From 112706ac4205c0c0e7bc3ead48c25580ebd43872 Mon Sep 17 00:00:00 2001
From: AntonioTerceiro <AntonioTerceiro@3f533792-8f58-4932-b0fe-aaf55b0a4547>
Date: Tue, 10 Jun 2008 15:29:18 +0000
Subject: [PATCH] ActionItem44: adding files and some documentation

---
 util/mail/postgresql/README               | 108 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 util/mail/postgresql/mail_users.sql       |  24 ++++++++++++++++++++++++
 util/mail/postgresql/pam_pgsql.conf       |  10 ++++++++++
 util/mail/postgresql/virtual_domains.cf   |   6 ++++++
 util/mail/postgresql/virtual_mailboxes.cf |   6 ++++++
 5 files changed, 154 insertions(+), 0 deletions(-)
 create mode 100644 util/mail/postgresql/README
 create mode 100644 util/mail/postgresql/mail_users.sql
 create mode 100644 util/mail/postgresql/pam_pgsql.conf
 create mode 100644 util/mail/postgresql/virtual_domains.cf
 create mode 100644 util/mail/postgresql/virtual_mailboxes.cf

diff --git a/util/mail/postgresql/README b/util/mail/postgresql/README
new file mode 100644
index 0000000..cbb4e2d
--- /dev/null
+++ b/util/mail/postgresql/README
@@ -0,0 +1,108 @@
+About
+=====
+
+This directory contains sample files for setting up a Noosfero-integrated mail
+service with Postfix, Courier Mail Server and PostgreSQL. The instructions
+assume a Debian GNU/Linux system, and were tested specifically in the "etch"
+release (the stable release at the time of writing the instructions).
+
+Installation
+============
+
+Install and configure Noosfero
+-------------------------------
+
+Follow Noosfero's own instructions. Before letting users register at your Noosfero site, add the following line to config/local.rb:
+
+User.system_encryption_method = :md5
+
+In the instructions below, replace **NOOSFERO_DB** with the name of the
+Noosfero database you'll use for production (e.g. "noosfero_production",
+"noosfero" etc).
+
+Install the required packages for the mail system
+-------------------------------------------------
+
+Create a system user for the virtual mail folders. This user will be used by
+Postfix for delivering mail into the folders.
+
+addgroup --gid 5000 vmail
+adduser --system --uid 5000 --gid 5000 vmail
+
+Configure a read-only user for your database
+--------------------------------------------
+
+Create a user in the PostgreSQL database that will be used by the mail authentication mechanisms to connect to the database. Become the postgres user and issue the command (replace **DBUSER** with the name you choose for this user):
+
+createuser -P **DBUSER**
+
+The -P option tells createuser to ask you for a password. Remember to take note
+of this password. From now on, we'll refer to it as **DBPASSWORD**. When you
+see **DBPASSWORD** in the instructions below, replace it with the password you
+typed. Similarly, when you see **DBUSER** in the instructions below, replace it
+with the username you chose to this database user.
+
+Configure the PostgreSQL database
+---------------------------------
+
+Create the database view that will be queried by Courier's PostgreSQL
+authentication module:
+
+psql **NOOSFERO_DB** < mail_users.sql
+
+After that, assure you give read permissions on the recently-created view to the  user you created before:
+
+psql **NOOSFERO_DB**
+[...]
+=> grant select on mail_users to **DBUSER**;
+
+Configure courier to authenticate against the PostgreSQL database:
+------------------------------------------------------------------
+
+in /etc/courier/authdaemonrc, find the line that defines authmodulelist and change it to look like this:
+
+authmodulelist="authpgsql"
+
+Then find the authpgsqlrc file and set the indicated settings as follows:
+
+PGSQL_HOST		127.0.0.1
+PGSQL_USERNAME		**DBUSER**
+PGSQL_PASSWORD		**DBPASSWORD**
+PGSQL_DATABASE		**NOOSFERO_DB**
+PGSQL_USER_TABLE	mail_users
+PGSQL_CRYPT_PWFIELD	passwd
+PGSQL_UID_FIELD		uid
+PGSQL_GID_FIELD		gid
+PGSQL_LOGIN_FIELD	username
+PGSQL_HOME_FIELD	home
+PGSQL_NAME_FIELD	fullname
+PGSQL_MAILDIR_FIELD	maildir
+
+Configure Postfix do deliver the mail in the right place
+--------------------------------------------------------
+
+Create a directory called "postgres" in /etc/postfix, and copy (or symlink) the
+files virtual_domains.cf and virtual_mailboxes.cf there.
+
+Then in main Postfix configuration file, add the following lines to the end of the file:
+
+virtual_mailbox_domains = proxy:pgsql:/etc/postfix/postgres/virtual_domains.cf
+virtual_mailbox_maps = proxy:pgsql:/etc/postfix/postgres/virtual_mailboxes.cf
+virtual_mailbox_base = /home/vmail
+virtual_uid_maps = static:5000
+virtual_gid_maps = static:5000
+smtp_sasl_auth_enable = yes
+broken_sasl_auth_clients = yes
+smtpd_recipient_restrictions =
+	permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination
+virtual_create_maildirsize = yes
+virtual_mailbox_extended = yes
+proxy_read_maps = $virtual_mailbox_domains $virtual_mailbox_maps
+
+Configuring PAM-PostgreSQL for Postfix (SMTP) authentication
+------------------------------------------------------------
+
+copy the file pam_pgsql.conf over /etc/pam_pgsql.conf and adjust the parameters
+database, user and password accordingly to your configuration.
diff --git a/util/mail/postgresql/mail_users.sql b/util/mail/postgresql/mail_users.sql
new file mode 100644
index 0000000..80f2dd3
--- /dev/null
+++ b/util/mail/postgresql/mail_users.sql
@@ -0,0 +1,24 @@
+CREATE OR REPLACE VIEW mail_users
+AS
+SELECT
+  users.login || '@' || domains.name                      as username,
+  '{MD5}' || encode(decode(users.crypted_password,'hex'), 'base64')
+                                                          as passwd,
+  ''                                                      as clearpasswd,
+  5000                                                    as uid,
+  5000                                                    as gid,
+  '/home/vmail/' || domains.name                          as home,
+  users.login                                             as maildir,
+  NULL                                                    as quota,
+  profiles.name                                           as fullname,
+  ''                                                      as options
+from users
+JOIN profiles on
+  (profiles.user_id = users.id and
+   profiles.type = 'Person')
+JOIN environments on
+  (environments.id = profiles.environment_id)
+JOIN domains on
+  (domains.owner_id = environments.id and
+   domains.owner_type = 'Environment');
+
diff --git a/util/mail/postgresql/pam_pgsql.conf b/util/mail/postgresql/pam_pgsql.conf
new file mode 100644
index 0000000..a20f800
--- /dev/null
+++ b/util/mail/postgresql/pam_pgsql.conf
@@ -0,0 +1,10 @@
+database = terceiro
+host = localhost
+user = pam
+password = pam
+table = users
+user_column = name
+pwd_column = passwd
+expired_column = expired
+newtok_column = must_change_passwd
+pw_type = md5
diff --git a/util/mail/postgresql/virtual_domains.cf b/util/mail/postgresql/virtual_domains.cf
new file mode 100644
index 0000000..d9015ad
--- /dev/null
+++ b/util/mail/postgresql/virtual_domains.cf
@@ -0,0 +1,6 @@
+user = pam
+password = pam
+dbname = noosfero_development
+query = select name AS virtual from domains where name = '%s'
+hosts = 127.0.0.1
+ssl = false
diff --git a/util/mail/postgresql/virtual_mailboxes.cf b/util/mail/postgresql/virtual_mailboxes.cf
new file mode 100644
index 0000000..2a6b814
--- /dev/null
+++ b/util/mail/postgresql/virtual_mailboxes.cf
@@ -0,0 +1,6 @@
+user = pam
+password = pam
+dbname = noosfero_development
+query = select domains.name || '/' || users.login || '/' from users join profiles on (profiles.user_id = users.id and profiles.type = 'Person') join environments on (environments.id = profiles.environment_id) join domains on (domains.owner_id = environments.id and domains.owner_type = 'Environment') where (users.login || '@' || domains.name) = '%s'
+hosts = 127.0.0.1
+ssl = false
--
libgit2 0.21.2