From 39258d3e0d67237b8cd45c0e812f9a5b67e88caa Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Mon, 25 Apr 2016 20:31:26 +0100
Subject: [PATCH] Onion configuration for webmail

---
 src/freedombone | 54 ++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 44 insertions(+), 10 deletions(-)

diff --git a/src/freedombone b/src/freedombone
index ce3553e2..079563e0 100755
--- a/src/freedombone
+++ b/src/freedombone
@@ -3220,9 +3220,6 @@ function get_mariadb_webmail_admin_password {
         if grep -q "MariaDB webmail admin password" /home/$MY_USERNAME/README; then
             WEBMAIL_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "MariaDB webmail admin password" | awk -F ':' '{print $2}' | sed 's/^ *//')
         fi
-        if grep -q "Webmail administrator password" /home/$MY_USERNAME/README; then
-            WEBMAIL_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Webmail administrator password" | awk -F ':' '{print $2}' | sed 's/^ *//')
-        fi
     fi
 }
 
@@ -8920,6 +8917,47 @@ function install_webmail {
     fi
     
     chown -R www-data:www-data $WEBMAIL_PATH
+
+    echo 'server {' > /etc/nginx/sites-available/webmail
+    echo "  listen 127.0.0.1:$WEBMAIL_ONION_PORT default_server;" >> /etc/nginx/sites-available/webmail
+    echo "  server_name $WEBMAIL_ONION_HOSTNAME;" >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  access_log off;' >> /etc/nginx/sites-available/webmail
+    echo '  error_log off;' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo "  root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
+    echo '  index index.php;' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  location ~ \.php {' >> /etc/nginx/sites-available/webmail
+    echo '    include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/webmail
+    echo '    fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
+    echo '  }' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  location ~ \.php {' >> /etc/nginx/sites-available/webmail
+    echo '    include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/webmail
+    echo '    fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
+    echo '  }' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  location / {' >> /etc/nginx/sites-available/webmail
+    echo '    try_files $uri $uri/ @webmail;' >> /etc/nginx/sites-available/webmail
+    echo '  }' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  location @webmail {' >> /etc/nginx/sites-available/webmail
+    echo '    rewrite ^(.*)$ /index.php?p=$1 last;' >> /etc/nginx/sites-available/webmail
+    echo '  }' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  location ~ /\.(git) {' >> /etc/nginx/sites-available/webmail
+    echo '    deny all;' >> /etc/nginx/sites-available/webmail
+    echo '  }' >> /etc/nginx/sites-available/webmail
+    echo '' >> /etc/nginx/sites-available/webmail
+    echo '  add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/webmail
+    echo '  add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/webmail
+    echo '  client_max_body_size 15m;' >> /etc/nginx/sites-available/webmail
+    echo '}' >> /etc/nginx/sites-available/webmail
+
+    nginx_ensite webmail
+    systemctl restart php5-fpm
+    systemctl restart nginx
     
     if ! grep -q "Webmail" /home/$MY_USERNAME/README; then
         echo '' >> /home/$MY_USERNAME/README
@@ -8927,15 +8965,11 @@ function install_webmail {
         echo 'Webmail' >> /home/$MY_USERNAME/README
         echo '=======' >> /home/$MY_USERNAME/README
         if [[ $ONION_ONLY == 'no' ]]; then
-            echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/installer/index.php" >> /home/$MY_USERNAME/README
+            echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/index.php" >> /home/$MY_USERNAME/README
         else
-            echo $"Open http://$WEBMAIL_ONION_HOSTNAME/installer/index.php" >> /home/$MY_USERNAME/README
+            echo $"Open http://$WEBMAIL_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
         fi
-        echo $"Database Type: MySQL" >> /home/$MY_USERNAME/README
-        echo $"Database name: webmail" >> /home/$MY_USERNAME/README
-        echo $"Database user name: webmailadmin" >> /home/$MY_USERNAME/README
-        echo $"Database password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
-        echo $"Enable the Enigma PGP plugin" >> /home/$MY_USERNAME/README
+        echo $"MariaDB webmail admin password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
         chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
         chmod 600 /home/$MY_USERNAME/README
     fi