gipi/roundcube

## gistfile1.sh
#!/bin/sh
### BEGIN INIT INFO
# Provides:          php-cgi
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Make available a cgi for nginx
# Description:       primarly is used for the wordpress installation
### END INIT INFO

# Author: Gianluca Pacchiella <gp@ktln2.org>
#
# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Php CGI daemon"
NAME=php-cgi
# FIXME: give me error
BIND=/var/run/php-cgi.socket
USER=www-data
DAEMON=/usr/bin/$NAME

PHP_CGI=/usr/bin/php-cgi
PHP_FCGI_CHILDREN=5
PHP_FCGI_MAX_REQUESTS=1000
PHP_CGI_ARGS="- USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$PHP_FCGI_CHILDREN   PHP_FCGI_MAX_REQUESTS=$PHP_FCGI_MAX_REQUESTS $PHP_CGI -b $BIND"

PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
        # Return
        #   0 if daemon has been started
        #   1 if daemon was already running
        #   2 if daemon could not be started
        #start-stop-daemon --start --quiet --pidfile $PIDFILE --chuid "$USER" \
        #       --exec /usr/bin/env -- $PHP_CGI_ARGS \
        #       --test > /dev/null \
        #       || return 1
        start-stop-daemon --start --quiet --background --make-pidfile --chuid "$USER" \
                --pidfile $PIDFILE --exec /usr/bin/env -- $PHP_CGI_ARGS \
                || return 2
        # Add code here, if necessary, that waits for the process to be ready
        # to handle requests from services started subsequently which depend
        # on this one.  As a last resort, sleep for some time.
}

#
# Function that stops the daemon/service
#
do_stop()
{
        # Return
        #   0 if daemon has been stopped
        #   1 if daemon was already stopped
        #   2 if daemon could not be stopped
        #   other if a failure occurred
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
        RETVAL="$?"
        [ "$RETVAL" = 2 ] && return 2
        # Wait for children to finish too if this is a daemon that forks
        # and if the daemon is only ever run from this initscript.
        # If the above conditions are not satisfied then add some other code
        # that waits for the process to drop all resources that could be
        # needed by services started subsequently.  A last resort is to
        # sleep for some time.
        start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
                --exec /usr/bin/env -- $PHP_CGI_ARGS
        [ "$?" = 2 ] && return 2
        # Many daemons don't delete their pidfiles when they exit.
        rm -f $PIDFILE
        return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
        #
        # If the daemon can reload its configuration without
        # restarting (for example, when it is sent a SIGHUP),
        # then implement that here.
        #
        start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
        return 0
}

case "$1" in
  start)
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        do_start
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  stop)
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  status)
       status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
       ;;
  #reload|force-reload)
        #
        # If do_reload() is not implemented then leave this commented out
        # and leave 'force-reload' as an alias for 'restart'.
        #
        #log_daemon_msg "Reloading $DESC" "$NAME"
        #do_reload
        #log_end_msg $?
        #;;
  restart|force-reload)
        #
        # If the "reload" option is implemented then remove the
        # 'force-reload' alias
        #
        log_daemon_msg "Restarting $DESC" "$NAME"
        do_stop
        case "$?" in
          0|1)
                do_start
                case "$?" in
                        0) log_end_msg 0 ;;
                        1) log_end_msg 1 ;; # Old process is still running
                        *) log_end_msg 1 ;; # Failed to start
                esac
                ;;
          *)
                # Failed to stop
                log_end_msg 1
                ;;
        esac
        ;;
  *)
        #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
        echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
        exit 3
        ;;
esac

## roundcube
# with this configuration Nginx enforces the access by HTTPS
server {
        server_name webmail.example.com;
        location = / {
                rewrite ^(.*)$ https://webmail.example.com$1 permanent;
        }
}

server {
        listen 443;

        ssl  on;
        ssl_certificate  /etc/ssl/certs/my.crt;
        ssl_certificate_key  /etc/ssl/private/my.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv3 TLSv1;
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
        ssl_prefer_server_ciphers   on;

        server_name webmail.example.com;
        root   /var/www/roundcubemail-0.7/;

        location = / {
                index  index.php;
        }

        location ~ .php$ {
                try_files $uri = 404;# for security reason (see Pitfall section in Nginx's wiki)
                include fastcgi_params;
                fastcgi_intercept_errors on;
                # TODO: move this to /var/run/php/
                fastcgi_pass unix:/tmp/php-cgi.socket;
                fastcgi_index  index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }
}
	#!/bin/sh
	### BEGIN INIT INFO
	# Provides: php-cgi
	# Required-Start: $remote_fs $syslog
	# Required-Stop: $remote_fs $syslog
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: Make available a cgi for nginx
	# Description: primarly is used for the wordpress installation
	### END INIT INFO

	# Author: Gianluca Pacchiella <gp@ktln2.org>
	#
	# Do NOT "set -e"

	# PATH should only include /usr/* if it runs after the mountnfs.sh script
	PATH=/sbin:/usr/sbin:/bin:/usr/bin
	DESC="Php CGI daemon"
	NAME=php-cgi
	# FIXME: give me error
	BIND=/var/run/php-cgi.socket
	USER=www-data
	DAEMON=/usr/bin/$NAME

	PHP_CGI=/usr/bin/php-cgi
	PHP_FCGI_CHILDREN=5
	PHP_FCGI_MAX_REQUESTS=1000
	PHP_CGI_ARGS="- USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=$PHP_FCGI_MAX_REQUESTS $PHP_CGI -b $BIND"

	PIDFILE=/var/run/$NAME.pid
	SCRIPTNAME=/etc/init.d/$NAME

	# Exit if the package is not installed
	[ -x "$DAEMON" ] \|\| exit 0

	# Read configuration variable file if it is present
	[ -r /etc/default/$NAME ] && . /etc/default/$NAME

	# Load the VERBOSE setting and other rcS variables
	. /lib/init/vars.sh

	# Define LSB log_* functions.
	# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
	# and status_of_proc is working.
	. /lib/lsb/init-functions
	#
	# Function that starts the daemon/service
	#
	do_start()
	{
	# Return
	# 0 if daemon has been started
	# 1 if daemon was already running
	# 2 if daemon could not be started
	#start-stop-daemon --start --quiet --pidfile $PIDFILE --chuid "$USER" \
	# --exec /usr/bin/env -- $PHP_CGI_ARGS \
	# --test > /dev/null \
	# \|\| return 1
	start-stop-daemon --start --quiet --background --make-pidfile --chuid "$USER" \
	--pidfile $PIDFILE --exec /usr/bin/env -- $PHP_CGI_ARGS \
	\|\| return 2
	# Add code here, if necessary, that waits for the process to be ready
	# to handle requests from services started subsequently which depend
	# on this one. As a last resort, sleep for some time.
	}

	#
	# Function that stops the daemon/service
	#
	do_stop()
	{
	# Return
	# 0 if daemon has been stopped
	# 1 if daemon was already stopped
	# 2 if daemon could not be stopped
	# other if a failure occurred
	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
	RETVAL="$?"
	[ "$RETVAL" = 2 ] && return 2
	# Wait for children to finish too if this is a daemon that forks
	# and if the daemon is only ever run from this initscript.
	# If the above conditions are not satisfied then add some other code
	# that waits for the process to drop all resources that could be
	# needed by services started subsequently. A last resort is to
	# sleep for some time.
	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
	--exec /usr/bin/env -- $PHP_CGI_ARGS
	[ "$?" = 2 ] && return 2
	# Many daemons don't delete their pidfiles when they exit.
	rm -f $PIDFILE
	return "$RETVAL"
	}
	#
	# Function that sends a SIGHUP to the daemon/service
	#
	do_reload() {
	#
	# If the daemon can reload its configuration without
	# restarting (for example, when it is sent a SIGHUP),
	# then implement that here.
	#
	start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
	return 0
	}

	case "$1" in
	start)
	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
	do_start
	case "$?" in
	0\|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
	2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
	stop)
	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
	do_stop
	case "$?" in
	0\|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
	2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
	status)
	status_of_proc "$DAEMON" "$NAME" && exit 0 \|\| exit $?
	;;
	#reload\|force-reload)
	#
	# If do_reload() is not implemented then leave this commented out
	# and leave 'force-reload' as an alias for 'restart'.
	#
	#log_daemon_msg "Reloading $DESC" "$NAME"
	#do_reload
	#log_end_msg $?
	#;;
	restart\|force-reload)
	#
	# If the "reload" option is implemented then remove the
	# 'force-reload' alias
	#
	log_daemon_msg "Restarting $DESC" "$NAME"
	do_stop
	case "$?" in
	0\|1)
	do_start
	case "$?" in
	0) log_end_msg 0 ;;
	1) log_end_msg 1 ;; # Old process is still running
	*) log_end_msg 1 ;; # Failed to start
	esac
	;;
	*)
	# Failed to stop
	log_end_msg 1
	;;
	esac
	;;
	*)
	#echo "Usage: $SCRIPTNAME {start\|stop\|restart\|reload\|force-reload}" >&2
	echo "Usage: $SCRIPTNAME {start\|stop\|status\|restart\|force-reload}" >&2
	exit 3
	;;
	esac
	# with this configuration Nginx enforces the access by HTTPS
	server {
	server_name webmail.example.com;
	location = / {
	rewrite ^(.*)$ https://webmail.example.com$1 permanent;
	}
	}

	server {
	listen 443;

	ssl on;
	ssl_certificate /etc/ssl/certs/my.crt;
	ssl_certificate_key /etc/ssl/private/my.key;

	ssl_session_timeout 5m;

	ssl_protocols SSLv3 TLSv1;
	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
	ssl_prefer_server_ciphers on;

	server_name webmail.example.com;
	root /var/www/roundcubemail-0.7/;

	location = / {
	index index.php;
	}

	location ~ .php$ {
	try_files $uri = 404;# for security reason (see Pitfall section in Nginx's wiki)
	include fastcgi_params;
	fastcgi_intercept_errors on;
	# TODO: move this to /var/run/php/
	fastcgi_pass unix:/tmp/php-cgi.socket;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	}
	}