Categories
Freedom and Privacy Technology Tutorial yunohost

HOW TO INSTALL NEW ROUNDCUBE VERSION ON SHARED HOST CPANEL WITH PGP KEYS WORKING

So, you want to not wait for RoundCube to release 1.4 to cpanel, or, you have Roundcube on your cpanel setup and for whatever reason the Enigma plugin that makes the PGP stuff work – isn’t working. Whatever your reason is, the solution is not insanely hard, but it took me about a week and a lot of hours to figure out how to get it going. Hopefully this will save you many hours that I lost! 🙂

Probably this page will work for future stuff too for future releases so I’ll leave the download pages more general.

Before we begin, quick thanks to everyone at Roundcube for really improving the look, feel and security of everything. Really nice upgrades in the UI for version 1.4 RC!

STEP ONE – DOWNLOAD

  1. Get your version (in this case 1.4-rc) from this Roundcube download page
  2. Download compressed Roundcube file to your computer
  3. Upload compressed Roundcube it via FTP (or whatever method you like)
  4. In your cpanel File Manager, Right click on the compressed Roundcube file and ‘extract’ – the file will decompress and extract the directory with the same name in the same directory where you clicked ‘extract’
  5. Locate the newly extracted file and rename to something you like. This will form part of the URL when you log into your email. If you leave it as is the URL will be too long and annoying so changing it to something like ‘mail’ or ’roundcube’ would be smart. Maybe don’t call it ‘webmail’ because most shared hosting uses that? Not sure, I didn’t test that but something more unique would probably be smart.
  6. go to the URL of your domain, with the new directory folder and add ‘installer’ at the end and this will start installer. You can read details on the Roundcube installation page and we are now at step ‘Configuring Roundcube’

Create your MYSQL database for Roundcube

You’ll need a database to make Roundcube work. Although this kind of stuff seems scary, it’s not that scary as long as you don’t delete stuff that’s already there that you don’t know about. In short, all you are gong to do is create a database, create a user for the database, and then glue the user to the database. That’s it.

Before you begin this part you should have some kind of password manager software setup, I think, so you can create strong passwords and not lose them. Otherwise, ‘do it the way you like’.

Here’s how:

  1. in your Cpanel home panel, go to ‘MYSQL Databases’
  2. in the top section, Create New Database, give your new database a decent name like ’roundcube_abc’ (no one sees this stuff, it’s just back end). You will note that it will automatically append something to the front. That will be part ofyour database name, not just the part you are typing in the field.
  3. Click ‘Create Database’ button
  4. Scroll down to the MYSQL Users section and in the ‘Add New User’ section at the top, create a new username with a strong password. You can use the password generator and then make sure to save it safely. You will note that it will automatically append something to the front. That will be part ofyour username name, not just the part you are typing in the field.
  5. Click ‘Create user’ button

Now you have both a database and a username. the last steps are to glue them together.

  1. Scroll down to ‘Add User to Database’
  2. From the ‘User’ dropdown, select the user you just created
  3. From the Database dropdown, select the database you just created above
  4. Click the ‘Add’ button

It will take you to another screen where it asks what permissions you want to give this user in this database. You will give it all permissions which should be the default (all boxes selected).

Confirm these changes.

Installing Roundcube

Really you should read this entire page and learn a bit as your setup might be different and it’s good to review the items they mention, although most or much of it is for people who have full access to their servers, not cpanel people.

Once you start the installation process, there really isn’t too much documentation on how to actually set it up. It will start a kind of ‘installation wizard’ but not a lot of help is there during the process. You’ll need to have the following items near you before you begin:

  • The email credentials that will be using Roundcube including: server names, type of email (ie. SMTP, IMAP), security protocol of each, ports for each. You can get all this from your email provider.
  • The database name, user name, and user name password for the MYSQL stuff you created above

Once all this is in hand simply walk through all the fields and do your best. The details of that part is out of scope of this tutorial but there is one vital point which you absolutely must seclect in order to use encryption and PGP and that is, in the plugin section you must select the Enigma plugin which will add all the functionality.

Again, be sure to install the the Enigma plugin.

Fixing the enigma_pgp_homedir not specified error

After installation is complete and everything appears working, if you were to go to the settings and to PGP keys you will be greeted with a warning that enigma_pgp_homedir is not specified, or, if you tried to simply put the path in there as if it were a full control server, it probably won’t work. At least that’s what happened to me and the purpose of this tutorial.

The solution to properly point Roundcube to a secure folder was pretty hard to figure out but now that it’s figured out should be pretty easy for you.

You should apparently not put your pgp key folder into the enigma plugin folder, or in the document root folder. Frankly I”m not skilled enough to know all the whys but I’ve learned to trust people smarter than I. So, I put the directory in the main directory of my domain where roundcube is. You can mirror this for simplicity and probably should. So, here go the steps:

  1. In cpanel File manager go to: public_html/yourdomain.com
  2. Create a folder for your keys. For this tutorial I’ll call it ‘keez’ but you can call it whatever you want. Make sure permissions are 0755 (they should be after you create it)
  3. In File manager, navigate to this location: /yourRoundCubeInstallationFolder//plugins/enigma/
  4. Locate the config.inc.php.dist file
  5. Touch it, right click on it, and rename and remove the ‘.dist’ from the end of the filename and save the change
  6. Touch the newly renamed file again and right click and ‘edit’. This will open the Cpanel text editor.
  7. It will give you a warning that by editing you can break everything, which of course we know, so, click edit again and reall stick it to the man!
  8. Scroll down in the code stuff until you see this section:

// REQUIRED! Keys directory for all users.
// Must be writeable by PHP process, and not in the web server document root
$config[‘enigma_pgp_homedir’] = null;

Now is the fun part. All you have to do is enter in the path that points to your keys folder that you created in step 2 above.

Mine now looks like this:

$config['enigma_pgp_homedir'] = realpath(__DIR__.'/..'.'/..'.'/..').'/keez';

As long as you put your keys folder in the main directory of your domain and named it ‘keez’ this line shoud work. If you have your folder somewhere else you’ll have to adjust accordingly. What I learned was each instance of '/..' moves up one level directory. So this command is saying ‘you will find the ‘keez’ folder by going up 3 levels from where you are now”.

Once you have adjusted this one line of code, click the ‘save changes’ button in your cpanel editor.

Go to your Roundcube email, go to ‘settings’ and go to ‘PGP Keys’ and you should now have working PGP functionality working in your Cpanel Roundcube, plus, you are running the new mobile-friendly version 1.4 now that all the paths are working.

I hope this helps!

Categories
Technology Tutorial Ubuntu

How to Back Up SuiteCRM using Ubuntu

I discovered SuiteCRM by means of searching through my web host’s cpanel softaculous thing – that thing that allows one click installs of ‘apps’ for your server.  Over time, I became a heavy believer in and user of SuiteCRM.  Eventually, I installed an instance for my company on my shared host and the company started using it more and more. Finally, today, I realized that I better figure out how to back this bad boy up.  I thought it would be as simple as going to the SuiteCRM documentation, but I guess I’m not smart enough for that.  I also tried the SuiteCRM user guides which, for everything else, are very excellent.  However, couldn’t seem to figure it out there, either.  There is also this ‘backup feature’ in the Admin area which also I couldn’t figure out on my own or by searching.  I even posted this post in the forum and it seems as though I had asked a question that was too easy for anyone to answer.

I’m just a standard, shared host, cpanel user, not a database guy or even web host guy, although I’ve got a small server running at home.  How is it that I cannot figure out how to do a simple back up of SuiteCRM so that I can protect it as well as move it from host to host should I choose?   So, with all that background, I will now begin to find the answer and document it here for my future benefit and hopefully help a few others along the way.

What I have learned from reading most stuff online is that If I want to be sure something like SuiteCRM is backed up safely I have to do the following two things:

  • backup the SuiteCRM folder/directories/files
  • back up the mysql database

Sounds easy except that when I went into cpanel, there was no ‘download’ button to get all my directory stuff!  Although I’m shocked that there doesn’t seem to be a web-based download button, I also assume there must be a  security reason for that so I won’t kick up a storm. I now assume that I have to do it the old FTP client way.  So, I will now perform the following two steps in an attempt to download the directory parts of SuiteCRM:

  • create an FTP account from the home page area of cpanel so that I can login with FTP client and
  • download and install Filezilla on my computer

I went to the Ubuntu software centre and downloaded Filezilla successfully.

I entered in my credentials.  It turns out that I did not have to create a new FTP user since my main cpanel login credentials/passwords worked perfectly to get in.  However, if this is for someone else to login, obviously you’ll want to create a new FTP user/password for them and restrict them to the areas they are permitted to go.

Since my website wasn’t the ‘main’ website of my shared hosting, I had to go into the ‘public_html’ directory to find my SuiteCRM directory.  Found it!

I learned the hard way that I must *first* choose the local machine directory to where the files must be downloaded.  The first time I didn’t specify so it started running errors for five minutes while I sat there and drooled on my desk.  Once I figured it out, I cancelled, started again by stating the local directory (in fact, I created a new directory just in case and to help me remember where it was) and then right clicked on the ‘remote server’ folder (my SuiteCRM install folder) and clicked ‘download’ and now everything appears to be downloading successfully to my machine.

The next step will be the second step which is to download/backup the mysql database…  Of course, I’ve never done this so I am going to find this tutorial by Siteground which looks pretty solid.  Siteground (whoever they are) seem pretty cool, by the way and has killer SEO results with Duck Duck Go.  Let’s see if this tutorial works.  You will probably have lots of time to study this tutorial if your FTP download is as big as mine.  My SuiteCRM has nearly 10,000 files to download.  It appears also, that this tutorial will show how to restore this mysql database for the next part of this tutorial which I’ll probably have to write for myself…  In this tutorial, the only thing that seems ‘unknown’ to me is the ‘drop table’ option.  Good thing I didn’t choose this option, I believe, because this tutorial shows that ‘drop table’ means to delete tables.  I am quite certain that I will want to *keep* all the tables in this database so that I can import the database perfectly into the server to match the SuiteCRM stuff…. but I don’t know anything so we’ll see as we move forward 🙁

The above tutorial was good except that they claimed there was an ‘add drop table’ option in their screenshot example but it wasn’t there.  They also didn’t mention that you have to choose ‘custom’ instead of ‘quick’ in order to view those options.  And it turns out that the ‘add drop table’ option is just a recommended feature to add in while exporting which I chose to do.  Otherwise, click ‘go’ and it worked. I have an .sql file on my hard drive now.

I think I’ve now backed everything up, but now I have to try to move it onto another server to test it out.  Hopefully I will have a link to that tutorial soon but for now, stand by.

 

 

 

 

 

Categories
Freedom and Privacy Technology Tutorial Ubuntu

How to Do Let’s Encrypt in Cpanel with Shared Hosting

Did Green Geeks (www.greengeeks.com) not want to help you get Let’s Encrypt working in your Cpanel even though it works in cpanel?  You aren’t alone.  But we can take matter into our own hands, you know.

The tutorial I’m going to share is awesome. It’s pretty much what I based everything on and of course my experience of just making my own self signed SSL to do the same thing but more home-brew.

TUTORIAL/HOW-TO TO MAKE LET’S ENCRYPT WORK IN CPANEL

His tutorial is great if you’ve worked on servers or command lines for a while, but I wasn’t so smart.  Hopefully my notes will help the less fluent folk accomplish freedom too.

Let me just give a few side notes to help someone as they do this:

Before beginning, in your terminal, you will need to:

sudo apt-get install git

  • steps 6 and 7 – Cpanel help –  Note before beginning! At no point should you ever, ever, press enter on your keyboard while in the terminal because it will force you right back to square one and you’ll have to delete all this great work you are about to do:
    • go to file manager
    • go to public_html directory and click it
    • click ‘create folder‘ with the + icon
    • type ‘.well-known’ (no apostrophes) into the field that says ‘new folder name’
    • in top right settings of your control panel hit the cogwheel and click ‘show hidden files’ or you will not see the .well-known folder you just made
    • go into the .well-known directory and create another directory called ‘acme-challenge‘ and click ‘create new folder’
    • now go inside the ‘acme-challenge’ folder and click the +file button. you will get the file name from your terminal by selecting everything after ‘acme-challenge’ and then using control+shift+C to grab it to clipboard as per this screenshot
    • copy-paste-random-file-name-2
    •  paste it into the file name with control V and ‘create new file’
    • now go back to terminal and grab the next bunch of random strings and copy it to clipboard as you are learning so well to do, young champion as per this screenshot:
    • copy-paste-file-content-from-term-2
    • highlight your newly created pile of randomness in cpanel
    • click the ‘edit’ button top right ish area of the screen and it will give you some warning and you will say ‘uh huh yep’ and click ‘edit’
    • you will now control V paste that bad boy into your file (just into the big white space) and click ‘save changes’ and should see ‘success!” because you deserve success by now, my little cherry cake.
    • click ‘close’.
    • Now you will have to do it again. The tutorial doesn’t say why but I figured it out, by golly.  It’s because you had domain.com and www.domain.com so you have to do two verifications.  If you had a bunch of subdomains, you’d have to do these steps for all of them as well, FYI.  Also, there is no mention about what to do with these random files sitting in these directories in cpanel.  You can delete them after the verification is done.
    • now go back to his original tutorial and start at step 8
    • Note!  The coolest part about this experience is when you get this message at the end: ‘Self-Verify of Challenge Failed”  – so you are like ‘NOOO!” and then what comes a few seconds later in the terminal?  This message:  “Congratulations! Your certificate and chain have been saved at…” which is actually the truth.  And then you are like ‘YAAAAH!!’ So much drama!  So many victory cries!
  • step 9 isn’t as easy as the author lets on.  It’s also a mystery to my why I cannot have permissions with sudo to do this in the command line but it gives permission denied.  I didn’t know there was a permission higher than sudo but….

sudo nautilus yes, but then where?  this screenshot should help

sudo-nautilus-to-etc

Note also typing the first letter of the folder you are searching for will speed things up, like in ‘L’ for ‘letsencrypt’ in the next level 😉

  • Step 11 isn’t easy either as he doesn’t explain how to open with ‘gedit’.  Just right click on the .pem files, then go to ‘open with other applications’ and then ‘show other applications’ and then start typing ‘gedit’ and it should show right up

Now here is the *critical awesomeness* that took 7 hours of my life to learn.  I will never get these hours back so I hope that you will take all the money I didn’t save by spending all the time and get it back out of GreenGeeks who refused to support Let’s Encrypt when at least myself and a few people I referred to Green Geeks asked them if they would help.  This, by the way, was the response we got:

greengeeks

No, you don’t support them.  But because you didn’t support me, I now support them with this blog post.  And for just 5 years of free hosting with the best plan they have, I might be convinced to remove this truth so fewer of your customers find out that they can work around your antics….

Let’s get started taking away those $20 purchases from the Geeks which are Green, shall we, or any of your hosting companies who don’t want to move into the future shall we?

How to Get a Free SSL Cert Working on your Green Geeks Hosting Plan on all your domains with Cpanel

You can create a let’s encrypt certificate for *all* of your shared domains.

Where I lost all my time was where to put the .well-known/acme-challenge in the subdomains and the whole time it was super easy.  You just click in, open the main directory under file manager and create the directories right there at the top level.  That’s it.

Then you go back and create certs for each domain and pop them in by repeating this tutorial.  One for the www and one without.

Done! Now let’s encrypt.