smartmachine 1.3.0 → 1.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5103e5b3902c6f7cf9e295547ff6a5fd43682c9ca11f4d740a5b193fc09a2090
-  data.tar.gz: c99f47d9287341f7960223dfcbd44feeacdfdaed16cbf15215865d370706c3f8
+  metadata.gz: 77a473a51fb2d59eaf9ac27e62ca6564a078d3785f7aebcc7154d3199b034668
+  data.tar.gz: b3585bff1d2bc40cddd557c4876507f7c3fd99d90c55cfc6bfe3d34737341fe4
 SHA512:
-  metadata.gz: 93e8261b8739b1cc1a2fa3d0400ea8c2e4bbf0b10ec3ce697ef5597b61177fd0de253dbd47e49cd5411f172c4edfd87d73e9e40ea520569d74a8c7086444b1d0
-  data.tar.gz: 35abb8c1171082c17b76d277d2f77f9404c6888910b00be89cfb775ea702cec73085c017f3a8c70515c80b837c7c20bbc0f681a405247e25ad46d5ffd3ca9741
+  metadata.gz: 83d98d2d1ee25354e75a7beacb27d32d7c29000694149d56596e5595a6cc40bdbb1c35c3224eb4be5751606f451e7d862c4e4ff32800b6fd56a4a47ce4790ee3
+  data.tar.gz: 27e7660555110321dfb73b0d5217d288465aef2080547c4ab540a85faa14b878107156a8458f7654b4e65017ca6fd4cf96b8d5f54cd13f18a9b29c215bf1514f

data/lib/smart_machine/apps/app.rb

@@ -47,6 +47,7 @@ module SmartMachine
 
                   ## Docker
                   VIRTUAL_HOST=#{@appname}.#{appdomain}
+                  VIRTUAL_PATH=/
                   LETSENCRYPT_HOST=#{@appname}.#{appdomain}
                   LETSENCRYPT_EMAIL=#{@username}
                   LETSENCRYPT_TEST=false

data/lib/smart_machine/buildpackers/buildpacker.rb

@@ -91,8 +91,8 @@ module SmartMachine
 		  poppler-utils && \
               rm -rf /var/lib/apt/lists/* && \
               # ImageMagick 7. Remove this after its dependency is gone from ruby on rails.
-              cd /opt && wget https://download.imagemagick.org/archive/releases/ImageMagick-7.1.1-29.tar.gz && \
-                tar xvzf ImageMagick-7.1.1-29.tar.gz && \
+              cd /opt && wget https://download.imagemagick.org/archive/releases/ImageMagick-7.1.1-29.tar.xz && \
+                tar xvJf ImageMagick-7.1.1-29.tar.xz && \
                 cd ImageMagick-7.1.1-29 && \
                 ./configure && \
                 make && \

data/lib/smart_machine/commands/grid_commands/roundcube.rb

@@ -4,6 +4,30 @@ module SmartMachine
       class Roundcube < SubThor
         include Utilities
 
+        desc "install", "Install roundcube grid"
+        def install
+          inside_machine_dir do
+            with_docker_running do
+              puts "-----> Installing Roundcube"
+              machine = SmartMachine::Machine.new
+              machine.run_on_machine commands: "smartengine grid roundcube installer"
+              puts "-----> Roundcube Installation Complete"
+            end
+          end
+        end
+
+        desc "uninstall", "Uninstall roundcube grid"
+        def uninstall
+          inside_machine_dir do
+            with_docker_running do
+              puts "-----> Uninstalling Roundcube"
+              machine = SmartMachine::Machine.new
+              machine.run_on_machine commands: "smartengine grid roundcube uninstaller"
+              puts "-----> Roundcube Uninstallation Complete"
+            end
+          end
+        end
+
         desc "up", "Take UP the roundcube grid"
         option :name, type: :string
         def up
@@ -28,6 +52,24 @@ module SmartMachine
           end
         end
 
+        desc "installer", "Roundcube grid installer", hide: true
+        def installer
+          inside_engine_machine_dir do
+            name, config = SmartMachine.config.grids.roundcube.first
+            roundcube = SmartMachine::Grids::Roundcube.new(name: name.to_s)
+            roundcube.installer
+          end
+        end
+
+        desc "uninstaller", "Roundcube grid uninstaller", hide: true
+        def uninstaller
+          inside_engine_machine_dir do
+            name, config = SmartMachine.config.grids.roundcube.first
+            roundcube = SmartMachine::Grids::Roundcube.new(name: name.to_s)
+            roundcube.uninstaller
+          end
+        end
+
         desc "uper", "Roundcube grid uper", hide: true
         option :name, type: :string
         def uper

data/lib/smart_machine/engine.rb

@@ -28,7 +28,7 @@ module SmartMachine
 
       puts "-----> Creating image for Engine ... "
       command = [
-        "docker image build --quiet --tag #{engine_image_name_with_version}",
+        "docker image build --tag #{engine_image_name_with_version}",
         "--build-arg TZDATA_TIMEZONE='#{SmartMachine.config.engine.dig(:engineone).dig(:timezone)}'",
         "--build-arg SMARTMACHINE_MASTER_KEY=#{SmartMachine::Credentials.new.read_key}",
         "--build-arg USER_NAME=`id -un`",

data/lib/smart_machine/grids/emailer/imapsync.rb

@@ -0,0 +1,7 @@
+# TODO: Add imapsync feature to emailer.
+# https://imapsync.lamiral.info
+# https://hub.docker.com/r/gilleslamiral/imapsync/
+# docker run --rm --network=networkone gilleslamiral/imapsync imapsync --host1 <hostname> --user1 <email> --password1 <password> --host2 <hostname> --user2 <email> --password2 <password> --addheader --useheader Message-Id
+# Add the following options to delete messages and then their respective folders on the host1 server.
+# --delete1 --delete1emptyfolders --noexpungeaftereach
+# Display Message to User: For Specific IMAP Server Tips go to https://imapsync.lamiral.info/#doc

data/lib/smart_machine/grids/roundcube.rb

@@ -6,7 +6,7 @@ module SmartMachine
         raise "roundcube config for #{name} not found." unless config
 
         @fqdn = config.dig(:fqdn)
-        @image = config.dig(:image)
+        @image = "smartmachine/roundcube:#{SmartMachine.version}"
         @sysadmin_email = config.dig(:sysadmin_email)
         @networks = config.dig(:networks)
         @database_type = config.dig(:database_type)
@@ -21,6 +21,11 @@ module SmartMachine
         @smtp_port = config.dig(:smtp_port)
         @request_path = config.dig(:request_path)
         @plugins = config.dig(:plugins)
+        @plugins_password_database_type = config.dig(:plugins_password_database_type)
+        @plugins_password_database_host = config.dig(:plugins_password_database_host)
+        @plugins_password_database_user = config.dig(:plugins_password_database_user)
+        @plugins_password_database_pass = config.dig(:plugins_password_database_pass)
+        @plugins_password_database_name = config.dig(:plugins_password_database_name)
         @skin = config.dig(:skin)
         @upload_max_filesize = config.dig(:upload_max_filesize)
         @aspell_dictionaries = config.dig(:aspell_dictionaries)
@@ -29,67 +34,110 @@ module SmartMachine
         @home_dir = File.expand_path('~')
       end
 
-      def uper
-        FileUtils.mkdir_p("#{@home_dir}/machine/grids/roundcube/#{@name}/backups")
-        FileUtils.mkdir_p("#{@home_dir}/machine/grids/roundcube/#{@name}/data/html")
-        FileUtils.mkdir_p("#{@home_dir}/machine/grids/roundcube/#{@name}/data/roundcube-temp")
-
-        # Creating & Starting containers
-        print "-----> Creating container #{@name} ... "
-
-        command = [
-          "docker create",
-          "--name='#{@name}'",
-          "--env VIRTUAL_HOST=#{@fqdn}",
-          "--env VIRTUAL_PATH='#{@request_path}'",
-          "--env LETSENCRYPT_HOST=#{@fqdn}",
-          "--env LETSENCRYPT_EMAIL=#{@sysadmin_email}",
-          "--env LETSENCRYPT_TEST=false",
-          "--env CONTAINER_NAME='#{@name}'",
-          "--env FQDN='#{@fqdn}'",
-          "--env ROUNDCUBEMAIL_DEFAULT_HOST='#{@mail_host}'",
-          "--env ROUNDCUBEMAIL_DEFAULT_PORT='#{@mail_port}'",
-          "--env ROUNDCUBEMAIL_SMTP_SERVER='#{@smtp_host}'",
-          "--env ROUNDCUBEMAIL_SMTP_PORT='#{@smtp_port}'",
-          "--env ROUNDCUBEMAIL_USERNAME_DOMAIN=''",
-          "--env ROUNDCUBEMAIL_REQUEST_PATH='#{@request_path}'",
-          "--env ROUNDCUBEMAIL_PLUGINS='#{@plugins.join(',')}'",
-          "--env ROUNDCUBEMAIL_INSTALL_PLUGINS='1'",
-          "--env ROUNDCUBEMAIL_SKIN='#{@skin}'",
-          "--env ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE='#{@upload_max_filesize}'",
-          "--env ROUNDCUBEMAIL_SPELLCHECK_URI=''",
-          "--env ROUNDCUBEMAIL_ASPELL_DICTS='#{@aspell_dictionaries.join(',')}'",
-          "--env ROUNDCUBEMAIL_DB_TYPE='#{@database_type}'",
-          "--env ROUNDCUBEMAIL_DB_HOST='#{@database_host}'",
-          "--env ROUNDCUBEMAIL_DB_PORT='#{@database_port}'",
-          "--env ROUNDCUBEMAIL_DB_USER='#{@database_user}'",
-          "--env ROUNDCUBEMAIL_DB_PASSWORD='#{@database_pass}'",
-          "--env ROUNDCUBEMAIL_DB_NAME='#{@database_name}'",
-          "--volume='#{@home_dir}/smartmachine/config/roundcube/etc/apache2/sites-available/000-default.conf:/etc/apache2/sites-available/000-default.conf:ro'",
-          "--volume='#{@home_dir}/smartmachine/config/roundcube/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini:/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini:ro'",
-          "--volume='#{@home_dir}/smartmachine/config/roundcube/var/roundcube/config:/var/roundcube/config:ro'",
-          "--volume='#{@home_dir}/smartmachine/grids/roundcube/#{@name}/data/html:/var/www/html'",
-          "--volume='#{@home_dir}/smartmachine/grids/roundcube/#{@name}/data/roundcube-temp:/tmp/roundcube-temp'",
-          "--tmpfs /run/tmpfs",
-          "--init",
-          "--restart='always'",
-          "--network='nginx-network'",
-          "#{@image}"
-        ]
-        if system(command.compact.join(" "), out: File::NULL)
-          @networks.each do |network|
-            system("docker network connect #{network} #{@name}")
+      def installer
+        unless system("docker image inspect #{@image}", [:out, :err] => File::NULL)
+          puts "-----> Creating image #{@image} ... "
+          command = [
+            "docker image build -t #{@image}",
+            "--build-arg SMARTMACHINE_VERSION=#{SmartMachine.version}",
+            "-f- #{SmartMachine.config.gem_dir}/lib/smart_machine/grids/roundcube",
+            "<<'EOF'\n#{dockerfile}EOF"
+          ]
+          if system(command.join(" "), out: File::NULL)
+            puts "done"
+          else
+            raise "Error: Could not install image: #{@image}"
           end
+        else
+          raise "Error: Image already installed: #{@image}. Please uninstall using 'smartmachine grids roundcube uninstall' and try installing again."
+        end
+      end
+
+      def uninstaller
+        unless system("docker inspect -f '{{.State.Running}}' '#{@name}'", [:out, :err] => File::NULL)
+          if system("docker image inspect #{@image}", [:out, :err] => File::NULL)
+            puts "-----> Removing image #{@image} ... "
+            if system("docker image rm #{@image}", out: File::NULL)
+              puts "done"
+            end
+          else
+            raise "Error: Roundcube already uninstalled. Please install using 'smartmachine grids roundcube install' and try uninstalling again."
+          end
+        else
+          raise "Error: Roundcube is currently running. Please stop the roundcube using 'smartmachine grids roundcube down' and try uninstalling again."
+        end
+      end
+
+      def uper
+        if system("docker image inspect #{@image}", [:out, :err] => File::NULL)
+          FileUtils.mkdir_p("#{@home_dir}/machine/grids/roundcube/#{@name}/backups")
+          FileUtils.mkdir_p("#{@home_dir}/machine/grids/roundcube/#{@name}/data/roundcube-temp")
+
+          # Setting entrypoint permission.
+          system("chmod +x #{@home_dir}/machine/config/roundcube/docker/custom-docker-entrypoint.sh")
+          system("chmod +x #{@home_dir}/machine/config/roundcube/docker/entrypoint.rb")
+
+          # Creating & Starting containers
+          print "-----> Creating container #{@name} ... "
+
+          command = [
+            "docker create",
+            "--name='#{@name}'",
+            "--env VIRTUAL_HOST=#{@fqdn}",
+            "--env VIRTUAL_PATH='#{@request_path}'",
+            "--env LETSENCRYPT_HOST=#{@fqdn}",
+            "--env LETSENCRYPT_EMAIL=#{@sysadmin_email}",
+            "--env LETSENCRYPT_TEST=false",
+            "--env CONTAINER_NAME='#{@name}'",
+            "--env FQDN='#{@fqdn}'",
+            "--env ROUNDCUBEMAIL_DEFAULT_HOST='#{@mail_host}'",
+            "--env ROUNDCUBEMAIL_DEFAULT_PORT='#{@mail_port}'",
+            "--env ROUNDCUBEMAIL_SMTP_SERVER='#{@smtp_host}'",
+            "--env ROUNDCUBEMAIL_SMTP_PORT='#{@smtp_port}'",
+            "--env ROUNDCUBEMAIL_USERNAME_DOMAIN=''",
+            "--env ROUNDCUBEMAIL_REQUEST_PATH='#{@request_path}'",
+            "--env ROUNDCUBEMAIL_PLUGINS='#{@plugins.join(',')}'",
+            "--env ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_TYPE='#{@plugins_password_database_type}'",
+            "--env ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_HOST='#{@plugins_password_database_host}'",
+            "--env ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_USER='#{@plugins_password_database_user}'",
+            "--env ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_PASS='#{@plugins_password_database_pass}'",
+            "--env ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_NAME='#{@plugins_password_database_name}'",
+            "--env ROUNDCUBEMAIL_INSTALL_PLUGINS='1'",
+            "--env ROUNDCUBEMAIL_SKIN='#{@skin}'",
+            "--env ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE='#{@upload_max_filesize}'",
+            "--env ROUNDCUBEMAIL_SPELLCHECK_URI=''",
+            "--env ROUNDCUBEMAIL_ASPELL_DICTS='#{@aspell_dictionaries.join(',')}'",
+            "--env ROUNDCUBEMAIL_DB_TYPE='#{@database_type}'",
+            "--env ROUNDCUBEMAIL_DB_HOST='#{@database_host}'",
+            "--env ROUNDCUBEMAIL_DB_PORT='#{@database_port}'",
+            "--env ROUNDCUBEMAIL_DB_USER='#{@database_user}'",
+            "--env ROUNDCUBEMAIL_DB_PASSWORD='#{@database_pass}'",
+            "--env ROUNDCUBEMAIL_DB_NAME='#{@database_name}'",
+            "--volume='#{@home_dir}/smartmachine/config/roundcube:/smartmachine/config/roundcube:ro'",
+            "--volume='#{@home_dir}/smartmachine/grids/roundcube/#{@name}/data/roundcube-temp:/tmp/roundcube-temp'",
+            "--tmpfs /run/tmpfs",
+            "--init",
+            "--restart='always'",
+            "--network='nginx-network'",
+            "#{@image}"
+          ]
+          if system(command.compact.join(" "), out: File::NULL)
+            @networks.each do |network|
+              system("docker network connect #{network} #{@name}")
+            end
 
-          puts "done"
-          puts "-----> Starting container #{@name} ... "
-          if system("docker start #{@name}", out: File::NULL)
             puts "done"
+            puts "-----> Starting container #{@name} ... "
+            if system("docker start #{@name}", out: File::NULL)
+              puts "done"
+            else
+              raise "Error: Could not start container: #{@name}"
+            end
           else
-            raise "Error: Could not start container: #{@name}"
+            raise "Error: Could not create container: #{@name}"
           end
         else
-          raise "Error: Could not create container: #{@name}"
+          raise "Error: Could not find image: #{@image}"
         end
       end
 
@@ -109,6 +157,28 @@ module SmartMachine
           end
         end
       end
+
+      private
+
+      def dockerfile
+        file = <<~'DOCKERFILE'
+          ARG SMARTMACHINE_VERSION
+
+	  FROM roundcube/roundcubemail:1.6.8-apache
+	  LABEL maintainer="plainsource <plainsource@humanmind.me>"
+
+	  RUN apt-get update && \
+              apt-get install -y --no-install-recommends \
+	      ruby-full build-essential zlib1g-dev \
+	      dovecot-common && \
+	      rm -rf /var/lib/apt/lists/*
+
+	  ENTRYPOINT ["/smartmachine/config/roundcube/docker/custom-docker-entrypoint.sh"]
+	  CMD ["apache2-foreground"]
+        DOCKERFILE
+
+        format(file, "mailname": @mailname)
+      end
     end
   end
 end

data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/main.cf

@@ -86,6 +86,11 @@ virtual_alias_domains = mysql:/etc/postfix/mysql-virtual-alias-domains.cf
 # Alias mappings for domains, users and users to themselves.
 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps-domains.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-masters.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-users.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-userstothemselves.cf
 
+# Setting Message Size (default: 10240000).
+# Changed to 37.5MB to allow approximately 25MB of file attachments (includes mime expansion bloat).
+# https://serverfault.com/questions/189508/considering-mime-expansion-bloat-how-does-that-affect-settings-for-exchange-200/189510#189510
+message_size_limit = 39321600
+
 # Even more Restrictions and MTA params
 disable_vrfy_command = yes
 strict_rfc821_envelopes = yes

data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/docker/custom-docker-entrypoint.sh

@@ -0,0 +1,185 @@
+#!/bin/bash
+# set -ex
+
+# PWD=`pwd`
+
+if  [[ "$1" == apache2* || "$1" == php-fpm || "$1" == bin* ]]; then
+  INSTALLDIR=`pwd`
+  # docroot is empty
+  if ! [ -e index.php -a -e bin/installto.sh ]; then
+    echo >&2 "roundcubemail not found in $PWD - copying now..."
+    if [ "$(ls -A)" ]; then
+      echo >&2 "WARNING: $PWD is not empty - press Ctrl+C now if this is an error!"
+      ( set -x; ls -A; sleep 10 )
+    fi
+    tar cf - --one-file-system -C /usr/src/roundcubemail . | tar xf -
+    echo >&2 "Complete! ROUNDCUBEMAIL has been successfully copied to $INSTALLDIR"
+  # update Roundcube in docroot
+  else
+    echo >&2 "roundcubemail found in $INSTALLDIR - installing update..."
+    (cd /usr/src/roundcubemail && bin/installto.sh -y $INSTALLDIR)
+    # Re-install composer modules (including plugins)
+    composer \
+          --working-dir=${INSTALLDIR} \
+          --prefer-dist \
+          --no-dev \
+          --no-interaction \
+          --optimize-autoloader \
+          install
+  fi
+
+  if [ -f /run/secrets/roundcube_db_user ]; then
+    ROUNDCUBEMAIL_DB_USER=`cat /run/secrets/roundcube_db_user`
+  fi
+  if [ -f /run/secrets/roundcube_db_password ]; then
+    ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password`
+  fi
+  if [ -f /run/secrets/roundcube_oauth_client_secret ]; then
+    ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET=`cat /run/secrets/roundcube_oauth_client_secret`
+  fi
+
+  if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then
+    : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}"
+    : "${ROUNDCUBEMAIL_DB_HOST:=postgres}"
+    : "${ROUNDCUBEMAIL_DB_PORT:=5432}"
+    : "${ROUNDCUBEMAIL_DB_USER:=${POSTGRES_ENV_POSTGRES_USER}}"
+    : "${ROUNDCUBEMAIL_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
+    : "${ROUNDCUBEMAIL_DB_NAME:=${POSTGRES_ENV_POSTGRES_DB:-roundcubemail}}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}://${ROUNDCUBEMAIL_DB_USER}:${ROUNDCUBEMAIL_DB_PASSWORD}@${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT}/${ROUNDCUBEMAIL_DB_NAME}}"
+
+    /wait-for-it.sh ${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT} -t 30
+  elif [ ! -z "${!MYSQL_ENV_MYSQL_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "mysql" ]; then
+    : "${ROUNDCUBEMAIL_DB_TYPE:=mysql}"
+    : "${ROUNDCUBEMAIL_DB_HOST:=mysql}"
+    : "${ROUNDCUBEMAIL_DB_PORT:=3306}"
+    : "${ROUNDCUBEMAIL_DB_USER:=${MYSQL_ENV_MYSQL_USER:-root}}"
+    if [ "$ROUNDCUBEMAIL_DB_USER" = 'root' ]; then
+      : "${ROUNDCUBEMAIL_DB_PASSWORD:=${MYSQL_ENV_MYSQL_ROOT_PASSWORD}}"
+    else
+      : "${ROUNDCUBEMAIL_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD}}"
+    fi
+    : "${ROUNDCUBEMAIL_DB_NAME:=${MYSQL_ENV_MYSQL_DATABASE:-roundcubemail}}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}://${ROUNDCUBEMAIL_DB_USER}:${ROUNDCUBEMAIL_DB_PASSWORD}@${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT}/${ROUNDCUBEMAIL_DB_NAME}}"
+
+    /wait-for-it.sh ${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT} -t 30
+  else
+    # use local SQLite DB in /var/roundcube/db
+    : "${ROUNDCUBEMAIL_DB_TYPE:=sqlite}"
+    : "${ROUNDCUBEMAIL_DB_DIR:=/var/roundcube/db}"
+    : "${ROUNDCUBEMAIL_DB_NAME:=sqlite}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}:///$ROUNDCUBEMAIL_DB_DIR/${ROUNDCUBEMAIL_DB_NAME}.db?mode=0646}"
+
+    mkdir -p $ROUNDCUBEMAIL_DB_DIR
+    chown www-data:www-data $ROUNDCUBEMAIL_DB_DIR
+  fi
+
+  : "${ROUNDCUBEMAIL_DEFAULT_HOST:=localhost}"
+  : "${ROUNDCUBEMAIL_DEFAULT_PORT:=143}"
+  : "${ROUNDCUBEMAIL_SMTP_SERVER:=localhost}"
+  : "${ROUNDCUBEMAIL_SMTP_PORT:=587}"
+  : "${ROUNDCUBEMAIL_PLUGINS:=archive,zipdownload}"
+  : "${ROUNDCUBEMAIL_SKIN:=elastic}"
+  : "${ROUNDCUBEMAIL_TEMP_DIR:=/tmp/roundcube-temp}"
+  : "${ROUNDCUBEMAIL_REQUEST_PATH:=/}"
+  : "${ROUNDCUBEMAIL_COMPOSER_PLUGINS_FOLDER:=$INSTALLDIR}"
+
+  if [ ! -z "${ROUNDCUBEMAIL_COMPOSER_PLUGINS}" ]; then
+    echo "Installing plugins from the list"
+    echo "Plugins: ${ROUNDCUBEMAIL_COMPOSER_PLUGINS}"
+
+    # Change ',' into a space
+    ROUNDCUBEMAIL_COMPOSER_PLUGINS_SH=`echo "${ROUNDCUBEMAIL_COMPOSER_PLUGINS}" | tr ',' ' '`
+
+    composer \
+      --working-dir=${ROUNDCUBEMAIL_COMPOSER_PLUGINS_FOLDER} \
+      --prefer-dist \
+      --prefer-stable \
+      --update-no-dev \
+      --no-interaction \
+      --optimize-autoloader \
+      require \
+      -- \
+      ${ROUNDCUBEMAIL_COMPOSER_PLUGINS_SH};
+  fi
+
+  if [ ! -e config/config.inc.php ]; then
+    GENERATED_DES_KEY=`head /dev/urandom | base64 | head -c 24`
+    touch config/config.inc.php
+
+    echo "Write root config to $PWD/config/config.inc.php"
+    echo "<?php
+    \$config['plugins'] = [];
+    \$config['log_driver'] = 'stdout';
+    \$config['zipdownload_selection'] = true;
+    \$config['des_key'] = '${GENERATED_DES_KEY}';
+    \$config['enable_spellcheck'] = true;
+    \$config['spellcheck_engine'] = 'pspell';
+    include(__DIR__ . '/config.docker.inc.php');
+    " > config/config.inc.php
+
+  elif ! grep -q "config.docker.inc.php" config/config.inc.php; then
+    echo "include(__DIR__ . '/config.docker.inc.php');" >> config/config.inc.php
+  fi
+
+  ROUNDCUBEMAIL_PLUGINS_PHP=`echo "${ROUNDCUBEMAIL_PLUGINS}" | sed -E "s/[, ]+/', '/g"`
+  echo "Write Docker config to $PWD/config/config.docker.inc.php"
+  echo "<?php
+  \$config['db_dsnw'] = '${ROUNDCUBEMAIL_DSNW}';
+  \$config['db_dsnr'] = '${ROUNDCUBEMAIL_DSNR}';
+  \$config['imap_host'] = '${ROUNDCUBEMAIL_DEFAULT_HOST}:${ROUNDCUBEMAIL_DEFAULT_PORT}';
+  \$config['smtp_host'] = '${ROUNDCUBEMAIL_SMTP_SERVER}:${ROUNDCUBEMAIL_SMTP_PORT}';
+  \$config['username_domain'] = '${ROUNDCUBEMAIL_USERNAME_DOMAIN}';
+  \$config['temp_dir'] = '${ROUNDCUBEMAIL_TEMP_DIR}';
+  \$config['skin'] = '${ROUNDCUBEMAIL_SKIN}';
+  \$config['request_path'] = '${ROUNDCUBEMAIL_REQUEST_PATH}';
+  \$config['plugins'] = array_filter(array_unique(array_merge(\$config['plugins'], ['${ROUNDCUBEMAIL_PLUGINS_PHP}'])));
+  " > config/config.docker.inc.php
+
+  if [ -e /run/secrets/roundcube_des_key ]; then
+    echo "\$config['des_key'] = file_get_contents('/run/secrets/roundcube_des_key');" >> config/config.docker.inc.php
+  elif [ ! -z "${ROUNDCUBEMAIL_DES_KEY}" ]; then
+    echo "\$config['des_key'] = getenv('ROUNDCUBEMAIL_DES_KEY');" >> config/config.docker.inc.php
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}" ]; then
+    echo "\$config['oauth_client_secret'] = '${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}';" >> config/config.docker.inc.php
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_SPELLCHECK_URI}"]; then
+    echo "\$config['spellcheck_engine'] = 'googie';" >> config/config.docker.inc.php
+    echo "\$config['spellcheck_uri'] = '${ROUNDCUBEMAIL_SPELLCHECK_URI}';" >> config/config.docker.inc.php
+  fi
+
+  # include custom config files
+  for fn in `ls /var/roundcube/config/*.php 2>/dev/null || true`; do
+    echo "include('$fn');" >> config/config.docker.inc.php
+  done
+
+  # initialize or update DB
+  bin/initdb.sh --dir=$PWD/SQL --update || echo "Failed to initialize/update the database. Please start with an empty database and restart the container."
+
+  if [ ! -z "${ROUNDCUBEMAIL_TEMP_DIR}" ]; then
+    mkdir -p ${ROUNDCUBEMAIL_TEMP_DIR} && chown www-data ${ROUNDCUBEMAIL_TEMP_DIR}
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" ]; then
+    echo "upload_max_filesize=${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" >> /usr/local/etc/php/conf.d/roundcube-override.ini
+    echo "post_max_size=${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" >> /usr/local/etc/php/conf.d/roundcube-override.ini
+  fi
+
+  : "${ROUNDCUBEMAIL_LOCALE:=en_US.UTF-8 UTF-8}"
+
+  if [ -e /usr/sbin/locale-gen ] && [ ! -z "${ROUNDCUBEMAIL_LOCALE}" ]; then
+    echo "${ROUNDCUBEMAIL_LOCALE}" > /etc/locale.gen
+    /usr/sbin/locale-gen
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_ASPELL_DICTS}" ]; then
+    ASPELL_PACKAGES=`echo -n "aspell-${ROUNDCUBEMAIL_ASPELL_DICTS}" | sed -E "s/[, ]+/ aspell-/g"`
+    which apt-get && apt-get install -y $ASPELL_PACKAGES
+    which apk && apk add --no-cache $ASPELL_PACKAGES
+  fi
+
+fi
+
+exec ruby /smartmachine/config/roundcube/docker/entrypoint.rb "$@"

data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/docker/entrypoint.rb

@@ -0,0 +1,58 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'logger'
+require 'cgi'
+
+logger = Logger.new(STDOUT)
+STDOUT.sync = true
+
+def update_envkeys_in(filepaths, envkeys)
+  filepaths.each do |filepath|
+    str = File.read(filepath)
+    str = str.gsub(/%(?!<)/, '%%')
+    str = format(str, envkeys)
+    File.open(filepath, "w") { |file| file << str }
+  end
+end
+
+# initial setup
+unless File.exist?('/run/initial_container_start')
+  FileUtils.touch('/run/initial_container_start')
+
+  # EnvKeys
+  envkeys = {
+    container_name: ENV.delete('CONTAINER_NAME'),
+    fqdn: ENV.delete('FQDN'),
+    timezone: `cat /etc/timezone`.chomp,
+    roundcubemail_request_path: ENV.delete('ROUNDCUBEMAIL_REQUEST_PATH'),
+    roundcubemail_plugins_password_database_type: ENV.delete('ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_TYPE'),
+    roundcubemail_plugins_password_database_host: ENV.delete('ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_HOST'),
+    roundcubemail_plugins_password_database_user: CGI.escape(ENV.delete('ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_USER')),
+    roundcubemail_plugins_password_database_pass: CGI.escape(ENV.delete('ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_PASS')),
+    roundcubemail_plugins_password_database_name: ENV.delete('ROUNDCUBEMAIL_PLUGINS_PASSWORD_DATABASE_NAME')
+  }
+
+  # Config
+  FileUtils.cp '/smartmachine/config/roundcube/etc/apache2/sites-available/000-default.conf', '/etc/apache2/sites-available/000-default.conf'
+  FileUtils.cp '/smartmachine/config/roundcube/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini', '/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini'
+  FileUtils.cp '/smartmachine/config/roundcube/var/roundcube/config/config.custom.inc.php', '/var/roundcube/config/config.custom.inc.php'
+  filepaths = [
+    '/etc/apache2/sites-available/000-default.conf'
+  ]
+  update_envkeys_in(filepaths, envkeys)
+
+  # Plugins
+  FileUtils.cp '/smartmachine/config/roundcube/var/www/html/plugins/password/config.inc.php', '/var/www/html/plugins/password/config.inc.php'
+  filepaths = [
+    '/var/www/html/plugins/password/config.inc.php'
+  ]
+  update_envkeys_in(filepaths, envkeys)
+  system("chown root:www-data /var/www/html/plugins/password/config.inc.php")
+  system("chmod u=rw,g=r,o= /var/www/html/plugins/password/config.inc.php")
+
+  logger.info "Initial setup completed for #{envkeys[:container_name]}."
+end
+
+exec(*ARGV)

data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/etc/apache2/sites-available/000-default.conf

@@ -16,6 +16,7 @@
 	# If you are setting a different request_path other than '/' in roundcube.yml config file,
 	# then please uncomment the below line and add that path here as an alias.
         #Alias /your/request/path /var/www/html
+	Alias %<roundcubemail_request_path>s /var/www/html
 
 	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
         # error, crit, alert, emerg.

data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/var/www/html/plugins/password/config.inc.php

@@ -0,0 +1,523 @@
+<?php
+
+// Password Plugin options
+// -----------------------
+// A driver to use for password change. Default: "sql".
+// See README file for list of supported driver names.
+$config['password_driver'] = 'sql';
+
+// A driver to use for checking password strength. Default: null (disabled).
+// See README file for list of supported driver names.
+$config['password_strength_driver'] = null;
+
+// Determine whether current password is required to change password.
+// Default: false.
+$config['password_confirm_current'] = true;
+
+// Require the new password to be a certain length.
+// set to blank to allow passwords of any length
+//$config['password_minimum_length'] = 8;
+$config['password_minimum_length'] = 12;
+
+// Require the new password to have at least the specified strength score.
+// Note: Password strength is scored from 1 (week) to 5 (strong).
+$config['password_minimum_score'] = 0;
+
+// Enables logging of password changes into logs/password
+$config['password_log'] = false;
+
+// Array of login exceptions for which password change
+// will be not available (no Password tab in Settings)
+$config['password_login_exceptions'] = null;
+
+// Array of hosts that support password changing.
+// Listed hosts will feature a Password option in Settings; others will not.
+// Example: ['mail.example.com', 'mail2.example.org'];
+// Default is NULL (all hosts supported).
+$config['password_hosts'] = null;
+
+// Enables saving the new password even if it matches the old password. Useful
+// for upgrading the stored passwords after the encryption scheme has changed.
+//$config['password_force_save'] = false;
+$config['password_force_save'] = true;
+
+// Enables forcing new users to change their password at their first login.
+$config['password_force_new_user'] = false;
+
+// Password hashing/crypting algorithm.
+// Possible options: des-crypt, ext-des-crypt, md5-crypt, blowfish-crypt,
+// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, ssha256, ssha512, samba, ad, dovecot, clear.
+// Also supported are password_hash() algoriths: hash-bcrypt, hash-argon2i, hash-argon2id.
+// Default: 'clear' (no hashing)
+// For details see password::hash_password() method.
+//$config['password_algorithm'] = 'clear';
+$config['password_algorithm'] = 'dovecot';
+
+// Additional options for password hashing function(s).
+// For password_hash()-based passwords see https://www.php.net/manual/en/function.password-hash.php
+// It can be used to set the Blowfish algorithm cost, e.g. ['cost' => 12]
+$config['password_algorithm_options'] = [];
+
+// Password prefix (e.g. {CRYPT}, {SHA}) for passwords generated
+// using password_algorithm above. Default: empty.
+$config['password_algorithm_prefix'] = '';
+
+// Path for dovecotpw/doveadm-pw (if not in the $PATH).
+// Used for password_algorithm = 'dovecot'.
+// $config['password_dovecotpw'] = '/usr/local/sbin/doveadm pw'; // for dovecot-2.x
+//$config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw'; // for dovecot-1.x
+$config['password_dovecotpw'] = '/usr/bin/doveadm pw';
+
+// Dovecot password scheme.
+// Used for password_algorithm = 'dovecot'.
+//$config['password_dovecotpw_method'] = 'CRAM-MD5';
+$config['password_dovecotpw_method'] = 'BLF-CRYPT';
+
+// Enables use of password with method prefix, e.g. {MD5}$1$LUiMYWqx$fEkg/ggr/L6Mb2X7be4i1/
+// when using password_algorithm=dovecot
+//$config['password_dovecotpw_with_method'] = false;
+$config['password_dovecotpw_with_method'] = true;
+
+// Number of rounds for the sha256 and sha512 crypt hashing algorithms.
+// Must be at least 1000. If not set, then the number of rounds is left up
+// to the crypt() implementation. On glibc this defaults to 5000.
+// Be aware, the higher the value, the longer it takes to generate the password hashes.
+//$config['password_crypt_rounds'] = 50000;
+
+// This option temporarily disables the password change functionality.
+// Use it when the users database server is in maintenance mode or something like that.
+// You can set it to TRUE/FALSE or a text describing the reason
+// which will replace the default.
+$config['password_disabled'] = false;
+
+// Various drivers/setups use different format of the username.
+// This option allows you to force specified format use. Default: '%u'.
+// Supported variables:
+//     %u - full username,
+//     %l - the local part of the username (in case the username is an email address)
+//     %d - the domain part of the username (in case the username is an email address)
+// Note: This may no apply to some drivers implementing their own rules, e.g. sql.
+$config['password_username_format'] = '%u';
+
+// Options passed when creating Guzzle HTTP client, used to access various external APIs.
+// This will overwrite global http_client settings. For example:
+// [
+//   'timeout' => 10,
+//   'proxy' => 'tcp://localhost:8125',
+// ]
+$config['password_http_client'] = [];
+
+
+// SQL Driver options
+// ------------------
+// PEAR database DSN for performing the query. By default
+// Roundcube DB settings are used.
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - hostname ($_SERVER['SERVER_NAME'])
+// %t - hostname without the first part
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+//$config['password_db_dsn'] = '';
+$config['password_db_dsn'] = '%<roundcubemail_plugins_password_database_type>s://%<roundcubemail_plugins_password_database_user>s:%<roundcubemail_plugins_password_database_pass>s@%<roundcubemail_plugins_password_database_host>s/%<roundcubemail_plugins_password_database_name>s';
+
+// The SQL query used to change the password.
+// The query can contain the following macros that will be expanded as follows:
+//      %p is replaced with the plaintext new password
+//      %P is replaced with the crypted/hashed new password
+//         according to configured password_algorithm
+//      %o is replaced with the old (current) password
+//      %O is replaced with the crypted/hashed old (current) password
+//         according to configured password_algorithm
+//      %h is replaced with the imap host (from the session info)
+//      %u is replaced with the username (from the session info)
+//      %l is replaced with the local part of the username
+//         (in case the username is an email address)
+//      %d is replaced with the domain part of the username
+//         (in case the username is an email address)
+// Escaping of macros is handled by this module.
+// Default: "SELECT update_passwd(%P, %u)"
+//$config['password_query'] = 'SELECT update_passwd(%P, %u)';
+$config['password_query'] = 'UPDATE virtual_users SET password=%P WHERE email=%u';
+
+// By default domains in variables are using unicode.
+// Enable this option to use punycoded names
+$config['password_idn_ascii'] = false;
+
+
+// Poppassd Driver options
+// -----------------------
+// The host which changes the password (default: localhost)
+// Supported replacement variables:
+//   %n - hostname ($_SERVER['SERVER_NAME'])
+//   %t - hostname without the first part
+//   %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
+//   %h - IMAP host
+//   %z - IMAP domain without first part
+//   %s - domain name after the '@' from e-mail address provided at login screen
+$config['password_pop_host'] = 'localhost';
+
+// TCP port used for poppassd connections (default: 106)
+$config['password_pop_port'] = 106;
+
+
+// SASL Driver options
+// -------------------
+// Additional arguments for the saslpasswd2 call
+$config['password_saslpasswd_args'] = '';
+
+
+// LDAP, LDAP_SIMPLE and LDAP_EXOP Driver options
+// -----------------------------------
+// LDAP server name to connect to.
+// You can provide one or several hosts in an array in which case the hosts are tried from left to right.
+// Example: ['ldap1.example.com', 'ldap2.example.com'];
+// Default: 'localhost'
+$config['password_ldap_host'] = 'localhost';
+
+// LDAP server port to connect to
+// Default: '389'
+$config['password_ldap_port'] = '389';
+
+// TLS is started after connecting
+// Using TLS for password modification is recommended.
+// Default: false
+$config['password_ldap_starttls'] = false;
+
+// LDAP version
+// Default: '3'
+$config['password_ldap_version'] = '3';
+
+// LDAP base name (root directory)
+// Example: 'dc=example,dc=com'
+$config['password_ldap_basedn'] = 'dc=example,dc=com';
+
+// LDAP connection method
+// There are two connection methods for changing a user's LDAP password.
+// 'user': use user credential (recommended, require password_confirm_current=true)
+// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
+// Default: 'user'
+$config['password_ldap_method'] = 'user';
+
+// LDAP Admin DN
+// Used only in admin connection mode
+// Default: null
+$config['password_ldap_adminDN'] = null;
+
+// LDAP Admin Password
+// Used only in admin connection mode
+// Default: null
+$config['password_ldap_adminPW'] = null;
+
+// LDAP user DN mask
+// The user's DN is mandatory and as we only have his login,
+// we need to re-create his DN using a mask
+// '%login' will be replaced by the current roundcube user's login
+// '%name' will be replaced by the current roundcube user's name part
+// '%domain' will be replaced by the current roundcube user's domain part
+// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+// Example: 'uid=%login,ou=people,dc=example,dc=com'
+$config['password_ldap_userDN_mask'] = 'uid=%login,ou=people,dc=example,dc=com';
+
+// LDAP search DN
+// The DN roundcube should bind with to find out user's DN
+// based on his login. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// Use this if you cannot specify a general template for user DN with
+// password_ldap_userDN_mask. You need to perform a search based on
+// users login to find his DN instead. A common reason might be that
+// your users are placed under different ou's like engineering or
+// sales which cannot be derived from their login only.
+$config['password_ldap_searchDN'] = 'cn=roundcube,ou=services,dc=example,dc=com';
+
+// LDAP search password
+// If password_ldap_searchDN is set, the password to use for
+// binding to search for user's DN. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// Warning: Be sure to set appropriate permissions on this file so this password
+// is only accessible to roundcube and don't forget to restrict roundcube's access to
+// your directory as much as possible using ACLs. Should this password be compromised
+// you want to minimize the damage.
+$config['password_ldap_searchPW'] = 'secret';
+
+// LDAP search base
+// If password_ldap_searchDN is set, the base to search in using the filter below.
+// Note that you should comment out the default password_ldap_userDN_mask setting
+// for this to take effect.
+$config['password_ldap_search_base'] = 'ou=people,dc=example,dc=com';
+
+// LDAP search filter
+// If password_ldap_searchDN is set, the filter to use when
+// searching for user's DN. Note that you should comment out the default
+// password_ldap_userDN_mask setting for this to take effect.
+// '%login' will be replaced by the current roundcube user's login
+// '%name' will be replaced by the current roundcube user's name part
+// '%domain' will be replaced by the current roundcube user's domain part
+// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+// Example: '(uid=%login)'
+// Example: '(&(objectClass=posixAccount)(uid=%login))'
+$config['password_ldap_search_filter'] = '(uid=%login)';
+
+// LDAP password hash type
+// Standard LDAP encryption type which must be one of: crypt,
+// ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, ad, cram-md5 (dovecot style) or clear.
+// Set to 'default' if you want to use method specified in password_algorithm option above.
+// Multiple password Values can be generated by concatenating encodings with a +. E.g. 'cram-md5+crypt'
+// Default: 'crypt'.
+$config['password_ldap_encodage'] = 'crypt';
+
+// LDAP password attribute
+// Name of the ldap's attribute used for storing user password
+// Default: 'userPassword'
+$config['password_ldap_pwattr'] = 'userPassword';
+
+// LDAP password force replace
+// Force LDAP replace in cases where ACL allows only replace not read
+// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
+// Default: true
+$config['password_ldap_force_replace'] = true;
+
+// LDAP Password Last Change Date
+// Some places use an attribute to store the date of the last password change
+// The date is measured in "days since epoch" (an integer value)
+// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange)
+$config['password_ldap_lchattr'] = '';
+
+// LDAP Samba password attribute, e.g. sambaNTPassword
+// Name of the LDAP's Samba attribute used for storing user password
+$config['password_ldap_samba_pwattr'] = '';
+
+// LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet
+// Some places use an attribute to store the date of the last password change
+// The date is measured in "seconds since epoch" (an integer value)
+// Whenever the password is changed, the attribute will be updated if set
+$config['password_ldap_samba_lchattr'] = '';
+
+// LDAP PPolicy Driver options
+// -----------------------------------
+
+// LDAP Change password command - filename of the perl script
+// Example: 'change_ldap_pass.pl'
+$config['password_ldap_ppolicy_cmd'] = 'change_ldap_pass.pl';
+
+// LDAP URI
+// Example: 'ldap://ldap.example.com/ ldaps://ldap2.example.com:636/'
+$config['password_ldap_ppolicy_uri'] = 'ldap://localhost/';
+
+// LDAP base name (root directory)
+// Example: 'dc=example,dc=com'
+$config['password_ldap_ppolicy_basedn'] = 'dc=example,dc=com';
+
+$config['password_ldap_ppolicy_searchDN'] = 'cn=someuser,dc=example,dc=com';
+
+$config['password_ldap_ppolicy_searchPW'] = 'secret';
+
+// LDAP search filter
+// Example: '(uid=%login)'
+// Example: '(&(objectClass=posixAccount)(uid=%login))'
+$config['password_ldap_ppolicy_search_filter'] = '(uid=%login)';
+
+// CA Certificate file if in URI is LDAPS connection
+$config['password_ldap_ppolicy_cafile'] = '/etc/ssl/cacert.crt';
+
+
+
+// DirectAdmin Driver options
+// --------------------------
+// The host which changes the password
+// Use 'ssl://host' instead of 'tcp://host' when running DirectAdmin over SSL.
+// The host can contain the following macros that will be expanded as follows:
+//     %h is replaced with the imap host (from the session info)
+//     %d is replaced with the domain part of the username (if the username is an email)
+$config['password_directadmin_host'] = 'tcp://localhost';
+
+// TCP port used for DirectAdmin connections
+$config['password_directadmin_port'] = 2222;
+
+
+// vpopmaild Driver options
+// -----------------------
+// The host which changes the password
+$config['password_vpopmaild_host'] = 'localhost';
+
+// TCP port used for vpopmaild connections
+$config['password_vpopmaild_port'] = 89;
+
+// Timeout used for the connection to vpopmaild (in seconds)
+$config['password_vpopmaild_timeout'] = 10;
+
+
+// cPanel Driver options
+// ---------------------
+// The cPanel Host name
+$config['password_cpanel_host'] = 'host.domain.com';
+
+// The cPanel port to use
+$config['password_cpanel_port'] = 2096;
+
+
+// XIMSS (Communigate server) Driver options
+// -----------------------------------------
+// Host name of the Communigate server
+$config['password_ximss_host'] = 'mail.example.com';
+
+// XIMSS port on Communigate server
+$config['password_ximss_port'] = 11024;
+
+
+// chpasswd Driver options
+// ---------------------
+// Command to use (see "Sudo setup" in README)
+$config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null';
+
+
+// XMail Driver options
+// ---------------------
+$config['xmail_host'] = 'localhost';
+$config['xmail_user'] = 'YourXmailControlUser';
+$config['xmail_pass'] = 'YourXmailControlPass';
+$config['xmail_port'] = 6017;
+
+
+// hMail Driver options
+// -----------------------
+// Remote hMailServer configuration
+// true:  HMailserver is on a remote box (php.ini: com.allow_dcom = true)
+// false: Hmailserver is on same box as PHP
+$config['hmailserver_remote_dcom'] = false;
+// Windows credentials
+$config['hmailserver_server'] = [
+    'Server'   => 'localhost',      // hostname or ip address
+    'Username' => 'administrator',  // windows username
+    'Password' => 'password'        // windows user password
+];
+
+
+// pw_usermod Driver options
+// --------------------------
+// Use comma delimited exlist to disable password change for users.
+// See "Sudo setup" in README file.
+$config['password_pw_usermod_cmd'] = 'sudo /usr/sbin/pw usermod -h 0 -n';
+
+
+// DBMail Driver options
+// -------------------
+// Additional arguments for the dbmail-users call
+$config['password_dbmail_args'] = '-p sha512';
+
+
+// Expect Driver options
+// ---------------------
+// Location of expect binary
+$config['password_expect_bin'] = '/usr/bin/expect';
+
+// Location of expect script (see helpers/passwd-expect)
+$config['password_expect_script'] = '';
+
+// Arguments for the expect script. See the helpers/passwd-expect file for details.
+// This is probably a good starting default:
+//   -telnet -host localhost -output /tmp/passwd.log -log /tmp/passwd.log
+$config['password_expect_params'] = '';
+
+
+// smb Driver options
+// ---------------------
+// Samba host (default: localhost)
+// Supported replacement variables:
+// %n - hostname ($_SERVER['SERVER_NAME'])
+// %t - hostname without the first part
+// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
+$config['password_smb_host'] = 'localhost';
+// Location of smbpasswd binary (default: /usr/bin/smbpasswd)
+$config['password_smb_cmd'] = '/usr/bin/smbpasswd';
+
+// gearman driver options
+// ---------------------
+// Gearman host (default: localhost)
+$config['password_gearman_host'] = 'localhost';
+
+
+// Plesk/PPA Driver options
+// --------------------
+// You need to allow RCP for IP of roundcube-server in Plesk/PPA Panel
+
+// Plesk RCP Host
+$config['password_plesk_host'] = '10.0.0.5';
+
+// Plesk RPC Username
+$config['password_plesk_user'] = 'admin';
+
+// Plesk RPC Password
+$config['password_plesk_pass'] = 'password';
+
+// Plesk RPC Port
+$config['password_plesk_rpc_port'] = '8443';
+
+// Plesk RPC Path
+$config['password_plesk_rpc_path'] = 'enterprise/control/agent.php';
+
+
+// kpasswd Driver options
+// ---------------------
+// Command to use
+$config['password_kpasswd_cmd'] = '/usr/bin/kpasswd';
+
+
+// Modoboa Driver options
+// ---------------------
+// put token number from Modoboa server
+$config['password_modoboa_api_token'] = '';
+
+
+// Mail-in-a-Box Driver options
+// ----------------------------
+// the url to the control panel of Mail-in-a-Box, e.g. https://box.example.com/admin/
+$config['password_miab_url'] = '';
+// name (email) of the admin user used to access api
+$config['password_miab_user'] = '';
+// password of the admin user used to access api
+$config['password_miab_pass'] = '';
+
+
+// TinyCP
+// --------------
+// TinyCP host, port, user and pass.
+$config['password_tinycp_host'] = '';
+$config['password_tinycp_port'] = '';
+$config['password_tinycp_user'] = '';
+$config['password_tinycp_pass'] = '';
+
+// HTTP-API Driver options
+// ---------------------
+
+// Base URL of password change API. HTTPS recommended.
+$config['password_httpapi_url'] = 'https://passwordserver.example.org';
+
+// Method (also affects how vars are sent). Default: POST.
+// GET is not recommended as passwords will appears in the remote webserver's access log
+$config['password_httpapi_method'] = 'POST';
+
+// GET or POST variable in which to put the username
+$config['password_httpapi_var_user'] = 'user';
+
+// GET or POST variable in which to put the current password
+$config['password_httpapi_var_curpass'] = 'curpass';
+
+// GET or POST variable in which to put the new password
+$config['password_httpapi_var_newpass'] = 'newpass';
+
+// HTTP codes other than 2xx are assumed to mean the password changed failed.
+// Optionally, if set, this variable additionally checks the body of the 2xx response to
+// confirm the change. It's a preg_match regular expression.
+$config['password_httpapi_expect'] = '/^ok$/i';
+
+
+// dovecot_passwdfile
+// ------------------
+$config['password_dovecot_passwdfile_path'] = '/etc/mail/imap.passwd';
+
+
+// Mailcow driver options
+// ----------------------
+$config['password_mailcow_api_host'] = 'localhost';
+$config['password_mailcow_api_token'] = '';

data/lib/smart_machine/templates/dotsmartmachine/config/roundcube.yml

@@ -1,6 +1,5 @@
 roundcubeone:
   fqdn: "yourroundcubeone.yourdomain.com"
-  image: "roundcube/roundcubemail:1.6.8-apache"
   sysadmin_email: "adminname@yourdomain.com"
   networks: ["mysqlone-network"]
   database_type: "mysql"
@@ -15,13 +14,17 @@ roundcubeone:
   smtp_port: 587
   request_path: "/"
   plugins: ["password", "managesieve", "archive", "zipdownload"]
+  plugins_password_database_type: "mysql"
+  plugins_password_database_host: mysqlone
+  plugins_password_database_user: <%= SmartMachine.credentials.dig(:emailerone, :mysql_user) %>
+  plugins_password_database_pass: <%= SmartMachine.credentials.dig(:emailerone, :mysql_password) %>
+  plugins_password_database_name: <%= SmartMachine.credentials.dig(:emailerone, :mysql_database_name) %>
   skin: "elastic"
   upload_max_filesize: "5M"
   aspell_dictionaries: ["en"]
 
 # roundcubetwo:
 #   fqdn: "yourroundcubetwo.yourdomain.com"
-#   image: "roundcube/roundcubemail:1.6.8-apache"
 #   sysadmin_email: "adminname@yourdomain.com"
 #   networks: ["mysqlone-network"]
 #   database_type: "mysql"
@@ -30,12 +33,17 @@ roundcubeone:
 #   database_user: <%= SmartMachine.credentials.dig(:roundcubetwo, :database_user) %>
 #   database_pass: <%= SmartMachine.credentials.dig(:roundcubetwo, :database_pass) %>
 #   database_name: <%= SmartMachine.credentials.dig(:roundcubetwo, :database_name) %>
-#   mail_host: "ssl://youremailerone.yourdomain.com"
+#   mail_host: "ssl://youremailertwo.yourdomain.com"
 #   mail_port: 993
-#   smtp_host: "tls://youremailerone.yourdomain.com"
+#   smtp_host: "tls://youremailertwo.yourdomain.com"
 #   smtp_port: 587
 #   request_path: "/"
 #   plugins: ["password", "managesieve", "archive", "zipdownload"]
+#   plugins_password_database_type: "mysql"
+#   plugins_password_database_host: mysqlone
+#   plugins_password_database_user: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_user) %>
+#   plugins_password_database_pass: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_password) %>
+#   plugins_password_database_name: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_database_name) %>
 #   skin: "elastic"
 #   upload_max_filesize: "5M"
 #   aspell_dictionaries: ["en"]

data/lib/smart_machine/version.rb

@@ -17,7 +17,7 @@ module SmartMachine
   module VERSION
     MAJOR = 1
     MINOR = 3
-    TINY  = 0
+    TINY  = 1
     PRE   = nil
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smartmachine
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.3.1
 platform: ruby
 authors:
 - plainsource
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2024-08-19 00:00:00.000000000 Z
+date: 2025-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ssh
@@ -31,9 +31,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.2'
-    - - "<"
+    - - "<="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 1.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -41,9 +41,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.2'
-    - - "<"
+    - - "<="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 1.3.0
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
   requirement: !ruby/object:Gem::Requirement
@@ -84,6 +84,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.1.13
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.6'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 2.6.18
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.6'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 2.6.18
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -91,6 +111,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 6.1.7.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -98,6 +121,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: 6.1.7.8
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -205,7 +231,7 @@ files:
 - lib/smart_machine/grids/certbot.rb
 - lib/smart_machine/grids/elasticsearch.rb
 - lib/smart_machine/grids/emailer.rb
-- lib/smart_machine/grids/emailer/.keep
+- lib/smart_machine/grids/emailer/imapsync.rb
 - lib/smart_machine/grids/haproxy.rb
 - lib/smart_machine/grids/mariadb.rb
 - lib/smart_machine/grids/minio.rb
@@ -221,6 +247,7 @@ files:
 - lib/smart_machine/grids/redis.rb
 - lib/smart_machine/grids/redmine.rb
 - lib/smart_machine/grids/roundcube.rb
+- lib/smart_machine/grids/roundcube/.keep
 - lib/smart_machine/grids/solr.rb
 - lib/smart_machine/grids/solr/config/.keep
 - lib/smart_machine/grids/solr/config/README.txt
@@ -448,9 +475,12 @@ files:
 - lib/smart_machine/templates/dotsmartmachine/config/prereceiver.yml
 - lib/smart_machine/templates/dotsmartmachine/config/redis.yml
 - lib/smart_machine/templates/dotsmartmachine/config/roundcube.yml
+- lib/smart_machine/templates/dotsmartmachine/config/roundcube/docker/custom-docker-entrypoint.sh
+- lib/smart_machine/templates/dotsmartmachine/config/roundcube/docker/entrypoint.rb
 - lib/smart_machine/templates/dotsmartmachine/config/roundcube/etc/apache2/sites-available/000-default.conf
 - lib/smart_machine/templates/dotsmartmachine/config/roundcube/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini
 - lib/smart_machine/templates/dotsmartmachine/config/roundcube/var/roundcube/config/config.custom.inc.php
+- lib/smart_machine/templates/dotsmartmachine/config/roundcube/var/www/html/plugins/password/config.inc.php
 - lib/smart_machine/templates/dotsmartmachine/config/terminal.yml
 - lib/smart_machine/templates/dotsmartmachine/config/users.yml
 - lib/smart_machine/templates/dotsmartmachine/gitignore-template
@@ -468,8 +498,8 @@ licenses:
 metadata:
   homepage_uri: https://github.com/plainsource/smartmachine
   bug_tracker_uri: https://github.com/plainsource/smartmachine/issues
-  changelog_uri: https://github.com/plainsource/smartmachine/releases/tag/v1.3.0
-  source_code_uri: https://github.com/plainsource/smartmachine/tree/v1.3.0
+  changelog_uri: https://github.com/plainsource/smartmachine/releases/tag/v1.3.1
+  source_code_uri: https://github.com/plainsource/smartmachine/tree/v1.3.1
 post_install_message: 
 rdoc_options: []
 require_paths: