Add SSO configuration

5228c377 · ale · e4c0fa11 · 5228c377 · 5228c377 · 5228c377
Commit 5228c377 authored Feb 07, 2018 by ale
4 changed files
--- a/build.sh
+++ b/build.sh
@@ -41,6 +41,7 @@ APACHE_MODULES_ENABLE="
        rewrite
        setenvif
 	sso
+	unique_id
 "
 # Apache modules that are enabled by default by the Debian package,
@@ -105,6 +106,9 @@ for d in temp logs ; do
    chmod 700 /var/www/webmail/$d
 done
+# Create config mountpoint
+mkdir -p /etc/roundcube
 # Install Chaperone (minimalistic init service).
 pip3 install chaperone
 rm -fr /root/.cache/pip

--- a/conf/apache2/mods-available/sso.conf
+++ b/conf/apache2/mods-available/sso.conf
+SSOPublicKeyFile /etc/sso/public.key
+SSOLoginServer login.${DOMAIN}
+SSODomain ${DOMAIN}
--- a/conf/apache2/sites-available/webmail.conf
+++ b/conf/apache2/sites-available/webmail.conf
@@ -17,5 +17,11 @@
                Require all granted
        </Directory>
+        <Location />
+                AuthType SSO
+                SSOService ${SHARD_ID}.webmail.${DOMAIN}/
+                require group users
+        </Location>
 </VirtualHost>
--- a/start.sh
+++ b/start.sh
@@ -10,16 +10,11 @@
 CONFIG_DIR=/etc/roundcube
 TARGET_DIR=/var/www/webmail
-# Main configuration files.
-MAIN_CONFIG_FILES="config.inc.php db.inc.php"
 # Name of the MySQL database to use.
 MYSQL_DB="ai_roundcube"
 install_config() {
-    for f in ${MAIN_CONFIG_FILES} ; do
+    install -o root -g root -m 644 ${CONFIG_DIR}/config.inc.php ${TARGET_DIR}/config/config.inc.php
-        install -o root -g root -m 644 ${CONFIG_DIR}/${f} ${TARGET_DIR}/config/$f
-    done
    # For each known plugin, look for a NAME.config.inc.php file in
    # the config directory: if found, copy it to the plugin directory