Rev 23 | Rev 60 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
############################################################### SERVER SETTINGS# IP Address to bind to (0.0.0.0 for ANY)# Set to 127.0.0.1 if connections should only come from localhost# and through the webserver proxyserver_bind = 0.0.0.0# Accept normal TCP connections (not recommended to disable)server_tcp_enabled = yes# Port to bind toserver_tcp_port = 236# Accept unix pipe connections (not recommended to disable)server_pipe_enabled = yes# Unix socket locationserver_pipe_name = /var/run/zarafa# Priority unix socket locationserver_pipe_priority = /var/run/zarafa-prio# Name for identifying the server in a multi-server environmentserver_name = Zarafa# Override the hostname of this server, used by Kerberos SSO if enabledserver_hostname =# Database engine (mysql)database_engine = mysql# Allow connections from normal users through the unix socketallow_local_users = yes# local admin users who can connect to any store (use this for the zarafa-dagent)# field is SPACE separated# eg: local_admin_users = root vmaillocal_admin_users = root zarafa# The user has full rights on a folder by default, uncomment the following line to disable this.# owner_auto_full_access = falseowner_auto_full_access = true# e-mail address of the Zarafa System usersystem_email_address = postmaster@localhost# drop privileges and run the process as this userrun_as_user = zarafa# drop privileges and run the process as this grouprun_as_group = zarafa# create a pid file for stopping the service via the init.d scriptspid_file = /var/run/zarafa-server.pid# run server in this path (when not using the -F switch)running_path = /# create memory coredumps upon crash in the running_path directorycoredump_enabled = yes# session timeout for clients. Values lower than 300 will be upped to 300# automatically. If the server hears nothing from a client in session_timeout# seconds, then the session is killed.session_timeout = 300# Socket to connect to license serverlicense_socket = /var/run/zarafa-licensed# Time (in seconds) to wait for a connection to the license server before# terminating the request.license_timeout = 10# for temporary files# consider mounting a `tmpfs' underneath this path (wherever you# point it to)tmp_path = /tmp############################################################### LOG SETTINGS# Logging method (syslog, file), syslog facility is 'mail'log_method = file# Logfile (for log_method = file, '-' for stderr)log_file = /var/log/zarafa/server.log# Loglevel (0=no logging, 5=full logging)log_level = 2# Log timestamp - prefix each log line with timestamp in 'file' logging modelog_timestamp = 1# Buffer logging in what sized blocks.# Bigger buffers is better for the performance but it gives lag# when running e.g. multitail or 'tail -f' on the log-file. If# you want to directly see what is happing, set this to e.g. 1.# So when debugging: make it a small value, else set it to# 4096 or more.log_buffer_size = 4096############################################################### AUDIT LOG SETTINGS# Audit logging is by default not enabledaudit_log_enabled = no# Audit logging method (syslog, file), syslog facility is 'authpriv'audit_log_method = file# Audit logfile (for log_method = file, '-' for stderr)audit_log_file = /var/log/zarafa/server.log# Audit loglevel (0=no logging, 1=full logging)audit_log_level = 1# Audit log timestamp - prefix each log line with timestamp in 'file' logging modeaudit_log_timestamp = 1############################################################### MYSQL SETTINGS (for database_engine = mysql)# MySQL hostname to connect to for database accessmysql_host = localhost# MySQL port to connect with (usually 3306)mysql_port = 3306# The user under which we connect with MySQLmysql_user = root# The password for the user (leave empty for no password)mysql_password = uwe2592# Override the default MySQL socket to access mysql locally# Works only if the mysql_host value is empty or 'localhost'mysql_socket =# Database to connect tomysql_database = zarafa# Where to place attachments. Value can be 'database' or 'files'attachment_storage = files# Enable fsync as method to make sure attachments are stored on disk where# supported and will not be buffered by OS and/or filesystem. Please note# this setting will lower attachment write performance depending on your# environment but enhances data safety with disaster recovery.# Only affects 'files' attachment storage backend.attachment_files_fsync = yes# When attachment_storage is 'files', use this path to store the filesattachment_path = /var/lib/zarafa# Compression level for attachments when attachment_storage is 'files'.# Set compression level for attachments disabled=0, max=9attachment_compression = 6############################################################### SSL SETTINGS# enable SSL support in serverserver_ssl_enabled = no# Listen for SSL connections on this portserver_ssl_port = 237# Required Server certificate, contains the certificate and the private key partsserver_ssl_key_file = /etc/zarafa/ssl/server.pem# Password of Server certificateserver_ssl_key_pass = replace-with-server-cert-password# Required Certificate Authority of serverserver_ssl_ca_file = /etc/zarafa/ssl/cacert.pem# Path with CA certificates, e.g. /etc/ssl/certsserver_ssl_ca_path =# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'server_ssl_protocols = !SSLv2# SSL ciphers to use, set to 'ALL' for backward compatibilityserver_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL# Prefer the server's order of SSL ciphers over client'sserver_ssl_prefer_server_ciphers = no# Path of SSL Public keys of clientssslkeys_path = /etc/zarafa/sslkeys############################################################### THREAD SETTINGS# Number of server threads# default: 8threads = 8# Watchdog frequency. The number of watchdog checks per second.# default: 1watchdog_frequency = 1# Watchdog max age. The maximum age in ms of a task before a# new thread is started.# default: 500watchdog_max_age = 500# Maximum SOAP keep_alive value# default: 100server_max_keep_alive_requests = 100# SOAP recv timeout value (time between requests)# default: 5server_recv_timeout = 5# SOAP read timeout value (time during requests)# default: 60server_read_timeout = 60# SOAP send timeout value# default: 60server_send_timeout = 60############################################################### OTHER SETTINGS# Softdelete clean cycle (in days) 0=never runningsoftdelete_lifetime = 30# Sync lifetime, removes all changes remembered for a client after x days of inactivitysync_lifetime = 90# Set to 'yes' if all changes (for synchronization) to messages should be logged to the databasesync_log_all_changes = yes# Set to 'yes' if you have Kerberos or NTLM correctly configured for single sign-onenable_sso = no# Set to 'yes' if you want to show the GAB to your usersenable_gab = yes# Authentication can be through plugin (default, recommended), pam or kerberosauth_method = plugin# If auth_method is set to pam, you should provide the pam service namepam_service = passwd############################################################## CACHE SETTINGS## To see the live cache usage, use 'zarafa-stats --system'.# Size in bytes of the 'cell' cache (should be set as high as you can afford to set it)cache_cell_size = 256M# Size in bytes of the 'object' cachecache_object_size = 5M# Size in bytes of the 'indexed object' cachecache_indexedobject_size = 16M# Size in bytes of the userquota detailscache_quota_size = 1M# Lifetime for userquota detailscache_quota_lifetime = 1# Size in bytes of the acl cachecache_acl_size = 1M# Size in bytes of the store id/guid cachecache_store_size = 1M# Size in bytes of the 'user id' cache (this is allocated twice)cache_user_size = 1M# Size in bytes of the 'user details' cachecache_userdetails_size = 25M# Lifetime for user detailscache_userdetails_lifetime = 0# Size in bytes of the server details (multiserver setups only)cache_server_size = 1M# Lifetime for server details (multiserver setups only)cache_server_lifetime = 30############################################################### QUOTA SETTINGS# The default Warning Quota Level. Set to 0 to disable this level.# The user will receive an email when this level is reached. Value is in Mb. Default value is 0.quota_warn = 0# The default Soft Quota Level. Set to 0 to disable this level.# The user will still receive mail, but sending new mail is prohibited, until objects are removed from the store.# VALUE is in Mb. Default value is 0.quota_soft = 0# The default Hard Quota Level. Set to 0 to disable this level.# The user can not receive and send mail, until objects are removed from the store.# Value is in Mb. Default value is 0.quota_hard = 0# The default Warning Quota Level for multitenant public stores. Set to 0 to disable this level.# The tenant administrator will receive an email when this level is reached. Value is in Mb. Default value is 0.companyquota_warn = 0############################################################### USER PLUGIN SETTINGS# Name of the plugin that handles users# Required, default = db# Values: ldap, unix, db, ldapms (available in enterprise license)user_plugin = db# configuration file of the user plugin, examples can be found in /usr/share/doc/zarafa/example-configuser_plugin_config = /etc/zarafa/ldap.cfg# location of the zarafa plugins# if you have a 64bit distribution, this probably should be changed to /usr/lib64/zarafaplugin_path = /usr/lib64/zarafa# scripts which create stores for users from an external source# used for ldap and unix plugins onlycreateuser_script = /etc/zarafa/userscripts/createuserdeleteuser_script = /etc/zarafa/userscripts/deleteusercreategroup_script = /etc/zarafa/userscripts/creategroupdeletegroup_script = /etc/zarafa/userscripts/deletegroupcreatecompany_script = /etc/zarafa/userscripts/createcompanydeletecompany_script = /etc/zarafa/userscripts/deletecompany# Set this option to 'yes' to skip the creation and deletion of new users# The action will be logged, so you can see if your changes to the plugin# configuration are correct.user_safe_mode = no############################################################### MISC SETTINGS# Thread size in KB, default is 512# WARNING: Do not set too small, your server WILL crashthread_stacksize = 512# Enable multi-tenancy environment# When set to true it is possible to create tenants within the# zarafa instance and assign all users and groups to particular# tenants.# When set to false, the normal single-tenancy environment is created.enable_hosted_zarafa = false# Enable multi-server environment# When set to true it is possible to place users and tenants on# specific servers.# When set to false, the normal single-server environment is created.enable_distributed_zarafa = false# Display format of store name# Allowed variables:# %u Username# %f Fullname# %c Teantname# default: %fstorename_format = %f# Loginname format (for Multi-tenancy installations)# When the user does not login through a system-wide unique# username (like the email address) a unique name is created# by combining the username and the tenantname.# With this configuration option you can set how the# loginname should be built up.## Note: Do not use the = character in the format.## Allowed variables:# %u Username# %c Teantname## default: %uloginname_format = %u# Set to yes for Windows clients to be able to download the latest# Zarafa Outlook client from the Zarafa serverclient_update_enabled = false# Place the correct Zarafa Outlook Client in this directory for# Windows clients to download through the Zarafa serverclient_update_path = /var/lib/zarafa/client# Recieve update information from the client (0 = disabled, 1 = only on error, 2 = log always)client_update_log_level = 1# Log location for the client auto update filesclient_update_log_path = /var/log/zarafa/autoupdate# Everyone is a special internal group, which contains every user and group# You may want to disable this group from the Global Addressbook by setting# this option to 'yes'. Administrators will still be able to see the group.hide_everyone = no# System is a special internal user, which has super-admin privileges# You may want to disable this user from the Global Addressbook by setting# this option to 'yes'. Administrators will still be able to see the user.hide_system = yes# Use Indexing service for faster searching.# Enabling this option requires the zarafa-search service to# be running.search_enabled = yes# Path to the zarafa-search service, this option is only required# if the server is going to make use of the indexing service.search_socket = file:///var/run/zarafa-search# Time (in seconds) to wait for a connection to the zarafa-search service# before terminating the indexed search request.search_timeout = 10# Allow enhanced ICS operations to speedup synchronization with cached profiles.# default: yesenable_enhanced_ics = yes# SQL Procedures allow for some optimized queries when streaming with enhanced ICS.# This is default disabled because you must set 'thread_stack = 256k' in your# MySQL server config under the [mysqld] tag and restart your MySQL server.enable_sql_procedures = no# Synchronize GAB users on every open of the GAB (otherwise, only on# zarafa-admin --sync)sync_gab_realtime = yes# Disable features for users. Default all features are disabled. This# list is space separated. Currently valid values: imapdisabled_features = pop3# Maximum number of deferred records in totalmax_deferred_records = 0# Maximum number of deferred records per foldermax_deferred_records_folder = 20# Restrict the permissions that admins receive to folder permissions only. Please# read the server.cfg manpage before enabling this option so you really understand# the implicationsrestrict_admin_permissions = no# The maximum level of attachment recursion; Defines the number of# attachment-in-attachment in-attachment levels are allowed when saving and# replicating objects in the database. If you really want a higher level of# recursion than about 20, you probably have to increase MySQL's stack_size# to allow replication to work properly.embedded_attachment_limit = 20# Header to detect whether a connection has been received through a proxy. The# value of the header is not inspected. If the header exists then the connection# is taken to be received via a proxy. An empty value disables proxy detection# and the value of '*' is used to indicate that all connections are proxiedproxy_header =