andreas/kopano-docker
1
0
Fork 0
Code Issues 8 Pull Requests Packages Projects 1 Releases Wiki Activity

added etc directories

Browse Source
This commit is contained in:
andreas
2023-02-16 20:42:47 +00:00
parent 49f6dcc3fb
commit ce43d3e9e9
329 changed files with 12642 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
etc-baloghs/cron.d/.placeholder Normal file
View File

@@ -0,0 +1,2 @@
# DO NOT EDIT OR REMOVE
# This file is a simple placeholder to keep dpkg from removing this directory

4
etc-baloghs/cron.d/backup Normal file
View File

@@ -0,0 +1,4 @@
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
30 9 * * * root /root/bin/db-backup.sh >>/var/log/backup.log 2>&1

2
etc-baloghs/cron.d/certbot Normal file
View File

@@ -0,0 +1,2 @@
30 18 * * mon root /root/bin/renew-certs.sh >>/var/log/renew-certs.log 2>&1

3
etc-baloghs/cron.d/getmail Normal file
View File

@@ -0,0 +1,3 @@
*/15 * * * * vmail /usr/bin/getmail -g /var/lib/getmail-udmedia -r ud02_276p1 -r ud02_276p2 -r ud02_276p3
*/15 * * * * spamd /usr/bin/getmail -g /var/lib/getmail-spamd -r not_spam -r missed_spam

1
etc-baloghs/cron.d/grav Normal file
View File

@@ -0,0 +1 @@
*/5 * * * * www-data cd /var/www-baloghs;/usr/bin/php bin/grav scheduler 1>> /dev/null 2>&1

12
etc-baloghs/cron.d/mdadm Normal file
View File

@@ -0,0 +1,12 @@
#
# cron.d/mdadm -- schedules periodic redundancy checks of MD devices
#
# Copyright © martin f. krafft <madduck@madduck.net>
# distributed under the terms of the Artistic Licence 2.0
#
# By default, run at 00:57 on every Sunday, but do nothing unless the day of
# the month is less than or equal to 7. Thus, only run on the first Sunday of
# each month. crontab(5) sucks, unfortunately, in this regard; therefore this
# hack (see #380425).
57 0 * * 0 root if [ -x /usr/share/mdadm/checkarray ] && [ $(date +\%d) -le 7 ]; then /usr/share/mdadm/checkarray --cron --all --idle --quiet; fi

14
etc-baloghs/cron.d/php Normal file
View File

@@ -0,0 +1,14 @@
# /etc/cron.d/php@PHP_VERSION@: crontab fragment for PHP
# This purges session files in session.save_path older than X,
# where X is defined in seconds as the largest value of
# session.gc_maxlifetime from all your SAPI php.ini files
# or 24 minutes if not defined. The script triggers only
# when session.save_handler=files.
#
# WARNING: The scripts tries hard to honour all relevant
# session PHP options, but if you do something unusual
# you have to disable this script and take care of your
# sessions yourself.
# Look for and purge old sessions every 30 minutes
09,39 * * * * root [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi

1
etc-baloghs/cron.d/spamassassin Normal file
View File

@@ -0,0 +1 @@
5 23 * * 5 root /usr/bin/sa-update -D && systemctl restart spampd >>/var/log/sa-update.log 2>&1

1
etc-baloghs/cron.d/tt-rss Normal file
View File

@@ -0,0 +1 @@
*/5 * * * * www-data /usr/bin/php /var/www/tt-rss/update.php --feeds >>/var/log/tt-rss.log 2>&1

1
etc-baloghs/spamassassin/50_scores.cf Normal file
View File

@@ -0,0 +1 @@
score RDNS_NONE 5.0

34
etc-baloghs/spamassassin/65_debian.cf Normal file
View File

@@ -0,0 +1,34 @@
# Special SpamAssassin rules for Debian
# Duncan Findlay
header D_SENT_BY_DEBCONF Subject =~ /^Debconf:/
score D_SENT_BY_DEBCONF -5.0
describe D_SENT_BY_DEBCONF Sent by Debconf
body D_SENT_BY_AFBACKUP /^\[Afbackup\]: Overall exit status:/
score D_SENT_BY_AFBACKUP -5.0
describe D_SENT_BY_AFBACKUP Sent by Afbackup
header D_SENT_BY_APTLC Subject =~ /^apt-listchanges: (changelogs|news) for/
score D_SENT_BY_APTLC -5.0
describe D_SENT_BY_APTLC Sent by apt-listchanges
header __ANACRON_SUBJ Subject =~ /^Anacron job '[a-z0-9_.-]+' on/i
header __ANACRON_FROM From =~ /^Anacron/
meta D_SENT_BY_ANACRON __ANACRON_SUBJ && __ANACRON_FROM
score D_SENT_BY_ANACRON -5.0
describe D_SENT_BY_ANACRON Sent by Anacron Daemon
header __CRON_FROM From =~ /^Cron Daemon/
header __CRON_HEADER X-Cron-Env =~ /./
meta D_SENT_BY_CRON __CRON_FROM && __CRON_HEADER
score D_SENT_BY_CRON -5.0
describe D_SENT_BY_CRON Sent by Cron Daemon
# As documented in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861671,
# the bb.barracudacentral.org blacklist requires users to register, making it
# unsuitable for use in the default configuration. If you've registered your
# use of this blacklist, remove the following line in order to re-activate
# this service:
score RCVD_IN_BRBL_LASTEXT 0

36
etc-baloghs/spamassassin/init.pre Normal file
View File

@@ -0,0 +1,36 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file contains plugin activation commands for plugins included
# in SpamAssassin 3.0.x releases. It will not be installed if you
# already have a file in place called "init.pre".
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# RelayCountry - add metadata for Bayes learning, marking the countries
# a message was relayed through
#
# Note: This requires the Geo::IP Perl module
#
# loadplugin Mail::SpamAssassin::Plugin::RelayCountry
# URIDNSBL - look up URLs found in the message against several DNS
# blocklists.
#
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
# Hashcash - perform hashcash verification.
#
loadplugin Mail::SpamAssassin::Plugin::Hashcash
# SPF - perform SPF verification.
#
loadplugin Mail::SpamAssassin::Plugin::SPF

89
etc-baloghs/spamassassin/local.cf Normal file
View File

@@ -0,0 +1,89 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################
# Add *****SPAM***** to the Subject header of spam e-mails
#
# rewrite_header Subject *****SPAM*****
# Save spam messages as a message/rfc822 MIME attachment instead of
# modifying the original message (0: off, 2: use text/plain instead)
#
report_safe 0
# Set which networks or hosts are considered 'trusted' by your mail
# server (i.e. not spammers)
#
# trusted_networks 212.17.35.
# Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock
# Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 4.1
# Use Bayesian classifier (default: 1)
#
# use_bayes 1
# Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1
# Set headers which may provide inappropriate cues to the Bayesian
# classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status
# Whether to decode non- UTF-8 and non-ASCII textual parts and recode
# them to UTF-8 before the text is given over to rules processing.
#
# normalize_charset 1
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST on
# shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on
# the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST on
# shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on
# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham
endif # Mail::SpamAssassin::Plugin::Shortcircuit

89
etc-baloghs/spamassassin/local.cf.dist Normal file
View File

@@ -0,0 +1,89 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################
# Add *****SPAM***** to the Subject header of spam e-mails
#
# rewrite_header Subject *****SPAM*****
# Save spam messages as a message/rfc822 MIME attachment instead of
# modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1
# Set which networks or hosts are considered 'trusted' by your mail
# server (i.e. not spammers)
#
# trusted_networks 212.17.35.
# Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock
# Set the threshold at which a message is considered spam (default: 5.0)
#
# required_score 5.0
# Use Bayesian classifier (default: 1)
#
# use_bayes 1
# Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1
# Set headers which may provide inappropriate cues to the Bayesian
# classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status
# Whether to decode non- UTF-8 and non-ASCII textual parts and recode
# them to UTF-8 before the text is given over to rules processing.
#
# normalize_charset 1
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST on
# shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on
# the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST on
# shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on
# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham
endif # Mail::SpamAssassin::Plugin::Shortcircuit

3
etc-baloghs/spamassassin/sa-compile.pre Normal file
View File

@@ -0,0 +1,3 @@
# Rule2XSBody - speedup by compilation of ruleset to native code
#
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody

6
etc-baloghs/spamassassin/sa-update-hooks.d/spampd Normal file
View File

@@ -0,0 +1,6 @@
#!/bin/sh
service spampd restart
exit 0

BIN
etc-baloghs/spamassassin/sa-update-keys/pubring.gpg Normal file
View File

Binary file not shown.

0
etc-baloghs/docker-compose.yml → etc-baloghs/spamassassin/sa-update-keys/pubring.gpg~
View File

0
etc-baloghs/spamassassin/sa-update-keys/secring.gpg Normal file
View File

BIN
etc-baloghs/spamassassin/sa-update-keys/trustdb.gpg Normal file
View File

Binary file not shown.

78
etc-baloghs/spamassassin/v310.pre Normal file
View File

@@ -0,0 +1,78 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.1.0,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# DCC - perform DCC message checks.
#
# DCC is disabled here because it is not open source. See the DCC
# license for more details.
#
#loadplugin Mail::SpamAssassin::Plugin::DCC
# Pyzor - perform Pyzor message checks.
#
loadplugin Mail::SpamAssassin::Plugin::Pyzor
# Razor2 - perform Razor2 message checks.
#
loadplugin Mail::SpamAssassin::Plugin::Razor2
# SpamCop - perform SpamCop message reporting
#
loadplugin Mail::SpamAssassin::Plugin::SpamCop
# AntiVirus - some simple anti-virus checks, this is not a replacement
# for an anti-virus filter like Clam AntiVirus
#
#loadplugin Mail::SpamAssassin::Plugin::AntiVirus
# AWL - do auto-whitelist checks
#
#loadplugin Mail::SpamAssassin::Plugin::AWL
# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning
#
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
# TextCat - language guesser
#
#loadplugin Mail::SpamAssassin::Plugin::TextCat
# AccessDB - lookup from-addresses in access database
#
#loadplugin Mail::SpamAssassin::Plugin::AccessDB
# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions
#
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
###########################################################################
# experimental plugins
# DomainKeys - perform DomainKeys verification
#
# This plugin has been removed as of v3.3.0. Use the DKIM plugin instead,
# which supports both Domain Keys and DKIM.
# MIMEHeader - apply regexp rules against MIME headers in the message
#
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
# ReplaceTags
#
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags

29
etc-baloghs/spamassassin/v312.pre Normal file
View File

@@ -0,0 +1,29 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.1.2,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# experimental plugins
# DKIM - perform DKIM verification
#
# Mail::DKIM module required for use, see INSTALL for more information.
#
# Note that if C<Mail::DKIM> version 0.20 or later is installed, this
# renders the DomainKeys plugin redundant.
#
loadplugin Mail::SpamAssassin::Plugin::DKIM

64
etc-baloghs/spamassassin/v320.pre Normal file
View File

@@ -0,0 +1,64 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.2.0,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# Check - Provides main check functionality
#
loadplugin Mail::SpamAssassin::Plugin::Check
# HTTPSMismatch - find URI mismatches between href and anchor text
#
loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch
# URIDetail - test URIs using detailed URI information
#
loadplugin Mail::SpamAssassin::Plugin::URIDetail
# Shortcircuit - stop evaluation early if high-accuracy rules fire
#
# loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
# Plugins which used to be EvalTests.pm
# broken out into separate plugins
loadplugin Mail::SpamAssassin::Plugin::Bayes
loadplugin Mail::SpamAssassin::Plugin::BodyEval
loadplugin Mail::SpamAssassin::Plugin::DNSEval
loadplugin Mail::SpamAssassin::Plugin::HTMLEval
loadplugin Mail::SpamAssassin::Plugin::HeaderEval
loadplugin Mail::SpamAssassin::Plugin::MIMEEval
loadplugin Mail::SpamAssassin::Plugin::RelayEval
loadplugin Mail::SpamAssassin::Plugin::URIEval
loadplugin Mail::SpamAssassin::Plugin::WLBLEval
# VBounce - anti-bounce-message rules, see rules/20_vbounce.cf
#
loadplugin Mail::SpamAssassin::Plugin::VBounce
# Rule2XSBody - speedup by compilation of ruleset to native code
#
# loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
# ASN - Look up the Autonomous System Number of the connecting IP
# and create a header containing ASN data for bayes tokenization.
# See plugin's POD docs for usage info.
#
# loadplugin Mail::SpamAssassin::Plugin::ASN
# ImageInfo - rules to match metadata of image attachments
#
loadplugin Mail::SpamAssassin::Plugin::ImageInfo

28
etc-baloghs/spamassassin/v330.pre Normal file
View File

@@ -0,0 +1,28 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.3.0,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# PhishTag - allows sites to rewrite suspect phish-mail URLs
# (Note: this requires configuration, see http://umut.topkara.org/PhishTag)
#
#loadplugin Mail::SpamAssassin::Plugin::PhishTag
# FreeMail - detect email addresses using free webmail services,
# usable as input for other rules
#
loadplugin Mail::SpamAssassin::Plugin::FreeMail

21
etc-baloghs/spamassassin/v340.pre Normal file
View File

@@ -0,0 +1,21 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.4.0,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# AskDNS - forms a DNS query based on 'tags' as supplied by other plugins
#
loadplugin Mail::SpamAssassin::Plugin::AskDNS

28
etc-baloghs/spamassassin/v341.pre Normal file
View File

@@ -0,0 +1,28 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.4.1,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# TxRep - Reputation database that replaces AWL
# loadplugin Mail::SpamAssassin::Plugin::TxRep
# URILocalBL - Provides ISP and Country code based filtering as well as
# quick IP based blocks without a full RBL implementation - Bug 7060
# loadplugin Mail::SpamAssassin::Plugin::URILocalBL
# PDFInfo - Use several methods to detect a PDF file's ham/spam traits
# loadplugin Mail::SpamAssassin::Plugin::PDFInfo

36
etc-baloghs/spamassassin/v342.pre Normal file
View File

@@ -0,0 +1,36 @@
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.4.1,
# and contains plugin loading commands for the new plugins added in that
# release. It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################
# HashBL - Use EBL email blocklist
# loadplugin Mail::SpamAssassin::Plugin::HashBL
# ResourceLimits - assure your spamd child processes
# do not exceed specified CPU or memory limit
# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
# FromNameSpoof - help stop spam that tries to spoof other domains using
# the from name
# loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof
# Phishing - finds uris used in phishing campaigns detected by
# OpenPhish or PhishTank feeds.
# loadplugin Mail::SpamAssassin::Plugin::Phishing
# allow URI rules to look at DKIM headers if they exist
parse_dkim_uris 1

19
etc-baloghs/spampd.conf Normal file
View File

@@ -0,0 +1,19 @@
#
# NOTE: This config isn't used by default!
# You need to enable its use in /etc/default/spampd
#
# Use this to set options for SpamAssassin you only want to have set
# when actually running SpamAssassin from spampd. Below are a few examples
# you might want to use. Remove the hashmark (#) in front of them to enable
# them and edit them to meet your needs. Note that you might need to fix
# path permissions to match your system.
#use_bayes 1
#bayes_path /var/cache/spampd/bayes
#auto_whitelist_path /var/cache/spampd/awl
#
# NOTE: This config isn't used by default!
# You need to enable its use in /etc/default/spampd
#

88
etc-baloghs/z-push/autodiscover.conf.php Normal file
View File

@@ -0,0 +1,88 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Autodiscover configuration file
*
* Created : 30.07.2014
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Replace zpush.example.com with your z-push's host name and uncomment the line below.
define('ZPUSH_HOST', 'baloghs.de');
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* Possible values:
* false - use the username only (default).
* true - use the complete email address.
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* Logging settings
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*/
define('LOGBACKEND', 'filelog');
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
define('LOGLEVEL', LOGLEVEL_WBXML);
define('LOGUSERLEVEL', LOGLEVEL);
$specialLogUsers = array();
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');

88
etc-baloghs/z-push/autodiscover.conf.php.dist Normal file
View File

@@ -0,0 +1,88 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Autodiscover configuration file
*
* Created : 30.07.2014
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Replace zpush.example.com with your z-push's host name and uncomment the line below.
// define('ZPUSH_HOST', 'zpush.example.com');
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* Possible values:
* false - use the username only (default).
* true - use the complete email address.
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* Logging settings
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*/
define('LOGBACKEND', 'filelog');
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'autodiscover.log');
define('LOGERRORFILE', LOGFILEDIR . 'autodiscover-error.log');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGUSERLEVEL', LOGLEVEL);
$specialLogUsers = array();
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push-autodiscover');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');

86
etc-baloghs/z-push/gabsync.conf.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push - tools - GAB sync
* Descr : Configuration file.
*
* Created : 28.01.2016
*
* Copyright 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
* ************************************************/
// The field to be hashed that is unique and never changes
// in the entire lifetime of the GAB entry.
define('HASHFIELD', 'account');
define('AMOUNT_OF_CHUNKS', 10);
// SyncWorker implementation to be used
define('SYNCWORKER', 'Kopano');
// Unique id to find a contact from the GAB (value to be supplied by -u on the command line)
// Zarafa supports: 'account' and 'smtpAddress' (email)
define('UNIQUEID', 'account');
// Server connection settings
// Depending on your setup, it might be advisable to change the lines below to one defined with your
// default socket location.
// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
// Examples: define("SERVER", "default:");
// define("SERVER", "http://localhost:236/kopano");
// define("SERVER", "https://localhost:237/kopano");
// define("SERVER", "file:///var/run/kopano/server.sock");
// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
// define("SERVER", "http://localhost:236/zarafa");
// define("SERVER", "https://localhost:237/zarafa");
// define("SERVER", "file:///var/run/zarafad/server.sock");
// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
// define("SERVER", "file:///var/run/zarafa");
define('SERVER', 'default:');
define('USERNAME', 'SYSTEM');
define('PASSWORD', '');
define('CERTIFICATE', null);
define('CERTIFICATE_PASSWORD', null);
// Store where the hidden folder is located.
// For the public folder, use SYSTEM
// to use another store, use the same as USERNAME
// or another store where USERNAME has full access to.
define('HIDDEN_FOLDERSTORE', 'SYSTEM');
/// Do not change (unless you know exactly what you do)
define('HIDDEN_FOLDERNAME', 'Z-Push-KOE-GAB');
// Types of the objects to sync to GAB.
define('GAB_SYNC_USER', 1);
define('GAB_SYNC_CONTACT', 2);
define('GAB_SYNC_GROUP', 4);
define('GAB_SYNC_ROOM', 8);
define('GAB_SYNC_EQUIPMENT', 16);
define('GAB_SYNC_ALL', GAB_SYNC_USER | GAB_SYNC_CONTACT | GAB_SYNC_GROUP | GAB_SYNC_ROOM | GAB_SYNC_EQUIPMENT);
// Set which items from GAB should be synced.
// Default value is GAB_SYNC_ALL which syncs all items.
// In order to sync only some specific types combine them with "|", e.g.
// to sync only users and groups use:
// define('GAB_SYNC_TYPES', GAB_SYNC_USER | GAB_SYNC_CONTACT);
// In order to exclude specific types combine "& ~TYPE", e.g.
// to sync all types except rooms and equipments use:
// define('GAB_SYNC_TYPES', GAB_SYNC_ALL & ~GAB_SYNC_ROOM & ~GAB_SYNC_EQUIPMENT);
define('GAB_SYNC_TYPES', GAB_SYNC_ALL);

83
etc-baloghs/z-push/kopano.conf.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Kopano backend configuration file
*
* Created : 27.11.2012
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// ************************
// BackendKopano settings
// ************************
// Defines the server to which we want to connect.
//
// Depending on your setup, it might be advisable to change the lines below to one defined with your
// default socket location.
// Normally "default:" points to the default setting ("file:///var/run/kopano/server.sock")
// Examples: define("MAPI_SERVER", "default:");
// define("MAPI_SERVER", "http://localhost:236/kopano");
// define("MAPI_SERVER", "https://localhost:237/kopano");
// define("MAPI_SERVER", "file:///var/run/kopano/server.sock");
// If you are using ZCP >= 7.2.0, set it to the zarafa location, e.g.
// define("MAPI_SERVER", "http://localhost:236/zarafa");
// define("MAPI_SERVER", "https://localhost:237/zarafa");
// define("MAPI_SERVER", "file:///var/run/zarafad/server.sock");
// For ZCP versions prior to 7.2.0 the socket location is different (http(s) sockets are the same):
// define("MAPI_SERVER", "file:///var/run/zarafa");
define('MAPI_SERVER', 'default:');
// Read-Only shared folders
// When trying to write a change on a read-only folder this data is dropped and replaced on the device of the user.
// Enabling the option below, sends an email to the user notifying that this happened (default enabled).
// If this is disabled, the data will be dropped silently and will be lost.
// The template of the email sent can be customized here. The placeholders can also be used in the subject.
define('READ_ONLY_NOTIFY_LOST_DATA', true);
// String to mark the data changed by the user (that he is trying to save)
define('READ_ONLY_NOTIFY_YOURDATA', 'Your data');
// Email template to be sent to the user
define('READ_ONLY_NOTIFY_SUBJECT', "Z-Push: Writing operation not permitted - data reset");
define('READ_ONLY_NOTIFY_BODY', <<<END
Dear **USERFULLNAME**,
on **DATE** at **TIME** you've tried to save a data in the folder '**FOLDERNAME**' on your device '**MOBILETYPE**' ID: '**MOBILEDEVICEID**'.
This operation was not successful, as you lack write access to this folder.
Your data has been dropped and replaced with the original data on your device to ensure data integrity.
Below is a copy of the data you tried to save. If you want your changes to be stored permanently you should forward this email to a person with write access to this folder asking to perform these changes again.
**DIFFERENCES**
If you have questions about this email, please contact your e-mail administrator.
Sincerely,
Your Z-Push system
END
);
// Format of the **DATE** and **TIME** placeholders - more information on formats, see http://php.net/manual/en/function.strftime.php
define('READ_ONLY_NOTIFY_DATE_FORMAT', "%d.%m.%Y");
define('READ_ONLY_NOTIFY_TIME_FORMAT', "%H:%M:%S");
// Comma separated list of folder ids as string for which the notification emails of the changes in read-only folders shouldn't be sent.
// E.g. define('READ_ONLY_NONOTIFY', '1, 2, 3, 4');
// When configuring $additionalFolders it is possible to use DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY in the flags bitmask
// in order to prevent the notifications as well.
define('READ_ONLY_NONOTIFY', '');

234
etc-baloghs/z-push/policies.ini Normal file
View File

@@ -0,0 +1,234 @@
;;;;;;;;;;;;;;;;;;;;;;;;
; About policies.ini ;
;;;;;;;;;;;;;;;;;;;;;;;;
; Z-Push policies' file holds the configuration to be applied
; during the provisioning of a mobile device.
; Check Z-Push wiki page regarding the provisioning policies:
; https://wiki.z-hub.io/x/eYAa
; For more information see the ActiveSync documentation at:
; https://msdn.microsoft.com/en-us/library/dd299443.aspx
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The default ActiveSync policy. Do not change its name.
[default]
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.0 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Specifies if a device requires a password to unlock it.
; 0 - Password not required.
; 1 - Password is required.
devpwenabled = 0
; Specifies if a device requires an alphanumeric password to unlock it.
; 0 - Alphanumeric password not required.
; 1 - Alphanumeric password required.
alphanumpwreq = 0
; Deprecated. Specifies if the device encrypts the content of the storage card.
; 0 - Storage card encryption not enabled.
; 1 - Storage card encryption enabled.
devencenabled = 0
; Specifies if the server supports storing a recovery password which could be
; sent by the client using the Settings command.
; This policy is currently not supported by Z-Push.
; 0 - Password recovery not enabled on the server.
; 1 - Password recovery enabled on the server.
; pwrecoveryenabled = 0
; Deprecated.
docbrowseenabled =
; Specifies if email attachments are enabled for download.
; 0 - Attachments not allowed for download.
; 1 - Attachments allowed for download.
attenabled = 1
; Specifies the minimum client password length to unlock it.
; The mindevpwlenngth can be empty or have a value between 1 and 16.
; If the value is empty or 1, there is no minimum length for the device password.
mindevpwlenngth = 4
; The maximum number of seconds of inactivity before the device locks itself.
; If this value is greater than or equal to 9999, the client interprets it as unlimited.
maxinacttimedevlock = 900
; The maximum number of failed password attempts to unlock the device.
; The client SHOULD perform a local wipe or enter a timed lock out mode if the maximum
; number of failed password attempts is reached.
; The maxdevpwfailedattempts can be empty or have a value between 4 and 16.
; If the value is empty, the client interprets this as no maximum number of
; failed password attempts has been set by the security policy.
maxdevpwfailedattempts = 8
; The maximum attachment size in bytes as determined by security policy.
maxattsize = ''
; Specifies if the device allows simple passwords. A simple password contains
; repeated ("0000") or sequential ("xyz") characters only.
allowsimpledevpw = 1
; The maximum number of days until a password expires.
; Empty or 0 devpwexpiration value indicates that the password will not expire.
devpwexpiration = 0
; The minimum number of previously used passwords stored to prevent reuse by the device.
; 0 - Do not store previously used passwords.
; >0 - Store the minimum number of previously used passwords.
devpwhistory = 0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Policies for ActiveSync version 12.1 and higher
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The device allows to use a storage card.
; 0 - SD card not allowed.
; 1 - SD card allowed.
allowstoragecard = 1
; The device allows to use the built-in camera.
; 0 - Usage of the built-in camera not allowed.
; 1 - Usage of built-in the camera allowed.
allowcam = 1
; Specifies if the client uses encryption.
; 0 - Encryption not required.
; 1 - Encryption required.
reqdevenc = 0
; Specifies if the device allows unsigned applications to execute.
; 0 - Unsigned applications not allowed to execute.
; 1 - Unsigned applications allowed to execute.
allowunsignedapps = 1
; The required complexity level of the device password.
; Valid values for mindevcomplexchars are between 1 and 4. The value specifies
; the number of character groups to be contained in the password.
; The character groups are:
; - Lower case alphabetical characters
; - Upper case alphabetical characters
; - Numbers
; - Non-alphanumeric characters
; For example, if the value of mindevcomplexchars is 2, a password may contain
; lower case and upper case characters. A password with numbers and non-alphanumeric
; characters would be also valid.
mindevcomplexchars = 3
; The device allows the use of Wi-Fi connections.
; 0 - The use of Wi-Fi connections not allowed.
; 1 - The use of Wi-Fi connections allowed.
allowwifi = 1
; The device allows the use of SMS or text messaging.
; 0 - SMS or text messaging not allowed.
; 1 - SMS or text messaging allowed.
allowtextmessaging = 1
; The device allows access to POP or IMAP email.
; 0 - POP or IMAP email access not allowed.
; 1 - POP or IMAP email access allowed.
allowpopimapemail = 1
; The use of Bluetooth on the device.
; 0 - Disable Bluetooth.
; 1 - Disable Bluetooth, but allow the configuration of hands-free profiles.
; 2 - Allow Bluetooth.
allowbluetooth = 2
; The device allows the use of IrDA (infrared) connections.
; 0 - Disable IrDA.
; 1 - Allow IrDA.
allowirda = 1
; The device requires manual synchronization when the device is roaming.
; 0 - Do not require manual sync; allow direct push when roaming.
; 1 - Require manual sync when roaming.
reqmansyncroam = 0
; The maximum number of calendar days that can be synchronized.
; 0 - All days
; 4 - 2 weeks
; 5 - 1 month
; 6 - 3 months
; 7 - 6 months
maxcalagefilter = 0
; Specifies if the client uses HTML-formatted email.
; 0 - HTML-formatted email not allowed.
; 1 - HTML-formatted email allowed.
allowhtmlemail = 1
; The email age limit for synchronization.
; 0 - Sync all
; 1 - 1 day
; 2 - 3 days
; 3 - 1 week
; 4 - 2 weeks
; 5 - 1 month
maxemailagefilter = 0
; The maximum truncation size for plain textformatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailbodytruncsize = -1
; The maximum truncation size for HTML-formatted email.
; -1 - No truncation.
; 0 - Truncate only the header.
; >0 - Truncate the email body to the specified size.
maxemailhtmlbodytruncsize = -1
; Specifies if the client sends signed S/MIME messages.
; 0 - Signed S/MIME messages not required.
; 1 - Signed S/MIME messages required.
reqsignedsmimemessages = 0
; Specifies if the client sends encrypted email messages.
; 0 - Encrypted email messages not required.
; 1 - Email messages required to be encrypted.
reqencsmimemessages = 0
; The algorithm used to sign S/MIME messages.
; 0 - Use SHA1.
; 1 - Use MD5.
reqsignedsmimealgorithm = 0
; The algorithm used to encrypt S/MIME messages.
; 0 - TripleDES algorithm
; 1 - DES algorithm
; 2 - RC2128bit
; 3 - RC264bit
; 4 - RC240bit
reqencsmimealgorithm = 0
; Controls negotiation of the encryption algorithm.
; 0 - Do not negotiate.
; 1 - Negotiate a strong algorithm.
; 2 - Negotiate any algorithm.
allowsmimeencalgneg = 2
; Specifies if the client can use soft certificates to sign outgoing messages.
; 0 - Soft certificates are not allowed.
; 1 - Soft certificates are allowed.
allowsmimesoftcerts = 1
; Specifies if the device allows the use of a web browser.
; 0 - Do not allow the use of a web browser.
; 1 - Allow the use of a web browser.
allowbrowser = 1
; Specifies if the device allows the user to configure a personal email account.
; 0 - Do not allow the user to configure a personal email account.
; 1 - Allow the user to configure a personal email account.
allowconsumeremail = 1
; Specifies if the device allows the use of Internet Sharing.
; 0 - Do not allow the use of Internet Sharing.
; 1 - Allow the use of Internet Sharing.
allowinternetsharing = 1

373
etc-baloghs/z-push/z-push.conf.php Normal file
View File

@@ -0,0 +1,373 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
define('USE_CUSTOM_REMOTE_IP_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', false);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array('andreas',);
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTCOMPANY);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
),
*/
);

375
etc-baloghs/z-push/z-push.conf.php.dist Normal file
View File

@@ -0,0 +1,375 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// When accessing through a proxy, the "X-Forwarded-For" header contains the original remote IP
define('USE_X_FORWARDED_FOR_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', true);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// the backend data provider
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// Delivery receipt requests
define('KOE_CAPABILITY_RECEIPTS', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
),
*/
);

418
etc-baloghs/z-push/z-push.conf.php.dpkg-dist Normal file
View File

@@ -0,0 +1,418 @@
<?php
/***********************************************
* File : config.php
* Project : Z-Push
* Descr : Main configuration file
*
* Created : 01.10.2007
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
/**********************************************************************************
* Default settings
*/
// Defines the default time zone, change e.g. to "Europe/London" if necessary
define('TIMEZONE', '');
// Defines the base path on the server
define('BASE_PATH', dirname($_SERVER['SCRIPT_FILENAME']). '/');
// Try to set unlimited timeout
define('SCRIPT_TIMEOUT', 0);
// This should be solved on THE webserver level if there are proxies
// between mobile client and Z-Push.
// IMPORTANT: This setting will be deprecated in Z-Push 2.7.0.
// Use a custom header to determinate the remote IP of a client.
// By default, the server provided REMOTE_ADDR is used. If the header here set
// is available, the provided value will be used, else REMOTE_ADDR is maintained.
// set to false to disable this behaviour.
// common values: 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP' (casing is ignored)
define('USE_CUSTOM_REMOTE_IP_HEADER', false);
// When using client certificates, we can check if the login sent matches the owner of the certificate.
// This setting specifies the owner parameter in the certificate to look at.
define("CERTIFICATE_OWNER_PARAMETER", "SSL_CLIENT_S_DN_CN");
/*
* Whether to use the complete email address as a login name
* (e.g. user@company.com) or the username only (user).
* This is required for Z-Push to work properly after autodiscover.
* Possible values:
* false - use the username only.
* true - string the mobile sends as username, e.g. full email address (default).
*/
define('USE_FULLEMAIL_FOR_LOGIN', true);
/**********************************************************************************
* StateMachine setting
*
* These StateMachines can be used:
* FILE - FileStateMachine (default). Needs STATE_DIR set as well.
* SQL - SqlStateMachine has own configuration file. STATE_DIR is ignored.
* State migration script is available, more informations: https://wiki.z-hub.io/x/xIAa
*/
define('STATE_MACHINE', 'FILE');
define('STATE_DIR', '/var/lib/z-push/');
/**********************************************************************************
* IPC - InterProcessCommunication
*
* Is either provided by using shared memory on a single host or
* using the memcache provider for multi-host environments.
* When another implementation should be used, the class can be set here explicitly.
* If empty Z-Push will try to use available providers.
* Possible values:
* IpcSharedMemoryProvider - default. Requires z-push-ipc-sharedmemory package.
* IpcMemcachedProvider - requires z-push-ipc-memcached package. It is necessary to set up
* memcached server before (it won't be installed by z-push-ipc-memcached).
* IpcWincacheProvider - for windows systems.
*/
define('IPC_PROVIDER', '');
/**********************************************************************************
* Logging settings
*
* The LOGBACKEND specifies where the logs are sent to.
* Either to file ("filelog") or to a "syslog" server or a custom log class in core/log/logclass.
* filelog and syslog have several options that can be set below.
* For more information about the syslog configuration, see https://wiki.z-hub.io/x/HIAT
* Possible LOGLEVEL and LOGUSERLEVEL values are:
* LOGLEVEL_OFF - no logging
* LOGLEVEL_FATAL - log only critical errors
* LOGLEVEL_ERROR - logs events which might require corrective actions
* LOGLEVEL_WARN - might lead to an error or require corrective actions in the future
* LOGLEVEL_INFO - usually completed actions
* LOGLEVEL_DEBUG - debugging information, typically only meaningful to developers
* LOGLEVEL_WBXML - also prints the WBXML sent to/from the device
* LOGLEVEL_DEVICEID - also prints the device id for every log entry
* LOGLEVEL_WBXMLSTACK - also prints the contents of WBXML stack
*
* The verbosity increases from top to bottom. More verbose levels include less verbose
* ones, e.g. setting to LOGLEVEL_DEBUG will also output LOGLEVEL_FATAL, LOGLEVEL_ERROR,
* LOGLEVEL_WARN and LOGLEVEL_INFO level entries.
*
* LOGAUTHFAIL is logged to the LOGBACKEND.
*/
define('LOGBACKEND', 'filelog');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
// To save e.g. WBXML data only for selected users, add the usernames to the array
// The data will be saved into a dedicated file per user in the LOGFILEDIR
// Users have to be encapusulated in quotes, several users are comma separated, like:
// $specialLogUsers = array('info@domain.com', 'myusername');
define('LOGUSERLEVEL', LOGLEVEL_DEVICEID);
$specialLogUsers = array();
// Filelog settings
define('LOGFILEDIR', '/var/log/z-push/');
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
// Syslog settings
// false will log to local syslog, otherwise put the remote syslog IP here
define('LOG_SYSLOG_HOST', false);
// Syslog port
define('LOG_SYSLOG_PORT', 514);
// Program showed in the syslog. Useful if you have more than one instance login to the same syslog
define('LOG_SYSLOG_PROGRAM', 'z-push');
// Syslog facility - use LOG_USER when running on Windows
define('LOG_SYSLOG_FACILITY', LOG_LOCAL0);
// Location of the trusted CA, e.g. '/etc/ssl/certs/EmailCA.pem'
// Uncomment and modify the following line if the validation of the certificates fails.
// define('CAINFO', '/etc/ssl/certs/EmailCA.pem');
/**********************************************************************************
* Mobile settings
*/
// Device Provisioning
define('PROVISIONING', true);
// This option allows the 'loose enforcement' of the provisioning policies for older
// devices which don't support provisioning (like WM 5 and HTC Android Mail) - dw2412 contribution
// false (default) - Enforce provisioning for all devices
// true - allow older devices, but enforce policies on devices which support it
define('LOOSE_PROVISIONING', false);
// The file containing the policies' settings.
// Set a full path or relative to the z-push main directory
define('PROVISIONING_POLICYFILE', 'policies.ini');
// Default conflict preference
// Some devices allow to set if the server or PIM (mobile)
// should win in case of a synchronization conflict
// SYNC_CONFLICT_OVERWRITE_SERVER - Server is overwritten, PIM wins
// SYNC_CONFLICT_OVERWRITE_PIM - PIM is overwritten, Server wins (default)
define('SYNC_CONFLICT_DEFAULT', SYNC_CONFLICT_OVERWRITE_PIM);
// Global limitation of items to be synchronized
// The mobile can define a sync back period for calendar and email items
// For large stores with many items the time period could be limited to a max value
// If the mobile transmits a wider time period, the defined max value is used
// Applicable values:
// SYNC_FILTERTYPE_ALL (default, no limitation)
// SYNC_FILTERTYPE_1DAY, SYNC_FILTERTYPE_3DAYS, SYNC_FILTERTYPE_1WEEK, SYNC_FILTERTYPE_2WEEKS,
// SYNC_FILTERTYPE_1MONTH, SYNC_FILTERTYPE_3MONTHS, SYNC_FILTERTYPE_6MONTHS
define('SYNC_FILTERTIME_MAX', SYNC_FILTERTYPE_ALL);
// Interval in seconds before checking if there are changes on the server when in Ping.
// It means the highest time span before a change is pushed to a mobile. Set it to
// a higher value if you have a high load on the server.
define('PING_INTERVAL', 30);
// Set the fileas (save as) order for contacts in the webaccess/webapp/outlook.
// It will only affect new/modified contacts on the mobile which then are synced to the server.
// Possible values are:
// SYNC_FILEAS_FIRSTLAST - fileas will be "Firstname Middlename Lastname"
// SYNC_FILEAS_LASTFIRST - fileas will be "Lastname, Firstname Middlename"
// SYNC_FILEAS_COMPANYONLY - fileas will be "Company"
// SYNC_FILEAS_COMPANYLAST - fileas will be "Company (Lastname, Firstname Middlename)"
// SYNC_FILEAS_COMPANYFIRST - fileas will be "Company (Firstname Middlename Lastname)"
// SYNC_FILEAS_LASTCOMPANY - fileas will be "Lastname, Firstname Middlename (Company)"
// SYNC_FILEAS_FIRSTCOMPANY - fileas will be "Firstname Middlename Lastname (Company)"
// The company-fileas will only be set if a contact has a company set. If one of
// company-fileas is selected and a contact doesn't have a company set, it will default
// to SYNC_FILEAS_FIRSTLAST or SYNC_FILEAS_LASTFIRST (depending on if last or first
// option is selected for company).
// If SYNC_FILEAS_COMPANYONLY is selected and company of the contact is not set
// SYNC_FILEAS_LASTFIRST will be used
define('FILEAS_ORDER', SYNC_FILEAS_LASTFIRST);
// Maximum amount of items to be synchronized per request.
// Normally this value is requested by the mobile. Common values are 5, 25, 50 or 100.
// Exporting too much items can cause mobile timeout on busy systems.
// Z-Push will use the lowest provided value, either set here or by the mobile.
// MS Outlook 2013+ request up to 512 items to accelerate the sync process.
// If you detect high load (also on subsystems) you could try a lower setting.
// max: 512 - value used if mobile does not limit amount of items
define('SYNC_MAX_ITEMS', 512);
// The devices usually send a list of supported properties for calendar and contact
// items. If a device does not includes such a supported property in Sync request,
// it means the property's value will be deleted on the server.
// However some devices do not send a list of supported properties. It is then impossible
// to tell if a property was deleted or it was not set at all if it does not appear in Sync.
// This parameter defines Z-Push behaviour during Sync if a device does not issue a list with
// supported properties.
// See also https://jira.z-hub.io/browse/ZP-302.
// Possible values:
// false - do not unset properties which are not sent during Sync (default)
// true - unset properties which are not sent during Sync
define('UNSET_UNDEFINED_PROPERTIES', false);
// ActiveSync specifies that a contact photo may not exceed 48 KB. This value is checked
// in the semantic sanity checks and contacts with larger photos are not synchronized.
// This limitation is not being followed by the ActiveSync clients which set much bigger
// contact photos. You can override the default value of the max photo size.
// default: 5242880 - 5 MB default max photo size in bytes
define('SYNC_CONTACTS_MAXPICTURESIZE', 5242880);
// Over the WebserviceUsers command it is possible to retrieve a list of all
// known devices and users on this Z-Push system. The authenticated user needs to have
// admin rights and a public folder must exist.
// In multicompany environments this enable an admin user of any company to retrieve
// this full list, so this feature is disabled by default. Enable with care.
define('ALLOW_WEBSERVICE_USERS_ACCESS', false);
// Users with many folders can use the 'partial foldersync' feature, where the server
// actively stops processing the folder list if it takes too long. Other requests are
// then redirected to the FolderSync to synchronize the remaining items.
// Device compatibility for this procedure is not fully understood.
// NOTE: THIS IS AN EXPERIMENTAL FEATURE WHICH COULD PREVENT YOUR MOBILES FROM SYNCHRONIZING.
define('USE_PARTIAL_FOLDERSYNC', false);
// The minimum accepted time in second that a ping command should last.
// It is strongly advised to keep this config to false. Some device
// might not be able to send a higher value than the one specificied here and thus
// unable to start a push connection.
// If set to false, there will be no lower bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_LOWER_BOUND_LIFETIME', false);
// The maximum accepted time in second that a ping command should last.
// If set to false, there will be no higher bound to the ping lifetime.
// The minimum accepted value is 1 second. The maximum accepted value is 3540 seconds (59 minutes).
define('PING_HIGHER_BOUND_LIFETIME', false);
// Maximum response time
// Mobiles implement different timeouts to their TCP/IP connections. Android devices for example
// have a hard timeout of 30 seconds. If the server is not able to answer a request within this timeframe,
// the answer will not be recieved and the device will send a new one overloading the server.
// There are three categories
// - Short timeout - server has up within 30 seconds - is automatically applied for not categorized types
// - Medium timeout - server has up to 90 seconds to respond
// - Long timeout - server has up to 4 minutes to respond
// If a timeout is almost reached the server will break and sent the results it has until this
// point. You can add DeviceType strings to the categories.
// In general longer timeouts are better, because more data can be streamed at once.
define('SYNC_TIMEOUT_MEDIUM_DEVICETYPES', "SAMSUNGGTI");
define('SYNC_TIMEOUT_LONG_DEVICETYPES', "iPod, iPad, iPhone, WP, WindowsOutlook, WindowsMail");
// Time in seconds the device should wait whenever the service is unavailable,
// e.g. when a backend service is unavailable.
// Z-Push sends a "Retry-After" header in the response with the here defined value.
// It is up to the device to respect or not this directive so even if this option is set,
// the device might not wait requested time frame.
// Number of seconds before retry, to disable set to: false
define('RETRY_AFTER_DELAY', 300);
/**********************************************************************************
* Backend settings
*/
// The backend data provider.
// Leave this value empty and Z-Push will autoload a backend. The sequence of autoload is:
// BackendKopano, BackendCombined, BackendIMAP, BackendVCardDir, BackendMaildir.
// If BackendKopano is not installed, Z-Push will load BackendCombined. If BackendCombined
// also is not installed, Z-Push will load BackendIMAP and so on.
// If you prefer explicitly configure a backend provider, currently possible values are:
// BackendKopano - to use with the Kopano groupware. Syncs emails, calendar items,
// contacts, tasks and notes or any combination of the listed items.
// BackendCombined - combine multiple backends for different items, e.g.
// BackendIMAP for emails, BackendCalDAV for calendar items,
// BackendCardDAV for contacts etc. You can configure what backend
// syncs which items in /etc/combined.conf.php.
// BackendIMAP - to sync emails with an IMAP server.
// BackendCalDAV - to sync calendar items and / or tasks with a CalDAV server.
// BackendCardDAV - to sync contacts with a CardDAV server.
// BackendMaildir - to sync emails from a Maildir.
// BackendStickyNote - to sync notes with a Postgres server.
// BackendVCardDir - to sync contacts with vcard folder.
define('BACKEND_PROVIDER', '');
/**********************************************************************************
* Search provider settings
*
* Alternative backend to perform SEARCH requests (GAL search)
* By default the main Backend defines the preferred search functionality.
* If set, the Search Provider will always be preferred.
* Use 'BackendSearchLDAP' to search in a LDAP directory (see backend/searchldap/config.php)
*/
define('SEARCH_PROVIDER', '');
// Time in seconds for the server search. Setting it too high might result in timeout.
// Setting it too low might not return all results. Default is 10.
define('SEARCH_WAIT', 10);
// The maximum number of results to send to the client. Setting it too high
// might result in timeout. Default is 10.
define('SEARCH_MAXRESULTS', 10);
/**********************************************************************************
* Kopano Outlook Extension - Settings
*
* The Kopano Outlook Extension (KOE) provides MS Outlook 2013 and newer with
* functionality not provided by ActiveSync or not implemented by Outlook.
* For more information, see: https://wiki.z-hub.io/x/z4Aa
*/
// Global Address Book functionality
define('KOE_CAPABILITY_GAB', true);
// Synchronize mail flags from the server to Outlook/KOE
define('KOE_CAPABILITY_RECEIVEFLAGS', true);
// Encode flags when sending from Outlook/KOE
define('KOE_CAPABILITY_SENDFLAGS', true);
// Out-of-office support
define('KOE_CAPABILITY_OOF', true);
// Out-of-office support with start & end times (superseeds KOE_CAPABILITY_OOF)
define('KOE_CAPABILITY_OOFTIMES', true);
// Notes support
define('KOE_CAPABILITY_NOTES', true);
// Shared folder support
define('KOE_CAPABILITY_SHAREDFOLDER', true);
// Send-As support for Outlook/KOE and mobiles
define('KOE_CAPABILITY_SENDAS', true);
// Secondary Contact folders (own and shared)
define('KOE_CAPABILITY_SECONDARYCONTACTS', true);
// Copy WebApp signature into KOE
define('KOE_CAPABILITY_SIGNATURES', true);
// Delivery receipt requests
define('KOE_CAPABILITY_RECEIPTS', true);
// Impersonate other users
define('KOE_CAPABILITY_IMPERSONATE', true);
// To synchronize the GAB KOE, the GAB store and folderid need to be specified.
// Use the gab-sync script to generate this data. The name needs to
// match the config of the gab-sync script.
// More information here: https://wiki.z-hub.io/x/z4Aa (GAB Sync Script)
define('KOE_GAB_STORE', 'SYSTEM');
define('KOE_GAB_FOLDERID', '');
define('KOE_GAB_NAME', 'Z-Push-KOE-GAB');
/**********************************************************************************
* Synchronize additional folders to all mobiles
*
* With this feature, special folders can be synchronized to all mobiles.
* This is useful for e.g. global company contacts.
*
* This feature is supported only by certain devices, like iPhones.
* Check the compatibility list for supported devices:
* http://z-push.org/compatibility
*
* To synchronize a folder, add a section setting all parameters as below:
* store: the ressource where the folder is located.
* Kopano users use 'SYSTEM' for the 'Public Folder'
* folderid: folder id of the folder to be synchronized
* name: name to be displayed on the mobile device
* type: supported types are:
* SYNC_FOLDER_TYPE_USER_CONTACT
* SYNC_FOLDER_TYPE_USER_APPOINTMENT
* SYNC_FOLDER_TYPE_USER_TASK
* SYNC_FOLDER_TYPE_USER_MAIL
* SYNC_FOLDER_TYPE_USER_NOTE
* flags: sets additional options on the shared folder. Supported are:
* DeviceManager::FLD_FLAGS_NONE
* No flags configured, default flag to be set
* DeviceManager::FLD_FLAGS_SENDASOWNER
* When replying in this folder, automatically do Send-As
* DeviceManager::FLD_FLAGS_CALENDARREMINDERS
* If set, Outlook shows reminders for these shares with KOE
* DeviceManager::FLD_FLAGS_NOREADONLYNOTIFY
* If set, Z-Push won't send notification emails for changes
* if the folder is read-only
*
* Additional notes:
* - on Kopano systems use backend/kopano/listfolders.php script to get a list
* of available folders
*
* - all Z-Push users must have at least reading permissions so the configured
* folders can be synchronized to the mobile. Else they are ignored.
*
* - this feature is only partly suitable for multi-tenancy environments,
* as ALL users from ALL tenents need access to the configured store & folder.
* When configuring a public folder, this will cause problems, as each user has
* a different public folder in his tenant, so the folder are not available.
* - changing this configuration could cause HIGH LOAD on the system, as all
* connected devices will be updated and load the data contained in the
* added/modified folders.
*/
$additionalFolders = array(
// demo entry for the synchronization of contacts from the public folder.
// uncomment (remove '/*' '*/') and fill in the folderid
/*
array(
'store' => "SYSTEM",
'folderid' => "",
'name' => "Public Contacts",
'type' => SYNC_FOLDER_TYPE_USER_CONTACT,
'flags' => DeviceManager::FLD_FLAGS_NONE,
),
*/
);