"
-    test "$junk" = "`$POSTCONF -c $config_directory -h $name`" || {
-	override=1
-	break
-    }
-done
-
-test -n "$override" && {
-    $POSTCONF -c $config_directory -e \
-	"daemon_directory = $daemon_directory" \
-	"command_directory = $command_directory" \
-	"queue_directory = $queue_directory" \
-	"data_directory = $data_directory" \
-	"mail_owner = $mail_owner" \
-	"setgid_group = $setgid_group" \
-	"sendmail_path = $sendmail_path" \
-	"mailq_path = $mailq_path" \
-	"newaliases_path = $newaliases_path" \
-	"html_directory = $html_directory" \
-	"manpage_directory = $manpage_directory" \
-	"sample_directory = $sample_directory" \
-	"readme_directory = $readme_directory" \
-	"shlib_directory = $shlib_directory" \
-	"meta_directory = $meta_directory" \
-    || exit 1
-} || exit 0) || exit 1
-
-# Use file/directory status information in $meta_directory/postfix-files.
-
-test -n "$create" && {
-    postfix_files_d=$meta_directory/postfix-files.d
-    for postfix_file in $meta_directory/postfix-files \
-	`test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }`
-    do
-	exec <$postfix_file || exit 1
-	while IFS=: read path type owner group mode flags junk
-	do
-	    IFS="$BACKUP_IFS"
-	    set_permission=
-	    # Skip comments. Skip shared files, if updating a secondary instance.
-	    case $path in
-	    [$]*) case "$update_shared_files" in
-		  1) $debug keep non-shared or shared $path;;
-		  *) non_shared=
-		     for name in $NON_SHARED
-		     do
-			 case $path in
-			 "\$$name"*) non_shared=1; break;;
-			 esac
-		     done
-		     case "$non_shared" in
-		      1) $debug keep non-shared $path;;
-		      *) $debug skip shared $path; continue;;
-		     esac;;
-		  esac;;
-	       *) continue;;
-	    esac
-	    # Skip hard links and symbolic links.
-	    case $type in
-	    [hl]) continue;;
-	    [df]) ;;
-	       *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;;
-	    esac
-	    # Expand $name, and canonicalize null fields.
-	    for name in path owner group flags
-	    do
-		eval junk=\${$name}
-		case $junk in
-		[$]*) eval $name=$junk;;
-		   -) eval $name=;;
-		   *) ;;
-		esac
-	    done
-	    # Skip uninstalled files.
-	    case $path in
-	    no|no/*) continue;;
-	    esac
-	    # Pick up the flags.
-	    case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac
-	    case $flags in *c*) create_flag=1;; *) create_flag=;; esac
-	    case $flags in *r*) recursive="-R";; *) recursive=;; esac
-	    case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac
-	    case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \
-				    "$def_config_directory" && continue;; esac
-	    # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e".
-	    if [ -n "$obsolete_flag" ]
-	    then
-		test -r $path -a "$type" != "d" && obsolete="$obsolete $path"
-		continue;
-	    else
-		keep_list="$keep_list $path"
-	    fi
-	    # Create missing directories with proper owner/group/mode settings.
-	    if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ]
-	    then
-		mkdir $path || exit 1
-		set_permission=1
-	    # Update all owner/group/mode settings.
-	    elif [ -n "$set_perms" ]
-	    then
-		set_permission=1
-	    # Update obsolete owner/group/mode settings.
-	    elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ]
-	    then
-		set_permission=1
-	    fi
-	    test -n "$set_permission" && {
-		chown $recursive $owner $path || exit 1
-		test -z "$group" || chgrp $recursive $group $path || exit 1
-		# Don't "chmod -R"; queue file status is encoded in mode bits.
-		if [ "$type" = "d" -a -n "$recursive" ]
-		then
-		    find $path -type d -exec chmod $mode "{}" ";"
-		else
-		    chmod $mode $path
-		fi || exit 1
-	    }
-	done
-	IFS="$BACKUP_IFS"
-    done
-}
-
-# Upgrade existing Postfix configuration files if necessary.
-
-test -n "$upgrade_conf" && {
-
-    # Postfix 2.0.
-    # Add missing relay service to master.cf.
-
-    grep '^relay' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for relay service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-relay	  unix	-	-	n	-	-	smtp
-EOF
-    }
-
-    # Postfix 1.1.
-    # Add missing flush service to master.cf.
-
-    grep '^flush.*flush' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for flush service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-flush     unix  -       -       n       1000?   0       flush
-EOF
-    }
-
-    # Postfix 2.1.
-    # Add missing trace service to master.cf.
-
-    grep 'trace.*bounce' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for trace service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-trace	  unix	-	-	n	-	0	bounce
-EOF
-    }
-
-    # Postfix 2.1.
-    # Add missing verify service to master.cf.
-
-    grep '^verify.*verify' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for verify service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-verify	  unix	-	-	n	-	1	verify
-EOF
-    }
-
-    # Postfix 2.1.
-    # Fix verify service process limit.
-
-    grep '^verify.*[ 	]0[ 	]*verify' \
-	$config_directory/master.cf >/dev/null && {
-	    echo Editing $config_directory/master.cf, setting verify process limit to 1
-	    ed $config_directory/master.cf <<EOF || exit 1
-/^verify.*[ 	]0[ 	]*verify/
-s/\([ 	]\)0\([ 	]\)/\11\2/
-p
-w
-q
-EOF
-    }
-
-    # Postfix 1.1.
-    # Change privileged pickup service into unprivileged.
-
-    grep "^pickup[ 	]*fifo[ 	]*n[ 	]*n" \
-	$config_directory/master.cf >/dev/null && {
-	    echo Editing $config_directory/master.cf, making the pickup service unprivileged
-	    ed $config_directory/master.cf <<EOF || exit 1
-/^pickup[ 	]*fifo[ 	]*n[ 	]*n/
-s/\(n[ 	]*\)n/\1-/
-p
-w
-q
-EOF
-    }
-
-    # Postfix 1.1.
-    # Change private cleanup and flush services into public.
-
-    for name in cleanup flush
-    do
-	grep "^$name[ 	]*unix[ 	]*[-y]" \
-	    $config_directory/master.cf >/dev/null && {
-		echo Editing $config_directory/master.cf, making the $name service public
-	    ed $config_directory/master.cf <<EOF || exit 1
-/^$name[ 	]*unix[ 	]*[-y]/
-s/[-y]/n/
-p
-w
-q
-EOF
-	}
-    done
-
-    # Postfix 2.2.
-    # File systems have improved since Postfix came out, and all we
-    # require now is that defer and deferred are hashed because those
-    # can contain lots of files.
-
-    found=`$POSTCONF -c $config_directory -h hash_queue_names`
-    missing=
-    (echo "$found" | grep defer >/dev/null)  || missing="$missing defer"
-    (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred"
-    test -n "$missing" && {
-	echo fixing main.cf hash_queue_names for missing $missing
-	$POSTCONF -c $config_directory -e hash_queue_names="$found$missing" ||
-	    exit 1
-    }
-
-    # Turn on safety nets for new features that could bounce mail that
-    # would be accepted by a previous Postfix version.
-
-    # [The "unknown_local_recipient_reject_code = 450" safety net,
-    # introduced with Postfix 2.0 and deleted after Postfix 2.3.]
-
-    # Postfix 2.0.
-    # Add missing proxymap service to master.cf.
-
-    grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for proxymap service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-proxymap  unix	-	-	n	-	-	proxymap
-EOF
-    }
-
-    # Postfix 2.1.
-    # Add missing anvil service to master.cf.
-
-    grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for anvil service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-anvil	  unix	-	-	n	-	1	anvil
-EOF
-    }
-
-    # Postfix 2.2.
-    # Add missing scache service to master.cf.
-
-    grep '^scache.*scache' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for scache service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-scache	  unix	-	-	n	-	1	scache
-EOF
-    }
-
-    # Postfix 2.2.
-    # Add missing discard service to master.cf.
-
-    grep '^discard.*discard' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for discard service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-discard	  unix	-	-	n	-	-	discard
-EOF
-    }
-
-    # Postfix 2.2.
-    # Update the tlsmgr fifo->unix service.
-
-    grep "^tlsmgr[ 	]*fifo[ 	]" \
-	$config_directory/master.cf >/dev/null && {
-	    echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service
-	    ed $config_directory/master.cf <<EOF || exit 1
-/^tlsmgr[ 	]*fifo[ 	]/
-s/fifo/unix/
-s/[0-9][0-9]*/&?/
-p
-w
-q
-EOF
-    }
-
-    # Postfix 2.2.
-    # Add missing tlsmgr service to master.cf.
-
-    grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-tlsmgr    unix  -       -       n       1000?   1       tlsmgr
-EOF
-    }
-
-    # Postfix 2.2.
-    # Add missing retry service to master.cf.
-
-    grep '^retry.*error' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for retry service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-retry     unix  -       -       n       -       -       error
-EOF
-    }
-
-    # Postfix 2.5.
-    # Add missing proxywrite service to master.cf.
-
-    grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for proxywrite service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-proxywrite unix -       -       n       -       1       proxymap
-EOF
-    }
-
-    # Postfix 2.5.
-    # Fix a typo in the default master.cf proxywrite entry.
-
-    grep '^proxywrite.*-[ 	]*proxymap' $config_directory/master.cf >/dev/null && {
-	echo Editing $config_directory/master.cf, setting proxywrite process limit to 1
-	    ed $config_directory/master.cf <<EOF || exit 1
-/^proxywrite.*-[ 	]*proxymap/
-s/-\([ 	]*proxymap\)/1\1/
-p
-w
-q
-EOF
-    }
-
-    # Postfix 2.8.
-    # Add missing postscreen service to master.cf.
-
-    grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-#smtp      inet  n       -       n       -       1       postscreen
-EOF
-    }
-
-    # Postfix 2.8.
-    # Add missing smtpd (unix-domain) service to master.cf.
-
-    grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-#smtpd     pass  -       -       n       -       -       smtpd
-EOF
-    }
-
-    # Postfix 2.8.
-    # Add temporary dnsblog (unix-domain) service to master.cf.
-
-    grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-#dnsblog   unix  -       -       n       -       0       dnsblog
-EOF
-    }
-
-    # Postfix 2.8.
-    # Add tlsproxy (unix-domain) service to master.cf.
-
-    grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-#tlsproxy  unix  -       -       n       -       0       tlsproxy
-EOF
-    }
-
-    # Report (but do not remove) obsolete files.
-
-    test -n "$obsolete" && {
-	cat <<EOF | ${FMT}
-
-    Note: the following files or directories still exist but are
-    no longer part of Postfix:
-
-    $obsolete
-
-EOF
-    }
-
-    # Postfix 2.9.
-    # Safety net for incompatible changes in IPv6 defaults.
-    # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN
-    # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX
-    # BEFORE 2.9.
-    # This code assumes that the default is "inet_protocols = ipv4"
-    # when IPv6 support is not compiled in. See util/sys_defs.h.
-
-    test "`$POSTCONF -dh inet_protocols`" = "ipv4" ||
-	test -n "`$POSTCONF -c $config_directory -n inet_protocols`" || {
-	cat <<EOF | ${FMT}
-    COMPATIBILITY: editing $config_directory/main.cf, setting
-    inet_protocols=ipv4.  Specify inet_protocols explicitly if you
-    want to enable IPv6.
-    In a future release IPv6 will be enabled by default.
-EOF
-	$POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1
-    }
-
-# Disabled because unhelpful down-stream maintainers disable the safety net.
-#    # Postfix 2.10.
-#    # Safety net for incompatible changes due to the introduction
-#    # of the smtpd_relay_restrictions feature to separate the
-#    # mail relay policy from the spam blocking policy.
-#    # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT
-#    # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM
-#    # POSTFIX BEFORE 2.10.
-#    test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || {
-#	cat <<EOF | ${FMT}
-#    COMPATIBILITY: editing $config_directory/main.cf, overriding
-#    smtpd_relay_restrictions to prevent inbound mail from
-#    unexpectedly bouncing.
-#    Specify an empty smtpd_relay_restrictions value to keep using 
-#    smtpd_recipient_restrictions as before.
-#EOF
-#	$POSTCONF -c $config_directory "smtpd_relay_restrictions = \
-#	    permit_mynetworks permit_sasl_authenticated \
-#	    defer_unauth_destination" || exit 1
-#    }
-
-    # Postfix 3.4
-    # Add a postlog service entry.
-
-    grep '^postlog' $config_directory/master.cf >/dev/null || {
-	echo Editing $config_directory/master.cf, adding missing entry for postlog unix-domain datagram service
-	cat >>$config_directory/master.cf <<EOF || exit 1
-postlog   unix-dgram n  -       n       -       1       postlogd
-EOF
-    }
-}
-
-# A reminder if this is the first time Postfix is being installed.
-
-test -n "$first_install_reminder" && {
-
-    ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'`
-    NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path`
-    cat <<EOF | ${FMT}
-
-    Warning: you still need to edit myorigin/mydestination/mynetworks
-    parameter settings in $config_directory/main.cf.
-
-    See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
-    for information about dialup sites or about sites inside a
-    firewalled network.
-
-    BTW: Check your $ALIASES file and be sure to set up aliases
-    that send mail for root and postmaster to a real person, then
-    run $NEWALIASES_PATH.
-
-EOF
-
-}
-
-exit 0
diff --git a/postfix/etc/postfix/postfix-files b/postfix/etc/postfix/postfix-files
deleted file mode 100644
index f18c1fb..0000000
--- a/postfix/etc/postfix/postfix-files
+++ /dev/null
@@ -1,223 +0,0 @@
-#
-# Do not edit this file.
-#
-# This file controls the postfix-install script for installation of
-# Postfix programs, configuration files and documentation, as well
-# as the post-install script for setting permissions and for updating
-# Postfix configuration files. See the respective manual pages within
-# the script files.
-#
-# Do not list $command_directory or $shlib_directory in this file,
-# or it will be blown away by a future Postfix uninstallation
-# procedure. You would not want to lose all files in /usr/sbin or
-# /usr/local/lib.
-#
-# Each record in this file describes one file or directory.
-# Fields are separated by ":". Specify a null field as "-".
-# Missing fields or separators at the end are OK.
-#
-# File format:
-#	name:type:owner:group:permission:flags
-#	No group means don't change group ownership.
-#
-# File types:
-#	d=directory
-#	f=regular file
-#	h=hard link (*)
-#	l=symbolic link (*)
-#
-# (*) With hard links and symbolic links, the owner field becomes the
-#     source pathname, while the group and permissions are ignored.
-#
-# File flags:
-#	No flag means the flag is not active.
-#	p=preserve existing file, do not replace (postfix-install).
-#	u=update owner/group/mode (post-install upgrade-permissions).
-#	c=create missing directory (post-install create-missing).
-#	r=apply owner/group recursively (post-install set/upgrade-permissions).
-#	o=obsolete, no longer part of Postfix
-#	1=optional for non-default instance (config_dir != built-in default).
-#
-# Note: the "u" flag is for upgrading the permissions of existing files
-# or directories after changes in Postfix architecture. For robustness
-# it is a good idea to "u" all the files that have special ownership or
-# permissions, so that running "make install" fixes any glitches.
-#
-# Note: order matters. Update shared libraries and database plugins
-# before daemon/command-line programs.
-$config_directory:d:root:-:755:u
-$data_directory:d:$mail_owner:-:700:uc
-$daemon_directory:d:root:-:755:u
-$queue_directory:d:root:-:755:uc
-$queue_directory/active:d:$mail_owner:-:700:ucr
-$queue_directory/bounce:d:$mail_owner:-:700:ucr
-$queue_directory/corrupt:d:$mail_owner:-:700:ucr
-$queue_directory/defer:d:$mail_owner:-:700:ucr
-$queue_directory/deferred:d:$mail_owner:-:700:ucr
-$queue_directory/flush:d:$mail_owner:-:700:ucr
-$queue_directory/hold:d:$mail_owner:-:700:ucr
-$queue_directory/incoming:d:$mail_owner:-:700:ucr
-$queue_directory/private:d:$mail_owner:-:700:uc
-$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc
-$queue_directory/public:d:$mail_owner:$setgid_group:710:uc
-$queue_directory/pid:d:root:-:755:uc
-$queue_directory/saved:d:$mail_owner:-:700:ucr
-$queue_directory/trace:d:$mail_owner:-:700:ucr
-# Update shared libraries and plugins before daemon or command-line programs.
-$shlib_directory/libpostfix-util.so:f:root:-:755
-$shlib_directory/libpostfix-global.so:f:root:-:755
-$shlib_directory/libpostfix-dns.so:f:root:-:755
-$shlib_directory/libpostfix-tls.so:f:root:-:755
-$shlib_directory/libpostfix-master.so:f:root:-:755
-$meta_directory/dynamicmaps.cf.d:d:root:-:755
-$meta_directory/dynamicmaps.cf:f:root:-:644
-$meta_directory/main.cf.proto:f:root:-:644
-$meta_directory/makedefs.out:f:root:-:644
-$meta_directory/master.cf.proto:f:root:-:644
-$meta_directory/postfix-files.d:d:root:-:755
-$meta_directory/postfix-files:f:root:-:644
-$daemon_directory/anvil:f:root:-:755
-$daemon_directory/bounce:f:root:-:755
-$daemon_directory/cleanup:f:root:-:755
-$daemon_directory/discard:f:root:-:755
-$daemon_directory/dnsblog:f:root:-:755
-$daemon_directory/error:f:root:-:755
-$daemon_directory/flush:f:root:-:755
-$daemon_directory/local:f:root:-:755
-$daemon_directory/main.cf:f:root:-:644:o
-$daemon_directory/master.cf:f:root:-:644:o
-$daemon_directory/master:f:root:-:755
-$daemon_directory/oqmgr:f:root:-:755
-$daemon_directory/pickup:f:root:-:755
-$daemon_directory/pipe:f:root:-:755
-$daemon_directory/post-install:f:root:-:755
-# In case meta_directory == daemon_directory.
-#$daemon_directory/postfix-files:f:root:-:644:o
-#$daemon_directory/postfix-files.d:d:root:-:755:o
-$daemon_directory/postfix-script:f:root:-:755
-$daemon_directory/postfix-tls-script:f:root:-:755
-$daemon_directory/postfix-wrapper:f:root:-:755
-$daemon_directory/postmulti-script:f:root:-:755
-$daemon_directory/postlogd:f:root:-:755
-$daemon_directory/postscreen:f:root:-:755
-$daemon_directory/proxymap:f:root:-:755
-$daemon_directory/qmgr:f:root:-:755
-$daemon_directory/qmqpd:f:root:-:755
-$daemon_directory/scache:f:root:-:755
-$daemon_directory/showq:f:root:-:755
-$daemon_directory/smtp:f:root:-:755
-$daemon_directory/smtpd:f:root:-:755
-$daemon_directory/spawn:f:root:-:755
-$daemon_directory/tlsproxy:f:root:-:755
-$daemon_directory/tlsmgr:f:root:-:755
-$daemon_directory/trivial-rewrite:f:root:-:755
-$daemon_directory/verify:f:root:-:755
-$daemon_directory/virtual:f:root:-:755
-$daemon_directory/nqmgr:h:$daemon_directory/qmgr
-$daemon_directory/lmtp:h:$daemon_directory/smtp
-$command_directory/postalias:f:root:-:755
-$command_directory/postcat:f:root:-:755
-$command_directory/postconf:f:root:-:755
-$command_directory/postfix:f:root:-:755
-$command_directory/postkick:f:root:-:755
-$command_directory/postlock:f:root:-:755
-$command_directory/postlog:f:root:-:755
-$command_directory/postmap:f:root:-:755
-$command_directory/postmulti:f:root:-:755
-$command_directory/postsuper:f:root:-:755
-$command_directory/postdrop:f:root:$setgid_group:2755:u
-$command_directory/postqueue:f:root:$setgid_group:2755:u
-$sendmail_path:f:root:-:755
-$newaliases_path:l:$sendmail_path
-$mailq_path:l:$sendmail_path
-# Empty files not shipped in Debian
-#$config_directory/access:f:root:-:644:p1
-#$config_directory/aliases:f:root:-:644:p1
-#$config_directory/bounce.cf.default:f:root:-:644:1
-#$config_directory/canonical:f:root:-:644:p1
-#$config_directory/cidr_table:f:root:-:644:o
-#$config_directory/generic:f:root:-:644:p1
-#$config_directory/generics:f:root:-:644:o
-#$config_directory/header_checks:f:root:-:644:p1
-#$config_directory/install.cf:f:root:-:644:o
-#$config_directory/main.cf.default:f:root:-:644:1
-$config_directory/main.cf:f:root:-:644:p
-$config_directory/master.cf:f:root:-:644:p
-#$config_directory/regexp_table:f:root:-:644:o
-#$config_directory/relocated:f:root:-:644:p1
-#$config_directory/tcp_table:f:root:-:644:o
-#$config_directory/transport:f:root:-:644:p1
-#$config_directory/virtual:f:root:-:644:p1
-$config_directory/postfix-script:f:root:-:755:o
-#$config_directory/postfix-script-sgid:f:root:-:755:o
-#$config_directory/postfix-script-nosgid:f:root:-:755:o
-$config_directory/post-install:f:root:-:755:o
-$manpage_directory/man1/mailq.1.gz:f:root:-:644
-$manpage_directory/man1/newaliases.1.gz:f:root:-:644
-$manpage_directory/man1/postalias.1.gz:f:root:-:644
-$manpage_directory/man1/postcat.1.gz:f:root:-:644
-$manpage_directory/man1/postconf.1.gz:f:root:-:644
-$manpage_directory/man1/postdrop.1.gz:f:root:-:644
-$manpage_directory/man1/postfix.1.gz:f:root:-:644
-$manpage_directory/man1/postfix-tls.1.gz:f:root:-:644
-$manpage_directory/man1/postkick.1.gz:f:root:-:644
-$manpage_directory/man1/postlock.1.gz:f:root:-:644
-$manpage_directory/man1/postlog.1.gz:f:root:-:644
-$manpage_directory/man1/postmap.1.gz:f:root:-:644
-$manpage_directory/man1/postmulti.1.gz:f:root:-:644
-$manpage_directory/man1/postqueue.1.gz:f:root:-:644
-$manpage_directory/man1/postsuper.1.gz:f:root:-:644
-$manpage_directory/man1/sendmail.1.gz:f:root:-:644
-$manpage_directory/man5/access.5.gz:f:root:-:644
-$manpage_directory/man5/aliases.5.gz:f:root:-:644
-$manpage_directory/man5/body_checks.5.gz:f:root:-:644
-$manpage_directory/man5/bounce.5.gz:f:root:-:644
-$manpage_directory/man5/canonical.5.gz:f:root:-:644
-$manpage_directory/man5/cidr_table.5.gz:f:root:-:644
-$manpage_directory/man5/generics.5.gz:f:root:-:644:o
-$manpage_directory/man5/generic.5.gz:f:root:-:644
-$manpage_directory/man5/header_checks.5.gz:f:root:-:644
-$manpage_directory/man5/master.5.gz:f:root:-:644
-$manpage_directory/man5/memcache_table.5.gz:f:root:-:644
-$manpage_directory/man5/socketmap_table.5.gz:f:root:-:644
-$manpage_directory/man5/nisplus_table.5.gz:f:root:-:644
-$manpage_directory/man5/postconf.5.gz:f:root:-:644
-$manpage_directory/man5/postfix-wrapper.5.gz:f:root:-:644
-$manpage_directory/man5/regexp_table.5.gz:f:root:-:644
-$manpage_directory/man5/relocated.5.gz:f:root:-:644
-$manpage_directory/man5/tcp_table.5.gz:f:root:-:644
-$manpage_directory/man5/transport.5.gz:f:root:-:644
-$manpage_directory/man5/virtual.5.gz:f:root:-:644
-$manpage_directory/man8/bounce.8postfix.gz:f:root:-:644
-$manpage_directory/man8/cleanup.8postfix.gz:f:root:-:644
-$manpage_directory/man8/anvil.8postfix.gz:f:root:-:644
-$manpage_directory/man8/defer.8postfix.gz:f:root:-:644
-$manpage_directory/man8/discard.8postfix.gz:f:root:-:644
-$manpage_directory/man8/dnsblog.8postfix.gz:f:root:-:644
-$manpage_directory/man8/error.8postfix.gz:f:root:-:644
-$manpage_directory/man8/flush.8postfix.gz:f:root:-:644
-$manpage_directory/man8/lmtp.8postfix.gz:f:root:-:644
-$manpage_directory/man8/local.8postfix.gz:f:root:-:644
-$manpage_directory/man8/master.8postfix.gz:f:root:-:644
-$manpage_directory/man8/nqmgr.8postfix.gz:f:root:-:644:o
-$manpage_directory/man8/oqmgr.8postfix.gz:f:root:-:644:
-$manpage_directory/man8/pickup.8postfix.gz:f:root:-:644
-$manpage_directory/man8/pipe.8postfix.gz:f:root:-:644
-$manpage_directory/man8/postlogd.8postfix.gz:f:root:-:644
-$manpage_directory/man8/postfix-add-filter.8.gz:f:root:-:644
-$manpage_directory/man8/postfix-add-policy.8.gz:f:root:-:644
-$manpage_directory/man8/postscreen.8postfix.gz:f:root:-:644
-$manpage_directory/man8/proxymap.8postfix.gz:f:root:-:644
-$manpage_directory/man8/qmgr.8postfix.gz:f:root:-:644
-$manpage_directory/man8/qmqpd.8postfix.gz:f:root:-:644
-$manpage_directory/man8/scache.8postfix.gz:f:root:-:644
-$manpage_directory/man8/showq.8postfix.gz:f:root:-:644
-$manpage_directory/man8/smtp.8postfix.gz:f:root:-:644
-$manpage_directory/man8/smtpd.8postfix.gz:f:root:-:644
-$manpage_directory/man8/spawn.8postfix.gz:f:root:-:644
-$manpage_directory/man8/tlsproxy.8postfix.gz:f:root:-:644
-$manpage_directory/man8/tlsmgr.8postfix.gz:f:root:-:644
-$manpage_directory/man8/trace.8postfix.gz:f:root:-:644
-$manpage_directory/man8/trivial-rewrite.8postfix.gz:f:root:-:644
-$manpage_directory/man8/verify.8postfix.gz:f:root:-:644
-$manpage_directory/man8/virtual.8postfix.gz:f:root:-:644
diff --git a/postfix/etc/postfix/postfix-script b/postfix/etc/postfix/postfix-script
deleted file mode 100644
index 9a90720..0000000
--- a/postfix/etc/postfix/postfix-script
+++ /dev/null
@@ -1,478 +0,0 @@
-#!/bin/sh
-
-#++
-# NAME
-#	postfix-script 1
-# SUMMARY
-#	execute Postfix administrative commands
-# SYNOPSIS
-#	\fBpostfix-script\fR \fIcommand\fR
-# DESCRIPTION
-#	The \fBpostfix-script\fR script executes Postfix administrative
-#	commands in an environment that is set up by the \fBpostfix\fR(1)
-#	command.
-# SEE ALSO
-#	master(8) Postfix master program
-#	postfix(1) Postfix administrative interface
-# LICENSE
-# .ad
-# .fi
-#	The Secure Mailer license must be distributed with this software.
-# AUTHOR(S)
-#	Wietse Venema
-#	IBM T.J. Watson Research
-#	P.O. Box 704
-#	Yorktown Heights, NY 10598, USA
-#
-#	Wietse Venema
-#	Google, Inc.
-#	111 8th Avenue
-#	New York, NY 10011, USA
-#--
-
-# Avoid POSIX death due to SIGHUP when some parent process exits.
-
-trap '' 1
-
-case $daemon_directory in
-"") echo This script must be run by the postfix command. 1>&2
-    echo Do not run directly. 1>&2
-    exit 1
-esac
-
-LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
-INFO="$LOGGER -p info"
-WARN="$LOGGER -p warn"
-ERROR="$LOGGER -p error"
-FATAL="$LOGGER -p fatal"
-PANIC="$LOGGER -p panic"
-
-if [ "X${1#quiet-}" != "X${1}" ]; then
-    INFO=:
-    x=${1#quiet-}
-    shift
-    set -- $x "$@"
-fi
-
-umask 022
-SHELL=/bin/sh
-
-#
-# Can't do much without these in place.
-#
-cd $command_directory || {
-	$FATAL no Postfix command directory $command_directory!
-	exit 1
-}
-cd $daemon_directory || {
-	$FATAL no Postfix daemon directory $daemon_directory!
-	exit 1
-}
-test -f master || {
-	$FATAL no Postfix master program $daemon_directory/master!
-	exit 1
-}
-cd $config_directory || {
-	$FATAL no Postfix configuration directory $config_directory!
-	exit 1
-}
-case $shlib_directory in
-no) ;;
- *) cd $shlib_directory || {
-	$FATAL no Postfix shared-library directory $shlib_directory!
-        exit 1
-    }
-esac
-cd $meta_directory || {
-	$FATAL no Postfix meta directory $meta_directory!
-	exit 1
-}
-cd $queue_directory || {
-	$FATAL no Postfix queue directory $queue_directory!
-	exit 1
-}
-def_config_directory=`$command_directory/postconf -dh config_directory` || {
-	$FATAL cannot execute $command_directory/postconf!
-	exit 1
-}
-
-# If this is a secondary instance, don't touch shared files.
-
-instances=`test ! -f $def_config_directory/main.cf ||
-    $command_directory/postconf -c $def_config_directory \
-    -h multi_instance_directories | sed 's/,/ /'` || {
-	$FATAL cannot execute $command_directory/postconf!
-	exit 1
-}
-
-check_shared_files=1
-for name in $instances
-do
-    case "$name" in
-    "$def_config_directory") ;;
-    "$config_directory") check_shared_files=; break;;
-    esac
-done
-
-#
-# Parse JCL
-#
-case $1 in
-
-start_msg)
-
-	echo "Start postfix"
-	;;
-
-stop_msg)
-
-	echo "Stop postfix"
-	;;
-
-quick-start)
-
-       $daemon_directory/master -t 2>/dev/null || {
-               $FATAL the Postfix mail system is already running
-               exit 1
-       }
-       $daemon_directory/postfix-script quick-check || {
-               $FATAL Postfix integrity check failed!
-               exit 1
-       }
-       $INFO starting the Postfix mail system
-       $daemon_directory/master &
-       ;;
-
-start|start-fg)
-
-	$daemon_directory/master -t 2>/dev/null || {
-		$FATAL the Postfix mail system is already running
-		exit 1
-	}
-	if [ -f $queue_directory/quick-start ]
-	then
-		rm -f $queue_directory/quick-start
-	else
-		$daemon_directory/postfix-script check-fatal || {
-			$FATAL Postfix integrity check failed!
-			exit 1
-		}
-		# Foreground this so it can be stopped. All inodes are cached.
-		$daemon_directory/postfix-script check-warn
-	fi
-	$INFO starting the Postfix mail system || exit 1
-	case $1 in
-	start)
-	    # NOTE: wait in foreground process to get the initialization status.
-	    $daemon_directory/master -w || {
-		$FATAL "mail system startup failed"
-		exit 1
-	    }
-	    ;;
-	start-fg)
-	    # Foreground start-up is incompatible with multi-instance mode.
-	    # Use "exec $daemon_directory/master" only if PID == 1.
-	    # Otherwise, doing so would break process group management,
-	    # and "postfix stop" would kill too many processes.
-	    case $instances in
-	    "") case $$ in
-		 1) exec $daemon_directory/master -i
-		    $FATAL "cannot start-fg the master daemon"
-		    exit 1;;
-		 *) $daemon_directory/master -s;;
-		esac
-		;;
-	     *) $FATAL "start-fg does not support multi_instance_directories"
-		exit 1
-		;;
-	    esac
-	    ;;
-	esac
-	;;
-
-drain)
-
-	$daemon_directory/master -t 2>/dev/null && {
-		$FATAL the Postfix mail system is not running
-		exit 1
-	}
-	$INFO stopping the Postfix mail system
-	kill -9 `sed 1q pid/master.pid`
-	;;
-
-quick-stop)
-
-	$daemon_directory/postfix-script stop
-	touch $queue_directory/quick-start
-	;;
-
-stop)
-
-	$daemon_directory/master -t 2>/dev/null && {
-		$FATAL the Postfix mail system is not running
-		exit 0
-	}
-	$INFO stopping the Postfix mail system
-	kill `sed 1q pid/master.pid`
-	for i in 5 4 3 2 1
-	do
-	    $daemon_directory/master -t && exit 0
-	    $INFO waiting for the Postfix mail system to terminate
-	    sleep 1
-	done
-	$WARN stopping the Postfix mail system with force
-	pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` && 
-		kill -9 -$pid
-	;;
-
-abort)
-
-	$daemon_directory/master -t 2>/dev/null && {
-		$FATAL the Postfix mail system is not running
-		exit 0
-	}
-	$INFO aborting the Postfix mail system
-	kill `sed 1q pid/master.pid`
-	;;
-
-reload)
-
-	$daemon_directory/master -t 2>/dev/null && {
-		$FATAL the Postfix mail system is not running
-		exit 1
-	}
-	$INFO refreshing the Postfix mail system
-	$command_directory/postsuper active || exit 1
-	kill -HUP `sed 1q pid/master.pid`
-	$command_directory/postsuper &
-	;;
-
-flush)
-
-	cd $queue_directory || {
-		$FATAL no Postfix queue directory $queue_directory!
-		exit 1
-	}
-	$command_directory/postqueue -f
-	;;
-
-check)
-
-	$daemon_directory/postfix-script check-fatal || exit 1
-	$daemon_directory/postfix-script check-warn
-	exit 0
-	;;
-
-status)
-
-	$daemon_directory/master -t 2>/dev/null && {
-		$INFO the Postfix mail system is not running
-		exit 1
-	}
-	$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
-	exit 0
-	;;
-
-quick-check)
-	# This command is NOT part of the public interface.
-
-	$SHELL $daemon_directory/post-install create-missing || {
-		$WARN unable to create missing queue directories
-		exit 1
-	}
-
-	# Look for incomplete installations.
-
-	test -f $config_directory/master.cf || {
-		$FATAL no $config_directory/master.cf file found
-		exit 1
-	}
-	exit 0
-	;;
-
-check-fatal)
-	# This command is NOT part of the public interface.
-
-	$daemon_directory/postfix-script quick-check
-
-	maillog_file=`$command_directory/postconf -h maillog_file` || {
-		$FATAL cannot execute $command_directory/postconf!
-		exit 1
-	}
-	test -n "$maillog_file" && {
-		$command_directory/postconf -M postlog/unix-dgram 2>/dev/null \
-		    | grep . >/dev/null || {
-			$FATAL "missing 'postlog' service in master.cf - run 'postfix upgrade-configuration'"
-			exit 1
-		}
-	}
-
-	# See if all queue files are in the right place. This is slow.
-	# We must scan all queues for mis-named queue files before the
-	# mail system can run.
-
-	$command_directory/postsuper || exit 1
-	exit 0
-	;;
-
-check-warn)
-	# This command is NOT part of the public interface.
-
-	# Check Postfix root-owned directory owner/permissions.
-
-	find $queue_directory/. $queue_directory/pid \
-	    -prune ! -user root \
-	    -exec $WARN not owned by root: {} \;
-
-	find $queue_directory/. $queue_directory/pid \
-	    -prune \( -perm -020 -o -perm -002 \) \
-	    -exec $WARN group or other writable: {} \;
-
-	# Check Postfix root-owned directory tree owner/permissions.
-
-	todo="$config_directory/."
-	test -n "$check_shared_files" && {
-		todo="$daemon_directory/. $meta_directory/. $todo"
-		test "$shlib_directory" = "no" || 
-		    todo="$shlib_directory/. $todo"
-	}
-	todo=`echo "$todo" | tr ' ' '\12' | sort -u`
-
-	find $todo ! -user root \
-	    -exec $WARN not owned by root: {} \;
-
-	# Handle symlinks separately
-	find -L $todo \( -perm -020 -o -perm -002 \) \
-	    -exec $WARN group or other writable: {} \;
-
-	find $todo -type l | while read f; do \
-	    readlink "$f" | grep -q / && $WARN symlink leaves directory: "$f"; \
-	done; \
-
-	# Check Postfix mail_owner-owned directory tree owner/permissions.
-
-	find $data_directory/. ! -user $mail_owner \
-	    -exec $WARN not owned by $mail_owner: {} \;
-
-	find $data_directory/. \( -perm -020 -o -perm -002 \) \
-	    -exec $WARN group or other writable: {} \;
-
-	# Check Postfix mail_owner-owned directory tree owner.
-
-	find `ls -d $queue_directory/* | \
-	    egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
-	    ! \( -type p -o -type s \) ! -user $mail_owner \
-		-exec $WARN not owned by $mail_owner: {} \;
-
-	# WARNING: this should not descend into the maildrop directory.
-	# maildrop is the least trusted Postfix directory.
-
-	find $queue_directory/maildrop -prune ! -user $mail_owner \
-	    -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
-
-	# Check Postfix setgid_group-owned directory and file group/permissions.
-
-	todo="$queue_directory/public $queue_directory/maildrop"
-	test -n "$check_shared_files" && 
-	   todo="$command_directory/postqueue $command_directory/postdrop $todo"
-
-	find $todo \
-	    -prune ! -group $setgid_group \
-	    -exec $WARN not owned by group $setgid_group: {} \;
-
-	test -n "$check_shared_files" &&
-	find $command_directory/postqueue $command_directory/postdrop \
-	    -prune ! -perm -02111 \
-	    -exec $WARN not set-gid or not owner+group+world executable: {} \;
-
-	# Check non-Postfix root-owned directory tree owner/content.
-
-	for dir in bin etc lib sbin usr
-	do
-	    test -d $dir && {
-		find $dir ! -user root \
-		    -exec $WARN not owned by root: $queue_directory/{} \;
-
-		find $dir -type f -print | while read path
-		do
-		    test -f /$path && {
-			cmp -s $path /$path || 
-			    $WARN $queue_directory/$path and /$path differ
-		    }
-		done
-	    }
-	done
-
-	find corrupt -type f -exec $WARN damaged message: {} \;
-
-	# Check for non-Postfix MTA remnants.
-
-	test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
-		-f /usr/lib/sendmail && {
-	    cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
-		$WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
-		$WARN Replace one by a symbolic link to the other
-	    }
-	}
-	exit 0
-	;;
-
-set-permissions|upgrade-configuration)
-	$daemon_directory/post-install create-missing "$@"
-	;;
-
-post-install)
-	# Currently not part of the public interface.
-	shift
-	$daemon_directory/post-install "$@"
-	;;
-
-tls)
-	shift
-	$daemon_directory/postfix-tls-script "$@"
-	;;
-
-/*)
-	# Currently not part of the public interface.
-	"$@"
-	;;
-
-logrotate)
-	case $# in
-	1) ;;
-	*) $FATAL "usage postfix $1 (no arguments)"; exit 1;;
-	esac
-	for name in maillog_file maillog_file_compressor \
-	   maillog_file_rotate_suffix
-	do
-	    value="`$command_directory/postconf -h $name`"
-	    case "$value" in
-	    "") $FATAL "empty '$name' parameter value - logfile rotation failed"
-		exit 1;;
-	    esac
-	    eval $name='"$value"';
-	done
-
-	case "$maillog_file" in
-	/dev/*) $FATAL "not rotating '$maillog_file'"; exit 1;;
-	esac
-
-	errors=`(
-	    suffix="\`date +$maillog_file_rotate_suffix\`" || exit 1
-	    mv "$maillog_file" "$maillog_file.$suffix" || exit 1
-	    $daemon_directory/master -t 2>/dev/null ||
-		kill -HUP \`sed 1q pid/master.pid\` || exit 1
-	    sleep 1
-	    "$maillog_file_compressor" "$maillog_file.$suffix" || exit 1
-	) 2>&1` || {
-	    $FATAL "logfile '$maillog_file' rotation failed: $errors"
-	    exit 1
-	}
-	;;
-
-*)
-	$FATAL "unknown command: '$1'. Usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration, logrotate)"
-	exit 1
-	;;
-
-esac
diff --git a/postfix/etc/postfix/virtual b/postfix/etc/postfix/virtual
deleted file mode 100644
index 96bcbd2..0000000
--- a/postfix/etc/postfix/virtual
+++ /dev/null
@@ -1,3 +0,0 @@
-postmaster@zntrl.de	baloan
-abuse@zntrl.de		baloan
-
diff --git a/postfix/etc/postfix/virtual.db b/postfix/etc/postfix/virtual.db
deleted file mode 100644
index 4ee150b..0000000
Binary files a/postfix/etc/postfix/virtual.db and /dev/null differ
diff --git a/postfix/etc/postfix/vmailbox b/postfix/etc/postfix/vmailbox
deleted file mode 100644
index b79eb6e..0000000
--- a/postfix/etc/postfix/vmailbox
+++ /dev/null
@@ -1,4 +0,0 @@
-baloan@zntrl.de		notused
-# Comment out the entry below to implement a catch-all.
-# @zntrl.de		notused
-
diff --git a/postfix/etc/postfix/vmailbox.db b/postfix/etc/postfix/vmailbox.db
deleted file mode 100644
index fd501d7..0000000
Binary files a/postfix/etc/postfix/vmailbox.db and /dev/null differ
diff --git a/postfix/etc/s6-overlay/s6-rc.d/postfix/down b/postfix/etc/s6-overlay/s6-rc.d/postfix/down
deleted file mode 100644
index f30d14c..0000000
--- a/postfix/etc/s6-overlay/s6-rc.d/postfix/down
+++ /dev/null
@@ -1 +0,0 @@
-/usr/sbin/postfix stop
diff --git a/postfix/etc/s6-overlay/s6-rc.d/postfix/type b/postfix/etc/s6-overlay/s6-rc.d/postfix/type
deleted file mode 100644
index bdd22a1..0000000
--- a/postfix/etc/s6-overlay/s6-rc.d/postfix/type
+++ /dev/null
@@ -1 +0,0 @@
-oneshot
diff --git a/postfix/etc/s6-overlay/s6-rc.d/postfix/up b/postfix/etc/s6-overlay/s6-rc.d/postfix/up
deleted file mode 100644
index 4de36d3..0000000
--- a/postfix/etc/s6-overlay/s6-rc.d/postfix/up
+++ /dev/null
@@ -1 +0,0 @@
-/usr/sbin/postfix start
diff --git a/webapp/build.sh b/webapp/build.sh
index 81f4591..651b22b 100644
--- a/webapp/build.sh
+++ b/webapp/build.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/bash
 # export DOCKER_BUILDKIT=1
-docker run -d --rm --name www -p80:80 -v/root/kopano-docker/dist:/usr/local/apache2/htdocs httpd
+docker run -d --rm --name dist -p80:80 -v/root/kopano-docker/dist:/usr/local/apache2/htdocs httpd
 docker build --no-cache --progress=plain -t webapp .
 docker build -t webapp .
 docker run -it --name webapp -p8080:80 webapp 
diff --git a/webapp/etc/apache2/apache2.conf b/webapp/etc/apache2/apache2.conf
deleted file mode 100644
index ae4b2c3..0000000
--- a/webapp/etc/apache2/apache2.conf
+++ /dev/null
@@ -1,227 +0,0 @@
-# This is the main Apache server configuration file.  It contains the
-# configuration directives that give the server its instructions.
-# See http://httpd.apache.org/docs/2.4/ for detailed information about
-# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
-# hints.
-#
-#
-# Summary of how the Apache 2 configuration works in Debian:
-# The Apache 2 web server configuration in Debian is quite different to
-# upstream's suggested way to configure the web server. This is because Debian's
-# default Apache2 installation attempts to make adding and removing modules,
-# virtual hosts, and extra configuration directives as flexible as possible, in
-# order to make automating the changes and administering the server as easy as
-# possible.
-
-# It is split into several files forming the configuration hierarchy outlined
-# below, all located in the /etc/apache2/ directory:
-#
-#	/etc/apache2/
-#	|-- apache2.conf
-#	|	`--  ports.conf
-#	|-- mods-enabled
-#	|	|-- *.load
-#	|	`-- *.conf
-#	|-- conf-enabled
-#	|	`-- *.conf
-# 	`-- sites-enabled
-#	 	`-- *.conf
-#
-#
-# * apache2.conf is the main configuration file (this file). It puts the pieces
-#   together by including all remaining configuration files when starting up the
-#   web server.
-#
-# * ports.conf is always included from the main configuration file. It is
-#   supposed to determine listening ports for incoming connections which can be
-#   customized anytime.
-#
-# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
-#   directories contain particular configuration snippets which manage modules,
-#   global configuration fragments, or virtual host configurations,
-#   respectively.
-#
-#   They are activated by symlinking available configuration files from their
-#   respective *-available/ counterparts. These should be managed by using our
-#   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
-#   their respective man pages for detailed information.
-#
-# * The binary is called apache2. Due to the use of environment variables, in
-#   the default configuration, apache2 needs to be started/stopped with
-#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
-#   work with the default configuration.
-
-
-# Global configuration
-#
-
-#
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# NOTE!  If you intend to place this on an NFS (or otherwise network)
-# mounted filesystem then please read the Mutex documentation (available
-# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
-# you will save yourself a lot of trouble.
-#
-# Do NOT add a slash at the end of the directory path.
-#
-#ServerRoot "/etc/apache2"
-
-#
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#
-#Mutex file:${APACHE_LOCK_DIR} default
-
-#
-# The directory where shm and other runtime files will be stored.
-#
-
-DefaultRuntimeDir ${APACHE_RUN_DIR}
-
-#
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-# This needs to be set in /etc/apache2/envvars
-#
-PidFile ${APACHE_PID_FILE}
-
-#
-# Timeout: The number of seconds before receives and sends time out.
-#
-Timeout 300
-
-#
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-#
-KeepAlive On
-
-#
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-#
-MaxKeepAliveRequests 100
-
-#
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-#
-KeepAliveTimeout 5
-
-
-# These need to be set in /etc/apache2/envvars
-User ${APACHE_RUN_USER}
-Group ${APACHE_RUN_GROUP}
-
-#
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-#
-HostnameLookups Off
-
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here.  If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-#
-ErrorLog ${APACHE_LOG_DIR}/error.log
-
-#
-# LogLevel: Control the severity of messages logged to the error_log.
-# Available values: trace8, ..., trace1, debug, info, notice, warn,
-# error, crit, alert, emerg.
-# It is also possible to configure the log level for particular modules, e.g.
-# "LogLevel info ssl:warn"
-#
-LogLevel warn
-
-# Include module configuration:
-IncludeOptional mods-enabled/*.load
-IncludeOptional mods-enabled/*.conf
-
-# Include list of ports to listen on
-Include ports.conf
-
-
-# Sets the default security model of the Apache2 HTTPD server. It does
-# not allow access to the root filesystem outside of /usr/share and /var/www.
-# The former is used by web applications packaged in Debian,
-# the latter may be used for local directories served by the web server. If
-# your system is serving content from a sub-directory in /srv you must allow
-# access here, or in any related virtual host.
-<Directory />
-	Options FollowSymLinks
-	AllowOverride None
-	Require all denied
-</Directory>
-
-<Directory /usr/share>
-	AllowOverride None
-	Require all granted
-</Directory>
-
-<Directory /var/www/>
-	Options Indexes FollowSymLinks
-	AllowOverride None
-	Require all granted
-</Directory>
-
-#<Directory /srv/>
-#	Options Indexes FollowSymLinks
-#	AllowOverride None
-#	Require all granted
-#</Directory>
-
-
-
-
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives.  See also the AllowOverride
-# directive.
-#
-AccessFileName .htaccess
-
-#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-#
-<FilesMatch "^\.ht">
-	Require all denied
-</FilesMatch>
-
-
-#
-# The following directives define some format nicknames for use with
-# a CustomLog directive.
-#
-# These deviate from the Common Log Format definitions in that they use %O
-# (the actual bytes sent including headers) instead of %b (the size of the
-# requested file), because the latter makes it impossible to detect partial
-# requests.
-#
-# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
-# Use mod_remoteip instead.
-#
-LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
-LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
-LogFormat "%h %l %u %t \"%r\" %>s %O" common
-LogFormat "%{Referer}i -> %U" referer
-LogFormat "%{User-agent}i" agent
-
-# Include of directories ignores editors' and dpkg's backup files,
-# see README.Debian for details.
-
-# Include generic snippets of statements
-IncludeOptional conf-enabled/*.conf
-
-# Include the virtual host configurations:
-IncludeOptional sites-enabled/*.conf
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/cipher.conf b/webapp/etc/apache2/cipher.conf
deleted file mode 100644
index 595948d..0000000
--- a/webapp/etc/apache2/cipher.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-SSLEngine on
-SSLCACertificatePath  /etc/ssl/certs
-
-# intermediate configuration
-SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1
-SSLCipherSuite      ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384@SECLEVEL=0
-SSLHonorCipherOrder off
-SSLSessionTickets   off
-
-<FilesMatch "\.(cgi|shtml|phtml|php)$">
-        SSLOptions +StdEnvVars
-</FilesMatch>
-<Directory /usr/lib/cgi-bin>
-        SSLOptions +StdEnvVars
-</Directory>
-
-BrowserMatch "MSIE [2-6]" \
-        nokeepalive ssl-unclean-shutdown \
-        downgrade-1.0 force-response-1.0
-# MSIE 7 and newer should be able to use keepalive
-BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
diff --git a/webapp/etc/apache2/conf-available/charset.conf b/webapp/etc/apache2/conf-available/charset.conf
deleted file mode 100644
index 8b0f415..0000000
--- a/webapp/etc/apache2/conf-available/charset.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-# Read the documentation before enabling AddDefaultCharset.
-# In general, it is only a good idea if you know that all your files
-# have this encoding. It will override any encoding given in the files
-# in meta http-equiv or xml encoding tags.
-
-#AddDefaultCharset UTF-8
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/conf-available/localized-error-pages.conf b/webapp/etc/apache2/conf-available/localized-error-pages.conf
deleted file mode 100644
index f188d80..0000000
--- a/webapp/etc/apache2/conf-available/localized-error-pages.conf
+++ /dev/null
@@ -1,81 +0,0 @@
-# Customizable error responses come in three flavors:
-# 1) plain text
-# 2) local redirects
-# 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#
-
-#
-# Putting this all together, we can internationalize error responses.
-#
-# We use Alias to redirect any /error/HTTP_<error>.html.var response to
-# our collection of by-error message multi-language collections.  We use
-# includes to substitute the appropriate text.
-#
-# You can modify the messages' appearance without changing any of the
-# default HTTP_<error>.html.var files by adding the line:
-#
-#Alias /error/include/ "/your/include/path/"
-#
-# which allows you to create your own set of files by starting with the
-# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
-# even on a per-VirtualHost basis.  If you include the Alias in the global server
-# context, is has to come _before_ the 'Alias /error/ ...' line.
-#
-# The default include files will display your Apache version number and your
-# ServerAdmin email address regardless of the setting of ServerSignature.
-#
-# WARNING: The configuration below will NOT work out of the box if you have a
-#		  SetHandler directive in a <Location /> context somewhere. Adding
-#		  the following three lines AFTER the <Location /> context should
-#		  make it work in most cases:
-#		  <Location /error/>
-#			 SetHandler none
-#		  </Location>
-#
-# The internationalized error documents require mod_alias, mod_include
-# and mod_negotiation.  To activate them, uncomment the following 37 lines.
-
-#<IfModule mod_negotiation.c>
-#	<IfModule mod_include.c>
-#		<IfModule mod_alias.c>
-#
-#			Alias /error/ "/usr/share/apache2/error/"
-#
-#			<Directory "/usr/share/apache2/error">
-#				Options IncludesNoExec
-#				AddOutputFilter Includes html
-#				AddHandler type-map var
-#				Order allow,deny
-#				Allow from all
-#				LanguagePriority en cs de es fr it nl sv pt-br ro
-#				ForceLanguagePriority Prefer Fallback
-#			</Directory>
-#
-#			ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-#			ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-#			ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-#			ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-#			ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-#			ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-#			ErrorDocument 410 /error/HTTP_GONE.html.var
-#			ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-#			ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-#			ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-#			ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-#			ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-#			ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-#			ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-#			ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-#			ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-#			ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-#		</IfModule>
-#	</IfModule>
-#</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/conf-available/other-vhosts-access-log.conf b/webapp/etc/apache2/conf-available/other-vhosts-access-log.conf
deleted file mode 100644
index 5e9f5e9..0000000
--- a/webapp/etc/apache2/conf-available/other-vhosts-access-log.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-# Define an access log for VirtualHosts that don't define their own logfile
-CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/conf-available/security.conf b/webapp/etc/apache2/conf-available/security.conf
deleted file mode 100644
index f9f69d4..0000000
--- a/webapp/etc/apache2/conf-available/security.conf
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# Disable access to the entire file system except for the directories that
-# are explicitly allowed later.
-#
-# This currently breaks the configurations that come with some web application
-# Debian packages.
-#
-#<Directory />
-#   AllowOverride None
-#   Require all denied
-#</Directory>
-
-
-# Changing the following options will not really affect the security of the
-# server, but might make attacks slightly more difficult in some cases.
-
-#
-# ServerTokens
-# This directive configures what you return as the Server HTTP response
-# Header. The default is 'Full' which sends information about the OS-Type
-# and compiled in modules.
-# Set to one of:  Full | OS | Minimal | Minor | Major | Prod
-# where Full conveys the most information, and Prod the least.
-#ServerTokens Minimal
-ServerTokens OS
-#ServerTokens Full
-
-#
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of:  On | Off | EMail
-#ServerSignature Off
-ServerSignature On
-
-#
-# Allow TRACE method
-#
-# Set to "extended" to also reflect the request body (only for testing and
-# diagnostic purposes).
-#
-# Set to one of:  On | Off | extended
-TraceEnable Off
-#TraceEnable On
-
-#
-# Forbid access to version control directories
-#
-# If you use version control systems in your document root, you should
-# probably deny access to their directories. For example, for subversion:
-#
-#<DirectoryMatch "/\.svn">
-#   Require all denied
-#</DirectoryMatch>
-
-#
-# Setting this header will prevent MSIE from interpreting files as something
-# else than declared by the content type in the HTTP headers.
-# Requires mod_headers to be enabled.
-#
-#Header set X-Content-Type-Options: "nosniff"
-
-#
-# Setting this header will prevent other sites from embedding pages from this
-# site as frames. This defends against clickjacking attacks.
-# Requires mod_headers to be enabled.
-#
-#Header set X-Frame-Options: "sameorigin"
-
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/conf-available/serve-cgi-bin.conf b/webapp/etc/apache2/conf-available/serve-cgi-bin.conf
deleted file mode 100644
index b02782d..0000000
--- a/webapp/etc/apache2/conf-available/serve-cgi-bin.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-<IfModule mod_alias.c>
-	<IfModule mod_cgi.c>
-		Define ENABLE_USR_LIB_CGI_BIN
-	</IfModule>
-
-	<IfModule mod_cgid.c>
-		Define ENABLE_USR_LIB_CGI_BIN
-	</IfModule>
-
-	<IfDefine ENABLE_USR_LIB_CGI_BIN>
-		ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
-		<Directory "/usr/lib/cgi-bin">
-			AllowOverride None
-			Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
-			Require all granted
-		</Directory>
-	</IfDefine>
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/conf-available/z-push-autodiscover.conf b/webapp/etc/apache2/conf-available/z-push-autodiscover.conf
deleted file mode 100644
index c472432..0000000
--- a/webapp/etc/apache2/conf-available/z-push-autodiscover.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-# Z-Push AutoDiscover - ActiveSync over-the-air - default Apache configuration
-<IfModule mod_alias.c>
-    Alias /AutoDiscover/AutoDiscover.xml "/usr/share/z-push/autodiscover/autodiscover.php"
-    Alias /Autodiscover/Autodiscover.xml "/usr/share/z-push/autodiscover/autodiscover.php"
-    Alias /autodiscover/autodiscover.xml "/usr/share/z-push/autodiscover/autodiscover.php"
-</IfModule>
diff --git a/webapp/etc/apache2/conf-available/z-push.conf b/webapp/etc/apache2/conf-available/z-push.conf
deleted file mode 100644
index e16660d..0000000
--- a/webapp/etc/apache2/conf-available/z-push.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# Z-Push - ActiveSync over-the-air - default Apache configuration
-<IfModule mod_alias.c>
-    Alias /Microsoft-Server-ActiveSync /usr/share/z-push/index.php
-</IfModule>
-
-<Directory /usr/share/z-push>
-    # Don't list a directory index, follow symlinks (maybe state dir is somewhere linked)
-    DirectoryIndex index.php
-    Options -Indexes +FollowSymLinks
-
-    # Security
-    # Don't allow .htaccess Overrides, disallow access to files
-    AllowOverride none
-    <IfModule mod_authz_core.c>
-        Require all granted
-    </IfModule>
-
-    <Files "config.php">
-      <IfModule mod_authz_core.c>
-        Require all denied
-      </IfModule>
-    </Files>
-</Directory>
diff --git a/webapp/etc/apache2/conf-enabled/charset.conf b/webapp/etc/apache2/conf-enabled/charset.conf
deleted file mode 120000
index 4a6ca08..0000000
--- a/webapp/etc/apache2/conf-enabled/charset.conf
+++ /dev/null
@@ -1 +0,0 @@
-../conf-available/charset.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/conf-enabled/localized-error-pages.conf b/webapp/etc/apache2/conf-enabled/localized-error-pages.conf
deleted file mode 120000
index 6e5ddaf..0000000
--- a/webapp/etc/apache2/conf-enabled/localized-error-pages.conf
+++ /dev/null
@@ -1 +0,0 @@
-../conf-available/localized-error-pages.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/conf-enabled/other-vhosts-access-log.conf b/webapp/etc/apache2/conf-enabled/other-vhosts-access-log.conf
deleted file mode 120000
index 8af91e5..0000000
--- a/webapp/etc/apache2/conf-enabled/other-vhosts-access-log.conf
+++ /dev/null
@@ -1 +0,0 @@
-../conf-available/other-vhosts-access-log.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/conf-enabled/security.conf b/webapp/etc/apache2/conf-enabled/security.conf
deleted file mode 120000
index 036c97f..0000000
--- a/webapp/etc/apache2/conf-enabled/security.conf
+++ /dev/null
@@ -1 +0,0 @@
-../conf-available/security.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/conf-enabled/serve-cgi-bin.conf b/webapp/etc/apache2/conf-enabled/serve-cgi-bin.conf
deleted file mode 120000
index d917f68..0000000
--- a/webapp/etc/apache2/conf-enabled/serve-cgi-bin.conf
+++ /dev/null
@@ -1 +0,0 @@
-../conf-available/serve-cgi-bin.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/envvars b/webapp/etc/apache2/envvars
deleted file mode 100644
index 708d170..0000000
--- a/webapp/etc/apache2/envvars
+++ /dev/null
@@ -1,47 +0,0 @@
-# envvars - default environment variables for apache2ctl
-
-# this won't be correct after changing uid
-unset HOME
-
-# for supporting multiple apache2 instances
-if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
-	SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
-else
-	SUFFIX=
-fi
-
-# Since there is no sane way to get the parsed apache2 config in scripts, some
-# settings are defined via environment variables and then used in apache2ctl,
-# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
-export APACHE_RUN_USER=www-data
-export APACHE_RUN_GROUP=www-data
-# temporary state file location. This might be changed to /run in Wheezy+1
-export APACHE_PID_FILE=/var/run/apache2$SUFFIX/apache2.pid
-export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
-export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
-# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
-export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
-
-## The locale used by some modules like mod_dav
-export LANG=C
-## Uncomment the following line to use the system default locale instead:
-#. /etc/default/locale
-
-export LANG
-
-## The command to get the status for 'apache2ctl status'.
-## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
-#export APACHE_LYNX='www-browser -dump'
-
-## If you need a higher file descriptor limit, uncomment and adjust the
-## following line (default is 8192):
-#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'
-
-## If you would like to pass arguments to the web server, add them below
-## to the APACHE_ARGUMENTS environment.
-#export APACHE_ARGUMENTS=''
-
-## Enable the debug mode for maintainer scripts.
-## This will produce a verbose output on package installations of web server modules and web application
-## installations which interact with Apache
-#export APACHE2_MAINTSCRIPT_DEBUG=1
diff --git a/webapp/etc/apache2/magic b/webapp/etc/apache2/magic
deleted file mode 100644
index cdf9ac5..0000000
--- a/webapp/etc/apache2/magic
+++ /dev/null
@@ -1,935 +0,0 @@
-# Magic data for mod_mime_magic (originally for file(1) command)
-#
-# The format is 4-5 columns:
-#    Column #1: byte number to begin checking from, ">" indicates continuation
-#    Column #2: type of data to match
-#    Column #3: contents of data to match
-#    Column #4: MIME type of result
-#    Column #5: MIME encoding of result (optional)
-
-#------------------------------------------------------------------------------
-# Localstuff:  file(1) magic for locally observed files
-# Add any locally observed files here.
-
-# Real Audio (Magic .ra\0375)
-0	belong		0x2e7261fd	audio/x-pn-realaudio
-0	string		.RMF		application/vnd.rn-realmedia
-
-#video/x-pn-realvideo
-#video/vnd.rn-realvideo
-#application/vnd.rn-realmedia
-#	sigh, there are many mimes for that but the above are the most common.
-
-# Taken from magic, converted to magic.mime
-# mime types according to http://www.geocities.com/nevilo/mod.htm:
-#	audio/it	.it
-#	audio/x-zipped-it	.itz
-#	audio/xm	fasttracker modules
-#	audio/x-s3m	screamtracker modules
-#	audio/s3m	screamtracker modules
-#	audio/x-zipped-mod	mdz
-#	audio/mod	mod
-#	audio/x-mod	All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z)
-
-# Taken from loader code from mikmod version 2.14
-# by Steve McIntyre (stevem@chiark.greenend.org.uk)
-# <doj@cubic.org> added title printing on 2003-06-24
-0	string	MAS_UTrack_V00
->14	string	>/0		audio/x-mod
-#audio/x-tracker-module
-
-#0	string	UN05		MikMod UNI format module sound data
-
-0	string	Extended\ Module: audio/x-mod
-#audio/x-tracker-module
-##>17	string	>\0		Title: "%s"
-
-21	string/c	\!SCREAM!	audio/x-mod
-#audio/x-screamtracker-module
-21	string	BMOD2STM	audio/x-mod
-#audio/x-screamtracker-module
-1080	string	M.K.		audio/x-mod
-#audio/x-protracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	M!K!		audio/x-mod
-#audio/x-protracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	FLT4		audio/x-mod
-#audio/x-startracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	FLT8		audio/x-mod
-#audio/x-startracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	4CHN		audio/x-mod
-#audio/x-fasttracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	6CHN		audio/x-mod
-#audio/x-fasttracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	8CHN		audio/x-mod
-#audio/x-fasttracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	CD81		audio/x-mod
-#audio/x-oktalyzer-tracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	OKTA		audio/x-mod
-#audio/x-oktalyzer-tracker-module
-#>0	string	>\0		Title: "%s"
-# Not good enough.
-#1082	string	CH
-#>1080	string	>/0		%.2s-channel Fasttracker "oktalyzer" module sound data
-1080	string	16CN		audio/x-mod
-#audio/x-taketracker-module
-#>0	string	>\0		Title: "%s"
-1080	string	32CN		audio/x-mod
-#audio/x-taketracker-module
-#>0	string	>\0		Title: "%s"
-
-# Impuse tracker module (it)
-0	string		IMPM		audio/x-mod
-#>4	string		>\0		"%s"
-#>40	leshort		!0		compatible w/ITv%x
-#>42	leshort		!0		created w/ITv%x
-
-#------------------------------------------------------------------------------
-# end local stuff
-#------------------------------------------------------------------------------
-
-# xml based formats!
-
-# svg
-
-0	string		\<?xml
-#			text/xml
->38	string		\<\!DOCTYPE\040svg	image/svg+xml
-
-
-# xml
-0	string		\<?xml			text/xml
-
-
-#------------------------------------------------------------------------------
-# Java
-
-0	short		0xcafe
->2	short		0xbabe		application/java
-
-#------------------------------------------------------------------------------
-# audio:  file(1) magic for sound formats
-#
-# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
-#
-
-# Sun/NeXT audio data
-0	string		.snd
->12	belong		1		audio/basic
->12	belong		2		audio/basic
->12	belong		3		audio/basic
->12	belong		4		audio/basic
->12	belong		5		audio/basic
->12	belong		6		audio/basic
->12	belong		7		audio/basic
-
->12	belong		23		audio/x-adpcm
-
-# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
-# that uses little-endian encoding and has a different magic number
-# (0x0064732E in little-endian encoding).
-0	lelong		0x0064732E	
->12	lelong		1		audio/x-dec-basic
->12	lelong		2		audio/x-dec-basic
->12	lelong		3		audio/x-dec-basic
->12	lelong		4		audio/x-dec-basic
->12	lelong		5		audio/x-dec-basic
->12	lelong		6		audio/x-dec-basic
->12	lelong		7		audio/x-dec-basic
-#                                       compressed (G.721 ADPCM)
->12	lelong		23		audio/x-dec-adpcm
-
-# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
-#					AIFF audio data
-8	string		AIFF		audio/x-aiff	
-#					AIFF-C audio data
-8	string		AIFC		audio/x-aiff	
-#					IFF/8SVX audio data
-8	string		8SVX		audio/x-aiff	
-
-
-
-# Creative Labs AUDIO stuff
-#					Standard MIDI data
-0	string	MThd			audio/unknown	
-#>9 	byte	>0			(format %d)
-#>11	byte	>1			using %d channels
-#					Creative Music (CMF) data
-0	string	CTMF			audio/unknown	
-#					SoundBlaster instrument data
-0	string	SBI			audio/unknown	
-#					Creative Labs voice data
-0	string	Creative\ Voice\ File	audio/unknown	
-## is this next line right?  it came this way...
-#>19	byte	0x1A
-#>23	byte	>0			- version %d
-#>22	byte	>0			\b.%d
-
-# [GRR 950115:  is this also Creative Labs?  Guessing that first line
-#  should be string instead of unknown-endian long...]
-#0	long		0x4e54524b	MultiTrack sound data
-#0	string		NTRK		MultiTrack sound data
-#>4	long		x		- version %ld
-
-# Microsoft WAVE format (*.wav)
-# [GRR 950115:  probably all of the shorts and longs should be leshort/lelong]
-#					Microsoft RIFF
-0	string		RIFF
-#					- WAVE format
->8	string		WAVE		audio/x-wav
->8	string/B	AVI		video/x-msvideo
-#
->8 	string		CDRA		image/x-coreldraw
-
-# AAC (aka MPEG-2 NBC)
-0       beshort&0xfff6    0xfff0          audio/X-HX-AAC-ADTS
-0       string          ADIF            audio/X-HX-AAC-ADIF
-0       beshort&0xffe0  0x56e0          audio/MP4A-LATM
-0       beshort         0x4De1          audio/MP4A-LATM
-
-# MPEG Layer 3 sound files
-0       beshort&0xfffe  =0xfffa         audio/mpeg
-#MP3 with ID3 tag
-0	string		ID3		audio/mpeg
-# Ogg/Vorbis
-0	string		OggS		application/ogg
-
-#------------------------------------------------------------------------------
-# c-lang:  file(1) magic for C programs or various scripts
-#
-
-# XPM icons (Greg Roelofs, newt@uchicago.edu)
-# ideally should go into "images", but entries below would tag XPM as C source
-0	string		/*\ XPM		image/x-xpmi 7bit
-
-# 3DS (3d Studio files)
-#16	beshort		0x3d3d		image/x-3ds
-
-# this first will upset you if you're a PL/1 shop... (are there any left?)
-# in which case rm it; ascmagic will catch real C programs
-#					C or REXX program text
-#0	string		/*		text/x-c
-#					C++ program text
-#0	string		//		text/x-c++
-
-#------------------------------------------------------------------------------
-# commands:  file(1) magic for various shells and interpreters
-#
-#0       string          :\ shell archive or commands for antique kernel text
-0       string          #!/bin/sh               application/x-shellscript
-0       string          #!\ /bin/sh             application/x-shellscript
-0       string          #!/bin/csh              application/x-shellscript
-0       string          #!\ /bin/csh            application/x-shellscript
-# korn shell magic, sent by George Wu, gwu@clyde.att.com
-0       string          #!/bin/ksh              application/x-shellscript
-0       string          #!\ /bin/ksh            application/x-shellscript
-0       string          #!/bin/tcsh             application/x-shellscript
-0       string          #!\ /bin/tcsh           application/x-shellscript
-0       string          #!/usr/local/tcsh       application/x-shellscript
-0       string          #!\ /usr/local/tcsh     application/x-shellscript
-0       string          #!/usr/local/bin/tcsh   application/x-shellscript
-0       string          #!\ /usr/local/bin/tcsh application/x-shellscript
-# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de)
-0       string          #!/bin/bash     		application/x-shellscript
-0       string          #!\ /bin/bash           application/x-shellscript
-0       string          #!/usr/local/bin/bash   application/x-shellscript
-0       string          #!\ /usr/local/bin/bash application/x-shellscript
-
-#
-# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson)
-0       string          #!/bin/zsh	        application/x-shellscript
-0       string          #!/usr/bin/zsh	        application/x-shellscript
-0       string          #!/usr/local/bin/zsh    application/x-shellscript
-0       string          #!\ /usr/local/bin/zsh  application/x-shellscript
-0       string          #!/usr/local/bin/ash    application/x-shellscript
-0       string          #!\ /usr/local/bin/ash  application/x-shellscript
-#0       string          #!/usr/local/bin/ae     Neil Brown's ae
-#0       string          #!\ /usr/local/bin/ae   Neil Brown's ae
-0       string          #!/bin/nawk             application/x-nawk
-0       string          #!\ /bin/nawk           application/x-nawk
-0       string          #!/usr/bin/nawk         application/x-nawk
-0       string          #!\ /usr/bin/nawk       application/x-nawk
-0       string          #!/usr/local/bin/nawk   application/x-nawk
-0       string          #!\ /usr/local/bin/nawk application/x-nawk
-0       string          #!/bin/gawk             application/x-gawk
-0       string          #!\ /bin/gawk           application/x-gawk
-0       string          #!/usr/bin/gawk         application/x-gawk
-0       string          #!\ /usr/bin/gawk       application/x-gawk
-0       string          #!/usr/local/bin/gawk   application/x-gawk
-0       string          #!\ /usr/local/bin/gawk application/x-gawk
-#
-0       string          #!/bin/awk              application/x-awk
-0       string          #!\ /bin/awk            application/x-awk
-0       string          #!/usr/bin/awk          application/x-awk
-0       string          #!\ /usr/bin/awk        application/x-awk
-# update to distinguish from *.vcf files by Joerg Jenderek: joerg dot jenderek at web dot de
-#0	regex		BEGIN[[:space:]]*[{]	application/x-awk
-
-# For Larry Wall's perl language.  The ``eval'' line recognizes an
-# outrageously clever hack for USG systems.
-#                               Keith Waclena <keith@cerberus.uchicago.edu>
-0       string          #!/bin/perl                     application/x-perl
-0       string          #!\ /bin/perl                   application/x-perl
-0       string          eval\ "exec\ /bin/perl          application/x-perl
-0       string          #!/usr/bin/perl                 application/x-perl
-0       string          #!\ /usr/bin/perl               application/x-perl
-0       string          eval\ "exec\ /usr/bin/perl      application/x-perl
-0       string          #!/usr/local/bin/perl           application/x-perl
-0       string          #!\ /usr/local/bin/perl         application/x-perl
-0       string          eval\ "exec\ /usr/local/bin/perl application/x-perl
-
-#------------------------------------------------------------------------------
-# compress:  file(1) magic for pure-compression formats (no archives)
-#
-# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
-#
-# Formats for various forms of compressed data
-# Formats for "compress" proper have been moved into "compress.c",
-# because it tries to uncompress it to figure out what's inside.
-
-# standard unix compress
-#0	string		\037\235	application/x-compress
-
-# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
-#0       string          \037\213        application/x-gzip
-
-0		string			PK\003\004		application/x-zip
-
-# RAR archiver (Greg Roelofs, newt@uchicago.edu)
-0	string		Rar!		application/x-rar
-
-# According to gzip.h, this is the correct byte order for packed data.
-0	string		\037\036	application/octet-stream
-#
-# This magic number is byte-order-independent.
-#
-0	short		017437		application/octet-stream
-
-# XXX - why *two* entries for "compacted data", one of which is
-# byte-order independent, and one of which is byte-order dependent?
-#
-# compacted data
-0	short		0x1fff		application/octet-stream
-0	string		\377\037	application/octet-stream
-# huf output
-0	short		0145405		application/octet-stream
-
-# Squeeze and Crunch...
-# These numbers were gleaned from the Unix versions of the programs to
-# handle these formats.  Note that I can only uncrunch, not crunch, and
-# I didn't have a crunched file handy, so the crunch number is untested.
-#				Keith Waclena <keith@cerberus.uchicago.edu>
-#0	leshort		0x76FF		squeezed data (CP/M, DOS)
-#0	leshort		0x76FE		crunched data (CP/M, DOS)
-
-# Freeze
-#0	string		\037\237	Frozen file 2.1
-#0	string		\037\236	Frozen file 1.0 (or gzip 0.5)
-
-# lzh?
-#0	string		\037\240	LZH compressed data
-
-257	string		ustar\0		application/x-tar	posix
-257	string		ustar\040\040\0		application/x-tar	gnu
-
-0	short		070707		application/x-cpio
-0	short		0143561		application/x-cpio	swapped
-
-0	string		=<ar>		application/x-archive
-0	string		\!<arch>	application/x-archive
->8	string		debian		application/x-debian-package
-
-#------------------------------------------------------------------------------
-#
-# RPM: file(1) magic for Red Hat Packages   Erik Troan (ewt@redhat.com)
-#
-0       beshort         0xedab
->2      beshort         0xeedb          application/x-rpm
-
-0	lelong&0x8080ffff	0x0000081a	application/x-arc	lzw
-0	lelong&0x8080ffff	0x0000091a	application/x-arc	squashed
-0	lelong&0x8080ffff	0x0000021a	application/x-arc	uncompressed
-0	lelong&0x8080ffff	0x0000031a	application/x-arc	packed
-0	lelong&0x8080ffff	0x0000041a	application/x-arc	squeezed
-0	lelong&0x8080ffff	0x0000061a	application/x-arc	crunched
-
-0	leshort	0xea60	application/x-arj
-
-# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
-2	string	-lh0-	application/x-lharc	lh0
-2	string	-lh1-	application/x-lharc	lh1
-2	string	-lz4-	application/x-lharc	lz4
-2	string	-lz5-	application/x-lharc	lz5
-#	[never seen any but the last; -lh4- reported in comp.compression:]
-2	string	-lzs-	application/x-lha	lzs
-2	string	-lh\ -	application/x-lha	lh
-2	string	-lhd-	application/x-lha	lhd
-2	string	-lh2-	application/x-lha	lh2
-2	string	-lh3-	application/x-lha	lh3
-2	string	-lh4-	application/x-lha	lh4
-2	string	-lh5-	application/x-lha	lh5
-2	string	-lh6-	application/x-lha	lh6
-2	string	-lh7-	application/x-lha	lh7
-# Shell archives
-10	string	#\ This\ is\ a\ shell\ archive	application/octet-stream	x-shell
-
-#------------------------------------------------------------------------------
-# frame:  file(1) magic for FrameMaker files
-#
-# This stuff came on a FrameMaker demo tape, most of which is
-# copyright, but this file is "published" as witness the following:
-#
-0	string		\<MakerFile	application/x-frame
-0	string		\<MIFFile	application/x-frame
-0	string		\<MakerDictionary	application/x-frame
-0	string		\<MakerScreenFon	application/x-frame
-0	string		\<MML		application/x-frame
-0	string		\<Book		application/x-frame
-0	string		\<Maker		application/x-frame
-
-#------------------------------------------------------------------------------
-# html:  file(1) magic for HTML (HyperText Markup Language) docs
-#
-# from Daniel Quinlan <quinlan@yggdrasil.com>
-#
-0	string/cB	\<!DOCTYPE\ html	text/html
-0	string/cb	\<head	text/html
-0	string/cb	\<title	text/html
-0       string/bc	\<html	text/html
-0	string		\<!--	text/html
-0	string/c	\<h1	text/html
-
-0	string		\<?xml			text/xml
-
-#------------------------------------------------------------------------------
-# images:  file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
-#
-# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
-# additions by janl@ifi.uio.no as well as others. Jan also suggested
-# merging several one- and two-line files into here.
-#
-# XXX - byte order for GIF and TIFF fields?
-# [GRR:  TIFF allows both byte orders; GIF is probably little-endian]
-#
-
-# [GRR:  what the hell is this doing in here?]
-#0	string		xbtoa		btoa'd file
-
-# PBMPLUS
-#					PBM file
-0	string		P1		image/x-portable-bitmap	7bit
-#					PGM file
-0	string		P2		image/x-portable-greymap	7bit
-#					PPM file
-0	string		P3		image/x-portable-pixmap	7bit
-#					PBM "rawbits" file
-0	string		P4		image/x-portable-bitmap
-#					PGM "rawbits" file
-0	string		P5		image/x-portable-greymap
-#					PPM "rawbits" file
-0	string		P6		image/x-portable-pixmap
-
-# NIFF (Navy Interchange File Format, a modification of TIFF)
-# [GRR:  this *must* go before TIFF]
-0	string		IIN1		image/x-niff
-
-# TIFF and friends
-#					TIFF file, big-endian
-0	string		MM		image/tiff
-#					TIFF file, little-endian
-0	string		II		image/tiff
-
-# possible GIF replacements; none yet released!
-# (Greg Roelofs, newt@uchicago.edu)
-#
-# GRR 950115:  this was mine ("Zip GIF"):
-#					ZIF image (GIF+deflate alpha)
-0	string		GIF94z		image/unknown
-#
-# GRR 950115:  this is Jeremy Wohl's Free Graphics Format (better):
-#					FGF image (GIF+deflate beta)
-0	string		FGF95a		image/unknown
-#
-# GRR 950115:  this is Thomas Boutell's Portable Bitmap Format proposal
-# (best; not yet implemented):
-#					PBF image (deflate compression)
-0	string		PBF		image/unknown
-
-# GIF
-0	string		GIF		image/gif
-
-# JPEG images
-0	beshort		0xffd8		image/jpeg
-
-# PC bitmaps (OS/2, Windoze BMP files)  (Greg Roelofs, newt@uchicago.edu)
-0	string		BM		image/x-ms-bmp
-#>14	byte		12		(OS/2 1.x format)
-#>14	byte		64		(OS/2 2.x format)
-#>14	byte		40		(Windows 3.x format)
-#0	string		IC		icon
-#0	string		PI		pointer
-#0	string		CI		color icon
-#0	string		CP		color pointer
-#0	string		BA		bitmap array
-
-# CDROM Filesystems
-32769    string    CD001     application/x-iso9660
-
-# Newer StuffIt archives (grant@netbsd.org)
-0	string		StuffIt			application/x-stuffit
-#>162	string		>0			: %s
-
-# BinHex is the Macintosh ASCII-encoded file format (see also "apple")
-# Daniel Quinlan, quinlan@yggdrasil.com
-11	string	must\ be\ converted\ with\ BinHex\ 4	application/mac-binhex40
-##>41	string	x					\b, version %.3s
-
-
-#------------------------------------------------------------------------------
-# lisp:  file(1) magic for lisp programs
-#
-# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
-0	string	;;			text/plain	8bit
-# Emacs 18 - this is always correct, but not very magical.
-0	string	\012(			application/x-elc
-# Emacs 19
-0	string	;ELC\023\000\000\000	application/x-elc
-
-#------------------------------------------------------------------------------
-# mail.news:  file(1) magic for mail and news
-#
-# There are tests to ascmagic.c to cope with mail and news.
-0	string		Relay-Version: 	message/rfc822	7bit
-0	string		#!\ rnews	message/rfc822	7bit
-0	string		N#!\ rnews	message/rfc822	7bit
-0	string		Forward\ to 	message/rfc822	7bit
-0	string		Pipe\ to 	message/rfc822	7bit
-0	string		Return-Path:	message/rfc822	7bit
-0	string		Received:	message/rfc822
-0	string		Path:		message/news	8bit
-0	string		Xref:		message/news	8bit
-0	string		From:		message/rfc822	7bit
-0	string		Article 	message/news	8bit
-#------------------------------------------------------------------------------
-# msword: file(1) magic for MS Word files
-#
-# Contributor claims:
-# Reversed-engineered MS Word magic numbers
-#
-
-0	string		\376\067\0\043			application/msword
-0	string		\320\317\021\340\241\261	application/msword
-0	string		\333\245-\0\0\0			application/msword
-
-
-
-#------------------------------------------------------------------------------
-# printer:  file(1) magic for printer-formatted files
-#
-
-# PostScript
-0	string		%!		application/postscript
-0	string		\004%!		application/postscript
-
-# Acrobat
-# (due to clamen@cs.cmu.edu)
-0	string		%PDF-		application/pdf
-
-#------------------------------------------------------------------------------
-# sc:  file(1) magic for "sc" spreadsheet
-#
-38	string		Spreadsheet	application/x-sc
-
-#------------------------------------------------------------------------------
-# tex:  file(1) magic for TeX files
-#
-# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
-#
-# From <conklin@talisman.kaleida.com>
-
-# Although we may know the offset of certain text fields in TeX DVI
-# and font files, we can't use them reliably because they are not
-# zero terminated. [but we do anyway, christos]
-0	string		\367\002	application/x-dvi
-#0	string		\367\203	TeX generic font data
-#0	string		\367\131	TeX packed font data
-#0	string		\367\312	TeX virtual font data
-#0	string		This\ is\ TeX,	TeX transcript text	
-#0	string		This\ is\ METAFONT,	METAFONT transcript text
-
-# There is no way to detect TeX Font Metric (*.tfm) files without
-# breaking them apart and reading the data.  The following patterns
-# match most *.tfm files generated by METAFONT or afm2tfm.
-2	string		\000\021	application/x-tex-tfm
-2	string		\000\022	application/x-tex-tfm
-#>34	string		>\0		(%s)
-
-# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
-0	string		\\input\ texinfo		text/x-texinfo
-0	string		This\ is\ Info\ file	text/x-info
-
-# correct TeX magic for Linux (and maybe more)
-# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
-#
-0	leshort		0x02f7		application/x-dvi
-
-# RTF - Rich Text Format
-0	string		{\\rtf		text/rtf
-
-#------------------------------------------------------------------------------
-# animation:  file(1) magic for animation/movie formats
-#
-# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
-#						MPEG file
-# MPEG sequences
-0       belong             0x000001BA
->4      byte               &0x40          video/mp2p
->4      byte               ^0x40          video/mpeg
-0       belong             0x000001BB     video/mpeg
-0       belong             0x000001B0     video/mp4v-es
-0       belong             0x000001B5     video/mp4v-es
-0       belong             0x000001B3     video/mpv
-0       belong&0xFF5FFF1F  0x47400010     video/mp2t
-0       belong             0x00000001
->4      byte&0x1F          0x07           video/h264
-
-# FLI animation format
-0	leshort		0xAF11				video/fli
-# FLC animation format
-0	leshort		0xAF12				video/flc
-#
-# SGI and Apple formats
-# Added ISO mimes
-0	string		MOVI	      video/sgi
-4	string		moov	      video/quicktime
-4	string		mdat	      video/quicktime
-4	string		wide	      video/quicktime
-4	string		skip	      video/quicktime
-4	string		free	      video/quicktime
-4	string		idsc	      image/x-quicktime
-4	string		idat	      image/x-quicktime
-4	string		pckg	      application/x-quicktime
-4	string/B	jP	      image/jp2
-4	string		ftyp
->8	string		isom	      video/mp4
->8	string		mp41	      video/mp4
->8	string		mp42	      video/mp4
->8	string/B	jp2	      image/jp2
->8	string		3gp	      video/3gpp
->8      string          avc1          video/3gpp
->8	string		mmp4	      video/mp4
->8	string/B	M4A	      audio/mp4
->8	string/B	qt	      video/quicktime
-# The contributor claims:
-#   I couldn't find a real magic number for these, however, this
-#   -appears- to work.  Note that it might catch other files, too,
-#   so BE CAREFUL!
-#
-# Note that title and author appear in the two 20-byte chunks
-# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
-# 255 (hex FF)! DL format SUCKS BIG ROCKS.
-#
-#						DL file version 1 , medium format (160x100, 4 images/screen)
-0	byte		1			video/unknown
-0	byte		2			video/unknown
-#
-# Databases
-#
-# GDBM magic numbers
-#  Will be maintained as part of the GDBM distribution in the future.
-#  <downsj@teeny.org>
-0       belong  0x13579ace      application/x-gdbm
-0       lelong  0x13579ace      application/x-gdbm
-0       string  GDBM            application/x-gdbm
-#
-0       belong  0x061561        application/x-dbm
-#
-# Executables
-#
-0	string		\177ELF 
->16	leshort		0		application/octet-stream
->16	leshort		1		application/x-object
->16	leshort		2		application/x-executable
->16	leshort		3		application/x-sharedlib
->16	leshort		4		application/x-coredump
->16	beshort		0		application/octet-stream
->16	beshort		1		application/x-object
->16	beshort		2		application/x-executable
->16	beshort		3		application/x-sharedlib
->16	beshort		4		application/x-coredump
-#
-# DOS
-0		string			MZ				application/x-dosexec
-#
-# KDE
-0		string	[KDE\ Desktop\ Entry]	application/x-kdelnk
-0		string	\#\ KDE\ Config\ File	application/x-kdelnk
-# xmcd database file for kscd
-0		string	\#\ xmcd                text/xmcd
-
-#------------------------------------------------------------------------------
-# pkgadd:  file(1) magic for SysV R4 PKG Datastreams
-#
-0       string          #\ PaCkAgE\ DaTaStReAm  application/x-svr4-package
-
-#PNG Image Format
-0	string		\x89PNG			image/png
-
-# MNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/>
-0	string		\x8aMNG			video/x-mng
-0	string		\x8aJNG			video/x-jng
-
-#------------------------------------------------------------------------------
-# Hierarchical Data Format, used to facilitate scientific data exchange
-# specifications at http://hdf.ncsa.uiuc.edu/
-#Hierarchical Data Format (version 4) data
-0	belong		0x0e031301		application/x-hdf
-#Hierarchical Data Format (version 5) data
-0	string		\211HDF\r\n\032		application/x-hdf
-
-# Adobe Photoshop
-0	string		8BPS			image/x-photoshop
-
-# Felix von Leitner <felix-file@fefe.de>
-0	string		d8:announce		application/x-bittorrent
-
-
-# lotus 1-2-3 document
-0	belong	0x00001a00	application/x-123
-0	belong	0x00000200 	application/x-123
-
-# MS Access database
-4	string	Standard\ Jet\ DB	application/msaccess
-
-## magic for XBase files
-#0      byte       0x02	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x03	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x04	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x05	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x30
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x43
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x7b
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x83	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x8b
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0x8e	
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0xb3
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0      byte       0xf5
-#>8     leshort	  >0
-#>>12   leshort    0	application/x-dbf
-#
-#0	leshort		0x0006		application/x-dbt
-
-# Debian has entries for the old PGP formats:
-# pgp:  file(1) magic for Pretty Good Privacy
-# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
-#text/PGP key public ring
-0	beshort		0x9900			application/pgp
-#text/PGP key security ring
-0	beshort		0x9501			application/pgp
-#text/PGP key security ring
-0	beshort		0x9500			application/pgp
-#text/PGP encrypted data
-0	beshort		0xa600			application/pgp-encrypted
-#text/PGP armored data
-##public key block
-2	string	---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK-	application/pgp-keys
-0	string	-----BEGIN\040PGP\40MESSAGE-			application/pgp
-0	string	-----BEGIN\040PGP\40SIGNATURE-			application/pgp-signature
-#
-# GnuPG Magic:
-# 
-#
-#text/GnuPG key public ring
-0	beshort		0x9901			application/pgp
-#text/OpenPGP data
-0	beshort		0x8501			application/pgp-encrypted	
-
-# flash:        file(1) magic for Macromedia Flash file format
-#
-# See
-#
-#       http://www.macromedia.com/software/flash/open/
-#
-0	string		FWS             
->3	byte		x			application/x-shockwave-flash
-
-# The following paramaters are created for Namazu.
-# <http://www.namazu.org/>
-#
-# 1999/08/13
-#0	string		\<!--\ MHonArc		text/html; x-type=mhonarc
-0	string		BZh			application/x-bzip2
-
-# 1999/09/09
-# VRML (suggested by Masao Takaku)
-0	string		#VRML\ V1.0\ ascii	model/vrml
-0	string		#VRML\ V2.0\ utf8	model/vrml
-
-#------------------------------------------------------------------------------
-# ichitaro456: file(1) magic for Just System Word Processor Ichitaro
-#
-# Contributor kenzo-:
-# Reversed-engineered JS Ichitaro magic numbers
-#
-
-0	string		DOC
->43	byte		0x14		application/ichitaro4
->144	string	JDASH		application/ichitaro4
-
-0	string		DOC
->43	byte		0x15		application/ichitaro5
-
-0	string		DOC
->43	byte		0x16		application/ichitaro6
-
-#------------------------------------------------------------------------------
-# office97: file(1) magic for MicroSoft Office files
-#
-# Contributor kenzo-:
-# Reversed-engineered MS Office magic numbers
-#
-
-#0       string          \320\317\021\340\241\261\032\341
-#>48     byte            0x1B            application/excel
-
-2080	string	Microsoft\ Excel\ 5.0\ Worksheet	application/excel
-2114	string	Biff5					application/excel
-
-0       string	\224\246\056		application/msword
-
-0	belong	0x31be0000		application/msword
-
-0	string	PO^Q`			application/msword
-
-0	string	\320\317\021\340\241\261\032\341
->546	string	bjbj			application/msword
->546	string	jbjb			application/msword
-
-512	string	R\0o\0o\0t\0\ \0E\0n\0t\0r\0y	application/msword
-
-2080	string	Microsoft\ Word\ 6.0\ Document	application/msword
-2080	string	Documento\ Microsoft\ Word\ 6	application/msword
-2112	string	MSWordDoc			application/msword
-
-#0	string	\320\317\021\340\241\261\032\341	application/powerpoint
-0	string	\320\317\021\340\241\261\032\341	application/msword
-
-0       string  #\ PaCkAgE\ DaTaStReAm  application/x-svr4-package
-
-
-# WinNT/WinCE PE files (Warner Losh, imp@village.org)
-#
-128		string	PE\000\000	application/octet-stream
-0		string	PE\000\000	application/octet-stream
-
-# miscellaneous formats
-0		string	LZ		application/octet-stream
-
-
-# .EXE formats (Greg Roelofs, newt@uchicago.edu)
-#
-0		string	MZ
->24		string	@		application/octet-stream
-
-0		string	MZ
->30		string	Copyright\ 1989-1990\ PKWARE\ Inc.	application/x-zip
-
-0		string	MZ
->30		string	PKLITE\ Copr.	application/x-zip
-
-0		string	MZ
->36		string	LHa's\ SFX	application/x-lha
-
-0		string	MZ		application/octet-stream
-
-# LHA archiver
-2		string	-lh
->6		string	-		application/x-lha
-
-
-# Zoo archiver
-20		lelong	0xfdc4a7dc	application/x-zoo
-
-# ARC archiver
-0       	lelong&0x8080ffff	0x0000081a	application/x-arc
-0		lelong&0x8080ffff	0x0000091a	application/x-arc
-0		lelong&0x8080ffff	0x0000021a	application/x-arc
-0		lelong&0x8080ffff	0x0000031a	application/x-arc
-0		lelong&0x8080ffff	0x0000041a	application/x-arc
-0		lelong&0x8080ffff	0x0000061a	application/x-arc
-
-# Microsoft Outlook's Transport Neutral Encapsulation Format (TNEF)
-0		lelong	0x223e9f78	application/ms-tnef
-
-# From: stephane.loeuillet@tiscali.f
-# http://www.djvuzone.org/
-0	string		AT&TFORM	image/x.djvu
-
-# Danny Milosavljevic <danny.milo@gmx.net>
-# this are adrift (adventure game standard) game files, extension .taf
-# depending on version magic continues with 0x93453E6139FA (V 4.0)
-# 0x9445376139FA (V 3.90)
-# 0x9445366139FA (V 3.80)
-# this is from source (http://www.adrift.org.uk/) and I have some taf
-# files, and checked them.
-#0	belong	0x3C423FC9
-#>4	belong	0x6A87C2CF	application/x-adrift
-#0	string	\000\000\001\000	image/x-ico
-
-# Quark Xpress 3 Files:
-# (made the mimetype up) 
-0	string	\0\0MMXPR3\0	application/x-quark-xpress-3
-
-# EET archive
-# From: Tilman Sauerbeck <tilman@code-monkey.de>
-0	belong	0x1ee7ff00	application/x-eet
-
-# From: Denis Knauf, via gentoo.
-0	string	fLaC		audio/x-flac
-0	string	CWS		application/x-shockwave-flash
-
-# Gnumeric spreadsheet
-# This entry is only semi-helpful, as Gnumeric compresses its files, so
-# they will ordinarily reported as "compressed", but at least -z helps
-39      string          =<gmr:Workbook           application/x-gnumeric
-
diff --git a/webapp/etc/apache2/mods-available/access_compat.load b/webapp/etc/apache2/mods-available/access_compat.load
deleted file mode 100644
index 83273df..0000000
--- a/webapp/etc/apache2/mods-available/access_compat.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authn_core
-LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
diff --git a/webapp/etc/apache2/mods-available/actions.conf b/webapp/etc/apache2/mods-available/actions.conf
deleted file mode 100644
index c3f5d29..0000000
--- a/webapp/etc/apache2/mods-available/actions.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-# a2enmod-note: needs-configuration
-
-#
-# Action lets you define media types that will execute a script whenever
-# a matching file is called. This eliminates the need for repeated URL
-# pathnames for oft-used CGI file processors.
-# Format: Action media/type /cgi-script/location
-# Format: Action handler-name /cgi-script/location
-#
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/actions.load b/webapp/etc/apache2/mods-available/actions.load
deleted file mode 100644
index 4207df3..0000000
--- a/webapp/etc/apache2/mods-available/actions.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule actions_module /usr/lib/apache2/modules/mod_actions.so
diff --git a/webapp/etc/apache2/mods-available/alias.conf b/webapp/etc/apache2/mods-available/alias.conf
deleted file mode 100644
index 3583d3b..0000000
--- a/webapp/etc/apache2/mods-available/alias.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-<IfModule alias_module>
-	# Aliases: Add here as many aliases as you need (with no limit). The format is
-	# Alias fakename realname
-	#
-	# Note that if you include a trailing / on fakename then the server will
-	# require it to be present in the URL.  So "/icons" isn't aliased in this
-	# example, only "/icons/".  If the fakename is slash-terminated, then the
-	# realname must also be slash terminated, and if the fakename omits the
-	# trailing slash, the realname must also omit it.
-	#
-	# We include the /icons/ alias for FancyIndexed directory listings.  If
-	# you do not use FancyIndexing, you may comment this out.
-
-	Alias /icons/ "/usr/share/apache2/icons/"
-
-	<Directory "/usr/share/apache2/icons">
-		Options FollowSymlinks
-		AllowOverride None
-		Require all granted
-	</Directory>
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/alias.load b/webapp/etc/apache2/mods-available/alias.load
deleted file mode 100644
index 4cb7385..0000000
--- a/webapp/etc/apache2/mods-available/alias.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so
diff --git a/webapp/etc/apache2/mods-available/allowmethods.load b/webapp/etc/apache2/mods-available/allowmethods.load
deleted file mode 100644
index e5bbe59..0000000
--- a/webapp/etc/apache2/mods-available/allowmethods.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule allowmethods_module /usr/lib/apache2/modules/mod_allowmethods.so
diff --git a/webapp/etc/apache2/mods-available/asis.load b/webapp/etc/apache2/mods-available/asis.load
deleted file mode 100644
index 6b73c45..0000000
--- a/webapp/etc/apache2/mods-available/asis.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: mime
-LoadModule asis_module /usr/lib/apache2/modules/mod_asis.so
diff --git a/webapp/etc/apache2/mods-available/auth_basic.load b/webapp/etc/apache2/mods-available/auth_basic.load
deleted file mode 100644
index 5f3cd1c..0000000
--- a/webapp/etc/apache2/mods-available/auth_basic.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authn_core
-LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so
diff --git a/webapp/etc/apache2/mods-available/auth_digest.load b/webapp/etc/apache2/mods-available/auth_digest.load
deleted file mode 100644
index 4fa7a3e..0000000
--- a/webapp/etc/apache2/mods-available/auth_digest.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authn_core
-LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so
diff --git a/webapp/etc/apache2/mods-available/auth_form.load b/webapp/etc/apache2/mods-available/auth_form.load
deleted file mode 100644
index 91e9507..0000000
--- a/webapp/etc/apache2/mods-available/auth_form.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: session authn_core
-LoadModule auth_form_module /usr/lib/apache2/modules/mod_auth_form.so
diff --git a/webapp/etc/apache2/mods-available/authn_anon.load b/webapp/etc/apache2/mods-available/authn_anon.load
deleted file mode 100644
index 331922a..0000000
--- a/webapp/etc/apache2/mods-available/authn_anon.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authn_anon_module /usr/lib/apache2/modules/mod_authn_anon.so
diff --git a/webapp/etc/apache2/mods-available/authn_core.load b/webapp/etc/apache2/mods-available/authn_core.load
deleted file mode 100644
index 446074f..0000000
--- a/webapp/etc/apache2/mods-available/authn_core.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authn_core_module /usr/lib/apache2/modules/mod_authn_core.so
diff --git a/webapp/etc/apache2/mods-available/authn_dbd.load b/webapp/etc/apache2/mods-available/authn_dbd.load
deleted file mode 100644
index d517af3..0000000
--- a/webapp/etc/apache2/mods-available/authn_dbd.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: dbd
-LoadModule authn_dbd_module /usr/lib/apache2/modules/mod_authn_dbd.so
diff --git a/webapp/etc/apache2/mods-available/authn_dbm.load b/webapp/etc/apache2/mods-available/authn_dbm.load
deleted file mode 100644
index c39d41b..0000000
--- a/webapp/etc/apache2/mods-available/authn_dbm.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authn_dbm_module /usr/lib/apache2/modules/mod_authn_dbm.so
diff --git a/webapp/etc/apache2/mods-available/authn_file.load b/webapp/etc/apache2/mods-available/authn_file.load
deleted file mode 100644
index 9f13b35..0000000
--- a/webapp/etc/apache2/mods-available/authn_file.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authn_file_module /usr/lib/apache2/modules/mod_authn_file.so
diff --git a/webapp/etc/apache2/mods-available/authn_socache.load b/webapp/etc/apache2/mods-available/authn_socache.load
deleted file mode 100644
index 786232d..0000000
--- a/webapp/etc/apache2/mods-available/authn_socache.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authn_socache_module /usr/lib/apache2/modules/mod_authn_socache.so
diff --git a/webapp/etc/apache2/mods-available/authnz_fcgi.load b/webapp/etc/apache2/mods-available/authnz_fcgi.load
deleted file mode 100644
index 69d757c..0000000
--- a/webapp/etc/apache2/mods-available/authnz_fcgi.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authnz_fcgi_module /usr/lib/apache2/modules/mod_authnz_fcgi.so
diff --git a/webapp/etc/apache2/mods-available/authnz_ldap.load b/webapp/etc/apache2/mods-available/authnz_ldap.load
deleted file mode 100644
index c56d4dc..0000000
--- a/webapp/etc/apache2/mods-available/authnz_ldap.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: ldap
-LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so
diff --git a/webapp/etc/apache2/mods-available/authz_core.load b/webapp/etc/apache2/mods-available/authz_core.load
deleted file mode 100644
index 5499bf3..0000000
--- a/webapp/etc/apache2/mods-available/authz_core.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
diff --git a/webapp/etc/apache2/mods-available/authz_dbd.load b/webapp/etc/apache2/mods-available/authz_dbd.load
deleted file mode 100644
index cf82cae..0000000
--- a/webapp/etc/apache2/mods-available/authz_dbd.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: dbd authz_core
-LoadModule authz_dbd_module /usr/lib/apache2/modules/mod_authz_dbd.so
diff --git a/webapp/etc/apache2/mods-available/authz_dbm.load b/webapp/etc/apache2/mods-available/authz_dbm.load
deleted file mode 100644
index 6db4831..0000000
--- a/webapp/etc/apache2/mods-available/authz_dbm.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authz_core
-LoadModule authz_dbm_module /usr/lib/apache2/modules/mod_authz_dbm.so
diff --git a/webapp/etc/apache2/mods-available/authz_groupfile.load b/webapp/etc/apache2/mods-available/authz_groupfile.load
deleted file mode 100644
index eda3d21..0000000
--- a/webapp/etc/apache2/mods-available/authz_groupfile.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authz_core
-LoadModule authz_groupfile_module /usr/lib/apache2/modules/mod_authz_groupfile.so
diff --git a/webapp/etc/apache2/mods-available/authz_host.load b/webapp/etc/apache2/mods-available/authz_host.load
deleted file mode 100644
index f8cf87a..0000000
--- a/webapp/etc/apache2/mods-available/authz_host.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authz_core
-LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so
diff --git a/webapp/etc/apache2/mods-available/authz_owner.load b/webapp/etc/apache2/mods-available/authz_owner.load
deleted file mode 100644
index cbad3b5..0000000
--- a/webapp/etc/apache2/mods-available/authz_owner.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule authz_owner_module /usr/lib/apache2/modules/mod_authz_owner.so
diff --git a/webapp/etc/apache2/mods-available/authz_user.load b/webapp/etc/apache2/mods-available/authz_user.load
deleted file mode 100644
index e47c40c..0000000
--- a/webapp/etc/apache2/mods-available/authz_user.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: authz_core
-LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.so
diff --git a/webapp/etc/apache2/mods-available/autoindex.conf b/webapp/etc/apache2/mods-available/autoindex.conf
deleted file mode 100644
index f6cf45f..0000000
--- a/webapp/etc/apache2/mods-available/autoindex.conf
+++ /dev/null
@@ -1,96 +0,0 @@
-<IfModule mod_autoindex.c>
-	# Directives controlling the display of server-generated directory listings.
-
-	#
-	# IndexOptions: Controls the appearance of server-generated directory
-	# listings.
-	# Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
-	IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
-
-	#
-	# AddIcon* directives tell the server which icon to show for different
-	# files or filename extensions.  These are only displayed for
-	# FancyIndexed directories.
-	AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
-
-	AddIconByType (TXT,/icons/text.gif) text/*
-	AddIconByType (IMG,/icons/image2.gif) image/*
-	AddIconByType (SND,/icons/sound2.gif) audio/*
-	AddIconByType (VID,/icons/movie.gif) video/*
-
-	AddIcon /icons/binary.gif .bin .exe
-	AddIcon /icons/binhex.gif .hqx
-	AddIcon /icons/tar.gif .tar
-	AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-	AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-	AddIcon /icons/a.gif .ps .ai .eps
-	AddIcon /icons/layout.gif .html .shtml .htm .pdf
-	AddIcon /icons/text.gif .txt
-	AddIcon /icons/c.gif .c
-	AddIcon /icons/p.gif .pl .py
-	AddIcon /icons/f.gif .for
-	AddIcon /icons/dvi.gif .dvi
-	AddIcon /icons/uuencoded.gif .uu
-	AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-	AddIcon /icons/tex.gif .tex
-	# It's a suffix rule, so simply matching "core" matches "score" as well !
-	AddIcon /icons/bomb.gif /core
-	AddIcon (SND,/icons/sound2.gif) .ogg
-	AddIcon (VID,/icons/movie.gif) .ogm
-
-	AddIcon /icons/back.gif ..
-	AddIcon /icons/hand.right.gif README
-	AddIcon /icons/folder.gif ^^DIRECTORY^^
-	AddIcon /icons/blank.gif ^^BLANKICON^^
-
-	# Default icons for OpenDocument format
-	AddIcon /icons/odf6odt-20x22.png .odt
-	AddIcon /icons/odf6ods-20x22.png .ods
-	AddIcon /icons/odf6odp-20x22.png .odp
-	AddIcon /icons/odf6odg-20x22.png .odg
-	AddIcon /icons/odf6odc-20x22.png .odc
-	AddIcon /icons/odf6odf-20x22.png .odf
-	AddIcon /icons/odf6odb-20x22.png .odb
-	AddIcon /icons/odf6odi-20x22.png .odi
-	AddIcon /icons/odf6odm-20x22.png .odm
-
-	AddIcon /icons/odf6ott-20x22.png .ott
-	AddIcon /icons/odf6ots-20x22.png .ots
-	AddIcon /icons/odf6otp-20x22.png .otp
-	AddIcon /icons/odf6otg-20x22.png .otg
-	AddIcon /icons/odf6otc-20x22.png .otc
-	AddIcon /icons/odf6otf-20x22.png .otf
-	AddIcon /icons/odf6oti-20x22.png .oti
-	AddIcon /icons/odf6oth-20x22.png .oth
-
-	#
-	# DefaultIcon is which icon to show for files which do not have an icon
-	# explicitly set.
-	DefaultIcon /icons/unknown.gif
-
-	#
-	# AddDescription allows you to place a short description after a file in
-	# server-generated indexes.  These are only displayed for FancyIndexed
-	# directories.
-	# Format: AddDescription "description" filename
-	#AddDescription "GZIP compressed document" .gz
-	#AddDescription "tar archive" .tar
-	#AddDescription "GZIP compressed tar archive" .tgz
-
-	#
-	# ReadmeName is the name of the README file the server will look for by
-	# default, and append to directory listings.
-	#
-	# HeaderName is the name of a file which should be prepended to
-	# directory indexes
-	ReadmeName README.html
-	HeaderName HEADER.html
-
-	#
-	# IndexIgnore is a set of filenames which directory indexing should ignore
-	# and not include in the listing.  Shell-style wildcarding is permitted.
-	IndexIgnore .??* *~ *# RCS CVS *,v *,t
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/autoindex.load b/webapp/etc/apache2/mods-available/autoindex.load
deleted file mode 100644
index 82328b9..0000000
--- a/webapp/etc/apache2/mods-available/autoindex.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule autoindex_module /usr/lib/apache2/modules/mod_autoindex.so
diff --git a/webapp/etc/apache2/mods-available/brotli.load b/webapp/etc/apache2/mods-available/brotli.load
deleted file mode 100644
index ebd48ed..0000000
--- a/webapp/etc/apache2/mods-available/brotli.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule brotli_module /usr/lib/apache2/modules/mod_brotli.so
diff --git a/webapp/etc/apache2/mods-available/buffer.load b/webapp/etc/apache2/mods-available/buffer.load
deleted file mode 100644
index f5e7423..0000000
--- a/webapp/etc/apache2/mods-available/buffer.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule buffer_module /usr/lib/apache2/modules/mod_buffer.so
diff --git a/webapp/etc/apache2/mods-available/cache.load b/webapp/etc/apache2/mods-available/cache.load
deleted file mode 100644
index e3189a0..0000000
--- a/webapp/etc/apache2/mods-available/cache.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule cache_module /usr/lib/apache2/modules/mod_cache.so
diff --git a/webapp/etc/apache2/mods-available/cache_disk.conf b/webapp/etc/apache2/mods-available/cache_disk.conf
deleted file mode 100644
index a69beae..0000000
--- a/webapp/etc/apache2/mods-available/cache_disk.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-<IfModule mod_cache_disk.c>
-
-	# cache cleaning is done by htcacheclean, which can be configured in
-	# /etc/default/apache2
-	#
-	# For further information, see the comments in that file,
-	# /usr/share/doc/apache2/README.Debian, and the htcacheclean(8)
-	# man page.
-
-	# This path must be the same as the one in /etc/default/apache2
-	CacheRoot /var/cache/apache2/mod_cache_disk
-
-	# This will also cache local documents. It usually makes more sense to
-	# put this into the configuration for just one virtual host.
-	#CacheEnable disk /
-
-
-    # The result of CacheDirLevels * CacheDirLength must not be higher than
-    # 20. Moreover, pay attention on file system limits. Some file systems
-    # do not support more than a certain number of inodes and
-    # subdirectories (e.g. 32000 for ext3)
-    CacheDirLevels 2
-    CacheDirLength 1
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/cache_disk.load b/webapp/etc/apache2/mods-available/cache_disk.load
deleted file mode 100644
index 3b641a1..0000000
--- a/webapp/etc/apache2/mods-available/cache_disk.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: cache
-LoadModule cache_disk_module /usr/lib/apache2/modules/mod_cache_disk.so
diff --git a/webapp/etc/apache2/mods-available/cache_socache.load b/webapp/etc/apache2/mods-available/cache_socache.load
deleted file mode 100644
index 47a3dcb..0000000
--- a/webapp/etc/apache2/mods-available/cache_socache.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: cache
-LoadModule cache_socache_module /usr/lib/apache2/modules/mod_cache_socache.so
diff --git a/webapp/etc/apache2/mods-available/cern_meta.load b/webapp/etc/apache2/mods-available/cern_meta.load
deleted file mode 100644
index bcc7546..0000000
--- a/webapp/etc/apache2/mods-available/cern_meta.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule cern_meta_module /usr/lib/apache2/modules/mod_cern_meta.so
diff --git a/webapp/etc/apache2/mods-available/cgi.load b/webapp/etc/apache2/mods-available/cgi.load
deleted file mode 100644
index 1be9048..0000000
--- a/webapp/etc/apache2/mods-available/cgi.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
diff --git a/webapp/etc/apache2/mods-available/cgid.conf b/webapp/etc/apache2/mods-available/cgid.conf
deleted file mode 100644
index 762f00b..0000000
--- a/webapp/etc/apache2/mods-available/cgid.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-# Socket for cgid communication
-ScriptSock ${APACHE_RUN_DIR}/cgisock
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/cgid.load b/webapp/etc/apache2/mods-available/cgid.load
deleted file mode 100644
index e036f7d..0000000
--- a/webapp/etc/apache2/mods-available/cgid.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule cgid_module /usr/lib/apache2/modules/mod_cgid.so
diff --git a/webapp/etc/apache2/mods-available/charset_lite.load b/webapp/etc/apache2/mods-available/charset_lite.load
deleted file mode 100644
index f137a57..0000000
--- a/webapp/etc/apache2/mods-available/charset_lite.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule charset_lite_module /usr/lib/apache2/modules/mod_charset_lite.so
diff --git a/webapp/etc/apache2/mods-available/data.load b/webapp/etc/apache2/mods-available/data.load
deleted file mode 100644
index ef488a4..0000000
--- a/webapp/etc/apache2/mods-available/data.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule data_module /usr/lib/apache2/modules/mod_data.so
diff --git a/webapp/etc/apache2/mods-available/dav.load b/webapp/etc/apache2/mods-available/dav.load
deleted file mode 100644
index 6f6d1bb..0000000
--- a/webapp/etc/apache2/mods-available/dav.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so
diff --git a/webapp/etc/apache2/mods-available/dav_fs.conf b/webapp/etc/apache2/mods-available/dav_fs.conf
deleted file mode 100644
index 8499551..0000000
--- a/webapp/etc/apache2/mods-available/dav_fs.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-DAVLockDB ${APACHE_LOCK_DIR}/DAVLock
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/dav_fs.load b/webapp/etc/apache2/mods-available/dav_fs.load
deleted file mode 100644
index ba2a3f8..0000000
--- a/webapp/etc/apache2/mods-available/dav_fs.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: dav
-LoadModule dav_fs_module /usr/lib/apache2/modules/mod_dav_fs.so
diff --git a/webapp/etc/apache2/mods-available/dav_lock.load b/webapp/etc/apache2/mods-available/dav_lock.load
deleted file mode 100644
index ba0703e..0000000
--- a/webapp/etc/apache2/mods-available/dav_lock.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dav_lock_module /usr/lib/apache2/modules/mod_dav_lock.so
diff --git a/webapp/etc/apache2/mods-available/dbd.load b/webapp/etc/apache2/mods-available/dbd.load
deleted file mode 100644
index 5495f2a..0000000
--- a/webapp/etc/apache2/mods-available/dbd.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dbd_module /usr/lib/apache2/modules/mod_dbd.so
diff --git a/webapp/etc/apache2/mods-available/deflate.conf b/webapp/etc/apache2/mods-available/deflate.conf
deleted file mode 100644
index db48f92..0000000
--- a/webapp/etc/apache2/mods-available/deflate.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-<IfModule mod_deflate.c>
-	<IfModule mod_filter.c>
-		AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
-		AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
-		AddOutputFilterByType DEFLATE application/rss+xml
-		AddOutputFilterByType DEFLATE application/xml
-	</IfModule>
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/deflate.load b/webapp/etc/apache2/mods-available/deflate.load
deleted file mode 100644
index 3873ffc..0000000
--- a/webapp/etc/apache2/mods-available/deflate.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: filter
-LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
diff --git a/webapp/etc/apache2/mods-available/dialup.load b/webapp/etc/apache2/mods-available/dialup.load
deleted file mode 100644
index 3c4a636..0000000
--- a/webapp/etc/apache2/mods-available/dialup.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dialup_module /usr/lib/apache2/modules/mod_dialup.so
diff --git a/webapp/etc/apache2/mods-available/dir.conf b/webapp/etc/apache2/mods-available/dir.conf
deleted file mode 100644
index 21a0e8b..0000000
--- a/webapp/etc/apache2/mods-available/dir.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-<IfModule mod_dir.c>
-	DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/dir.load b/webapp/etc/apache2/mods-available/dir.load
deleted file mode 100644
index e5b5d92..0000000
--- a/webapp/etc/apache2/mods-available/dir.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
diff --git a/webapp/etc/apache2/mods-available/dump_io.load b/webapp/etc/apache2/mods-available/dump_io.load
deleted file mode 100644
index 561c24b..0000000
--- a/webapp/etc/apache2/mods-available/dump_io.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule dumpio_module /usr/lib/apache2/modules/mod_dumpio.so
diff --git a/webapp/etc/apache2/mods-available/echo.load b/webapp/etc/apache2/mods-available/echo.load
deleted file mode 100644
index 42cae85..0000000
--- a/webapp/etc/apache2/mods-available/echo.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule echo_module /usr/lib/apache2/modules/mod_echo.so
diff --git a/webapp/etc/apache2/mods-available/env.load b/webapp/etc/apache2/mods-available/env.load
deleted file mode 100644
index 8bf608d..0000000
--- a/webapp/etc/apache2/mods-available/env.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule env_module /usr/lib/apache2/modules/mod_env.so
diff --git a/webapp/etc/apache2/mods-available/expires.load b/webapp/etc/apache2/mods-available/expires.load
deleted file mode 100644
index 092acab..0000000
--- a/webapp/etc/apache2/mods-available/expires.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so
diff --git a/webapp/etc/apache2/mods-available/ext_filter.load b/webapp/etc/apache2/mods-available/ext_filter.load
deleted file mode 100644
index b3a1596..0000000
--- a/webapp/etc/apache2/mods-available/ext_filter.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule ext_filter_module /usr/lib/apache2/modules/mod_ext_filter.so
diff --git a/webapp/etc/apache2/mods-available/file_cache.load b/webapp/etc/apache2/mods-available/file_cache.load
deleted file mode 100644
index 32c0a56..0000000
--- a/webapp/etc/apache2/mods-available/file_cache.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: cache
-LoadModule file_cache_module /usr/lib/apache2/modules/mod_file_cache.so
diff --git a/webapp/etc/apache2/mods-available/filter.load b/webapp/etc/apache2/mods-available/filter.load
deleted file mode 100644
index 94c4270..0000000
--- a/webapp/etc/apache2/mods-available/filter.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule filter_module /usr/lib/apache2/modules/mod_filter.so
diff --git a/webapp/etc/apache2/mods-available/headers.load b/webapp/etc/apache2/mods-available/headers.load
deleted file mode 100644
index e4497e5..0000000
--- a/webapp/etc/apache2/mods-available/headers.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
diff --git a/webapp/etc/apache2/mods-available/heartbeat.load b/webapp/etc/apache2/mods-available/heartbeat.load
deleted file mode 100644
index 208686c..0000000
--- a/webapp/etc/apache2/mods-available/heartbeat.load
+++ /dev/null
@@ -1,3 +0,0 @@
-# This module depends on mod_watchdog to be loaded before. In Debian, this
-# module is statically linked.
-LoadModule heartbeat_module /usr/lib/apache2/modules/mod_heartbeat.so
diff --git a/webapp/etc/apache2/mods-available/heartmonitor.load b/webapp/etc/apache2/mods-available/heartmonitor.load
deleted file mode 100644
index e5deba7..0000000
--- a/webapp/etc/apache2/mods-available/heartmonitor.load
+++ /dev/null
@@ -1,3 +0,0 @@
-# This module depends on mod_watchdog to be loaded before. In Debian, this
-# module is statically linked.
-LoadModule heartmonitor_module /usr/lib/apache2/modules/mod_heartmonitor.so
diff --git a/webapp/etc/apache2/mods-available/http2.conf b/webapp/etc/apache2/mods-available/http2.conf
deleted file mode 100644
index f45db4d..0000000
--- a/webapp/etc/apache2/mods-available/http2.conf
+++ /dev/null
@@ -1,34 +0,0 @@
-
-# mod_http2 doesn't work with mpm_prefork
-<IfModule !mpm_prefork>
-    Protocols h2 h2c http/1.1
-
-    # # HTTP/2 push configuration
-    # 
-    # H2Push          on
-    # 
-    # # Default Priority Rule
-    # 
-    # H2PushPriority * After 16
-    # 
-    # # More complex ruleset:
-    # 
-    # H2PushPriority  *                       after
-    # H2PushPriority  text/css                before
-    # H2PushPriority  image/jpeg              after   32
-    # H2PushPriority  image/png               after   32
-    # H2PushPriority  application/javascript  interleaved
-    # 
-    # # Configure some stylesheet and script to be pushed by the webserver
-    # 
-    # <FilesMatch "\.html$">
-    #     Header add Link "</style.css>; rel=preload; as=style"
-    #     Header add Link "</script.js>; rel=preload; as=script"
-    # </FilesMatch>
-    # Since mod_http2 doesn't support the mod_logio module (which provide the %O format),
-    # you may want to change your LogFormat directive as follow:
-    #
-    # LogFormat "%v:%p %h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
-    # LogFormat "%h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" combined
-    # LogFormat "%h %l %u %t \"%r\" %>s %B" common
-</IfModule>
diff --git a/webapp/etc/apache2/mods-available/http2.load b/webapp/etc/apache2/mods-available/http2.load
deleted file mode 100644
index e5c769f..0000000
--- a/webapp/etc/apache2/mods-available/http2.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so
diff --git a/webapp/etc/apache2/mods-available/ident.load b/webapp/etc/apache2/mods-available/ident.load
deleted file mode 100644
index f7c4c3c..0000000
--- a/webapp/etc/apache2/mods-available/ident.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule ident_module /usr/lib/apache2/modules/mod_ident.so
diff --git a/webapp/etc/apache2/mods-available/imagemap.load b/webapp/etc/apache2/mods-available/imagemap.load
deleted file mode 100644
index 0fd55f8..0000000
--- a/webapp/etc/apache2/mods-available/imagemap.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule imagemap_module /usr/lib/apache2/modules/mod_imagemap.so
diff --git a/webapp/etc/apache2/mods-available/include.load b/webapp/etc/apache2/mods-available/include.load
deleted file mode 100644
index dc4359a..0000000
--- a/webapp/etc/apache2/mods-available/include.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: mime
-LoadModule include_module /usr/lib/apache2/modules/mod_include.so
diff --git a/webapp/etc/apache2/mods-available/info.conf b/webapp/etc/apache2/mods-available/info.conf
deleted file mode 100644
index 78a0649..0000000
--- a/webapp/etc/apache2/mods-available/info.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-<IfModule mod_info.c>
-
-	# Allow remote server configuration reports, with the URL of
-	#  http://servername/server-info (requires that mod_info.c be loaded).
-	# Uncomment and change the "192.0.2.0/24" to allow access from other hosts.
-	#
-	<Location /server-info>
-		SetHandler server-info
-		Require local
-		#Require ip 192.0.2.0/24
-	</Location>
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/info.load b/webapp/etc/apache2/mods-available/info.load
deleted file mode 100644
index c71efcc..0000000
--- a/webapp/etc/apache2/mods-available/info.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule info_module /usr/lib/apache2/modules/mod_info.so
diff --git a/webapp/etc/apache2/mods-available/lbmethod_bybusyness.load b/webapp/etc/apache2/mods-available/lbmethod_bybusyness.load
deleted file mode 100644
index cf894a3..0000000
--- a/webapp/etc/apache2/mods-available/lbmethod_bybusyness.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy_balancer
-LoadModule lbmethod_bybusyness_module /usr/lib/apache2/modules/mod_lbmethod_bybusyness.so
diff --git a/webapp/etc/apache2/mods-available/lbmethod_byrequests.load b/webapp/etc/apache2/mods-available/lbmethod_byrequests.load
deleted file mode 100644
index cdd8fc5..0000000
--- a/webapp/etc/apache2/mods-available/lbmethod_byrequests.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy_balancer
-LoadModule lbmethod_byrequests_module /usr/lib/apache2/modules/mod_lbmethod_byrequests.so
diff --git a/webapp/etc/apache2/mods-available/lbmethod_bytraffic.load b/webapp/etc/apache2/mods-available/lbmethod_bytraffic.load
deleted file mode 100644
index dabbe72..0000000
--- a/webapp/etc/apache2/mods-available/lbmethod_bytraffic.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy_balancer
-LoadModule lbmethod_bytraffic_module /usr/lib/apache2/modules/mod_lbmethod_bytraffic.so
diff --git a/webapp/etc/apache2/mods-available/lbmethod_heartbeat.load b/webapp/etc/apache2/mods-available/lbmethod_heartbeat.load
deleted file mode 100644
index 2200f3a..0000000
--- a/webapp/etc/apache2/mods-available/lbmethod_heartbeat.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy_balancer
-LoadModule lbmethod_heartbeat_module /usr/lib/apache2/modules/mod_lbmethod_heartbeat.so
diff --git a/webapp/etc/apache2/mods-available/ldap.conf b/webapp/etc/apache2/mods-available/ldap.conf
deleted file mode 100644
index 697b70b..0000000
--- a/webapp/etc/apache2/mods-available/ldap.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-<Location /ldap-status>
-	SetHandler ldap-status
-	Require local
-</Location>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/ldap.load b/webapp/etc/apache2/mods-available/ldap.load
deleted file mode 100644
index f9d38a3..0000000
--- a/webapp/etc/apache2/mods-available/ldap.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so
diff --git a/webapp/etc/apache2/mods-available/log_debug.load b/webapp/etc/apache2/mods-available/log_debug.load
deleted file mode 100644
index 1a27fa8..0000000
--- a/webapp/etc/apache2/mods-available/log_debug.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule log_debug_module /usr/lib/apache2/modules/mod_log_debug.so
diff --git a/webapp/etc/apache2/mods-available/log_forensic.load b/webapp/etc/apache2/mods-available/log_forensic.load
deleted file mode 100644
index 9116a3d..0000000
--- a/webapp/etc/apache2/mods-available/log_forensic.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule log_forensic_module /usr/lib/apache2/modules/mod_log_forensic.so
diff --git a/webapp/etc/apache2/mods-available/lua.load b/webapp/etc/apache2/mods-available/lua.load
deleted file mode 100644
index 0b639f5..0000000
--- a/webapp/etc/apache2/mods-available/lua.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule lua_module /usr/lib/apache2/modules/mod_lua.so
diff --git a/webapp/etc/apache2/mods-available/macro.load b/webapp/etc/apache2/mods-available/macro.load
deleted file mode 100644
index 3a72864..0000000
--- a/webapp/etc/apache2/mods-available/macro.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule macro_module /usr/lib/apache2/modules/mod_macro.so
diff --git a/webapp/etc/apache2/mods-available/md.load b/webapp/etc/apache2/mods-available/md.load
deleted file mode 100644
index 812a6a6..0000000
--- a/webapp/etc/apache2/mods-available/md.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule md_module /usr/lib/apache2/modules/mod_md.so
diff --git a/webapp/etc/apache2/mods-available/mime.conf b/webapp/etc/apache2/mods-available/mime.conf
deleted file mode 100644
index 37dac86..0000000
--- a/webapp/etc/apache2/mods-available/mime.conf
+++ /dev/null
@@ -1,251 +0,0 @@
-<IfModule mod_mime.c>
-
-	#
-	# TypesConfig points to the file containing the list of mappings from
-	# filename extension to MIME-type.
-	#
-	TypesConfig /etc/mime.types
-
-	#
-	# AddType allows you to add to or override the MIME configuration
-	# file mime.types for specific file types.
-	#
-	#AddType application/x-gzip .tgz
-	#
-	# AddEncoding allows you to have certain browsers uncompress
-	# information on the fly. Note: Not all browsers support this.
-	# Despite the name similarity, the following Add* directives have
-	# nothing to do with the FancyIndexing customization directives above.
-	#
-	#AddEncoding x-compress .Z
-	#AddEncoding x-gzip .gz .tgz
-	#AddEncoding x-bzip2 .bz2
-	#
-	# If the AddEncoding directives above are commented-out, then you
-	# probably should define those extensions to indicate media types:
-	#
-	AddType application/x-compress .Z
-	AddType application/x-gzip .gz .tgz
-	AddType application/x-bzip2 .bz2
-
-	#
-	# DefaultLanguage and AddLanguage allows you to specify the language of 
-	# a document. You can then use content negotiation to give a browser a 
-	# file in a language the user can understand.
-	#
-	# Specify a default language. This means that all data
-	# going out without a specific language tag (see below) will 
-	# be marked with this one. You probably do NOT want to set
-	# this unless you are sure it is correct for all cases.
-	#
-	# * It is generally better to not mark a page as 
-	# * being a certain language than marking it with the wrong
-	# * language!
-	#
-	# DefaultLanguage nl
-	#
-	# Note 1: The suffix does not have to be the same as the language
-	# keyword --- those with documents in Polish (whose net-standard
-	# language code is pl) may wish to use "AddLanguage pl .po" to
-	# avoid the ambiguity with the common suffix for perl scripts.
-	#
-	# Note 2: The example entries below illustrate that in some cases 
-	# the two character 'Language' abbreviation is not identical to 
-	# the two character 'Country' code for its country,
-	# E.g. 'Danmark/dk' versus 'Danish/da'.
-	#
-	# Note 3: In the case of 'ltz' we violate the RFC by using a three char
-	# specifier. There is 'work in progress' to fix this and get
-	# the reference data for rfc1766 cleaned up.
-	#
-	# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-	# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-	# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-	# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-	# Norwegian (no) - Polish (pl) - Portugese (pt)
-	# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-	# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
-	#
-	AddLanguage am .amh
-	AddLanguage ar .ara
-	AddLanguage be .be
-	AddLanguage bg .bg
-	AddLanguage bn .bn
-	AddLanguage br .br
-	AddLanguage bs .bs
-	AddLanguage ca .ca
-	AddLanguage cs .cz .cs
-	AddLanguage cy .cy
-	AddLanguage da .dk
-	AddLanguage de .de
-	AddLanguage dz .dz
-	AddLanguage el .el
-	AddLanguage en .en
-	AddLanguage eo .eo
-	# es is ecmascript in /etc/mime.types
-	RemoveType  es
-	AddLanguage es .es
-	AddLanguage et .et
-	AddLanguage eu .eu
-	AddLanguage fa .fa
-	AddLanguage fi .fi
-	AddLanguage fr .fr
-	AddLanguage ga .ga
-	AddLanguage gl .glg
-	AddLanguage gu .gu
-	AddLanguage he .he
-	AddLanguage hi .hi
-	AddLanguage hr .hr
-	AddLanguage hu .hu
-	AddLanguage hy .hy
-	AddLanguage id .id
-	AddLanguage is .is
-	AddLanguage it .it
-	AddLanguage ja .ja
-	AddLanguage ka .ka
-	AddLanguage kk .kk
-	AddLanguage km .km
-	AddLanguage kn .kn
-	AddLanguage ko .ko
-	AddLanguage ku .ku
-	AddLanguage lo .lo
-	AddLanguage lt .lt
-	AddLanguage ltz .ltz
-	AddLanguage lv .lv
-	AddLanguage mg .mg
-	AddLanguage mk .mk
-	AddLanguage ml .ml
-	AddLanguage mr .mr
-	AddLanguage ms .msa
-	AddLanguage nb .nob
-	AddLanguage ne .ne
-	AddLanguage nl .nl
-	AddLanguage nn .nn
-	AddLanguage no .no
-	AddLanguage pa .pa
-	AddLanguage pl .po
-	AddLanguage pt-BR .pt-br
-	AddLanguage pt .pt
-	AddLanguage ro .ro
-	AddLanguage ru .ru
-	AddLanguage sa .sa
-	AddLanguage se .se
-	AddLanguage si .si
-	AddLanguage sk .sk
-	AddLanguage sl .sl
-	AddLanguage sq .sq
-	AddLanguage sr .sr
-	AddLanguage sv .sv
-	AddLanguage ta .ta
-	AddLanguage te .te
-	AddLanguage th .th
-	AddLanguage tl .tl
-	RemoveType  tr
-	# tr is troff in /etc/mime.types
-	AddLanguage tr .tr
-	AddLanguage uk .uk
-	AddLanguage ur .ur
-	AddLanguage vi .vi
-	AddLanguage wo .wo
-	AddLanguage xh .xh
-	AddLanguage zh-CN .zh-cn
-	AddLanguage zh-TW .zh-tw
-
-	#
-	# Commonly used filename extensions to character sets. You probably
-	# want to avoid clashes with the language extensions, unless you
-	# are good at carefully testing your setup after each change.
-	# See http://www.iana.org/assignments/character-sets for the
-	# official list of charset names and their respective RFCs.
-	#
-	AddCharset us-ascii	.ascii .us-ascii
-	AddCharset ISO-8859-1  .iso8859-1  .latin1
-	AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
-	AddCharset ISO-8859-3  .iso8859-3  .latin3
-	AddCharset ISO-8859-4  .iso8859-4  .latin4
-	AddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru
-	AddCharset ISO-8859-6  .iso8859-6  .arb .arabic
-	AddCharset ISO-8859-7  .iso8859-7  .grk .greek
-	AddCharset ISO-8859-8  .iso8859-8  .heb .hebrew
-	AddCharset ISO-8859-9  .iso8859-9  .latin5 .trk
-	AddCharset ISO-8859-10  .iso8859-10  .latin6
-	AddCharset ISO-8859-13  .iso8859-13
-	AddCharset ISO-8859-14  .iso8859-14  .latin8
-	AddCharset ISO-8859-15  .iso8859-15  .latin9
-	AddCharset ISO-8859-16  .iso8859-16  .latin10
-	AddCharset ISO-2022-JP .iso2022-jp .jis
-	AddCharset ISO-2022-KR .iso2022-kr .kis
-	AddCharset ISO-2022-CN .iso2022-cn .cis
-	AddCharset Big5		.Big5	   .big5 .b5
-	AddCharset cn-Big5	 .cn-big5
-	# For russian, more than one charset is used (depends on client, mostly):
-	AddCharset WINDOWS-1251 .cp-1251   .win-1251
-	AddCharset CP866	   .cp866
-	AddCharset KOI8	  .koi8
-	AddCharset KOI8-E	  .koi8-e
-	AddCharset KOI8-r	  .koi8-r .koi8-ru
-	AddCharset KOI8-U	  .koi8-u
-	AddCharset KOI8-ru	 .koi8-uk .ua
-	AddCharset ISO-10646-UCS-2 .ucs2
-	AddCharset ISO-10646-UCS-4 .ucs4
-	AddCharset UTF-7	   .utf7
-	AddCharset UTF-8	   .utf8
-	AddCharset UTF-16	  .utf16
-	AddCharset UTF-16BE	.utf16be
-	AddCharset UTF-16LE	.utf16le
-	AddCharset UTF-32	  .utf32
-	AddCharset UTF-32BE	.utf32be
-	AddCharset UTF-32LE	.utf32le
-	AddCharset euc-cn	  .euc-cn
-	AddCharset euc-gb	  .euc-gb
-	AddCharset euc-jp	  .euc-jp
-	AddCharset euc-kr	  .euc-kr
-	#Not sure how euc-tw got in - IANA doesn't list it???
-	AddCharset EUC-TW	  .euc-tw
-	AddCharset gb2312	  .gb2312 .gb
-	AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
-	AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
-	AddCharset shift_jis   .shift_jis .sjis
-	AddCharset BRF		 .brf
-
-	#
-	# AddHandler allows you to map certain file extensions to "handlers":
-	# actions unrelated to filetype. These can be either built into the server
-	# or added with the Action directive (see below)
-	#
-	# To use CGI scripts outside of ScriptAliased directories:
-	# (You will also need to add "ExecCGI" to the "Options" directive.)
-	#
-	#AddHandler cgi-script .cgi
-
-	#
-	# For files that include their own HTTP headers:
-	#
-	#AddHandler send-as-is asis
-
-	#
-	# For server-parsed imagemap files:
-	#
-	#AddHandler imap-file map
-
-	#
-	# For type maps (negotiated resources):
-	# (This is enabled by default to allow the Apache "It Worked" page
-	#  to be distributed in multiple languages.)
-	#
-	AddHandler type-map var
-
-	#
-	# Filters allow you to process content before it is sent to the client.
-	#
-	# To parse .shtml files for server-side includes (SSI):
-	# (You will also need to add "Includes" to the "Options" directive.)
-	#
-	AddType text/html .shtml
-<IfModule mod_include.c>
-	AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/mime.load b/webapp/etc/apache2/mods-available/mime.load
deleted file mode 100644
index d908fd6..0000000
--- a/webapp/etc/apache2/mods-available/mime.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
diff --git a/webapp/etc/apache2/mods-available/mime_magic.conf b/webapp/etc/apache2/mods-available/mime_magic.conf
deleted file mode 100644
index 12ed930..0000000
--- a/webapp/etc/apache2/mods-available/mime_magic.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-<IfModule mod_mime_magic.c>
-	MIMEMagicFile /etc/apache2/magic
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/mime_magic.load b/webapp/etc/apache2/mods-available/mime_magic.load
deleted file mode 100644
index 42357db..0000000
--- a/webapp/etc/apache2/mods-available/mime_magic.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so
diff --git a/webapp/etc/apache2/mods-available/mpm_event.conf b/webapp/etc/apache2/mods-available/mpm_event.conf
deleted file mode 100644
index 2003d07..0000000
--- a/webapp/etc/apache2/mods-available/mpm_event.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-# event MPM
-# StartServers: initial number of server processes to start
-# MinSpareThreads: minimum number of worker threads which are kept spare
-# MaxSpareThreads: maximum number of worker threads which are kept spare
-# ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestWorkers: maximum number of worker threads
-# MaxConnectionsPerChild: maximum number of requests a server process serves
-<IfModule mpm_event_module>
-	StartServers			 2
-	MinSpareThreads		 25
-	MaxSpareThreads		 75
-	ThreadLimit			 64
-	ThreadsPerChild		 25
-	MaxRequestWorkers	  150
-	MaxConnectionsPerChild   0
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/mpm_event.load b/webapp/etc/apache2/mods-available/mpm_event.load
deleted file mode 100644
index 00d970b..0000000
--- a/webapp/etc/apache2/mods-available/mpm_event.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Conflicts: mpm_worker mpm_prefork
-LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so
diff --git a/webapp/etc/apache2/mods-available/mpm_prefork.conf b/webapp/etc/apache2/mods-available/mpm_prefork.conf
deleted file mode 100644
index 2642e3b..0000000
--- a/webapp/etc/apache2/mods-available/mpm_prefork.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-# prefork MPM
-# StartServers: number of server processes to start
-# MinSpareServers: minimum number of server processes which are kept spare
-# MaxSpareServers: maximum number of server processes which are kept spare
-# MaxRequestWorkers: maximum number of server processes allowed to start
-# MaxConnectionsPerChild: maximum number of requests a server process serves
-
-<IfModule mpm_prefork_module>
-	StartServers			 5
-	MinSpareServers		  5
-	MaxSpareServers		 10
-	MaxRequestWorkers	  150
-	MaxConnectionsPerChild   0
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/mpm_prefork.load b/webapp/etc/apache2/mods-available/mpm_prefork.load
deleted file mode 100644
index 05da7a3..0000000
--- a/webapp/etc/apache2/mods-available/mpm_prefork.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Conflicts: mpm_event mpm_worker
-LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so
diff --git a/webapp/etc/apache2/mods-available/mpm_worker.conf b/webapp/etc/apache2/mods-available/mpm_worker.conf
deleted file mode 100644
index de5831e..0000000
--- a/webapp/etc/apache2/mods-available/mpm_worker.conf
+++ /dev/null
@@ -1,22 +0,0 @@
-# worker MPM
-# StartServers: initial number of server processes to start
-# MinSpareThreads: minimum number of worker threads which are kept spare
-# MaxSpareThreads: maximum number of worker threads which are kept spare
-# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
-#			  graceful restart. ThreadLimit can only be changed by stopping
-#			  and starting Apache.
-# ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestWorkers: maximum number of threads
-# MaxConnectionsPerChild: maximum number of requests a server process serves
-
-<IfModule mpm_worker_module>
-	StartServers			 2
-	MinSpareThreads		 25
-	MaxSpareThreads		 75
-	ThreadLimit			 64
-	ThreadsPerChild		 25
-	MaxRequestWorkers	  150
-	MaxConnectionsPerChild   0
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/mpm_worker.load b/webapp/etc/apache2/mods-available/mpm_worker.load
deleted file mode 100644
index f9d0c4d..0000000
--- a/webapp/etc/apache2/mods-available/mpm_worker.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Conflicts: mpm_event mpm_prefork
-LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
diff --git a/webapp/etc/apache2/mods-available/negotiation.conf b/webapp/etc/apache2/mods-available/negotiation.conf
deleted file mode 100644
index 409b3bf..0000000
--- a/webapp/etc/apache2/mods-available/negotiation.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-<IfModule mod_negotiation.c>
-
-	# LanguagePriority allows you to give precedence to some languages
-	# in case of a tie during content negotiation.
-	#
-	# Just list the languages in decreasing order of preference. We have
-	# more or less alphabetized them here. You probably want to change this.
-	#
-	LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
-
-	#
-	# ForceLanguagePriority allows you to serve a result page rather than
-	# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
-	# [in case no accepted languages matched the available variants]
-	#
-	ForceLanguagePriority Prefer Fallback
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/negotiation.load b/webapp/etc/apache2/mods-available/negotiation.load
deleted file mode 100644
index 8df5711..0000000
--- a/webapp/etc/apache2/mods-available/negotiation.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule negotiation_module /usr/lib/apache2/modules/mod_negotiation.so
diff --git a/webapp/etc/apache2/mods-available/php7.4.conf b/webapp/etc/apache2/mods-available/php7.4.conf
deleted file mode 100644
index d4df3e5..0000000
--- a/webapp/etc/apache2/mods-available/php7.4.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-<FilesMatch ".+\.ph(ar|p|tml)$">
-    SetHandler application/x-httpd-php
-</FilesMatch>
-<FilesMatch ".+\.phps$">
-    SetHandler application/x-httpd-php-source
-    # Deny access to raw php sources by default
-    # To re-enable it's recommended to enable access to the files
-    # only in specific virtual host or directory
-    Require all denied
-</FilesMatch>
-# Deny access to files without filename (e.g. '.php')
-<FilesMatch "^\.ph(ar|p|ps|tml)$">
-    Require all denied
-</FilesMatch>
-
-# Running PHP scripts in user directories is disabled by default
-# 
-# To re-enable PHP in user directories comment the following lines
-# (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
-# prevents .htaccess files from disabling it.
-<IfModule mod_userdir.c>
-    <Directory /home/*/public_html>
-        php_admin_flag engine Off
-    </Directory>
-</IfModule>
diff --git a/webapp/etc/apache2/mods-available/php7.4.load b/webapp/etc/apache2/mods-available/php7.4.load
deleted file mode 100644
index 94935a4..0000000
--- a/webapp/etc/apache2/mods-available/php7.4.load
+++ /dev/null
@@ -1,3 +0,0 @@
-# Conflicts: php5
-# Depends: mpm_prefork
-LoadModule php7_module /usr/lib/apache2/modules/libphp7.4.so
diff --git a/webapp/etc/apache2/mods-available/proxy.conf b/webapp/etc/apache2/mods-available/proxy.conf
deleted file mode 100644
index cf4a9fb..0000000
--- a/webapp/etc/apache2/mods-available/proxy.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-<IfModule mod_proxy.c>
-
-	# If you want to use apache2 as a forward proxy, uncomment the
-	# 'ProxyRequests On' line and the <Proxy *> block below.
-	# WARNING: Be careful to restrict access inside the <Proxy *> block.
-	# Open proxy servers are dangerous both to your network and to the
-	# Internet at large.
-	#
-	# If you only want to use apache2 as a reverse proxy/gateway in
-	# front of some web application server, you DON'T need
-	# 'ProxyRequests On'.
-
-	#ProxyRequests On
-	#<Proxy *>
-	#   AddDefaultCharset off
-	#   Require all denied
-	#   #Require local
-	#</Proxy>
-
-	# Enable/disable the handling of HTTP/1.1 "Via:" headers.
-	# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
-	# Set to one of: Off | On | Full | Block
-	#ProxyVia Off
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/proxy.load b/webapp/etc/apache2/mods-available/proxy.load
deleted file mode 100644
index 8828205..0000000
--- a/webapp/etc/apache2/mods-available/proxy.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
diff --git a/webapp/etc/apache2/mods-available/proxy_ajp.load b/webapp/etc/apache2/mods-available/proxy_ajp.load
deleted file mode 100644
index adc0c86..0000000
--- a/webapp/etc/apache2/mods-available/proxy_ajp.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_ajp_module /usr/lib/apache2/modules/mod_proxy_ajp.so
diff --git a/webapp/etc/apache2/mods-available/proxy_balancer.conf b/webapp/etc/apache2/mods-available/proxy_balancer.conf
deleted file mode 100644
index 16199f6..0000000
--- a/webapp/etc/apache2/mods-available/proxy_balancer.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-<IfModule mod_proxy_balancer.c>
-
-	# Balancer manager enables dynamic update of balancer members
-	# (needs mod_status). Uncomment to enable.
-	#
-	#<IfModule mod_status.c>
-	#   <Location /balancer-manager>
-	#	   SetHandler balancer-manager
-	#	   Require local
-	#   </Location>
-	#</IfModule>
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/proxy_balancer.load b/webapp/etc/apache2/mods-available/proxy_balancer.load
deleted file mode 100644
index 2baa546..0000000
--- a/webapp/etc/apache2/mods-available/proxy_balancer.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy alias slotmem_shm
-LoadModule proxy_balancer_module /usr/lib/apache2/modules/mod_proxy_balancer.so
diff --git a/webapp/etc/apache2/mods-available/proxy_connect.load b/webapp/etc/apache2/mods-available/proxy_connect.load
deleted file mode 100644
index df81372..0000000
--- a/webapp/etc/apache2/mods-available/proxy_connect.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_connect_module /usr/lib/apache2/modules/mod_proxy_connect.so
diff --git a/webapp/etc/apache2/mods-available/proxy_express.load b/webapp/etc/apache2/mods-available/proxy_express.load
deleted file mode 100644
index 81d3a2f..0000000
--- a/webapp/etc/apache2/mods-available/proxy_express.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_express_module /usr/lib/apache2/modules/mod_proxy_express.so
diff --git a/webapp/etc/apache2/mods-available/proxy_fcgi.load b/webapp/etc/apache2/mods-available/proxy_fcgi.load
deleted file mode 100644
index 067c87e..0000000
--- a/webapp/etc/apache2/mods-available/proxy_fcgi.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so
diff --git a/webapp/etc/apache2/mods-available/proxy_fdpass.load b/webapp/etc/apache2/mods-available/proxy_fdpass.load
deleted file mode 100644
index b27bcdb..0000000
--- a/webapp/etc/apache2/mods-available/proxy_fdpass.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_fdpass_module /usr/lib/apache2/modules/mod_proxy_fdpass.so
diff --git a/webapp/etc/apache2/mods-available/proxy_ftp.conf b/webapp/etc/apache2/mods-available/proxy_ftp.conf
deleted file mode 100644
index 29fec56..0000000
--- a/webapp/etc/apache2/mods-available/proxy_ftp.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-<IfModule mod_proxy_ftp.c>
-
-	# Define the character set for proxied FTP listings. Default is ISO-8859-1
-	ProxyFtpDirCharset UTF-8
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/proxy_ftp.load b/webapp/etc/apache2/mods-available/proxy_ftp.load
deleted file mode 100644
index 8f2a197..0000000
--- a/webapp/etc/apache2/mods-available/proxy_ftp.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_ftp_module /usr/lib/apache2/modules/mod_proxy_ftp.so
diff --git a/webapp/etc/apache2/mods-available/proxy_hcheck.load b/webapp/etc/apache2/mods-available/proxy_hcheck.load
deleted file mode 100644
index b70f421..0000000
--- a/webapp/etc/apache2/mods-available/proxy_hcheck.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_hcheck_module /usr/lib/apache2/modules/mod_proxy_hcheck.so
diff --git a/webapp/etc/apache2/mods-available/proxy_html.conf b/webapp/etc/apache2/mods-available/proxy_html.conf
deleted file mode 100644
index 14692ad..0000000
--- a/webapp/etc/apache2/mods-available/proxy_html.conf
+++ /dev/null
@@ -1,75 +0,0 @@
-# Configuration example.
-#
-# For detailed information about these directives see
-# <URL:http://httpd.apache.org/docs/2.4/mod/mod_proxy_html.html>
-# and for mod_xml2enc see
-# <URL:http://httpd.apache.org/docs/2.4/mod/mod_xml2enc.html>
-#
-
-# All knowledge of HTML links has been removed from the mod_proxy_html
-# code itself, and is instead read from httpd.conf (or included file)
-# at server startup.  So you MUST declare it.  This will normally be
-# at top level, but can also be used in a <Location>.
-#
-# Here's the declaration for W3C HTML 4.01 and XHTML 1.0
-
-ProxyHTMLLinks	a		href
-ProxyHTMLLinks	area		href
-ProxyHTMLLinks	link		href
-ProxyHTMLLinks	img		src longdesc usemap
-ProxyHTMLLinks	object		classid codebase data usemap
-ProxyHTMLLinks	q		cite
-ProxyHTMLLinks	blockquote	cite
-ProxyHTMLLinks	ins		cite
-ProxyHTMLLinks	del		cite
-ProxyHTMLLinks	form		action
-ProxyHTMLLinks	input		src usemap
-ProxyHTMLLinks	head		profile
-ProxyHTMLLinks	base		href
-ProxyHTMLLinks	script		src for
-
-# To support scripting events (with ProxyHTMLExtended On),
-# you'll need to declare them too.
-
-ProxyHTMLEvents	onclick ondblclick onmousedown onmouseup \
-		onmouseover onmousemove onmouseout onkeypress \
-		onkeydown onkeyup onfocus onblur onload \
-		onunload onsubmit onreset onselect onchange
-
-# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML,
-# you'll need to uncomment the following deprecated link attributes.
-# Note that these are enabled in earlier mod_proxy_html versions
-#
-# ProxyHTMLLinks	frame		src longdesc
-# ProxyHTMLLinks	iframe		src longdesc
-# ProxyHTMLLinks	body		background
-# ProxyHTMLLinks	applet		codebase
-#
-# If you're dealing with proprietary HTML variants,
-# declare your own URL attributes here as required.
-#
-# ProxyHTMLLinks	myelement	myattr otherattr
-#
-###########
-# EXAMPLE #
-###########
-#
-# To define the URL /my-gateway/ as a gateway to an appserver with address
-# http://some.app.intranet/ on a private network, after loading the
-# modules and including this configuration file:
-#
-# ProxyRequests Off  <-- this is an important security setting
-# ProxyPass /my-gateway/ http://some.app.intranet/
-# <Location /my-gateway/>
-#	ProxyPassReverse /
-#	ProxyHTMLEnable On
-#	ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/
-#	ProxyHTMLURLMap / /my-gateway/
-# </Location>
-#
-# Many (though not all) real-life setups are more complex.
-#
-# See the documentation at
-# http://apache.webthing.com/mod_proxy_html/
-# and the tutorial at
-# http://www.apachetutor.org/admin/reverseproxies
diff --git a/webapp/etc/apache2/mods-available/proxy_html.load b/webapp/etc/apache2/mods-available/proxy_html.load
deleted file mode 100644
index 50f1a2c..0000000
--- a/webapp/etc/apache2/mods-available/proxy_html.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy xml2enc
-LoadModule proxy_html_module /usr/lib/apache2/modules/mod_proxy_html.so
diff --git a/webapp/etc/apache2/mods-available/proxy_http.load b/webapp/etc/apache2/mods-available/proxy_http.load
deleted file mode 100644
index a3ffe02..0000000
--- a/webapp/etc/apache2/mods-available/proxy_http.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
diff --git a/webapp/etc/apache2/mods-available/proxy_http2.load b/webapp/etc/apache2/mods-available/proxy_http2.load
deleted file mode 100644
index b251d0c..0000000
--- a/webapp/etc/apache2/mods-available/proxy_http2.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy http2
-LoadModule proxy_http2_module /usr/lib/apache2/modules/mod_proxy_http2.so
diff --git a/webapp/etc/apache2/mods-available/proxy_scgi.load b/webapp/etc/apache2/mods-available/proxy_scgi.load
deleted file mode 100644
index fb6b0d7..0000000
--- a/webapp/etc/apache2/mods-available/proxy_scgi.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_scgi_module /usr/lib/apache2/modules/mod_proxy_scgi.so
diff --git a/webapp/etc/apache2/mods-available/proxy_uwsgi.load b/webapp/etc/apache2/mods-available/proxy_uwsgi.load
deleted file mode 100644
index 79ebd42..0000000
--- a/webapp/etc/apache2/mods-available/proxy_uwsgi.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_uwsgi_module /usr/lib/apache2/modules/mod_proxy_uwsgi.so
diff --git a/webapp/etc/apache2/mods-available/proxy_wstunnel.load b/webapp/etc/apache2/mods-available/proxy_wstunnel.load
deleted file mode 100644
index fe6589d..0000000
--- a/webapp/etc/apache2/mods-available/proxy_wstunnel.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: proxy
-LoadModule proxy_wstunnel_module /usr/lib/apache2/modules/mod_proxy_wstunnel.so
diff --git a/webapp/etc/apache2/mods-available/ratelimit.load b/webapp/etc/apache2/mods-available/ratelimit.load
deleted file mode 100644
index fc933d7..0000000
--- a/webapp/etc/apache2/mods-available/ratelimit.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: env
-LoadModule ratelimit_module /usr/lib/apache2/modules/mod_ratelimit.so
diff --git a/webapp/etc/apache2/mods-available/reflector.load b/webapp/etc/apache2/mods-available/reflector.load
deleted file mode 100644
index 91701d8..0000000
--- a/webapp/etc/apache2/mods-available/reflector.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule reflector_module /usr/lib/apache2/modules/mod_reflector.so
diff --git a/webapp/etc/apache2/mods-available/remoteip.load b/webapp/etc/apache2/mods-available/remoteip.load
deleted file mode 100644
index a771554..0000000
--- a/webapp/etc/apache2/mods-available/remoteip.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so
diff --git a/webapp/etc/apache2/mods-available/reqtimeout.conf b/webapp/etc/apache2/mods-available/reqtimeout.conf
deleted file mode 100644
index 534cd88..0000000
--- a/webapp/etc/apache2/mods-available/reqtimeout.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-<IfModule reqtimeout_module>
-
-	# mod_reqtimeout limits the time waiting on the client to prevent an
-	# attacker from causing a denial of service by opening many connections
-	# but not sending requests. This file tries to give a sensible default
-	# configuration, but it may be necessary to tune the timeout values to
-	# the actual situation. Note that it is also possible to configure
-	# mod_reqtimeout per virtual host.
-
-
-	# Wait max 20 seconds for the first byte of the request line+headers
-	# From then, require a minimum data rate of 500 bytes/s, but don't
-	# wait longer than 40 seconds in total.
-	# Note: Lower timeouts may make sense on non-ssl virtual hosts but can
-	# cause problem with ssl enabled virtual hosts: This timeout includes
-	# the time a browser may need to fetch the CRL for the certificate. If
-	# the CRL server is not reachable, it may take more than 10 seconds
-	# until the browser gives up.
-	RequestReadTimeout header=20-40,minrate=500
-
-	# Wait max 10 seconds for the first byte of the request body (if any)
-	# From then, require a minimum data rate of 500 bytes/s
-	RequestReadTimeout body=10,minrate=500
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/reqtimeout.load b/webapp/etc/apache2/mods-available/reqtimeout.load
deleted file mode 100644
index 8b2c5e6..0000000
--- a/webapp/etc/apache2/mods-available/reqtimeout.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule reqtimeout_module /usr/lib/apache2/modules/mod_reqtimeout.so
diff --git a/webapp/etc/apache2/mods-available/request.load b/webapp/etc/apache2/mods-available/request.load
deleted file mode 100644
index 6727f5a..0000000
--- a/webapp/etc/apache2/mods-available/request.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule request_module /usr/lib/apache2/modules/mod_request.so
diff --git a/webapp/etc/apache2/mods-available/rewrite.load b/webapp/etc/apache2/mods-available/rewrite.load
deleted file mode 100644
index b32f162..0000000
--- a/webapp/etc/apache2/mods-available/rewrite.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
diff --git a/webapp/etc/apache2/mods-available/sed.load b/webapp/etc/apache2/mods-available/sed.load
deleted file mode 100644
index cf5d9af..0000000
--- a/webapp/etc/apache2/mods-available/sed.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule sed_module /usr/lib/apache2/modules/mod_sed.so
diff --git a/webapp/etc/apache2/mods-available/session.load b/webapp/etc/apache2/mods-available/session.load
deleted file mode 100644
index f518c96..0000000
--- a/webapp/etc/apache2/mods-available/session.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule session_module /usr/lib/apache2/modules/mod_session.so
diff --git a/webapp/etc/apache2/mods-available/session_cookie.load b/webapp/etc/apache2/mods-available/session_cookie.load
deleted file mode 100644
index 8cffd89..0000000
--- a/webapp/etc/apache2/mods-available/session_cookie.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: session
-LoadModule session_cookie_module /usr/lib/apache2/modules/mod_session_cookie.so
diff --git a/webapp/etc/apache2/mods-available/session_crypto.load b/webapp/etc/apache2/mods-available/session_crypto.load
deleted file mode 100644
index b3f7a95..0000000
--- a/webapp/etc/apache2/mods-available/session_crypto.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: session
-LoadModule session_crypto_module /usr/lib/apache2/modules/mod_session_crypto.so
diff --git a/webapp/etc/apache2/mods-available/session_dbd.load b/webapp/etc/apache2/mods-available/session_dbd.load
deleted file mode 100644
index 18fa4a4..0000000
--- a/webapp/etc/apache2/mods-available/session_dbd.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: session
-LoadModule session_dbd_module /usr/lib/apache2/modules/mod_session_dbd.so
diff --git a/webapp/etc/apache2/mods-available/setenvif.conf b/webapp/etc/apache2/mods-available/setenvif.conf
deleted file mode 100644
index b6c4cc4..0000000
--- a/webapp/etc/apache2/mods-available/setenvif.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-<IfModule mod_setenvif.c>
-
-	#
-	# The following directives modify normal HTTP response behavior to
-	# handle known problems with browser implementations.
-	#
-	BrowserMatch "Mozilla/2" nokeepalive
-	BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
-	BrowserMatch "RealPlayer 4\.0" force-response-1.0
-	BrowserMatch "Java/1\.0" force-response-1.0
-	BrowserMatch "JDK/1\.0" force-response-1.0
-
-	#
-	# The following directive disables redirects on non-GET requests for
-	# a directory that does not include the trailing slash.  This fixes a
-	# problem with Microsoft WebFolders which does not appropriately handle
-	# redirects for folders with DAV methods.
-	# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
-	#
-	BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-	BrowserMatch "MS FrontPage" redirect-carefully
-	BrowserMatch "^WebDrive" redirect-carefully
-	BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
-	BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-	BrowserMatch "^gvfs/1" redirect-carefully
-	BrowserMatch "^XML Spy" redirect-carefully
-	BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
-	BrowserMatch " Konqueror/4" redirect-carefully
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/setenvif.load b/webapp/etc/apache2/mods-available/setenvif.load
deleted file mode 100644
index bcb5c52..0000000
--- a/webapp/etc/apache2/mods-available/setenvif.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule setenvif_module /usr/lib/apache2/modules/mod_setenvif.so
diff --git a/webapp/etc/apache2/mods-available/slotmem_plain.load b/webapp/etc/apache2/mods-available/slotmem_plain.load
deleted file mode 100644
index 0a68121..0000000
--- a/webapp/etc/apache2/mods-available/slotmem_plain.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule slotmem_plain_module /usr/lib/apache2/modules/mod_slotmem_plain.so
diff --git a/webapp/etc/apache2/mods-available/slotmem_shm.load b/webapp/etc/apache2/mods-available/slotmem_shm.load
deleted file mode 100644
index 48ba402..0000000
--- a/webapp/etc/apache2/mods-available/slotmem_shm.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule slotmem_shm_module /usr/lib/apache2/modules/mod_slotmem_shm.so
diff --git a/webapp/etc/apache2/mods-available/socache_dbm.load b/webapp/etc/apache2/mods-available/socache_dbm.load
deleted file mode 100644
index c759d35..0000000
--- a/webapp/etc/apache2/mods-available/socache_dbm.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule socache_dbm_module /usr/lib/apache2/modules/mod_socache_dbm.so
diff --git a/webapp/etc/apache2/mods-available/socache_memcache.load b/webapp/etc/apache2/mods-available/socache_memcache.load
deleted file mode 100644
index 15d1ad0..0000000
--- a/webapp/etc/apache2/mods-available/socache_memcache.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule socache_memcache_module /usr/lib/apache2/modules/mod_socache_memcache.so
diff --git a/webapp/etc/apache2/mods-available/socache_redis.load b/webapp/etc/apache2/mods-available/socache_redis.load
deleted file mode 100644
index b1a8de2..0000000
--- a/webapp/etc/apache2/mods-available/socache_redis.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule socache_redis_module /usr/lib/apache2/modules/mod_socache_redis.so
diff --git a/webapp/etc/apache2/mods-available/socache_shmcb.load b/webapp/etc/apache2/mods-available/socache_shmcb.load
deleted file mode 100644
index 542a2b2..0000000
--- a/webapp/etc/apache2/mods-available/socache_shmcb.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so
diff --git a/webapp/etc/apache2/mods-available/speling.load b/webapp/etc/apache2/mods-available/speling.load
deleted file mode 100644
index 423e401..0000000
--- a/webapp/etc/apache2/mods-available/speling.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule speling_module /usr/lib/apache2/modules/mod_speling.so
diff --git a/webapp/etc/apache2/mods-available/ssl.conf b/webapp/etc/apache2/mods-available/ssl.conf
deleted file mode 100644
index 1dc4eea..0000000
--- a/webapp/etc/apache2/mods-available/ssl.conf
+++ /dev/null
@@ -1,85 +0,0 @@
-<IfModule mod_ssl.c>
-
-	# Pseudo Random Number Generator (PRNG):
-	# Configure one or more sources to seed the PRNG of the SSL library.
-	# The seed data should be of good random quality.
-	# WARNING! On some platforms /dev/random blocks if not enough entropy
-	# is available. This means you then cannot use the /dev/random device
-	# because it would lead to very long connection times (as long as
-	# it requires to make more entropy available). But usually those
-	# platforms additionally provide a /dev/urandom device which doesn't
-	# block. So, if available, use this one instead. Read the mod_ssl User
-	# Manual for more details.
-	#
-	SSLRandomSeed startup builtin
-	SSLRandomSeed startup file:/dev/urandom 512
-	SSLRandomSeed connect builtin
-	SSLRandomSeed connect file:/dev/urandom 512
-
-	##
-	##  SSL Global Context
-	##
-	##  All SSL configuration in this context applies both to
-	##  the main server and all SSL-enabled virtual hosts.
-	##
-
-	#
-	#   Some MIME-types for downloading Certificates and CRLs
-	#
-	AddType application/x-x509-ca-cert .crt
-	AddType application/x-pkcs7-crl	.crl
-
-	#   Pass Phrase Dialog:
-	#   Configure the pass phrase gathering process.
-	#   The filtering dialog program (`builtin' is a internal
-	#   terminal dialog) has to provide the pass phrase on stdout.
-	SSLPassPhraseDialog  exec:/usr/share/apache2/ask-for-passphrase
-
-	#   Inter-Process Session Cache:
-	#   Configure the SSL Session Cache: First the mechanism 
-	#   to use and second the expiring timeout (in seconds).
-	#   (The mechanism dbm has known memory leaks and should not be used).
-	#SSLSessionCache		 dbm:${APACHE_RUN_DIR}/ssl_scache
-	SSLSessionCache		shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
-	SSLSessionCacheTimeout  300
-
-	#   Semaphore:
-	#   Configure the path to the mutual exclusion semaphore the
-	#   SSL engine uses internally for inter-process synchronization. 
-	#   (Disabled by default, the global Mutex directive consolidates by default
-	#   this)
-	#Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache
-
-
-	#   SSL Cipher Suite:
-	#   List the ciphers that the client is permitted to negotiate. See the
-	#   ciphers(1) man page from the openssl package for list of all available
-	#   options.
-	#   Enable only secure ciphers:
-	SSLCipherSuite HIGH:!aNULL
-
-	# SSL server cipher order preference:
-	# Use server priorities for cipher algorithm choice.
-	# Clients may prefer lower grade encryption.  You should enable this
-	# option if you want to enforce stronger encryption, and can afford
-	# the CPU cost, and did not override SSLCipherSuite in a way that puts
-	# insecure ciphers first.
-	# Default: Off
-	#SSLHonorCipherOrder on
-
-	#   The protocols to enable.
-	#   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
-	#   SSL v2  is no longer supported
-	SSLProtocol all -SSLv3
-
-	#   Allow insecure renegotiation with clients which do not yet support the
-	#   secure renegotiation protocol. Default: Off
-	#SSLInsecureRenegotiation on
-
-	#   Whether to forbid non-SNI clients to access name based virtual hosts.
-	#   Default: Off
-	#SSLStrictSNIVHostCheck On
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/ssl.load b/webapp/etc/apache2/mods-available/ssl.load
deleted file mode 100644
index 3d2336a..0000000
--- a/webapp/etc/apache2/mods-available/ssl.load
+++ /dev/null
@@ -1,2 +0,0 @@
-# Depends: setenvif mime socache_shmcb
-LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
diff --git a/webapp/etc/apache2/mods-available/status.conf b/webapp/etc/apache2/mods-available/status.conf
deleted file mode 100644
index 5f53ba7..0000000
--- a/webapp/etc/apache2/mods-available/status.conf
+++ /dev/null
@@ -1,29 +0,0 @@
-<IfModule mod_status.c>
-	# Allow server status reports generated by mod_status,
-	# with the URL of http://servername/server-status
-	# Uncomment and change the "192.0.2.0/24" to allow access from other hosts.
-
-	<Location /server-status>
-		SetHandler server-status
-		Require local
-		#Require ip 192.0.2.0/24
-	</Location>
-
-	# Keep track of extended status information for each request
-	ExtendedStatus On
-
-	# Determine if mod_status displays the first 63 characters of a request or
-	# the last 63, assuming the request itself is greater than 63 chars.
-	# Default: Off
-	#SeeRequestTail On
-
-
-	<IfModule mod_proxy.c>
-		# Show Proxy LoadBalancer status in mod_status
-		ProxyStatus On
-	</IfModule>
-
-
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/status.load b/webapp/etc/apache2/mods-available/status.load
deleted file mode 100644
index 9efd636..0000000
--- a/webapp/etc/apache2/mods-available/status.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule status_module /usr/lib/apache2/modules/mod_status.so
diff --git a/webapp/etc/apache2/mods-available/substitute.load b/webapp/etc/apache2/mods-available/substitute.load
deleted file mode 100644
index df361cd..0000000
--- a/webapp/etc/apache2/mods-available/substitute.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule substitute_module /usr/lib/apache2/modules/mod_substitute.so
diff --git a/webapp/etc/apache2/mods-available/suexec.load b/webapp/etc/apache2/mods-available/suexec.load
deleted file mode 100644
index 116858b..0000000
--- a/webapp/etc/apache2/mods-available/suexec.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule suexec_module /usr/lib/apache2/modules/mod_suexec.so
diff --git a/webapp/etc/apache2/mods-available/unique_id.load b/webapp/etc/apache2/mods-available/unique_id.load
deleted file mode 100644
index 2d0c9eb..0000000
--- a/webapp/etc/apache2/mods-available/unique_id.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule unique_id_module /usr/lib/apache2/modules/mod_unique_id.so
diff --git a/webapp/etc/apache2/mods-available/userdir.conf b/webapp/etc/apache2/mods-available/userdir.conf
deleted file mode 100644
index 2c334ec..0000000
--- a/webapp/etc/apache2/mods-available/userdir.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-<IfModule mod_userdir.c>
-	UserDir public_html
-	UserDir disabled root
-
-	<Directory /home/*/public_html>
-		AllowOverride FileInfo AuthConfig Limit Indexes
-		Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-		Require method GET POST OPTIONS
-	</Directory>
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/mods-available/userdir.load b/webapp/etc/apache2/mods-available/userdir.load
deleted file mode 100644
index 0cfc621..0000000
--- a/webapp/etc/apache2/mods-available/userdir.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule userdir_module /usr/lib/apache2/modules/mod_userdir.so
diff --git a/webapp/etc/apache2/mods-available/usertrack.load b/webapp/etc/apache2/mods-available/usertrack.load
deleted file mode 100644
index 25918b5..0000000
--- a/webapp/etc/apache2/mods-available/usertrack.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule usertrack_module /usr/lib/apache2/modules/mod_usertrack.so
diff --git a/webapp/etc/apache2/mods-available/vhost_alias.load b/webapp/etc/apache2/mods-available/vhost_alias.load
deleted file mode 100644
index 4fe4cb6..0000000
--- a/webapp/etc/apache2/mods-available/vhost_alias.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule vhost_alias_module /usr/lib/apache2/modules/mod_vhost_alias.so
diff --git a/webapp/etc/apache2/mods-available/xml2enc.load b/webapp/etc/apache2/mods-available/xml2enc.load
deleted file mode 100644
index 98cfa18..0000000
--- a/webapp/etc/apache2/mods-available/xml2enc.load
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule xml2enc_module /usr/lib/apache2/modules/mod_xml2enc.so
diff --git a/webapp/etc/apache2/mods-enabled/access_compat.load b/webapp/etc/apache2/mods-enabled/access_compat.load
deleted file mode 120000
index 4ac4ead..0000000
--- a/webapp/etc/apache2/mods-enabled/access_compat.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/access_compat.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/alias.conf b/webapp/etc/apache2/mods-enabled/alias.conf
deleted file mode 120000
index f616ae2..0000000
--- a/webapp/etc/apache2/mods-enabled/alias.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/alias.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/alias.load b/webapp/etc/apache2/mods-enabled/alias.load
deleted file mode 120000
index 13a943a..0000000
--- a/webapp/etc/apache2/mods-enabled/alias.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/alias.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/auth_basic.load b/webapp/etc/apache2/mods-enabled/auth_basic.load
deleted file mode 120000
index 28c1eae..0000000
--- a/webapp/etc/apache2/mods-enabled/auth_basic.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/auth_basic.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/authn_core.load b/webapp/etc/apache2/mods-enabled/authn_core.load
deleted file mode 120000
index 6ae9e0d..0000000
--- a/webapp/etc/apache2/mods-enabled/authn_core.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/authn_core.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/authn_file.load b/webapp/etc/apache2/mods-enabled/authn_file.load
deleted file mode 120000
index ab54e91..0000000
--- a/webapp/etc/apache2/mods-enabled/authn_file.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/authn_file.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/authz_core.load b/webapp/etc/apache2/mods-enabled/authz_core.load
deleted file mode 120000
index ccfcf1e..0000000
--- a/webapp/etc/apache2/mods-enabled/authz_core.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/authz_core.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/authz_host.load b/webapp/etc/apache2/mods-enabled/authz_host.load
deleted file mode 120000
index badc268..0000000
--- a/webapp/etc/apache2/mods-enabled/authz_host.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/authz_host.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/authz_user.load b/webapp/etc/apache2/mods-enabled/authz_user.load
deleted file mode 120000
index 59914f2..0000000
--- a/webapp/etc/apache2/mods-enabled/authz_user.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/authz_user.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/autoindex.conf b/webapp/etc/apache2/mods-enabled/autoindex.conf
deleted file mode 120000
index de8c1bb..0000000
--- a/webapp/etc/apache2/mods-enabled/autoindex.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/autoindex.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/autoindex.load b/webapp/etc/apache2/mods-enabled/autoindex.load
deleted file mode 120000
index 8fae29a..0000000
--- a/webapp/etc/apache2/mods-enabled/autoindex.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/autoindex.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/deflate.conf b/webapp/etc/apache2/mods-enabled/deflate.conf
deleted file mode 120000
index 84a592f..0000000
--- a/webapp/etc/apache2/mods-enabled/deflate.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/deflate.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/deflate.load b/webapp/etc/apache2/mods-enabled/deflate.load
deleted file mode 120000
index f73768e..0000000
--- a/webapp/etc/apache2/mods-enabled/deflate.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/deflate.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/dir.conf b/webapp/etc/apache2/mods-enabled/dir.conf
deleted file mode 120000
index c220eba..0000000
--- a/webapp/etc/apache2/mods-enabled/dir.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/dir.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/dir.load b/webapp/etc/apache2/mods-enabled/dir.load
deleted file mode 120000
index 84a580b..0000000
--- a/webapp/etc/apache2/mods-enabled/dir.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/dir.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/env.load b/webapp/etc/apache2/mods-enabled/env.load
deleted file mode 120000
index ef85526..0000000
--- a/webapp/etc/apache2/mods-enabled/env.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/env.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/expires.load b/webapp/etc/apache2/mods-enabled/expires.load
deleted file mode 120000
index d4a3180..0000000
--- a/webapp/etc/apache2/mods-enabled/expires.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/expires.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/filter.load b/webapp/etc/apache2/mods-enabled/filter.load
deleted file mode 120000
index 07ee625..0000000
--- a/webapp/etc/apache2/mods-enabled/filter.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/filter.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/headers.load b/webapp/etc/apache2/mods-enabled/headers.load
deleted file mode 120000
index 5017cda..0000000
--- a/webapp/etc/apache2/mods-enabled/headers.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/headers.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/mime.conf b/webapp/etc/apache2/mods-enabled/mime.conf
deleted file mode 120000
index 1df438b..0000000
--- a/webapp/etc/apache2/mods-enabled/mime.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/mime.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/mime.load b/webapp/etc/apache2/mods-enabled/mime.load
deleted file mode 120000
index c2c01f7..0000000
--- a/webapp/etc/apache2/mods-enabled/mime.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/mime.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/mpm_prefork.conf b/webapp/etc/apache2/mods-enabled/mpm_prefork.conf
deleted file mode 120000
index 85c1baa..0000000
--- a/webapp/etc/apache2/mods-enabled/mpm_prefork.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/mpm_prefork.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/mpm_prefork.load b/webapp/etc/apache2/mods-enabled/mpm_prefork.load
deleted file mode 120000
index f61ace3..0000000
--- a/webapp/etc/apache2/mods-enabled/mpm_prefork.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/mpm_prefork.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/negotiation.conf b/webapp/etc/apache2/mods-enabled/negotiation.conf
deleted file mode 120000
index d7f730d..0000000
--- a/webapp/etc/apache2/mods-enabled/negotiation.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/negotiation.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/negotiation.load b/webapp/etc/apache2/mods-enabled/negotiation.load
deleted file mode 120000
index c40e742..0000000
--- a/webapp/etc/apache2/mods-enabled/negotiation.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/negotiation.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/php7.4.conf b/webapp/etc/apache2/mods-enabled/php7.4.conf
deleted file mode 120000
index 7170bad..0000000
--- a/webapp/etc/apache2/mods-enabled/php7.4.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/php7.4.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/php7.4.load b/webapp/etc/apache2/mods-enabled/php7.4.load
deleted file mode 120000
index e223ffc..0000000
--- a/webapp/etc/apache2/mods-enabled/php7.4.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/php7.4.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/reqtimeout.conf b/webapp/etc/apache2/mods-enabled/reqtimeout.conf
deleted file mode 120000
index 093b41d..0000000
--- a/webapp/etc/apache2/mods-enabled/reqtimeout.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/reqtimeout.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/reqtimeout.load b/webapp/etc/apache2/mods-enabled/reqtimeout.load
deleted file mode 120000
index 979fab9..0000000
--- a/webapp/etc/apache2/mods-enabled/reqtimeout.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/reqtimeout.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/setenvif.conf b/webapp/etc/apache2/mods-enabled/setenvif.conf
deleted file mode 120000
index a57c9a8..0000000
--- a/webapp/etc/apache2/mods-enabled/setenvif.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/setenvif.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/setenvif.load b/webapp/etc/apache2/mods-enabled/setenvif.load
deleted file mode 120000
index 6d36106..0000000
--- a/webapp/etc/apache2/mods-enabled/setenvif.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/setenvif.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/socache_shmcb.load b/webapp/etc/apache2/mods-enabled/socache_shmcb.load
deleted file mode 120000
index f729f78..0000000
--- a/webapp/etc/apache2/mods-enabled/socache_shmcb.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/socache_shmcb.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/ssl.conf b/webapp/etc/apache2/mods-enabled/ssl.conf
deleted file mode 120000
index b0f14d1..0000000
--- a/webapp/etc/apache2/mods-enabled/ssl.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/ssl.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/ssl.load b/webapp/etc/apache2/mods-enabled/ssl.load
deleted file mode 120000
index 9d79723..0000000
--- a/webapp/etc/apache2/mods-enabled/ssl.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/ssl.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/status.conf b/webapp/etc/apache2/mods-enabled/status.conf
deleted file mode 120000
index bd3a2f1..0000000
--- a/webapp/etc/apache2/mods-enabled/status.conf
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/status.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/mods-enabled/status.load b/webapp/etc/apache2/mods-enabled/status.load
deleted file mode 120000
index ee67fbb..0000000
--- a/webapp/etc/apache2/mods-enabled/status.load
+++ /dev/null
@@ -1 +0,0 @@
-../mods-available/status.load
\ No newline at end of file
diff --git a/webapp/etc/apache2/ports.conf b/webapp/etc/apache2/ports.conf
deleted file mode 100644
index 5daec58..0000000
--- a/webapp/etc/apache2/ports.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-# If you just change the port or add more ports here, you will likely also
-# have to change the VirtualHost statement in
-# /etc/apache2/sites-enabled/000-default.conf
-
-Listen 80
-
-<IfModule ssl_module>
-	Listen 443
-</IfModule>
-
-<IfModule mod_gnutls.c>
-	Listen 443
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/sites-available/000-default.conf b/webapp/etc/apache2/sites-available/000-default.conf
deleted file mode 100644
index cfe8df5..0000000
--- a/webapp/etc/apache2/sites-available/000-default.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-<VirtualHost *:80>
-	# The ServerName directive sets the request scheme, hostname and port that
-	# the server uses to identify itself. This is used when creating
-	# redirection URLs. In the context of virtual hosts, the ServerName
-	# specifies what hostname must appear in the request's Host: header to
-	# match this virtual host. For the default virtual host (this file) this
-	# value is not decisive as it is used as a last resort host regardless.
-	# However, you must set it for any further virtual host explicitly.
-	#ServerName www.example.com
-
-	ServerAdmin webmaster@localhost
-	DocumentRoot /var/www/html
-
-	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
-	# error, crit, alert, emerg.
-	# It is also possible to configure the loglevel for particular
-	# modules, e.g.
-	#LogLevel info ssl:warn
-
-	ErrorLog ${APACHE_LOG_DIR}/error.log
-	CustomLog ${APACHE_LOG_DIR}/access.log combined
-
-	# For most configuration files from conf-available/, which are
-	# enabled or disabled at a global level, it is possible to
-	# include a line for only one particular virtual host. For example the
-	# following line enables the CGI configuration for this host only
-	# after it has been globally disabled with "a2disconf".
-	#Include conf-available/serve-cgi-bin.conf
-</VirtualHost>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/sites-available/default-ssl.conf b/webapp/etc/apache2/sites-available/default-ssl.conf
deleted file mode 100644
index 7e37a9c..0000000
--- a/webapp/etc/apache2/sites-available/default-ssl.conf
+++ /dev/null
@@ -1,134 +0,0 @@
-<IfModule mod_ssl.c>
-	<VirtualHost _default_:443>
-		ServerAdmin webmaster@localhost
-
-		DocumentRoot /var/www/html
-
-		# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
-		# error, crit, alert, emerg.
-		# It is also possible to configure the loglevel for particular
-		# modules, e.g.
-		#LogLevel info ssl:warn
-
-		ErrorLog ${APACHE_LOG_DIR}/error.log
-		CustomLog ${APACHE_LOG_DIR}/access.log combined
-
-		# For most configuration files from conf-available/, which are
-		# enabled or disabled at a global level, it is possible to
-		# include a line for only one particular virtual host. For example the
-		# following line enables the CGI configuration for this host only
-		# after it has been globally disabled with "a2disconf".
-		#Include conf-available/serve-cgi-bin.conf
-
-		#   SSL Engine Switch:
-		#   Enable/Disable SSL for this virtual host.
-		SSLEngine on
-
-		#   A self-signed (snakeoil) certificate can be created by installing
-		#   the ssl-cert package. See
-		#   /usr/share/doc/apache2/README.Debian.gz for more info.
-		#   If both key and certificate are stored in the same file, only the
-		#   SSLCertificateFile directive is needed.
-		SSLCertificateFile	/etc/ssl/certs/ssl-cert-snakeoil.pem
-		SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
-
-		#   Server Certificate Chain:
-		#   Point SSLCertificateChainFile at a file containing the
-		#   concatenation of PEM encoded CA certificates which form the
-		#   certificate chain for the server certificate. Alternatively
-		#   the referenced file can be the same as SSLCertificateFile
-		#   when the CA certificates are directly appended to the server
-		#   certificate for convinience.
-		#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
-
-		#   Certificate Authority (CA):
-		#   Set the CA certificate verification path where to find CA
-		#   certificates for client authentication or alternatively one
-		#   huge file containing all of them (file must be PEM encoded)
-		#   Note: Inside SSLCACertificatePath you need hash symlinks
-		#		 to point to the certificate files. Use the provided
-		#		 Makefile to update the hash symlinks after changes.
-		#SSLCACertificatePath /etc/ssl/certs/
-		#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
-
-		#   Certificate Revocation Lists (CRL):
-		#   Set the CA revocation path where to find CA CRLs for client
-		#   authentication or alternatively one huge file containing all
-		#   of them (file must be PEM encoded)
-		#   Note: Inside SSLCARevocationPath you need hash symlinks
-		#		 to point to the certificate files. Use the provided
-		#		 Makefile to update the hash symlinks after changes.
-		#SSLCARevocationPath /etc/apache2/ssl.crl/
-		#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
-
-		#   Client Authentication (Type):
-		#   Client certificate verification type and depth.  Types are
-		#   none, optional, require and optional_no_ca.  Depth is a
-		#   number which specifies how deeply to verify the certificate
-		#   issuer chain before deciding the certificate is not valid.
-		#SSLVerifyClient require
-		#SSLVerifyDepth  10
-
-		#   SSL Engine Options:
-		#   Set various options for the SSL engine.
-		#   o FakeBasicAuth:
-		#	 Translate the client X.509 into a Basic Authorisation.  This means that
-		#	 the standard Auth/DBMAuth methods can be used for access control.  The
-		#	 user name is the `one line' version of the client's X.509 certificate.
-		#	 Note that no password is obtained from the user. Every entry in the user
-		#	 file needs this password: `xxj31ZMTZzkVA'.
-		#   o ExportCertData:
-		#	 This exports two additional environment variables: SSL_CLIENT_CERT and
-		#	 SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
-		#	 server (always existing) and the client (only existing when client
-		#	 authentication is used). This can be used to import the certificates
-		#	 into CGI scripts.
-		#   o StdEnvVars:
-		#	 This exports the standard SSL/TLS related `SSL_*' environment variables.
-		#	 Per default this exportation is switched off for performance reasons,
-		#	 because the extraction step is an expensive operation and is usually
-		#	 useless for serving static content. So one usually enables the
-		#	 exportation for CGI and SSI requests only.
-		#   o OptRenegotiate:
-		#	 This enables optimized SSL connection renegotiation handling when SSL
-		#	 directives are used in per-directory context.
-		#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
-		<FilesMatch "\.(cgi|shtml|phtml|php)$">
-				SSLOptions +StdEnvVars
-		</FilesMatch>
-		<Directory /usr/lib/cgi-bin>
-				SSLOptions +StdEnvVars
-		</Directory>
-
-		#   SSL Protocol Adjustments:
-		#   The safe and default but still SSL/TLS standard compliant shutdown
-		#   approach is that mod_ssl sends the close notify alert but doesn't wait for
-		#   the close notify alert from client. When you need a different shutdown
-		#   approach you can use one of the following variables:
-		#   o ssl-unclean-shutdown:
-		#	 This forces an unclean shutdown when the connection is closed, i.e. no
-		#	 SSL close notify alert is send or allowed to received.  This violates
-		#	 the SSL/TLS standard but is needed for some brain-dead browsers. Use
-		#	 this when you receive I/O errors because of the standard approach where
-		#	 mod_ssl sends the close notify alert.
-		#   o ssl-accurate-shutdown:
-		#	 This forces an accurate shutdown when the connection is closed, i.e. a
-		#	 SSL close notify alert is send and mod_ssl waits for the close notify
-		#	 alert of the client. This is 100% SSL/TLS standard compliant, but in
-		#	 practice often causes hanging connections with brain-dead browsers. Use
-		#	 this only for browsers where you know that their SSL implementation
-		#	 works correctly.
-		#   Notice: Most problems of broken clients are also related to the HTTP
-		#   keep-alive facility, so you usually additionally want to disable
-		#   keep-alive for those clients, too. Use variable "nokeepalive" for this.
-		#   Similarly, one has to force some clients to use HTTP/1.0 to workaround
-		#   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
-		#   "force-response-1.0" for this.
-		# BrowserMatch "MSIE [2-6]" \
-		#		nokeepalive ssl-unclean-shutdown \
-		#		downgrade-1.0 force-response-1.0
-
-	</VirtualHost>
-</IfModule>
-
-# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/webapp/etc/apache2/sites-available/kopano-webapp.conf b/webapp/etc/apache2/sites-available/kopano-webapp.conf
deleted file mode 100644
index adcb955..0000000
--- a/webapp/etc/apache2/sites-available/kopano-webapp.conf
+++ /dev/null
@@ -1,84 +0,0 @@
-Alias /webapp /usr/share/kopano-webapp
-
-# Modules to enable for the caching instructions to work:
-#   mod_expires
-#   mod_headers
-#   mod_setenvif - for Internet Explorer quirks
-#
-# For compression:
-#   mod_deflate
-<Directory /usr/share/kopano-webapp/>
-    DirectoryIndex index.php
-    Options -Indexes +FollowSymLinks
-
-    <IfModule apparmor_module>
-      AAHatName kopano-webapp
-    </IfModule>
-
-    <IfVersion < 2.4>
-	Allow from all
-	AllowOverride Options Limit
-	Order allow,deny
-    </IfVersion>
-
-    <IfVersion >= 2.4>
-	AllowOverride Options Limit Authconfig
-	Require all granted
-    </IfVersion>
-
-    FileETag All
-
-    # Uncomment to enhance security of WebApp by restricting cookies to only
-    # be provided over HTTPS connections
-    # php_flag session.cookie_secure on
-    # php_flag session.cookie_httponly on
-
-    # Manipulate the cache control headers if mod_expires and
-    # mod_headers are both enabled; otherwise the client will depend
-    # on the ETag header.  However, you can set FileETag to "None" if
-    # you have multiple servers serving WebApp to the same user.  In
-    # that case, apache will fall back to the config below so make
-    # sure these two modules are loaded!
-    <IfModule expires_module>
-        <IfModule headers_module>
-            ExpiresActive On
-            ExpiresDefault "now"
-    
-            <filesMatch "\.(jpg|gif|png)$">
-                # All (static) resources set to 2 months expiration time.
-                ExpiresDefault "access plus 2 months"
-                Header append Cache-Control "public"
-            </filesMatch>
-    
-            <FilesMatch "\.(js|css)$">
-                # All non-dynamic files set to 2 weeks expiration time.
-                ExpiresDefault "access plus 2 weeks"
-                # User agents are requested to revalidate for each resource
-                # so that the server can always serve a newer version if
-                # necessary.
-                Header append Cache-Control "no-cache, must-revalidate"
-
-                # Treat IE a little differently due to the remarks on no-cache
-                # on https://support.microsoft.com/kb/234067
-                <IfModule setenvif_module>
-                    BrowserMatch MSIE ie_bug
-                </IfModule>
-                Header set Cache-Control "must-revalidate, private" env=ie_bug
-            </FilesMatch>
-
-            <filesMatch "\.(php)$">
-                # PHP files must always be retrieved from the server.
-                ExpiresActive Off
-                Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
-                Header set Pragma "no-cache"
-            </filesMatch>
-        </IfModule>
-    </IfModule>
-
-    # Enable gzip compression if the module is available
-    <IfModule deflate_module>
-        <filesMatch "\.(js|css)$">
-            SetOutputFilter DEFLATE
-        </filesMatch>
-    </IfModule>
-</Directory>
diff --git a/webapp/etc/apache2/sites-available/nuc0.conf b/webapp/etc/apache2/sites-available/nuc0.conf
deleted file mode 100644
index a703c7b..0000000
--- a/webapp/etc/apache2/sites-available/nuc0.conf
+++ /dev/null
@@ -1,44 +0,0 @@
-<VirtualHost *:80>
-    ServerName      nuc0
-    ServerAlias     nuc0.fritz.box
-    DocumentRoot    /var/www
-
-    CustomLog       ${APACHE_LOG_DIR}/nuc0.log combined
-
-    Redirect permanent / https://nuc0/
-
-</VirtualHost>
-
-<VirtualHost *:443>
-    ServerName      nuc0
-    ServerAlias     nuc0.fritz.box
-    DocumentRoot    /var/www
-
-    CustomLog       ${APACHE_LOG_DIR}/nuc0_ssl.log combined
-
-    # enable HTTP/2, if available
-    Protocols h2 http/1.1
-
-    Include cipher.conf
-    SSLCertificateFile        /etc/ssl/nuc0.lan.crt
-    SSLCertificateChainFile   /etc/ssl/certs/balusign-signing-ca.pem
-    SSLCertificateKeyFile     /etc/ssl/private/nuc0.lan.key
-
-    # SSLCertificateFile      /etc/letsencrypt/live/zntrl.de/cert.pem
-    # SSLCertificateChainFile /etc/letsencrypt/live/zntrl.de/chain.pem
-    # SSLCertificateKeyFile   /etc/letsencrypt/live/zntrl.de/privkey.pem
-
-    Include conf-available/z-push-autodiscover.conf
-    Include conf-available/z-push.conf
-    Include sites-available/kopano-webapp.conf
-
-    <Directory /var/www>
-        AllowOverride All
-        Require all granted
-    </Directory>
-
-</VirtualHost>
-
-SSLUseStapling On
-SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
-
diff --git a/webapp/etc/apache2/sites-enabled/kopano-webapp.conf b/webapp/etc/apache2/sites-enabled/kopano-webapp.conf
deleted file mode 120000
index 9d07703..0000000
--- a/webapp/etc/apache2/sites-enabled/kopano-webapp.conf
+++ /dev/null
@@ -1 +0,0 @@
-../sites-available/kopano-webapp.conf
\ No newline at end of file
diff --git a/webapp/etc/apache2/sites-enabled/nuc0.conf b/webapp/etc/apache2/sites-enabled/nuc0.conf
deleted file mode 120000
index 3060b18..0000000
--- a/webapp/etc/apache2/sites-enabled/nuc0.conf
+++ /dev/null
@@ -1 +0,0 @@
-../sites-available/nuc0.conf
\ No newline at end of file
diff --git a/z-push/Dockerfile b/z-push/Dockerfile
index f67e9a9..3895d4c 100644
--- a/z-push/Dockerfile
+++ b/z-push/Dockerfile
@@ -24,6 +24,11 @@ apt-get autoclean
 rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ~/.cache ~/.npm
 rm -rf core-11.0.2.50.507cbae-Ubuntu_20.04-amd64
 EOF
+# change php.ini
+# php_flag magic_quotes_gpc = off
+# php_flag register_globals = off
+# php_flag magic_quotes_runtime = off
+# php_flag short_open_tag = on
 # use envsubst in entrypoint script to convert config templates to actual config files
 COPY --chmod=0775 entrypoint.sh /entrypoint.sh
 EXPOSE 80
diff --git a/zarafa.sql b/zarafa.sql
new file mode 100644
index 0000000..fd94208
Binary files /dev/null and b/zarafa.sql differ