@TOC recently used Qunhui 7.2 as the internal email server of the enterprise. Everything else is fine. When it comes to the phone book, you need to install globaladdressbook, this plug-in, and you also need to use composer to install it . It can be installed, but not used. Later, it was found that the roundcube used by the mail station was too low in version to be compatible with the plug-in. The following is the process of deploying front-end and back-end emails on the Synology 7.0 platform:
steps:
- Naturally install docker, mail server and mail station, and do some simple tests, such as opening smtp iimap pop3, and specifying the domain name with fqnm. , mailstation is logged in as a super user, the default host, localhost, does not need to be changed, and then in ssh,
sudo docker run -e ROUNDCUBEMAIL_DEFAULT_HOST=mail -e ROUNDCUBEMAIL_SMTP_SERVER=mail -p 8000:80 -d roundcube/roundcubemail
https://hub.docker.com/r/roundcubeorg/roundcubemail
-
In this way, a random erorr error will be reported and it will be stuck. The reason is that the appach server does not support the naslinux kernel. So build docker with labels and remove apach. Tags use -d roundcube/roundcubemail:latest-fpm-alpine
which is the version I use because there is only fpm php interpreter. so -
docker exec -it containIDfirechar bash repair nginx environment, apk add nginx. Modify the configuration in a directory similar to /etc/nginx/config, add php's 9000 parsing agent, and specify the working directory of /var/www/html. The php configuration code should be 9000 according to the port. The sock file can also be used. I don’t know how to basically copy the nginx configuration information in the nas. Vi /etc/hosts joins the analysis of the mail server. Mail server ip and domain name. Need to add nginx in /endpoint.sh
-
DSM opens the docker panel, stops the container, opens the editor, advanced settings, and modifies the port used in the environment variable, SMTP, 25. Server and host use /etc/hosts to point to the name of the hosts in the previous article. As long as these three parameters
-
At this time, you can open the mapped port and log in to the new version of the mail system. The users who use nas are also authenticated locally by the mai server, so users can send and receive emails without errors.
-
Let mailstation point to the new service http://ip/mail, the default page is written as jumping to the new port, ssh login NAS vi /var/@appstore/mailstation/index.php, changed to location (http://ip: port), the original web page is backed up, there is no need to skip it.
-
Install rich plugins, docker exec -it containIDfirechar bash then composer require --no-dev pluginname and use it happily.
Precautions:
- After logging in as an administrator in mailstation, there is an advanced setting menu to change the address of the mail server, and you can directly input localhost or IP. The port can be used by default. There are places in Docker that need to modify config.ini.php, or environment variables. This docker can run in different places, after all, it is just a front end of webemail. .It
seems that the port can only be 25 under docker, and nothing else. There is no advanced user setting function in the container, only config files can be used, and the domain name is used for safety, because emails need a suffix after all. And hosts can just work under this machine. So mail server FQCN here, set to that domain name.
Simply record my next operation:
... The first one is to add the password plug-in, which is a built-in plug-in, you can modify the password in the setting, and enable it from config.ini.php. Then modify the configuration file of the plug-in and specify the driver to use. I used httpapi. Specify a url, a user, and a password here. The operation of changing the password can be completed. In the background of nas, use any web front end to add a URL, accept these two parameters, and then call the sudo command sudo synouser --setpasswd user password, return 0 normally, status 200, others are abnormal. I use python. I feel that php is more suitable. After all, the mailstation itself has a running environment, and a little modification will do. In the README of password, there are instructions for using sudo without entering a password. Probably add php or your own web operator to /etc/sudoer, and then specify nopass and synouser.
... The second is the phonebook composer require, globaladdressbook, installation, config.ini.php. $config['plgins'] add globaladdressbook, you can add a global phonebook, group=true in the configuration. Grouping can be used. There is a selector in the selection option in the import, and the selection is added to the new group. The import format is csv, and there are name, mail, group in the column. These three can automatically correspond to the new user. Such a phonebook with grouping function is available.
This phone book can be infinitely many, with different names and permissions to record and add a first-level group, it is enough. The method is confg['globaladdressbooks']['global_n'=[imitated the first global book ], this method is faster and easier than carddav and ldap. Below is my simple extension method, and background fetch to maintain the list of loginable personnel.
.. Thirdly, I encountered difficulties in enabling ldap. The grouping of the phone book is two-level. It can only be divided into groups of users and cannot be further divided, so the idea of ldap was proposed. So far no success. Qunhui installs the ladp server package. For simple (disgusting) configuration, it can be seamlessly integrated into Synology, DSM control panel - domain/ldap, set base-dn: dc=NAME, link-dn: uuid=root, cn=users, dc=name. The password is the password entered on the home page. That's it. I tested and found that the groups in the ldap server can be nested. However,
there is an ldap addressbook function in roundcube, which cannot retrieve the groups inside. Although it says it supports it, it is a long time ago and there is no ready-made method. And use the ldap client to obtain user data through similar operations.
This ldap is a hierarchical system, so it is necessary to define its node information. For example, for Synology, the group is in cn=groups, dn=name, and the user is in cn=users, dn=name. (name is a domain name similar to the system, for example, there are three dn in three groups of domain names, which should mean directory node. cn may be the name of a tree trunk. ou means an organization) By using the LAM7.2 tool, You can easily manage and browse the specific information in this ldap.