summaryrefslogtreecommitdiff
path: root/web/INSTALL
diff options
context:
space:
mode:
Diffstat (limited to 'web/INSTALL')
-rw-r--r--web/INSTALL361
1 files changed, 361 insertions, 0 deletions
diff --git a/web/INSTALL b/web/INSTALL
new file mode 100644
index 00000000..62ce69d6
--- /dev/null
+++ b/web/INSTALL
@@ -0,0 +1,361 @@
+alpine.tar.z web/INSTALL
+/* ========================================================================
+ * Copyright 2006-2008 University of Washington
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * ========================================================================
+ */
+
+
+BUILDING AND INSTALLING WEB ALPINE
+----------------------------------
+
+This file provides brief instructions for building, installing and
+configuring the Web Alpine application
+
+Web Alpine's binary components are built along with the other Alpine
+Mail System components. If the build process completed, that is the
+commands ./configure and make completed without error, then you are
+nearly good to go.
+
+Unlike the other Alpine components, however, Web Alpine does not use
+the "make install" method of installation. Between the various Web
+Alpine pieces, web site layout and web server configuration,
+variability and administrative preference is too great to be reliably
+automated at this time.
+
+For more information on the how's and why's of Web Alpine consult the
+somewhat more technically complete treatment in
+web/cgi/alpine/help/tech-notes.html.
+
+At some point online FAQs and such may be available. If you find
+anything missing, incomplete, or otherwise unclear please send a note
+to <alpine-contact@cac.washington.edu>.
+
+
+WEB ALPINE LAYOUT
+-----------------
+
+The Web Alpine package is distributed as part of the Alpine Mail System.
+The source for the various components can be found in the "web/"
+directory arranged, for the most part, by function.
+
+ src/
+ alpined.d/
+ source for Web Alpine's binary components: the
+ per-user/per-session serverette and the small library used for
+ inter-tcl script communication.
+
+ pubcookie/
+ sources for various components required to provide
+ pubcookie web-login support
+
+ cgi.tcl-1.10/
+ Tcl library used to help coordinate web page generation
+
+ cgi/
+ CGI scripts used to generate Web Alpine pages, typically synonymous
+ with the web server's document root. It, in turn, contains:
+
+ alpine/
+ Meat and potatoes of the Web Alpine Application.
+
+ alpine-2.0/
+ Meat and potatoes of the Web Alpine 2.0 Application
+
+ session/
+ Alpine session management scripts used to login, establish
+ an alpine session, logout and aquire IMAP server credentials
+ as needed. These scripts are distinct from the alpine/
+ scripts in order to properly scope the session key.
+
+ images/
+ Various images and icons
+
+ pub/
+ Scripts that are accessed outside the scope of the Web Alpine
+ session key.
+
+ sounds/
+ Sounds files that might be referenced by Web Alpine
+
+ config/
+ general Web Alpine and default host configurations
+
+ bin/
+ binary executables providing services to the CGI scripts
+
+ lib/
+ binary and script routines used by both CGI scripts
+ and binary utilities
+
+For a more thorough discussion of the distribution's layout and
+Web Alpine components see cgi/alpine/help/tech-notes.html.
+
+
+BUILDING WEB ALPINE'S BINARY COMPONENTS
+---------------------------------------
+
+For the most part, Web Alpine's binary components were built
+automatically along with the rest of the Alpine Mail System.
+
+If configure reports that it could not locate suitable TCL libraries
+and header files, then it is likely that the components necessary for
+Web Alpine were not built. Locating and installing a TCL development
+environment appropriate for your system should get the build back on
+track. Note, even though a tclsh interpreter may be available on the
+command line, tools necessary to build TCL applications may need to be
+installed separately.
+
+If you plan to use UW pubcookie for browser-based network login,
+please review src/pubcookie/README. Be sure the Web Alpine Mail
+System was configured with the "--with-pubcookie" AND --with-web-bin=
+options set. The latter is set to the directory that will eventually
+contain Web Alpine's binary components. For the example system
+described in the next section, you would add:
+
+ --with-pubcookie --with-web-bin=/usr/local/libexec/alpine/bin
+
+to the configure script's command line.
+
+
+ACQUIRING EXTERNAL LIBRARIES
+----------------------------
+
+Web Alpine 2.0 makes heavy use of the functionality provided by the
+The Yahoo! User Interface Library (YUI). By default, Web Alpine is
+configured to generate pages that cause user's browser to request the
+necessary library files directly from Yahoo servers.
+
+Web Alpine can be easily configured to generate pages with references
+to a local copy of the YUI libraries.
+
+First, you will need to download the YUI libararies from:
+
+ http://developer.yahoo.com/yui/download/
+
+They are made available to Web Alpine 2.0 scripts thru the symbolic
+link:
+
+ web/cgi/alpine-2.0/lib/yui
+
+Simply install the downloaded library in the directory specified by
+the symbolic link, or change the link to refer to the intalled
+location.
+
+Second, you will need to change the _wp(yui) configuration setting
+in
+
+ web/config/alpine.tcl
+
+to reference the new location.
+
+
+INSTALLING WEB ALPINE COMPONENTS
+--------------------------------
+
+Unfortunately, due to the variety of web server requirements and
+configurations, Web Alpine installation must be done by hand and
+requires several steps. To illustrate the procedure, a generic Fedora
+Core 8 system with standard httpd package installed is used as an
+example. On other systems, the general ideas are the same but the
+specific file locations and server configuation settings will likely
+vary. Note also that your system may have an additional security
+layer installed, such as selinux, that may require extra configuration
+that is beyond the scope of this explanation.
+
+The first step is to build and configure the tools Web Alpine needs to
+generate pages and access mail data. The following commands will put
+those tools where they need to be within the web/ directory structure.
+
+ 1. % cd web/src
+
+ 2. % make
+
+ 3. % make install
+
+Second, the web/ directory tree needs to be made available to the web
+server. On the example system, start by moving the web/ directory
+tree into a more system-visible location. We'll also change the name
+to reflect the current version number (for this example, 1.00) to help
+keep future upgrades isolated. This command will likely require
+elevated privileges using either sudo or after becoming root.
+
+ 4. % cd ../..
+
+ 5. % sudo mv web /usr/local/libexec/alpine-2.00
+
+Next, for simplicity, create a generically named symbolic link as a
+synonym for the version-specific directory.
+
+ 6. % cd /usr/local/libexec
+
+ 7. % sudo ln -s alpine-2.00 alpine
+
+After that, make the scripts that actually generate the user visible
+portion of Web Alpine available to the web server.
+
+ 8. % cd /var/www
+
+ 9. % sudo ln -s /usr/local/libexec/alpine/cgi ./alpine
+
+Now adjust the web server's configuration so that it can effectively
+provide Web Alpine pages to connecting browsers by editing httpd's
+configuration file.
+
+ 10. % sudo vi /etc/httpd/conf/httpd.conf
+
+ After the section that starts with <Directory /var/www/html> and ends
+ with </Directory>, add the lines:
+
+ #
+ # This sets up Web Alpine
+ #
+ <Directory "/var/www/alpine">
+ Options FollowSymLinks ExecCGI -Indexes
+ AllowOverride All
+ Order allow,deny
+ Allow from all
+ </Directory>
+
+If you intend for your web server to provide Web Alpine pages
+exclusively, then simply edit the DocumentRoot to the directory
+defined above:
+
+ DocumentRoot /var/www/alpine
+
+If your web server offers pages other than Web Alpine, specify a
+prefix the web server should use for referencing Web Alpine pages by
+adding this line before the <Directory> entry specified above:
+
+ Alias /webmail/ "/var/www/alpine/"
+
+After saving httpd.conf with these small additions, it's time to
+adjust Web Alpine's configuration.
+
+First, be sure the symbolic link "/usr/local/libexec/alpine/bin/tclsh"
+points to the tclsh interpreter for your system. The default should
+work for the example system.
+
+Then edit the Web Alpine configuration file to configure appropriate
+settings for your environment.
+
+ 11. % sudo vi /usr/local/libexec/alpine/config/alpine.tcl
+
+ The config file is itself a Tcl script, and the settings are
+ simply Tcl variable settings. Most are settings of elements
+ within the "_wp" array.
+
+ Starting from the top, skim the various configuration
+ settings. The primary one's to be aware of include:
+
+ admin email address offered in error pages
+ associated with problems that likely
+ require system administrator attention
+
+ helpdesk email address offered in help pages and
+ some error pages as a place to report
+ problems or get more information
+
+ comments email address offered in help pages
+ as place to send general comments on
+ web alpine
+
+ urlprefix directory or path defined in the httpd.conf's
+ "Alias" setting. In example above, set this to
+ "webmail". If DocumentRoot set as above, set this
+ to {}.
+
+ fileroot file system path to directory that contains cgi/,
+ config/, bin/, and lib/ directories. In example
+ above, set this to /usr/local/libexec/alpine.
+
+ Continue scanning the list, and adjust as needed. Most defaults
+ should be fine. Until you come to:
+
+ ispell full path to ispell application if installed
+
+ ssl_safe_domains
+ a performance setting that allows for relatively
+ safe disabling of SSL for connections that we know
+ are reasonably safe from sniffing. For our campus
+ web alpine installation, browsers associated with the
+ campus dial-in pools connecting to our servers
+ offer this kind of connection. Be careful.
+
+ flexserver
+ determines whether or not web alpine offers the option
+ of connecting to a user-defined IMAP server on
+ the greeting page.
+
+ hosts an array of default configurations that
+ correspond to default web alpine config files
+ in the config/ directory. these are what
+ is offered on the greeting page as the option
+ list of servers to connect to.
+
+ And, probably lastly:
+
+ cgi_mail_relay
+ the server used to send out script errors that are
+ so heinous that no web page error could be generated
+
+
+The final step is to restart httpd and give it a try! Using a browser
+pointed to your server's https port, try connecting to the alpine/
+directory.
+
+If you run into problems, rest assured you have our sympathies.
+Because of the various components that must be coordinated, errors can
+be difficult to resolve. The good news is, once initially configured
+and working the system is reasonably stable. As for debugging, with
+luck, the error response reported in the browser will point in a
+useful direction. If not, check httpd access and error logs to verify
+paths and check for exceptional conditions. Next, check syslog's
+maillog for any exceptional reports issued by the alpined serverette.
+Depending on the type of error, you may also have to consult the IMAP
+server's logs for clues.
+
+
+COLLECTED GOTCHAS AND SO FORTH
+------------------------------
+
+First, it is strongly encourage that Web Alpine be run on a web server
+that does not have general user accounts. The primary reason is to
+maintain the privacy of the Web Alpine session key. Steps are taken
+to minimize the risk and consequences of session key exposure, but
+there are risks nonetheless.
+
+For the most part, the default Web Alpine application settings should
+require little adjustment for your particular environment. These
+settings are in the web/config/pine.conf file which uses the same
+format as alpine's pinerc file. The most likely setting to adjust is
+"smtp-server."
+
+By default, Web Alpine sends via SMTP to the localhost's SMTP port.
+This setting can easily be adjusted by setting the smtp-server in
+web/config/pine.conf to one or more external servers. Web Alpine can
+also be directed to post to a local process by setting the
+sendmail-path variable. Be aware, however, posting to a local process
+(e.g., sendmail, postfix, etc), will likely require you to grant
+trusted mail user privilege to the userid associated with the web
+server process. Without such privilege, the SMTP envelope From will
+be set to the web server's userid which causes all externally bounced
+mail to be returned to the mailbox associated with the web server
+userid.
+
+
+FURTHER INFORMATION
+-------------------
+
+See the Web Alpine technical notes for more detailed descriptions of
+what's going on and why. If you have any questions or comments drop
+us a note <alpine-contact@cac.washington.edu>.
+
+--
+$Id: INSTALL 1169 2008-08-27 06:42:06Z hubert@u.washington.edu $