2 commits - config/config.ini.sample doc/kolab-freebusy.config.ini

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Thu Aug 14 11:11:54 CEST 2014 

 config/config.ini.sample      |  107 ++++++++++++++----------------------------
 doc/kolab-freebusy.config.ini |   96 +++++++++++++++++++++++++++++++++++++
 2 files changed, 134 insertions(+), 69 deletions(-)

New commits:
commit 2b3a496298079e8822ec913c8a90eca89b3bb62d
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 14 11:10:20 2014 +0200

    Add a %doc config.ini

diff --git a/doc/kolab-freebusy.config.ini b/doc/kolab-freebusy.config.ini
new file mode 100644
index 0000000..79b31eb
--- /dev/null
+++ b/doc/kolab-freebusy.config.ini
@@ -0,0 +1,96 @@
+;; Kolab Free/Busy Service configuration
+
+;; Require HTTP authentication to access this service
+[httpauth]
+
+;; Example for static auth credentials
+; type = static
+; username = "<user>"
+; password = "<pass>"
+
+;; Example for LDAP-based authentication
+; type = ldap
+; host = ldap://localhost:389
+; bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
+; bind_pw = "<service-bind-pw>"
+; base_dn = "dc=yourdomain,dc=com"
+; filter = "(&(|(mail=%s)(alias=%s)(uid=%s))(objectclass=inetorgperson))"  ; optional, %s is replaced by the username
+
+
+;; Allow privileged access from these IPs
+[trustednetworks]
+allow = 127.0.0.1,
+  192.168.0.0/16,
+  10.10.*,
+   ::1
+
+;; Logging configuration
+[log]
+driver = file  ; supported drivers: file, syslog
+path = ./log
+name = freebusy
+level = 300  ; (100 = Debug, 200 = Info, 300 = Warn, 400 = Error, 500 = Critical)
+
+;; Directories to resolve email addresses and their f/b source locations
+
+;; try local filesystem first
+[directory "local"]
+type = static
+filter = "@yourdomain"
+fbsource = file:/var/lib/kolab-freebusy/%s.ifb
+
+;; check if primary email address hits a cache file (saves LDAP lookups)
+[directory "local-cache"]
+type = static
+fbsource = file:/var/cache/kolab-freebusy/%s.ifb
+expires = 10m
+
+;; local Kolab directory server
+[directory "kolab-ldap"]
+type = ldap
+host = ldap://localhost:389
+bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
+bind_pw = "<service-bind-pw>"
+base_dn = "ou=People,dc=yourdomain,dc=com"  ; use %dc as placeholder for the domain part extracted from the request string
+filter = "(&(objectClass=kolabInetOrgPerson)(|(uid=%s)(mail=%s)(alias=%s)))"
+attributes = mail, sn, alias
+lc_attributes = sn
+mail_attributes = mail, alias
+fbsource = file:/var/lib/kolab-freebusy/%mail.ifb
+loglevel = 200  ; Info
+
+;; resolve Kolab resources from LDAP and fetch calendar from IMAP
+[directory "kolab-resources"]
+type = ldap
+host = ldap://localhost:389
+bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
+bind_pw = "<service-bind-pw>"
+base_dn = "ou=Resources,dc=yourdomain,dc=com"
+filter = "(&(objectClass=kolabsharedfolder)(mail=%s))"
+attributes = mail, kolabtargetfolder
+fbsource = "fbdaemon://localhost:<port>?folder=%kolabtargetfolder"
+timeout = 10    ; abort after 10 seconds
+cacheto = /var/cache/kolab-freebusy/%mail.ifb
+expires = 10m
+loglevel = 100  ; Debug
+
+;; external MS Exchange 2010 server
+[directory "exchange"]
+type = static
+filter = "@microsoft.com$"
+fbsource = https://externalhost/free-busy/%s.ics
+format = Exchange2010
+
+;; further examples of fbsource URIs
+;; - fetch data from another server by HTTP(s)
+; fbsource = "https://fb-service-user:imap-password@kolab-server/freebusy/%mail.ifb"
+
+;; - read data from a users calendars (all) using IMAP proxy authentication
+; fbsource = "imap://%mail:<admin-pass>@localhost/?proxy_auth=cyrus-admin"
+
+;; - read data from a shared IMAP folder with cyrus-admin privileges
+; fbsource = "imap://cyrus-admin:<admin-pass>@localhost/%kolabtargetfolder?acl=lrs"
+
+;; - trigger kolab-freebusyd daemon (folder= for shared folders, user= for user mailboxes)
+; fbsource = "fbdaemon://localhost:<port>?folder=%kolabtargetfolder&user=%mail"
+


commit 1767fbe402aee3258ab8b4fff5b40f8612d597bc
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 14 11:02:32 2014 +0200

    Commit a default configuration that represents the target configuration as closely as possible (#3333 and others)

diff --git a/config/config.ini.sample b/config/config.ini.sample
index 79b31eb..77abec5 100644
--- a/config/config.ini.sample
+++ b/config/config.ini.sample
@@ -1,96 +1,65 @@
 ;; Kolab Free/Busy Service configuration
 
-;; Require HTTP authentication to access this service
-[httpauth]
-
-;; Example for static auth credentials
-; type = static
-; username = "<user>"
-; password = "<pass>"
-
-;; Example for LDAP-based authentication
-; type = ldap
-; host = ldap://localhost:389
-; bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
-; bind_pw = "<service-bind-pw>"
-; base_dn = "dc=yourdomain,dc=com"
-; filter = "(&(|(mail=%s)(alias=%s)(uid=%s))(objectclass=inetorgperson))"  ; optional, %s is replaced by the username
-
-
-;; Allow privileged access from these IPs
-[trustednetworks]
-allow = 127.0.0.1,
-  192.168.0.0/16,
-  10.10.*,
-   ::1
-
-;; Logging configuration
+; Logging configuration
 [log]
 driver = file  ; supported drivers: file, syslog
-path = ./log
+path = ./logs
 name = freebusy
 level = 300  ; (100 = Debug, 200 = Info, 300 = Warn, 400 = Error, 500 = Critical)
 
-;; Directories to resolve email addresses and their f/b source locations
-
-;; try local filesystem first
+;;
+;; try local filesystem first (F/B has been generated externally)
+;;
 [directory "local"]
 type = static
-filter = "@yourdomain"
+filter = "@example.org"
 fbsource = file:/var/lib/kolab-freebusy/%s.ifb
 
+;;
 ;; check if primary email address hits a cache file (saves LDAP lookups)
+;;
 [directory "local-cache"]
 type = static
 fbsource = file:/var/cache/kolab-freebusy/%s.ifb
 expires = 10m
 
+;;
 ;; local Kolab directory server
-[directory "kolab-ldap"]
+;;
+[directory "kolab-people"]
 type = ldap
-host = ldap://localhost:389
-bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
-bind_pw = "<service-bind-pw>"
-base_dn = "ou=People,dc=yourdomain,dc=com"  ; use %dc as placeholder for the domain part extracted from the request string
-filter = "(&(objectClass=kolabInetOrgPerson)(|(uid=%s)(mail=%s)(alias=%s)))"
-attributes = mail, sn, alias
-lc_attributes = sn
-mail_attributes = mail, alias
-fbsource = file:/var/lib/kolab-freebusy/%mail.ifb
-loglevel = 200  ; Info
+host = "ldap://localhost:389"
+bind_dn = "uid=kolab-service,ou=Special Users,dc=example,dc=org"
+bind_pw = "SomePassword"
+base_dn = "ou=People,dc=example,dc=org"
+filter = "(&(objectClass=kolabInetOrgPerson)(|(mail=%s)(alias=%s))"
+attributes[] = mail
+lc_attributes[] = mail
+
+; %s is replaced by the user's result_attribute found
+fbsource = imaps://%s:CyrusAdminPassword@imap.example.org/?proxy_auth=cyrus-admin
+loglevel = 300
+cacheto = /var/cache/kolab-freebusy/%mail.ifb
+expires = 10m
 
+;;
 ;; resolve Kolab resources from LDAP and fetch calendar from IMAP
+;;
 [directory "kolab-resources"]
 type = ldap
-host = ldap://localhost:389
-bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
-bind_pw = "<service-bind-pw>"
-base_dn = "ou=Resources,dc=yourdomain,dc=com"
-filter = "(&(objectClass=kolabsharedfolder)(mail=%s))"
+host = "ldap://localhost:389"
+bind_dn = "uid=kolab-service,ou=Special Users,dc=example,dc=org"
+bind_pw = "SomePassword"
+base_dn = "ou=Resources,dc=example,dc=org"
+filter = "(&(objectClass=kolabsharedfolder)(kolabfoldertype=event)(mail=%s))"
 attributes = mail, kolabtargetfolder
-fbsource = "fbdaemon://localhost:<port>?folder=%kolabtargetfolder"
-timeout = 10    ; abort after 10 seconds
-cacheto = /var/cache/kolab-freebusy/%mail.ifb
-expires = 10m
-loglevel = 100  ; Debug
-
-;; external MS Exchange 2010 server
-[directory "exchange"]
-type = static
-filter = "@microsoft.com$"
-fbsource = https://externalhost/free-busy/%s.ics
-format = Exchange2010
 
-;; further examples of fbsource URIs
-;; - fetch data from another server by HTTP(s)
-; fbsource = "https://fb-service-user:imap-password@kolab-server/freebusy/%mail.ifb"
+; Use the Free/Busy daemon that separates the abuse of credentials
+;fbsource = "fbdaemon://localhost:<port>?folder=%kolabtargetfolder"
+;timeout = 10    ; abort after 10 seconds
 
-;; - read data from a users calendars (all) using IMAP proxy authentication
-; fbsource = "imap://%mail:<admin-pass>@localhost/?proxy_auth=cyrus-admin"
-
-;; - read data from a shared IMAP folder with cyrus-admin privileges
-; fbsource = "imap://cyrus-admin:<admin-pass>@localhost/%kolabtargetfolder?acl=lrs"
-
-;; - trigger kolab-freebusyd daemon (folder= for shared folders, user= for user mailboxes)
-; fbsource = "fbdaemon://localhost:<port>?folder=%kolabtargetfolder&user=%mail"
+fbsource = "imap://cyrus-admin:CyrusAdminPassword@imap.lhm.klab.cc/%kolabtargetfolder?acl=lrs"
+cacheto = /var/cache/kolab-freebusy/%mail.ifb
+expires = 10m
+loglevel = 300

More information about the commits mailing list