andreas/kopano-docker
1
0
Fork 0
Code Issues 8 Pull Requests Packages Projects 1 Releases Wiki Activity

added webapp

Browse Source
This commit is contained in:
andreas
2023-04-03 20:05:25 +00:00
parent e2eae6e6df
commit 950fbccf48
495 changed files with 1773 additions and 5456 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
etc-zntrl/z-push/autodiscover.conf.php Normal file
View File

@@ -0,0 +1,88 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Autodiscover configuration file
*
* Created : 30.07.2014
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Replace zpush.example.com with your z-push's host name and uncomment the line below.
define('ZPUSH_HOST', 'baloghs.de');
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* Possible values:
* false - use the username only (default).
* true - use the complete email address.
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* Logging settings
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*/
define('LOGBACKEND', 'filelog');
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
define('LOGLEVEL', LOGLEVEL_WBXML);
define('LOGUSERLEVEL', LOGLEVEL);
$specialLogUsers = array();
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');

88
etc-zntrl/z-push/autodiscover.conf.php.dist Normal file
View File

@@ -0,0 +1,88 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Autodiscover configuration file
*
* Created : 30.07.2014
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Replace zpush.example.com with your z-push's host name and uncomment the line below.
// define('ZPUSH_HOST', 'zpush.example.com');
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* Possible values:
* false - use the username only (default).
* true - use the complete email address.
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* Logging settings
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*/
define('LOGBACKEND', 'filelog');
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGUSERLEVEL', LOGLEVEL);
$specialLogUsers = array();
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');

86
etc-zntrl/z-push/gabsync.conf.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push - tools - GAB sync
* Descr : Configuration file.
*
* Created : 28.01.2016
*
* Copyright 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
* ************************************************/
// The field to be hashed that is unique and never changes
// in the entire lifetime of the GAB entry.
define('HASHFIELD', 'account');
define('AMOUNT_OF_CHUNKS', 10);
// SyncWorker implementation to be used
define('SYNCWORKER', 'Kopano');
// Unique id to find a contact from the GAB (value to be supplied by -u on the command line)
// Zarafa supports: 'account' and 'smtpAddress' (email)
define('UNIQUEID', 'account');
// Server connection settings
// Depending on your setup, it might be advisable to change the lines below to one defined with your
// default socket location.
// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
// Examples: define("SERVER", "default:");
// define("SERVER", "http://localhost:236/kopano");
// define("SERVER", "https://localhost:237/kopano");
// define("SERVER", "file:///var/run/kopano/server.sock");
// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
// define("SERVER", "http://localhost:236/zarafa");
// define("SERVER", "https://localhost:237/zarafa");
// define("SERVER", "file:///var/run/zarafad/server.sock");
// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
// define("SERVER", "file:///var/run/zarafa");
define('SERVER', 'default:');
define('USERNAME', 'SYSTEM');
define('PASSWORD', '');
define('CERTIFICATE', null);
define('CERTIFICATE_PASSWORD', null);
// Store where the hidden folder is located.
// For the public folder, use SYSTEM
// to use another store, use the same as USERNAME
// or another store where USERNAME has full access to.
define('HIDDEN_FOLDERSTORE', 'SYSTEM');
/// Do not change (unless you know exactly what you do)
define('HIDDEN_FOLDERNAME', 'Z-Push-KOE-GAB');
// Types of the objects to sync to GAB.
define('GAB_SYNC_USER', 1);
define('GAB_SYNC_CONTACT', 2);
define('GAB_SYNC_GROUP', 4);
define('GAB_SYNC_ROOM', 8);
define('GAB_SYNC_EQUIPMENT', 16);
define('GAB_SYNC_ALL', GAB_SYNC_USER | GAB_SYNC_CONTACT | GAB_SYNC_GROUP | GAB_SYNC_ROOM | GAB_SYNC_EQUIPMENT);
// Set which items from GAB should be synced.
// Default value is GAB_SYNC_ALL which syncs all items.
// In order to sync only some specific types combine them with "|", e.g.
// to sync only users and groups use:
// define('GAB_SYNC_TYPES', GAB_SYNC_USER | GAB_SYNC_CONTACT);
// In order to exclude specific types combine "& ~TYPE", e.g.
// to sync all types except rooms and equipments use:
// define('GAB_SYNC_TYPES', GAB_SYNC_ALL & ~GAB_SYNC_ROOM & ~GAB_SYNC_EQUIPMENT);
define('GAB_SYNC_TYPES', GAB_SYNC_ALL);

83
etc-zntrl/z-push/kopano.conf.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Kopano backend configuration file
*
* Created : 27.11.2012
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// ************************
// BackendKopano settings
// ************************
// Defines the server to which we want to connect.
//
// Depending on your setup, it might be advisable to change the lines below to one defined with your
// default socket location.
// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
// Examples: define("MAPI_SERVER", "default:");
// define("MAPI_SERVER", "http://localhost:236/kopano");
// define("MAPI_SERVER", "https://localhost:237/kopano");
// define("MAPI_SERVER", "file:///var/run/kopano/server.sock");
// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
// define("MAPI_SERVER", "http://localhost:236/zarafa");
// define("MAPI_SERVER", "https://localhost:237/zarafa");
// define("MAPI_SERVER", "file:///var/run/zarafad/server.sock");
// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
// define("MAPI_SERVER", "file:///var/run/zarafa");
define('MAPI_SERVER', 'http://kopano-server-1:236/kopano');
// Read-Only shared folders
// When trying to write a change on a read-only folder this data is dropped and replaced on the device of the user.
// Enabling the option below, sends an email to the user notifying that this happened (default enabled).
// If this is disabled, the data will be dropped silently and will be lost.
// The template of the email sent can be customized here. The placeholders can also be used in the subject.
define('READ_ONLY_NOTIFY_LOST_DATA', true);
// String to mark the data changed by the user (that he is trying to save)
define('READ_ONLY_NOTIFY_YOURDATA', 'Your data');
// Email template to be sent to the user
define('READ_ONLY_NOTIFY_SUBJECT', "Z-Push: Writing operation not permitted - data reset");
define('READ_ONLY_NOTIFY_BODY', <<<END
Dear **USERFULLNAME**,
on **DATE** at **TIME** you've tried to save a data in the folder '**FOLDERNAME**' on your device '**MOBILETYPE**' ID: '**MOBILEDEVICEID**'.
This operation was not successful, as you lack write access to this folder.
Your data has been dropped and replaced with the original data on your device to ensure data integrity.
Below is a copy of the data you tried to save. If you want your changes to be stored permanently you should forward this email to a person with write access to this folder asking to perform these changes again.
**DIFFERENCES**
If you have questions about this email, please contact your e-mail administrator.
Sincerely,
Your Z-Push system
END
);
// Format of the **DATE** and **TIME** placeholders - more information on formats, see http://php.net/manual/en/function.strftime.php
define('READ_ONLY_NOTIFY_DATE_FORMAT', "%d.%m.%Y");
define('READ_ONLY_NOTIFY_TIME_FORMAT', "%H:%M:%S");
// Comma separated list of folder ids as string for which the notification emails of the changes in read-only folders shouldn't be sent.
// E.g. define('READ_ONLY_NONOTIFY', '1, 2, 3, 4');
// When configuring $additionalFolders it is possible to use DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY in the flags bitmask
// in order to prevent the notifications as well.
define('READ_ONLY_NONOTIFY', '');

234
etc-zntrl/z-push/policies.ini Normal file
View File

@@ -0,0 +1,234 @@
;;;;;;;;;;;;;;;;;;;;;;;;
; About policies.ini ;
;;;;;;;;;;;;;;;;;;;;;;;;
; Z-Push policies' file holds the configuration to be applied
; during the provisioning of a mobile device.
; Check Z-Push wiki page regarding the provisioning policies:
; https://wiki.z-hub.io/x/eYAa
; For more information see the ActiveSync documentation at:
; https://msdn.microsoft.com/en-us/library/dd299443.aspx
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The default ActiveSync policy. Do not change its name.
[default]
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.0 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Specifies if a device requires a password to unlock it.
; 0 - Password not required.
; 1 - Password is required.
devpwenabled = 0
; Specifies if a device requires an alphanumeric password to unlock it.
; 0 - Alphanumeric password not required.
; 1 - Alphanumeric password required.
alphanumpwreq = 0
; Deprecated. Specifies if the device encrypts the content of the storage card.
; 0 - Storage card encryption not enabled.
; 1 - Storage card encryption enabled.
devencenabled = 0
; Specifies if the server supports storing a recovery password which could be
; sent by the client using the Settings command.
; This policy is currently not supported by Z-Push.
; 0 - Password recovery not enabled on the server.
; 1 - Password recovery enabled on the server.
; pwrecoveryenabled = 0
; Deprecated.
docbrowseenabled =
; Specifies if email attachments are enabled for download.
; 0 - Attachments not allowed for download.
; 1 - Attachments allowed for download.
attenabled = 1
; Specifies the minimum client password length to unlock it.
; The mindevpwlenngth can be empty or have a value between 1 and 16.
; If the value is empty or 1, there is no minimum length for the device password.
mindevpwlenngth = 4
; The maximum number of seconds of inactivity before the device locks itself.
; If this value is greater than or equal to 9999, the client interprets it as unlimited.
maxinacttimedevlock = 900
; The maximum number of failed password attempts to unlock the device.
; The client SHOULD perform a local wipe or enter a timed lock out mode if the maximum
; number of failed password attempts is reached.
; The maxdevpwfailedattempts can be empty or have a value between 4 and 16.
; If the value is empty, the client interprets this as no maximum number of
; failed password attempts has been set by the security policy.
maxdevpwfailedattempts = 8
; The maximum attachment size in bytes as determined by security policy.
maxattsize = ''
; Specifies if the device allows simple passwords. A simple password contains
; repeated ("0000") or sequential ("xyz") characters only.
allowsimpledevpw = 1
; The maximum number of days until a password expires.
; Empty or 0 devpwexpiration value indicates that the password will not expire.
devpwexpiration = 0
; The minimum number of previously used passwords stored to prevent reuse by the device.
; 0 - Do not store previously used passwords.
; >0 - Store the minimum number of previously used passwords.
devpwhistory = 0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.1 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The device allows to use a storage card.
; 0 - SD card not allowed.
; 1 - SD card allowed.
allowstoragecard = 1
; The device allows to use the built-in camera.
; 0 - Usage of the built-in camera not allowed.
; 1 - Usage of built-in the camera allowed.
allowcam = 1
; Specifies if the client uses encryption.
; 0 - Encryption not required.
; 1 - Encryption required.
reqdevenc = 0
; Specifies if the device allows unsigned applications to execute.
; 0 - Unsigned applications not allowed to execute.
; 1 - Unsigned applications allowed to execute.
allowunsignedapps = 1
; The required complexity level of the device password.
; Valid values for mindevcomplexchars are between 1 and 4. The value specifies
; the number of character groups to be contained in the password.
; The character groups are:
; - Lower case alphabetical characters
; - Upper case alphabetical characters
; - Numbers
; - Non-alphanumeric characters
; For example, if the value of mindevcomplexchars is 2, a password may contain
; lower case and upper case characters. A password with numbers and non-alphanumeric
; characters would be also valid.
mindevcomplexchars = 3
; The device allows the use of Wi-Fi connections.
; 0 - The use of Wi-Fi connections not allowed.
; 1 - The use of Wi-Fi connections allowed.
allowwifi = 1
; The device allows the use of SMS or text messaging.
; 0 - SMS or text messaging not allowed.
; 1 - SMS or text messaging allowed.
allowtextmessaging = 1
; The device allows access to POP or IMAP email.
; 0 - POP or IMAP email access not allowed.
; 1 - POP or IMAP email access allowed.
allowpopimapemail = 1
; The use of Bluetooth on the device.
; 0 - Disable Bluetooth.
; 1 - Disable Bluetooth, but allow the configuration of hands-free profiles.
; 2 - Allow Bluetooth.
allowbluetooth = 2
; The device allows the use of IrDA (infrared) connections.
; 0 - Disable IrDA.
; 1 - Allow IrDA.
allowirda = 1
; The device requires manual synchronization when the device is roaming.
; 0 - Do not require manual sync; allow direct push when roaming.
; 1 - Require manual sync when roaming.
reqmansyncroam = 0
; The maximum number of calendar days that can be synchronized.
; 0 - All days
; 4 - 2 weeks
; 5 - 1 month
; 6 - 3 months
; 7 - 6 months
maxcalagefilter = 0
; Specifies if the client uses HTML-formatted email.
; 0 - HTML-formatted email not allowed.
; 1 - HTML-formatted email allowed.
allowhtmlemail = 1
; The email age limit for synchronization.
; 0 - Sync all
; 1 - 1 day
; 2 - 3 days
; 3 - 1 week
; 4 - 2 weeks
; 5 - 1 month
maxemailagefilter = 0
; The maximum truncation size for plain textformatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailbodytruncsize = -1
; The maximum truncation size for HTML-formatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailhtmlbodytruncsize = -1
; Specifies if the client sends signed S/MIME messages.
; 0 - Signed S/MIME messages not required.
; 1 - Signed S/MIME messages required.
reqsignedsmimemessages = 0
; Specifies if the client sends encrypted email messages.
; 0 - Encrypted email messages not required.
; 1 - Email messages required to be encrypted.
reqencsmimemessages = 0
; The algorithm used to sign S/MIME messages.
; 0 - Use SHA1.
; 1 - Use MD5.
reqsignedsmimealgorithm = 0
; The algorithm used to encrypt S/MIME messages.
; 0 - TripleDES algorithm
; 1 - DES algorithm
; 2 - RC2128bit
; 3 - RC264bit
; 4 - RC240bit
reqencsmimealgorithm = 0
; Controls negotiation of the encryption algorithm.
; 0 - Do not negotiate.
; 1 - Negotiate a strong algorithm.
; 2 - Negotiate any algorithm.
allowsmimeencalgneg = 2
; Specifies if the client can use soft certificates to sign outgoing messages.
; 0 - Soft certificates are not allowed.
; 1 - Soft certificates are allowed.
allowsmimesoftcerts = 1
; Specifies if the device allows the use of a web browser.
; 0 - Do not allow the use of a web browser.
; 1 - Allow the use of a web browser.
allowbrowser = 1
; Specifies if the device allows the user to configure a personal email account.
; 0 - Do not allow the user to configure a personal email account.
; 1 - Allow the user to configure a personal email account.
allowconsumeremail = 1
; Specifies if the device allows the use of Internet Sharing.
; 0 - Do not allow the use of Internet Sharing.
; 1 - Allow the use of Internet Sharing.
allowinternetsharing = 1

373
etc-zntrl/z-push/z-push.conf.php Normal file
View File

@@ -0,0 +1,373 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
define('USE_CUSTOM_REMOTE_IP_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array('andreas',);
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTCOMPANY);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
),
*/
);

375
etc-zntrl/z-push/z-push.conf.php.dist Normal file
View File

@@ -0,0 +1,375 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
define('USE_X_FORWARDED_FOR_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', true);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// Delivery receipt requests
define('KOE_CAPABILITY_RECEIPTS', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
),
*/
);

418
etc-zntrl/z-push/z-push.conf.php.dpkg-dist Normal file
View File

@@ -0,0 +1,418 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// This should be solved on THE webserver level if there are proxies
// between mobile client and Z-Push.
// IMPORTANT: This setting will be deprecated in Z-Push 2.7.0.
// Use a custom header to determinate the remote IP of a client.
// By default, the server provided REMOTE_ADDR is used. If the header here set
// is available, the provided value will be used, else REMOTE_ADDR is maintained.
// set to false to disable this behaviour.
// common values: 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP' (casing is ignored)
define('USE_CUSTOM_REMOTE_IP_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', true);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
* Possible values:
* IpcSharedMemoryProvider - default. Requires z-push-ipc-sharedmemory package.
* IpcMemcachedProvider - requires z-push-ipc-memcached package. It is necessary to set up
* memcached server before (it won't be installed by z-push-ipc-memcached).
* IpcWincacheProvider - for windows systems.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// The backend data provider.
// Leave this value empty and Z-Push will autoload a backend. The sequence of autoload is:
// BackendKopano, BackendCombined, BackendIMAP, BackendVCardDir, BackendMaildir.
// If BackendKopano is not installed, Z-Push will load BackendCombined. If BackendCombined
// also is not installed, Z-Push will load BackendIMAP and so on.
// If you prefer explicitly configure a backend provider, currently possible values are:
// BackendKopano - to use with the Kopano groupware. Syncs emails, calendar items,
// contacts, tasks and notes or any combination of the listed items.
// BackendCombined - combine multiple backends for different items, e.g.
// BackendIMAP for emails, BackendCalDAV for calendar items,
// BackendCardDAV for contacts etc. You can configure what backend
// syncs which items in /etc/combined.conf.php.
// BackendIMAP - to sync emails with an IMAP server.
// BackendCalDAV - to sync calendar items and / or tasks with a CalDAV server.
// BackendCardDAV - to sync contacts with a CardDAV server.
// BackendMaildir - to sync emails from a Maildir.
// BackendStickyNote - to sync notes with a Postgres server.
// BackendVCardDir - to sync contacts with vcard folder.
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// Delivery receipt requests
define('KOE_CAPABILITY_RECEIPTS', true);
// Impersonate other users
define('KOE_CAPABILITY_IMPERSONATE', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
* flags: sets additional options on the shared folder. Supported are:
* DeviceManager::FLD_FLAGS_NONE
* No flags configured, default flag to be set
* DeviceManager::FLD_FLAGS_SENDASOWNER
* When replying in this folder, automatically do Send-As
* DeviceManager::FLD_FLAGS_CALENDARREMINDERS
* If set, Outlook shows reminders for these shares with KOE
* DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY
* If set, Z-Push won't send notification emails for changes
* if the folder is read-only
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
'flags' => DeviceManager::FLD_FLAGS_NONE,
),
*/
);