Opened 7 years ago

Closed 3 years ago

#5270 closed Feature/Enhancement Request (fixed)

Install Roundcube as an alternate web mail interface for MFPL members

Reported by: https://id.mayfirst.org/lclement.fight.org Owned by: https://id.mayfirst.org/srevilak
Priority: Medium Component: Tech
Keywords: webmail roundcube stallman.mayfirst.org Cc: https://id.mayfirst.org/lclement.fight.org
Sensitive: no

Description

We briefly talked about using Roundcube at the Member's meeting. Can we start a timeline on implementing it so our users can have an easier interface. I can help out wherever I'm needed.

Change History (35)

comment:1 Changed 7 years ago by https://id.mayfirst.org/nat

Roundcube is on the agenda for an upcoming support team meeting. However that meeting is not until April 7th, or a little more than two months from now, with no definite goal yet stated.

I have been interested in Roundcube for a while now, but have not actually used it. I know that other folks in the support team have. I think the primary issue is getting enough people ready to support a new piece of software if we make it the default for our membership.

Sorry I can't be more helpful with a time line, but I think that's the closest that there may be.

Thinking out loud here, but perhaps we should set up a testing version, and let interested members like yourself start testing things out? Though I'm not immediately aware of what that might entail in terms of work. I'm also not sure what risks/ challenges such and environment would create. Which is something we should figure out.

--nat

comment:2 Changed 7 years ago by https://id.mayfirst.org/ross

  • Keywords webmail roundcube added
  • Owner set to https://id.mayfirst.org/ross
  • Status changed from new to assigned

I think security is the big issue with creating a 'member' testing instance of Roundcube. But we definitely need to have a discussion regarding what we're going to do with our webmail client. I think we should have this as an agenda item this weekend.

comment:3 Changed 7 years ago by https://id.mayfirst.org/lclement.fight.org

  • Cc https://id.mayfirst.org/lclement.fight.org added

Ok that sounds good. Just wanted to get an update. I would be willing to test it out once it's set up. Is the meeting open to the members?

comment:4 Changed 7 years ago by https://id.mayfirst.org/jamie

Hi Langston,

The support team face-to-face meetings are not open to all members because we generally have focused work that needs to get done and integrating new members every month would make that very difficult.

However, the support team welcomes new members! We really need people to join. If anyone is interested in joining, they can contact support@mayfirst.org and we can have a conversation to figure out the best way to integrate you into the team.

I just sent you an email Langston to start this process with you.

jamie

comment:5 Changed 7 years ago by https://id.mayfirst.org/ross

  • Resolution set to fixed
  • Status changed from assigned to feedback

comment:6 Changed 7 years ago by https://id.mayfirst.org/jamie

  • Resolution fixed deleted
  • Sensitive unset
  • Status changed from feedback to assigned
  • Summary changed from Roundcube to Install Roundcube as an alternate web mail interface for MFPL members
  • Type changed from Bug/Something is broken to Project/Need to hire someone

I'm re-opening this ticket to track the implementation of roudcube.

comment:7 Changed 6 years ago by https://id.mayfirst.org/ross

  • Keywords f2f added

comment:8 Changed 6 years ago by https://id.mayfirst.org/brandonjardine

  • Owner changed from https://id.mayfirst.org/ross to https://id.mayfirst.org/brandonjardine

We created two new user accounts on Stallman: roundcube-dev and roundcube-code. roundcube-code will own the svn checkout (of the 0.7 branch) or roundcube, and roundcube-dev will be the user which owns the database and hopefully runs the webserver. The svn branch was checked out into /srv/roundcube-dev.

In the process of configuring roundcube we moved /home and /srv on Stallman onto separate filesystems.

  • We're assuming passwords are in UTF-8
  • We've not enabled imagemagik, but it could be useful
  • IMAP & SMTP is set to use tls://, we need to verify that's correct.
  • We're turning off spellchecking as the default option seems to send data to a google service. pspell is an alternative, probably requiring the package php5-pspell.
  • File upload progress is not currently enabled, but can be with apc.
  • The roundcube temporary folder was set to /home/roundcube-dev/tmp
  • Roundcube is configured to require https.
  • The apache vhost config is set to rewrite all requests to http to https

The problem remains that the apache2 processes are running as www-data. We had hoped to find a way to drop down to roundcube-dev to run the cgi processes instead. Short of switching apache mpms or setting up a separate webserver and proxy, we're thinking about setting up FastCGI (or fcgid).

comment:9 Changed 6 years ago by https://id.mayfirst.org/brandonjardine

(dkg and myself are continuing to work on this)

comment:10 Changed 6 years ago by https://id.mayfirst.org/dkg

we're going to try to work on the next steps for this on 2012-04-11 21:00 America/New_York time. Anyone who wants to join us on #mayfirst would be welcome.

comment:11 Changed 6 years ago by https://id.mayfirst.org/dkg

My recent notes on fastcgi optimization/process isolation might be relevant to our next steps.

comment:12 Changed 6 years ago by https://id.mayfirst.org/brandonjardine

Roundcube is installed and working, via https://roundcube.dev.mayfirst.org/.

We got it working by installing mod_fastcgi, and setting up a separate php process listening on a unix socket at /var/run/roundcube-dev/.sock. The runsv service directory is located at /etc/sv/roundcube-dev.

The actual run script:

0 stallman:~# cat /etc/sv/roundcube-dev/run 
#!/bin/sh

exec 2>&1

sockdir=/var/run/roundcube-dev

mkdir -p "$sockdir"
chown roundcube-dev:www-data "$sockdir"
chmod 0750 "$sockdir"

exec chpst -e ./env/ -u roundcube-dev \
  php-cgi \
  -b "$sockdir"/.sock \
  -d suhosin.session.encrypt=off

And the right environment variables:

0 stallman:~# head -v /etc/sv/roundcube-dev/env/*
==> /etc/sv/roundcube-dev/env/PHP_DOCUMENT_ROOT <==
/srv/roundcube-dev

==> /etc/sv/roundcube-dev/env/PHP_FCGI_CHILDREN <==
10

==> /etc/sv/roundcube-dev/env/PHP_FCGI_MAX_REQUESTS <==
1000
0 stallman:~# 

Here's the apache2 vhost file that finally succeeded in working:

<VirtualHost *:443>
        ServerAlias roundcube.dev.mayfirst.org
        ServerAdmin apache@mayfirst.org
        DocumentRoot /srv/roundcube-dev/

        SSLEngine On
        SSLCertificateKeyFile /etc/ssl/private/roundcube.dev.mayfirst.org.key
        SSLCertificateFile /etc/ssl/roundcube.dev.mayfirst.org.crt

        <IfModule mod_fastcgi.c>

           FastCgiExternalServer /srv/roundcube-dev-php -socket /var/run/roundcube-dev/.sock

           RewriteEngine On
           RewriteRule ^$ /index.php
           RewriteRule ^(.*)/$ $1/index.php

           <FilesMatch "\.php$">
               SetHandler php-fastcgi
           </FilesMatch>
           Action php-fastcgi /srv/roundcube-dev-php
        </IfModule>

</VirtualHost>
<VirtualHost *:80>
        ServerAlias roundcube.dev.mayfirst.org
        ServerAdmin apache@mayfirst.org
        DocumentRoot /var/empty
        RewriteEngine On
        RewriteRule ^/?(.*) https://roundcube.dev.mayfirst.org/$1 [L,R,NE]
</VirtualHost>

This Apache configuration requires the actions module to be enabled with 'a2enmod actions'.

I've tested both IMAP and SMTP via Roundcube and they seem to be functioning properly.

Last edited 6 years ago by https://id.mayfirst.org/brandonjardine (previous) (diff)

comment:13 Changed 6 years ago by https://id.mayfirst.org/dkg

next steps:

  • compare features with our desired features for webmail
  • examine standard plugins to see if any of them might be relevant/useful in meeting any of the goals
  • audit the imap client functionality for reasonable security measures
  • look into "branding" so that the webapp has some visual MF/PL identity
  • document how maintenance and upgrades might work.
  • try to overwhelm it and see what happens, document our limits.
  • maybe sign the X.509 certificate with the MF/PL authority instead of the fifthhorseman.net authority.
Last edited 6 years ago by https://id.mayfirst.org/dkg (previous) (diff)

comment:14 Changed 6 years ago by https://id.mayfirst.org/jamila

Howdy,

Jamila from Palantetech here. I work with several MFPL members who use the webmail quite often, all of whom voice their dislike of it whenever I ask. I just took a look at roundcube and I was quite pleased. I volunteer to help test the functionality as both an end user and as front line tech support for several other end users. Also, if you want me to ask members who are disappointed in the previous webmail interface to test roundcube, let me know and I can walk them through it next time I have an on site client visit. Hopefully we can get some useful feedback, and see if this solves the usability problems that our members have with the current system.

Thanks.

comment:15 Changed 6 years ago by https://id.mayfirst.org/dkg

  • Keywords stallman.mayfirst.org added

Jamila, thank you very much! That's a great offer. Do you have any usability or performance feedback from what you've had a chance to see right now?

I'd like to hold off on telling a lot of people to rely regularly on https://roundcube.dev.mayfirst.org/ because i want to be able to tune it (and possibly break it) during this configuration/burn-in/testing phase without worrying that such breakage would cause grief for people in their day-to-day use.

That said, if you can communicate those "still shaking out the bugs" constraints to a handful of people who are willing to be guinea-pigs and help them post their feedback to this ticketing system, that feedback would be really instrumental in our moving forward with this.

Langston, are you also able to get some end-user feedback here?

comment:16 follow-up: Changed 6 years ago by https://id.mayfirst.org/jamila

Quick initial feedback: Speed! Much faster interface, much faster display of emails, so many more functions, it doesn't actively make me hate the existence of email. :)

I will check in with folks, and only if they want to be guinea pigs will I show it to them.

comment:17 in reply to: ↑ 16 Changed 6 years ago by https://id.mayfirst.org/dkg

Replying to https://id.mayfirst.org/jamila:

Quick initial feedback: Speed! Much faster interface, much faster display of emails,

This is really nice to hear, i'm glad that this roundcube setup is nice and fast for you. We should keep this in mind when considering the possibility of adding plugins that might slow it down :)

so many more functions,

Out of curiosity, which functions do you care about that roundcube has that horde lacks? I don't use webmail much myself, so it will help me as an implementor to know what parts matter to the people who regularly use it.

I will check in with folks, and only if they want to be guinea pigs will I show it to them.

great, thanks!

comment:18 Changed 6 years ago by https://id.mayfirst.org/jamila

When I say functions, I mostly mean the UI. The ability to see all the folders on the left, the icons with drop down menus at the top and bottom, and the preview pane interface all make it a much nicer experience for me.

comment:19 Changed 6 years ago by https://id.mayfirst.org/dkg

  • Keywords f2f removed

tag cleanup -- this work is still underway, but doesn't need to take up group time at the next support-team meeting.

comment:20 Changed 6 years ago by https://id.mayfirst.org/brandonjardine

At today's F2F we decided to work out a script to import contacts from Horde into Roundcube. Once that's done, some present members of the support team have agreed to take on using Roundcube for about a week to test it. If that first round of testing is successful, we'll send an announcement out to the Lowdown list asking for more adventurous beta testers.

comment:21 Changed 6 years ago by https://id.mayfirst.org/brandonjardine

We installed two plugins for roundcube which will import contacts and identities from the old horde database (only if identities or contacts don't yet exist in roundcube for that user).

We also enabled the new_user_dialog plugin which will prompt users to edit their default identity on first login. Hopefully most people will change the default 'from:' address from username@… to the correct one. There should still be a better solution for this.

comment:22 Changed 6 years ago by https://id.mayfirst.org/nat

A little further info on the plugins installed. The import_horde_contacts plugin and the import_horde_identities plugin both need access to the horde database, so we created the horde-ro MySQL user, which only has SELECT privs on the horde db. The changes that we've made to roundcube are all described in the /home/roundcube-code/import_horde_contacts/README file. Mainly it involved adding the horde db info and enabling the plugins.

In testing, the contact import plugin didn't work. The first thing we're looking at is some trouble connecting to the db.

I can successfully connect from the command line using:

mysql -u horde-ro -p -h localhost horde

And I created a test file (/home/roundcube-code/test.php) that tests the PDO connection in a similar fashion to the plugin:

<?php

$db_dsn = 'mysql:host=localhost;dbname=horde';
$db_user = 'horde-ro';
$db_pass = 'PASSWORD';

        try {
            $db = new PDO($db_dsn, $db_user, $db_pass);
        } catch(PDOException $e) {
            return false;
        }

$sql = 'SELECT object_email FROM turba_objects WHERE owner_id = "mctest"';
foreach ($db->query($sql) as $row) {
 print_r($row);
}

?>

Which gave me the data that I was expecting to see (emails from the mctest user's horde contact book). So if there are issues with this, the next places to look are in the plugin to make sure that when the db values, set in the main conf files, make it to the plugin okay. The plugin uses this structure for getting this from the rc object.

        $db_dsn  = $this->rc->config->get('horde_dsn');
        $db_user = $this->rc->config->get('horde_user');
        $db_pass = $this->rc->config->get('horde_pass');

The other thing that occurred to me is that the PDO layer may be choking on connecting to Postgres and MySQL at the same time, though that sound somewhat unlikely, since part of the point of PDO is to allow for such things.

--nat

comment:23 Changed 6 years ago by https://id.mayfirst.org/ross

I almost always get Internal Server Error messages when I attempt to login to roundcube. I theorize that the server is timing out trying to process all of the messages in my inbox, but this is not ideal behavior. Eventually I get bast the server error and things work as expected, unless I attempt to perform a search on the inbox, in which case the same internal server error often occurs.

~/ross

comment:24 Changed 6 years ago by https://id.mayfirst.org/jamie

comment:25 Changed 6 years ago by https://id.mayfirst.org/dkg

Sounds like ross has a repeatable use case to get the "internal server error". we should use that to figure out what's going on behind the scenes during such an error.

comment:26 Changed 6 years ago by https://id.mayfirst.org/jamie

  • Keywords f2f added
  • Type changed from Project/Need to hire someone to Feature/Enhancement Request

comment:27 follow-up: Changed 6 years ago by https://id.mayfirst.org/malloryk

Hi everyone

Looks like huge progress has been made to provide Roundcube to our members.

I would like to put one additional task on the implementation of this: to create a clickable choice between Horde and Roundcube at https://webmail.mayfirst.org. I was envisioning something like what is at https://members.mayfirst.org.

Perhaps this decision was already made differently for good reasons, but I typically circulate the easy-to-remember URL above to many of my clients.

Anyway, just a suggestion.

Thanks!

-Mallory

comment:28 in reply to: ↑ 27 Changed 6 years ago by https://id.mayfirst.org/dkg

Replying to https://id.mayfirst.org/malloryk:

create a clickable choice between Horde and Roundcube at https://webmail.mayfirst.org. I was envisioning something like what is at https://members.mayfirst.org.

I like this proposal. Is this something that we can do via Horde itself, or should we drop something "in the way" of horde's landing page?

comment:29 Changed 6 years ago by https://id.mayfirst.org/joseph

  • Resolution set to fixed
  • Status changed from assigned to closed

comment:30 Changed 6 years ago by https://id.mayfirst.org/joseph

  • Resolution fixed deleted
  • Status changed from closed to assigned

comment:31 Changed 5 years ago by https://id.mayfirst.org/srevilak

  • Owner changed from https://id.mayfirst.org/brandonjardine to https://id.mayfirst.org/srevilak

Assigning to srevilak.

I believe that the remaining work involves addressing malloryk's suggestion in comment:27.

comment:32 Changed 3 years ago by https://id.mayfirst.org/srevilak

  • Keywords f2f removed

comment:33 Changed 3 years ago by https://id.mayfirst.org/srevilak

Removed f2f tag. I don't believe this ticket requires additional support team meeting discussion.

comment:34 Changed 3 years ago by https://id.mayfirst.org/srevilak

  • Resolution set to fixed
  • Status changed from assigned to feedback

I note the suggestion in comment:27. However, I believe this issue is one we can close. After 3 years of operation, I presume that https://roundcube.mayfirst.org is a well-known URL; also, https://members.mayfirst.org does offer a choice between webmail interfaces.

Placing in feedback state.

comment:35 Changed 3 years ago by automatic

  • Status changed from feedback to closed

No news is good news (we hope)! Given the lack of feedback, we think this ticket can be closed.

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.