From bafee6372a051bef254b277fab73ef5c4e0cc22d Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@sonntag.fr>
Date: Sat, 23 Jun 2018 16:47:15 +0200
Subject: [PATCH] [fix] roundcube and squirrelmail are specific packages

---
 etc/alternc/templates/apache2/roundcube.conf  | 68 -------------------
 .../templates/apache2/squirrelmail.conf       | 39 -----------
 roundcube/templates/apache2/roundcube.conf    | 33 ++++++---
 .../templates/apache2/squirrelmail.conf       | 24 ++++++-
 4 files changed, 45 insertions(+), 119 deletions(-)
 delete mode 100644 etc/alternc/templates/apache2/roundcube.conf
 delete mode 100644 etc/alternc/templates/apache2/squirrelmail.conf

diff --git a/etc/alternc/templates/apache2/roundcube.conf b/etc/alternc/templates/apache2/roundcube.conf
deleted file mode 100644
index cfa83db1..00000000
--- a/etc/alternc/templates/apache2/roundcube.conf
+++ /dev/null
@@ -1,68 +0,0 @@
-<Virtualhost *:80>
-  ServerName %%fqdn%%
-  AssignUserId #%%UID%% #%%GID%%
-  SetEnv LOGIN "%%UID%%-%%LOGIN%%"
-
-  KeepAlive Off
-
-  RewriteEngine On
-  RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
-  RewriteCond %{REQUEST_FILENAME} !/.well-known/acme-challenge/
-  RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
-
-</Virtualhost>
-<VirtualHost *:443>
-  ServerName %%fqdn%%
-  AssignUserId www-data www-data
-  SetEnv LOGIN "0000-roundcube"
-
-  DocumentRoot /var/lib/roundcube
-
-  # Access to tinymce files
-  <Directory "/usr/share/tinymce/www/">
-        Options +Indexes +MultiViews +FollowSymLinks
-        AllowOverride None
-  	Require all granted
-  </Directory>
-
-  <Directory /var/lib/roundcube/>
-    Options +FollowSymLinks
-    # This is needed to parse /var/lib/roundcube/.htaccess. See its
-    # content before setting AllowOverride to None.
-    AllowOverride All
-    Require all granted
-  </Directory>
-
-  # Protecting basic directories:
-  <Directory /var/lib/roundcube/config>
-    Options -FollowSymLinks
-    AllowOverride None
-  </Directory>
-
-  <Directory /var/lib/roundcube/temp>
-    Options -FollowSymLinks
-    AllowOverride None
-    Order allow,deny
-    Deny from all
-  </Directory>
-
-  <Directory /var/lib/roundcube/logs>
-    Options -FollowSymLinks
-    AllowOverride None
-    Order allow,deny
-    Deny from all
-  </Directory>
-
-  Alias /javascript /usr/share/javascript/
-
-  <Directory "/usr/share/javascript/">
-        Options +FollowSymLinks +MultiViews
-  	Require all granted
-  </Directory>
-
-  SSLEngine On
-  SSLCertificateFile %%CRT%%
-  SSLCertificateKeyFile %%KEY%%
-  %%CHAINLINE%%
-
-</VirtualHost>
diff --git a/etc/alternc/templates/apache2/squirrelmail.conf b/etc/alternc/templates/apache2/squirrelmail.conf
deleted file mode 100644
index ca96d57c..00000000
--- a/etc/alternc/templates/apache2/squirrelmail.conf
+++ /dev/null
@@ -1,39 +0,0 @@
-<Virtualhost *:80>
-  ServerName %%fqdn%%
-  AssignUserId #%%UID%% #%%GID%%
-  SetEnv LOGIN "%%UID%%-%%LOGIN%%"
-
-  KeepAlive Off
-
-  RewriteEngine On
-  RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
-  RewriteCond %{REQUEST_FILENAME} !/.well-known/acme-challenge/
-  RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
-
-</Virtualhost>
-<VirtualHost *:443>
-  ServerName %%fqdn%%
-  AssignUserId alternc-squirrelmail nogroup
-  SetEnv LOGIN "%%UID%%-%%LOGIN%%"
-
-  DocumentRoot /usr/share/squirrelmail
-  <Directory /usr/share/squirrelmail>
-    php_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail/:/var/lib/squirrelmail/data/:/var/spool/squirrelmail/:/etc/mailname
-    php_admin_flag safe_mode off
-    Options +Indexes +FollowSymLinks
-  </Directory>
-
-  Alias /javascript /usr/share/javascript/
-
-  <Directory "/usr/share/javascript/">
-        Options +FollowSymLinks +MultiViews
-        Order allow,deny
-        Allow from all
-  </Directory>
-
-  SSLEngine On
-  SSLCertificateFile %%CRT%%
-  SSLCertificateKeyFile %%KEY%%
-  %%CHAINLINE%%
-
-</VirtualHost>
diff --git a/roundcube/templates/apache2/roundcube.conf b/roundcube/templates/apache2/roundcube.conf
index cf762418..cfa83db1 100644
--- a/roundcube/templates/apache2/roundcube.conf
+++ b/roundcube/templates/apache2/roundcube.conf
@@ -1,4 +1,17 @@
-<VirtualHost *:80>
+<Virtualhost *:80>
+  ServerName %%fqdn%%
+  AssignUserId #%%UID%% #%%GID%%
+  SetEnv LOGIN "%%UID%%-%%LOGIN%%"
+
+  KeepAlive Off
+
+  RewriteEngine On
+  RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
+  RewriteCond %{REQUEST_FILENAME} !/.well-known/acme-challenge/
+  RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
+
+</Virtualhost>
+<VirtualHost *:443>
   ServerName %%fqdn%%
   AssignUserId www-data www-data
   SetEnv LOGIN "0000-roundcube"
@@ -7,10 +20,9 @@
 
   # Access to tinymce files
   <Directory "/usr/share/tinymce/www/">
-        Options Indexes MultiViews FollowSymLinks
+        Options +Indexes +MultiViews +FollowSymLinks
         AllowOverride None
-        Order allow,deny
-        allow from all
+  	Require all granted
   </Directory>
 
   <Directory /var/lib/roundcube/>
@@ -18,8 +30,7 @@
     # This is needed to parse /var/lib/roundcube/.htaccess. See its
     # content before setting AllowOverride to None.
     AllowOverride All
-    order allow,deny
-    allow from all
+    Require all granted
   </Directory>
 
   # Protecting basic directories:
@@ -45,9 +56,13 @@
   Alias /javascript /usr/share/javascript/
 
   <Directory "/usr/share/javascript/">
-        Options FollowSymLinks MultiViews
-        Order allow,deny
-        Allow from all
+        Options +FollowSymLinks +MultiViews
+  	Require all granted
   </Directory>
 
+  SSLEngine On
+  SSLCertificateFile %%CRT%%
+  SSLCertificateKeyFile %%KEY%%
+  %%CHAINLINE%%
+
 </VirtualHost>
diff --git a/squirrelmail/templates/apache2/squirrelmail.conf b/squirrelmail/templates/apache2/squirrelmail.conf
index e74cfa0a..ca96d57c 100644
--- a/squirrelmail/templates/apache2/squirrelmail.conf
+++ b/squirrelmail/templates/apache2/squirrelmail.conf
@@ -1,4 +1,17 @@
-<VirtualHost *:80>
+<Virtualhost *:80>
+  ServerName %%fqdn%%
+  AssignUserId #%%UID%% #%%GID%%
+  SetEnv LOGIN "%%UID%%-%%LOGIN%%"
+
+  KeepAlive Off
+
+  RewriteEngine On
+  RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
+  RewriteCond %{REQUEST_FILENAME} !/.well-known/acme-challenge/
+  RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
+
+</Virtualhost>
+<VirtualHost *:443>
   ServerName %%fqdn%%
   AssignUserId alternc-squirrelmail nogroup
   SetEnv LOGIN "%%UID%%-%%LOGIN%%"
@@ -7,15 +20,20 @@
   <Directory /usr/share/squirrelmail>
     php_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail/:/var/lib/squirrelmail/data/:/var/spool/squirrelmail/:/etc/mailname
     php_admin_flag safe_mode off
-    Options Indexes FollowSymLinks
+    Options +Indexes +FollowSymLinks
   </Directory>
 
   Alias /javascript /usr/share/javascript/
 
   <Directory "/usr/share/javascript/">
-        Options FollowSymLinks MultiViews
+        Options +FollowSymLinks +MultiViews
         Order allow,deny
         Allow from all
   </Directory>
 
+  SSLEngine On
+  SSLCertificateFile %%CRT%%
+  SSLCertificateKeyFile %%KEY%%
+  %%CHAINLINE%%
+
 </VirtualHost>