-------------------------------------------
  * **roundcube** 
  * **Jonathan Haack**
  * **Haack's Networking** 
  * **webmaster@haacksnetworking.org**   

-------------------------------------------
 
//roundcube//  

-------------------------------------------

This tutorial is for users of Debian who want to add Roundcube webmail on top of their self-hosted email. Before following this tutorial, make sure you already installed your mail server and that you have a corresponding virtual host for the domain set up in apache2. Once that's done, you should start by download Roundcube:

  cd /var/www
  wget https://github.com/roundcube/roundcubemail/releases/download/1.6.1/roundcubemail-1.6.1-complete.tar.gz
  tar xvf roundcubemail-1.6.1-complete.tar.gz
  ln -s roundcubemail-1.6.1/ roundcube
  chown root:root -R roundcube
  cd roundcube    
  sudo chown www-data:www-data temp/ logs/ -R
  sudo apt install software-properties-common php-net-ldap2 php-net-ldap3 php-imagick php8.2-fpm php8.2-common php8.2-gd php8.2-imap php8.2-mysql php8.2-curl php8.2-zip php8.2-xml php8.2-mbstring php8.2-bz2 php8.2-intl php8.2-gmp php8.2-redis
  
Now that Roundcube is installed, let's set up the database it will use.

  sudo mysql -u root
  CREATE DATABASE roundcube DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
  CREATE USER roundcube@localhost IDENTIFIED BY 'password';
  GRANT ALL PRIVILEGES ON roundcube.* TO roundcube@localhost;
  FLUSH PRIVILEGES;
  EXIT;
  
Once the database is created, let's import the initial tables.

  sudo mysql -u root -p roundcube < /var/www/roundcube/SQL/mysql.initial.sql
  
After Roundcube is installed and the initial tables are imported, you should now make sure that your Apache virtual host is setup properly:

  sudo nano /etc/apache2/sites-enabled/mail.domain.com.conf
  <VirtualHost *:80>
        ServerName mail.domain.com
        ServerAdmin email@email.com
        DocumentRoot /var/www/roundcube/
        ErrorLog ${APACHE_LOG_DIR}/roundcube_error.log
        CustomLog ${APACHE_LOG_DIR}/roundcube_access.log combined
        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /var/www/roundcube/>
                Options FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                Allow from all
        </Directory>
        <FilesMatch ".+\.ph(ar|p|tml)$">
                SetHandler "proxy:unix:/run/php/php8.2-fpm.sock|fcgi://localhost"
        </FilesMatch>
        RewriteEngine on
        RewriteCond %{SERVER_NAME} =mail.domain.com
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
  </VirtualHost>

Similarly, make sure you have one defined for port 443 as well:

  sudo nano /etc/apache2/sites-enabled/mail.domain.com-ssl.conf
  <IfModule mod_ssl.c>
  <VirtualHost *:443>
        ServerName mail.domain.com
        ServerAdmin email@email.com
        DocumentRoot /var/www/roundcube/
        ErrorLog ${APACHE_LOG_DIR}/roundcube_error.log
        CustomLog ${APACHE_LOG_DIR}/roundcube_access.log combined
        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /var/www/roundcube/>
                Options FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                Allow from all
        </Directory>
        <FilesMatch ".+\.ph(ar|p|tml)$">
                SetHandler "proxy:unix:/run/php/php8.2-fpm.sock|fcgi://localhost"
        </FilesMatch>
        SSLCertificateFile /etc/letsencrypt/live/mail.domain.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mail.domain.com/privkey.pem
  </VirtualHost>
  </IfModule>

After these are adjusted for Roundcube as follows, restart Apache with ''systemctl restart apache2.service''. It's now time to configure Roundcube to use the database you set up above and the underlying mail server you already built.

  cd /var/www/roundcube/config/
  sudo cp config.inc.php.sample config.inc.php
  sudo nano config.inc.php
  <$config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcube';>
  <$config['des_key'] = 'rcmail-!24ByteDESkey*Str';?
  <$config['imap_host'] = 'startls://domain.com:143';>
  <$config['smtp_host'] = 'tls://mail.domain.com:587';>
  <$config['enable_spellcheck'] = true;>

Change "pass" to whatever your password is. Take care not to use special characters and/or adjust the syntax accordingly to accept them. Change the destination key to something unique instead of the default. When specifying the imap and smtp host, make sure to prepend the tls prefix. Add spell check by adding the above spell check line to the bottom of the config. You can also append more plugins at this time. Here are some common additions:

  sudo nano config.inc.php
  $config['plugins'] = [
    'archive',
    'zipdownload',
    'acl',
    'additional_message_headers',
    'attachment_reminder',
    'autologon',
    'debug_logger',
    'emoticons',
    'enigma',
    'filesystem_attachments',
    'help',
    'hide_blockquote',
    'http_authentication',
    'identicon',
    'identity_select',
    'jqueryui',
    'krb_authentication',
    'managesieve',
    'markasjunk',
    'new_user_dialog',
    'new_user_identity',
    'newmail_notifier',
    'password',
    'reconnect',
    'redundant_attachments',
    'show_additional_headers',
    'squirrelmail_usercopy',
    'subscriptions_option',
    'userinfo',
    'vcard_attachments',
    'virtuser_file',
    'virtuser_query'
  ];

Alright, the basic configuration is now done. I can send and receive emails using jonathan@domain.com, with full health spf, dkim, and appropriate dmarc setup.


 --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/02/15 21:42//