# Horde and modules HOWTO

## Wolven

Version 0.3a Tue Apr 11, 2006

 WARNING!!!  Horde Framework: Multiple XSS vulnerabilities

*Credits:

The HOWTO is a rewrite of the Horde modules guide found here: http://www.totkat.org/

Thanks to relkai for providing the Horde and IMP section.

*Notes:

If you already have followed the Virtual Mail Hosting System Guide and have MySQL + Horde IMP installed and configured you can skip the Horde and IMP section in Part 1 and continue from Part 2 - Creating a horde database -.

There is no explanation on how to install and configure MySQL in this guide yet, so you need to do a search in the forums on how to do this. (This will hopfully be added later)

Adding the use flags: cli, session  and xml to your system might be a good idea to avoid having to rebuild php multiple times.  (Thanks spencerogden)

$DOCROOT = your path to horde. Mine is /var/www/localhost/htdocs/horde. Replace $DOCROOT with your path to the horde directory.

My editor of choice is nano, replace nano with the editor you use in the code sections.

   Part 1  

- Installing Horde -

Emerge horde and rename the config files from foo.php.dist to foo.php:

```
emerge -a horde

cd $DOCROOT/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done
```

- Installing and configuring IMP -

Emerge IMP and rename the config files from foo.php.dist to foo.php:

```
emerge -a horde-imp

cd $DOCROOT/imp/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done
```

Configure IMP:

```
nano -w conf.php
```

Edit the config that specifies which other modules you want to be shown in the imp menu.

For example, if you want to see turba, kronolith and mnemo in that order, edit line 37 to look like this:

 *Quote:*   

> $conf['menu']['apps'] = array('turba','kronolith','mnemo');

 

The part below this line is the default configuration of every account.

You can set permissions and defaults here. Because it's up to the sysadmin what he wants to allow or disallow, it's unnecessary to write down my configuration.

The most of these options are accessable over the webinterface so for a first test you can leave them as they are and change them later to fit your needs.

More default configurations and permissions can be found in "prefs.php".

Some of them are server or region specific - the most important ones are:

- line 245: sent folder name

- line 261: use of imap folder subscriptions

- line 277: default language

- line 293: default timezone

- line 400: trash folder name

- line 653: drafts folder name

The most of this file can be left as it is and you can do the fine tuning at a later time. If you're using the webmail interface, you'll see what you want to allow or disallow.

If you like to see HTML messages within the webinterface, edit line 63 in the file mime_drivers.php to look like this:

```
nano -w mime_drivers.php
```

 *Quote:*   

> $mime_drivers['imp']['html']['inline'] = true;

 

Now it's time to configure the mail server we're connecting to.

```
nano -w servers.php
```

For my courier-imapd-ssl using an own signed ssl certificate my lines 88 to 99 look like this:

 *Quote:*   

> 
> 
> $servers['imap'] = array(
> 
>     'name' => 'IMAP Server',
> ...

 

Replace [domain] with your mail domain.

I commented everything below this block, so I don't use any other server connections.

Of course it depends on your mail server configuration, what you have to fill in here.

Some example server connections are placed into this file.

Activate IMP in the horde registry.php:

```
nano $DOCROOT/config/registry.php
```

Edit lines 115 to 122 to look like this:

 *Quote:*   

> 
> 
> $this->applications['imp'] = array(
> 
>     'fileroot' => dirname(__FILE__) . '/../imp',
> ...

 

If you use IMAP and want to prevent the "double login effect" by accessing your webmail, you may want to authenticate to horde against your IMAP accounts instead of horde's own mechanism.

To configure it, you only have to comment out lines 23 and 24 in the registry.php:

 *Quote:*   

> 
> 
> $this->registry['auth']['login'] = 'imp';
> 
> $this->registry['auth']['logout'] = 'imp';
> ...

 

To activate the automatic adressbook lookup in IMP edit the prefs.php file:

```

nano -w $DOCROOT/imp/config/prefs.php

```

Modify the lines 744-766 to look like this:

 *Quote:*   

> 
> 
> // addressbook(s) to use when expanding addresses
> 
> // You can provide default values this way (note the \t and the double quotes):
> ...

 

  Part 2  

The next steps the guide will cover the installation of these Horde modules: Turba (Address Book), Kronolith (Calendar Application), Mnemo (Memos and Notes) & Passwd (Password changing Application)

You don't have to install all the modules if there are one or more you feel you don't need. You must however do the first step and create a horde database in MySQL regardless of which module(s) you choose to install.

(Except for Passwd since it uses the vpopmail database.)

- Creating a horde database -

First we need to setup a 'horde' database in MySQL. Horde provides a handy script for this, so all you need to do is edit the password in this script and then import it in MySQL. (The database will be called horde and the username will also be horde.)

```

cd $DOCROOT/scripts/db

nano mysql_create.sql

```

Change the password, save and exit.

 *Quote:*   

> 
> 
> REPLACE INTO user (host, user, password)
> 
>     VALUES (
> ...

 

Create the horde database in MySQL:

```

mysql -u root -p < mysql_create.sql

```

Enable sql support in Horde:

```

nano $DOCROOT/config/horde.php

```

Make shure line 162 is uncommented and set to:

 *Quote:*   

> 
> 
> $conf['prefs']['driver'] = 'sql';
> 
> 

 

Uncomment lines 171 to 176 and set the propper values.

 *Quote:*   

> 
> 
>  $conf['prefs']['params']['phptype'] = 'mysql';
> 
>  $conf['prefs']['params']['hostspec'] = 'localhost';
> ...

 

- Installing and configuring Turba -

Emerge turba and rename the config files from foo.php.dist to foo.php:

```

emerge -a horde-turba

cd $DOCROOT/turba/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done

```

Then add, after the comment at the top, a connect statement to the database. (If it's not already there) 

```

nano $DOCROOT/turba/scripts/drivers/turba.sql

```

 *Quote:*   

> 
> 
> -- $Horde: turba/scripts/drivers/turba.sql,v 1.4.2.4 2002/09/11 11:32:35 jan Exp $
> 
> CONNECT horde;
> ...

 

Create the turba table in the database:

```

cd $DOCROOT/turba/scripts/drivers

mysql -u root -p < turba.sql

```

Configure turba:

```

nano $DOCROOT/turba/config/sources.php

```

Comment out lines 51 to 129 to make sure that turba uses your local MySQL instance. This is all of the sections which mention 'netcenter', 'bigfoot', 'verisign' and 'localldap'.

Then change the password in line 146.

 *Quote:*   

> 
> 
> $cfgSources['localsql'] = array(
> 
>     'title' => 'My Addressbook',
> ...

 

Now edit the config that specify which other modules you want to be shown in the turba menu:

```

nano $DOCROOT/turba/config/conf.php

```

For example, if you want to see IMP, kronolith and mnemo in that order, edit line 32 to look like this:

 *Quote:*   

> 
> 
> $conf['menu']['apps'] = array('imp','kronolith','mnemo');
> 
> 

 

Activate turba in the horde registry.php:

```

nano $DOCROOT/config/registry.php

```

Edit lines 133 to 139 to look like this:

 *Quote:*   

> 
> 
> $this->applications['turba'] = array(
> 
>     'fileroot' => dirname(__FILE__) . '/../turba',
> ...

 

- Installing and configuring Kronolith -

Emerge kronolith and rename the config files from foo.php.dist to foo.php:

```

emerge -a horde-kronolith

cd $DOCROOT/kronolith/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done

```

Then add, after the comment at the top, a connect statement to the database. (If it's not already there)

```

nano $DOCROOT/kronolith/scripts/drivers/kronolith.sql

```

 *Quote:*   

> 
> 
> -- $Horde: kronolith/scripts/drivers/kronolith.sql,v 1.3.2.2 2002/09/25 22:32:48 jan Exp $
> 
> CONNECT horde;
> ...

 

Create the kronolith table in the database:

```

cd $DOCROOT/kronolith/scripts/drivers

mysql -u root -p < kronolith.sql

```

Configure Kronolith to use MySQL

```

nano $DOCROOT/kronolith/config/conf.php

```

Find the section on calendar drivers.Set for sql, comment out references to mstore, and configure for access to the database.

 *Quote:*   

> 
> 
> // What calendar backend is being used? Right now, the only options are
> 
> // 'mcal' and 'sql', but others may appear at some point in the future.
> ...

 

Edit the menu settings on line 66 to show whichever modules you want to be seen there, e.g.:

 *Quote:*   

> 
> 
> $conf['menu']['apps'] = array('imp','turba','mnemo');
> 
> 

 

Activate kronolith in the horde registry.php:

```

nano $DOCROOT/config/registry.php

```

Edit lines 142 to 148 to look like this:

 *Quote:*   

> 
> 
> $this->applications['kronolith'] = array(
> 
>     'fileroot' => dirname(__FILE__) . '/../kronolith',
> ...

 

- Installing and configuring Mnemo -

Emerge mnemo and rename the config files from foo.php.dist to foo.php:

```

emerge -a horde-mnemo

cd $DOCROOT/mnemo/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done

```

Then add, after the comment at the top, a connect statement to the database. (If it's not already there)

```

nano $DOCROOT/mnemo/scripts/drivers/mnemo_memos.sql

```

 *Quote:*   

> 
> 
> -- $Horde: mnemo/scripts/drivers/mnemo_memos.sql,v 1.1.2.1 2002/12/28 20:48:00 jan Exp $
> 
> CONNECT horde;
> ...

 

Run the table creation script:

```

cd $DOCROOT/mnemo/scripts/db

mysql -u root -p < mnemo_memos.sql

```

You need to specify the storage method, in this case sql, and the connection information, lines 38 to 50:

```

nano $DOCROOT/mnemo/config/conf.php

```

 *Quote:*   

> 
> 
> // What storage driver should we use?  Valid values are 'sql'.
> 
> $conf['storage']['driver'] = 'sql';
> ...

 

Edit the menu options, on line 65, for whichever modules you want displayed:

 *Quote:*   

> 
> 
> $conf['menu']['apps'] = array('imp','turba','kronolith');
> 
> 

 

Then finally activate mnemo in the horde registry.php:

```

nano $DOCROOT/config/registry.php

```

Edit lines 151 to 157 to look like this:

 *Quote:*   

> 
> 
> $this->applications['mnemo'] = array(
> 
>     'fileroot' => dirname(__FILE__) . '/../mnemo',
> ...

 

- Installing and configuring Passwd -

Emerge Passwd and rename the config files from foo.php.dist to foo.php:

```

emerge -a horde-passwd

cd $DOCROOT/passwd/config

for f in *.dist ; do mv ${f} ${f/.dist} ; done

```

Now specify what backend to use for changing passwords. Since vpopmail is used in the 'Virtual Mail Hosting System Guide' We will use vpopmail.

```

nano $DOCROOT/passwd/config/backends.php

```

Comment out all the backends except the vpopmail section, lines 175 to 204.

You can set different options for encrypting and password policies here. mine looks like this:

 *Quote:*   

> 
> 
> $backends['vpopmail'] = array (
> 
>     'name' => 'vpopmail Authentication',
> ...

 

PLEASE NOTE!

You need to use the vpopmail database name, the vpopmail username and the vpopmail password here.

If you have problems getting Passwd to work, take a look here.

Activate passwd in the horde registry.php:

```

nano $DOCROOT/config/registry.php

```

Edit lines 187 to 194 to look like this:

 *Quote:*   

> 
> 
> $this->applications['passwd'] = array(
> 
>     'fileroot' => dirname(__FILE__) . '/../passwd',
> ...

 

Also note:

If a user wants to change his/her password with Passwd in Horde, he/she must use the entire username@domain.org in the username box, just like when login in to Horde.

The Passwd step isn't covered in the guide from which I copied most of this HOWTO, so it's taken from memory, but I think this was all that was to it.

Final notes:

This is my first HOWTO, so I hope it's not too hard to follow. I've tried to make it as clear and to the point as I could.

I'm not a native English speaker, so I'm sure there are some spelling and gramatical errors. I'll correct them when I become aware of them.

If you find any errors or have additional information, please post it here and I'll edit the guide.Last edited by Wolven on Tue Apr 11, 2006 9:18 pm; edited 11 times in total

----------

## relkai

Thanks for this great guide!

After a long search through the forums this seems to be the first nearly complete horde howto.

Yesterday I decided to switch my webmail interface from squirrelmail to horde because of its versatility.

I followed your guide step by step without any problems and after a few hours my new webmail interface was ready to go with all the nice applications I was missing in the squirrelmail interface.

Especially the mysql parts helped me a lot, because my knowledge about the handling of mysql scripts is very poor.

What do you think about adding an IMP part in your guide?

Though I've got my IMP module running fine with my various IMAP accounts, but I think it could be very useful for others to know how to configure it correctly.

Of course there is no need for a detailed explanation of how to connect with which protocol to which server - I think everyone knows his account information.

Needless to say, that this would turn your guide into a really complete horde howto.

Again, thanks a lot for this very helpful howto - GREAT WORK!

relkai

----------

## Wolven

Thank you for the feedback, I'm glad you found the guide useful.

I also did a long search in vain through the forums for horde guides/posts when I decided to beef it up my webmail, but I could not find any.

I'll sertainly consider adding a section about IMP and other useful information regarding Horde to make a more complete document. I'll need to do some research first though, it's been a while since I installed and configured Horde and I would sertainly not have figured out how to do it without the documentation I followed.

I'm a little curious to what modules you installed. So I'll know which parts of the guide that 'worked.' The part I wonder most about is the one about Passwd. It took me a while to figure out how to set it up, so I'm wondering if that part is correct. I only had my preconfigured install use as reference for that section and it's been over 6 months since I did it.

----------

## relkai

I installed every module expecting "passwd" so sadly I can't say something about the correctness of this part.

Because I've only got two user accounts (me and my wife  :Wink: ), I don't use vhosts and all the authentication stuff is done against the system accounts. So it's easy for me to change the passwords on the system console.

But the installation of all other modules (turba, kronolith, mnemo) worked fine without any problems and exactly as you described.

Even the stated line numbers in the php code were correct! But in case of an update to horde they could be outdated and I think it's going to be a hard work to hold the guide up to date...

My IMP installation was surprising easy:

----------

## Wolven

Greate! I've added you Horde and IMP guide to the rest of the HOWTO. The next addtion this HOWTO could need is a install/configure MySQL section. 

I've also been thinking about adding a section on how to install the newer versions of Horde and the modules which are not in Portage yet.

 *relkai wrote:*   

> I installed every module expecting "passwd" so sadly I can't say something about the correctness of this part.

 

Thats OK, I'll assume the Passwd section is correct until I'm told otherwise.

 *relkai wrote:*   

> Even the stated line numbers in the php code were correct! But in case of an update to horde they could be outdated and I think it's going to be a hard work to hold the guide up to date... 

 

That is true, I'll edit/remove the line numbers if it becomes necessary.

Thanks for the input.  :Smile: 

----------

## whatalotta

Excellent HOWTO.  Everything worked fine when starting with the Horde setup from this HOWTO.  For some reason the first time through, I broke my Horde when I attempted installing Kronolith after starting at step 2 (I already had Horde and IMP).  However, from a clean start, everything seemed to work fine. Thanks!

----------

## Strowi

hi and thx for the howto,

it made me give horde another shot. :Wink: 

After seeing the screenshots on the horde-website, i decided to go ~x86 with the CVS Version which has a really nice layout and a very big admin-menu.

About that passwd plugin, i think there is a little error in it. At the end it says "show_encyption = true", which won't work with the default vpopmail setup. After not seeing that i entered the wrong passwd for my DB, this made me bug around with the config another 20 mins...

Here is my (confirmed to work) code:

```

$backends['vpopmail'] = array (

    'name' => 'vpopmail Authentication',

    'preferred' => '',

    'password policy' => array(

        'minLength' => 3,

        'maxLength' => 8,

        'maxSpace' => 0,

        'minUpper' => 0,

        'minLower' => 0,

        'minNumeric' => 0

    ),

    'driver' => 'vpopmail',

    'params' => array(

        'phptype'    => 'mysql',

        'hostspec'   => 'localhost',

        'protocol'   => 'tcp',

        'port'       => 3306,

//      'socket'     => '/var/run/mysqld/mysqld.sock',

        'username'   => 'vpopmail_user',

        'password'   => 'vpopmail_passwd',

        'encryption' => 'crypt-md5',

        'database'   => 'vpopmail',

        'table'      => 'vpopmail',

        'name'    => 'pw_name',

        'domain'  => 'pw_domain',

        'passwd' =>  'pw_passwd',

        'clear_passwd' => 'pw_clear_passwd',

        'use_clear_passwd' => false,

        'show_encryption' => false

    )

);

```

PS: Could someone explain to me, what "'use_clear_passwd' => false," stands for? (sry, i'm too exhausted to look it up right now  :Wink: )

And is it possible to add a std.-domain if only username is given(for login as for all other related fields)?

----------

## relkai

 *Wolven wrote:*   

> The next addtion this HOWTO could need is a install/configure MySQL section.

 

It's so long since I installed mysql and I don't remember if there were any problems.

Wasn't it easy like "emerge -av mysql"?

 *Wolven wrote:*   

> I've also been thinking about adding a section on how to install the newer versions of Horde and the modules which are not in Portage yet.

 

Because the "~x86" version of horde is very different in some cases (especially the new administration interface which generates the conf.php for each module) I don't think it's a good idea to add it to this HOWTO.

What about a separate HOWTO only for the new version? Of course I would help to create it if you wish.

By the way: Don't forget to change the headline of this thread, because it's grown up to a really complete horde HOWTO!  :Wink: 

In the IMP section I forgot to write down an important configuration within the prefs.php file.

Could you please merge it into your guide?

----------

## Trejkaz

Hmm...

I don't suppose someone wants to take a crack at documenting the new version.  It seems the same steps don't quite work as expected.  :Smile: 

----------

## Strowi

hi,

what new version are you talking about? Maybe i can help..

----------

## Trejkaz

The aforementioned ~x86 versions.  Horde 3.0, IMP 4.0, etc.

----------

## Strowi

hi,

the ~x86-version of horde & co are very different in layout + design. ATM i don't have the time to rewrite the whole thing, but it is really easy:

1. ACCEPT_KEYWORD="~x86" emerge horde

2. follow the rest of the horde-dokumentation from step 4 ff. "Configuring horde" 

the other doc's work just the same way. (at least they did for me. :Wink: )

----------

## relkai

For the new version I recommend to use the CVS repository of horde.

I had some problems with the imp and kronolith modules provided by portage. After downloading exactly the same versions of these modules using the CVS repository everything works fine now.

----------

## meulie

 *Wolven wrote:*   

> 
> 
> - Installing and configuring IMP -
> 
> Emerge IMP and rename the config files from foo.php.dist to foo.php:
> ...

 

This should of course be 

```
emerge -a horde-imp
```

  :Cool: 

----------

## Wolven

 *meulie wrote:*   

> 
> 
> This should of course be 
> 
> ```
> ...

 

Thank you. I've corrected the error in the guide now.

----------

## meulie

2 little things:

*Has anyone gotten this to work with webapp-config in such a way that the whole horde-system is reachable on http://webmail.domain.com/ and not http://webmail.domain.com/horde/ ?

* And instead of 

```
for f in *.dist ; do mv ${f} ${f/.dist} ; done
```

 it might be smarter to do 

```
for f in *.dist ; do cp ${f} ${f/.dist} ; done
```

 to preserve a copy of the .dist files as well, ready at hand...   :Cool: 

----------

## relkai

 *meulie wrote:*   

> This should of course be 
> 
> ```
> emerge -a horde-imp
> ```
> ...

 

Oups!

Sorry, it was my fault. Maybe it was to late, when I wrote this down   :Wink: 

----------

## SeJo

meulie, 

yes it's simple in the $DOCROOT/config/registry.php your horde settings should look like this: 

```
$this->applications['horde'] = array(

    'fileroot' => dirname(__FILE__) . '/',

    'webroot' => '',

    'initial_page' => 'login.php',

    'icon' => 'graphics/home.gif',

    'name' => _("Horde"),

    'allow_guests' => true,

    'status' => 'active',

    'templates' => dirname(__FILE__) . '/../templates',

    'cookie_domain' => $_SERVER['SERVER_NAME'],

    // ** If IE will be used to access Horde modules, you should read

    //    this discussion about the cookie_path setting (discussing issues

    //    with IE's Content Advisor):

    //    http://lists.horde.org/archives/imp/Week-of-Mon-20030113/029149.html

    'cookie_path' => '',

    'server_name' => $_SERVER['SERVER_NAME'],

    'server_port' => $_SERVER['SERVER_PORT']

);

```

----------

## meulie

to get this whole thing to work correctly with vhosts, should I:

install horde with '-d /'

install imp with '-d /imp'

install turba with '-d /turba'

(etc)

or do them all with '-d /' ?

----------

## mahir

is there anyway to export

my yahoo adddressbook to horde so that

i can use horde all the time??

help please

----------

## meulie

Y! mail has the possibility to export to CSV. Isn't it possible to import this in Horde?

----------

## Satori80

 *SeJo wrote:*   

> meulie, 
> 
> yes it's simple in the $DOCROOT/config/registry.php your horde settings should look like this: 
> 
> ```
> ...

 

That second line; 'fileroot' => dirname(__FILE__) . '/', should be left as 'fileroot' => dirname(__FILE__) . '/..', or you will get strange problems. The rest looks good for installing to the root of a vhost.

----------

## _DaVinci_

You'll always get strange problems (images not showing correctly without copying them around, and so on) with modifying sth., I did it like this:

1. In the webroot, do:

# ln -s . ./horde

2. In the Apache VHost-Config-File do:

(in the VirtualHost-Section, add)

<Directory /path/to/your/horde/root/>

   Options FollowSymLinks

</Directory>

3. Test the config:

# apache2ctl -t

4. Restart Apache

# apache2ctl graceful

Thats it, no changes in config-files needed

----------

## DeepBass909

I'm having some trouble getting Horde to work. I've followed the guide, but when I try to open the site, ik get these 2 errors:

```
Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Auth.php on line 68

Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Prefs.php on line 144
```

Can anyone help me on this?

----------

## _DaVinci_

Thats no error, just a notice, turn off Error-Reporting in PHP or decrease the reporting level to errors only...or...edit the files by hand and add a @ before the commands to turn off showing errors.

----------

