TheLazy.Dev
Portfolio GitHub

Blog

rainloop |mailserver |webmail |openbsd

Rainloop Webmail on OpenBSD 6.9

nabbisen

nabbisen

Posted on August 16, 2021

Rainloop Webmail on OpenBSD 6.9

Summary

Rainloop is a "simple, modern & fast web-based email client", written in PHP. It's also open source licensed under AGPL v3.
I installed it in OpenBSD server. It was really simple.

Environment

  • OS: OpenBSD 6.9
  • Web server: OpenBSD httpd
  • App server: PHP-FPM based on PHP 7.4
  • Webmail: Rainloop 1.16

References

  • How to run OpenBSD httpd
nabbisen

OpenBSD httpd 6.3: Web Server

nabbisen ・ Oct 5 '18

#openbsd #httpd #web #server
  • How to run PHP-FPM on OpenBSD
nabbisen

PHP-FPM 7.2 on OpenBSD 6.4

nabbisen ・ Dec 13 '18

#php #phpfpm #httpd #openbsd

Installation steps

Get the package

First, get the latest package. There are two ways: its official website or GitHub releases. Here, the former is adopted.

Prepare the document root:

$ cd /var/www
$ mkdir <rainloop-dir>
$ cd <rainloop-dir>
Enter fullscreen mode Exit fullscreen mode

Get the package:

$ ftp https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip
Enter fullscreen mode Exit fullscreen mode

unzip it:

$ # doas pkg_add unzip # do beforehand if necessary
$ unzip rainloop-community-latest.zip
Enter fullscreen mode Exit fullscreen mode

You will see:

$ ls
data/        index.php    rainloop/
Enter fullscreen mode Exit fullscreen mode

Besides, all what to do in order to upgrade in the future will be to add "rainloop/v/<next-version>" and update "data/VERSION".

Configure

Set the permissions for App server to access "data/":

$ doas chown -R www: data
Enter fullscreen mode Exit fullscreen mode

Configure httpd server via httpd.conf:

$ doas nvim /etc/httpd.conf
Enter fullscreen mode Exit fullscreen mode

Edit it like below. <fqdn> means the host aka "https:// some.domain /..."
Be careful not to allow web access to "data/". location "/data/*" { block } is important.

server "<fqdn>" {
    listen on $ext_addr tls port 443
    tls {
        certificate "/etc/ssl/*.pem"
        key         "/etc/ssl/private/*.key"
    }
    log {
        access  "<fqdn>-access.log"
        error   "<fqdn>-error.log"
    }

    root "/<rainloop-dir>"
    directory index index.php

    # security
    location "*/.git*"              { block }
    ## app specific (ref: https://www.rainloop.net/docs/permissions/ )
    location "/data/*"              { block }
    # robots.txt
    location "/robots.txt"          { pass }

    location "/*.php" {
        fastcgi socket "/run/php-fpm.sock"
    }
}
Enter fullscreen mode Exit fullscreen mode

Restart the daemon:

$ doas rcctl restart httpd
Enter fullscreen mode Exit fullscreen mode

Finished.

Conclusion

Now you can access the webmail via web browsers:

user login

Well, custom domains are not allowed by default. It is able to configure them in the admin panel. Also, you must change admin id/password there.

💖 💪 🙅 🚩
nabbisen
nabbisen

Posted on August 16, 2021

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

Rainloop Webmail on OpenBSD 6.9
rainloop Rainloop Webmail on OpenBSD 6.9

August 16, 2021