Skip to content

Instantly share code, notes, and snippets.

@iredmail

iredmail/zpush.md

Last active January 22, 2025 01:56
Show Gist options
  • Save iredmail/eeb5b18bb9ca0a55f94048369d7bc001 to your computer and use it in GitHub Desktop.
Save iredmail/eeb5b18bb9ca0a55f94048369d7bc001 to your computer and use it in GitHub Desktop.
Download ZIP
Setup Z-Push (2.7.5) on iRedMail server with SOGo Groupware as caldav and carddav backends
Raw
zpush.md

Z-Push

Goals

  • Replace SOGo ActiveSync by Z-Push.

Known issues

  • If end user already configured MUA as Exchange ActiveSync account with the ActiveSync service offered by SOGo, the account must be re-setup to use Z-Push ActiveSync.

Testing environment

  • Ubuntu 24.04
  • iRedMail 1.7.1
    • Dovecot as IMAP backend
    • SOGo Groupware as caldav and carddav backends.

Steps

  • Create required directories and set owner/group/permission:
mkdir /var/log/z-push /var/lib/z-push
chown www-data:www-data /var/log/z-push /var/lib/z-push
  • Download and install Z-Push:
wget https://github.com/Z-Hub/Z-Push/archive/refs/tags/2.7.5.tar.gz
tar zxf 2.7.5.tar.gz
mv Z-Push-2.7.5/src /opt/www/Z-Push-2.7.5
chown -R root:root /opt/www/Z-Push-2.7.5
chmod -R 0755 /opt/www/zpush
ln -sf /opt/www/Z-Push-2.7.5 /opt/www/zpush
  • /opt/www/zpush/config.php, set TIMEZONE to a proper one, and set BACKEND_PROVIDER to BackendCombined.
    define('TIMEZONE', 'Asia/Shanghai');
    define('BACKEND_PROVIDER', 'BackendCombined');

    // Slightly increase ping interval to reduce server load. Defaults to 30 seconds.
    define('PING_INTERVAL', 60);

    // Slightly reduce max items in one response to reduce tranfer data. Defaults to 512.
    define('SYNC_MAX_ITEMS', 100);
  • /opt/www/zpush/backend/combined/config.php
    public static function GetBackendCombinedConfig() {
        return array(
            'backends' => array(
                'i' => array(
                    'name' => 'BackendIMAP',
                ),
                'd' => array(
                    'name' => 'BackendCardDAV',
                ),
                'c' => array(
                    'name' => 'BackendCalDAV',
                ),
            ),
            'delimiter' => '/',
            'folderbackend' => array(
                SYNC_FOLDER_TYPE_INBOX => 'i',
                SYNC_FOLDER_TYPE_DRAFTS => 'i',
                SYNC_FOLDER_TYPE_WASTEBASKET => 'i',
                SYNC_FOLDER_TYPE_SENTMAIL => 'i',
                SYNC_FOLDER_TYPE_OUTBOX => 'i',
                SYNC_FOLDER_TYPE_TASK => 'c',
                SYNC_FOLDER_TYPE_APPOINTMENT => 'c',
                SYNC_FOLDER_TYPE_CONTACT => 'd',
                SYNC_FOLDER_TYPE_NOTE => 'c',
                SYNC_FOLDER_TYPE_JOURNAL => 'c',
                SYNC_FOLDER_TYPE_OTHER => 'i',
                SYNC_FOLDER_TYPE_USER_MAIL => 'i',
                SYNC_FOLDER_TYPE_USER_APPOINTMENT => 'c',
                SYNC_FOLDER_TYPE_USER_CONTACT => 'd',
                SYNC_FOLDER_TYPE_USER_TASK => 'c',
                SYNC_FOLDER_TYPE_USER_JOURNAL => 'c',
                SYNC_FOLDER_TYPE_USER_NOTE => 'c',
                SYNC_FOLDER_TYPE_UNKNOWN => 'c',
            ),
            'rootcreatefolderbackend' => 'i',
        );
    }
  • /opt/www/zpush/backend/imap/config.php:
    • Note: With port 143 and notls option, z-push may log warning message SECURITY PROBLEM: insecure server advertised AUTH=PLAIN, if this bothers you, please change port number to 993 and replace notls by ssl.
define('IMAP_SERVER', 'localhost');
define('IMAP_PORT', 143);
define('IMAP_OPTIONS', '/notls/norsh/novalidate-cert');
define('IMAP_AUTOSEEN_ON_DELETE', true);
define('IMAP_FOLDER_CONFIGURED', true);
define('IMAP_FOLDER_SPAM', 'JUNK');

define('IMAP_SMTP_METHOD', 'SMTP');

$imap_smtp_params = array(
        'host' => '127.0.0.1',
        'port' => 587,
        'auth' => true,
        'username' => 'imap_username',
        'password' => 'imap_password',
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true,
);
  • /opt/www/zpush/backend/caldav/config.php:
define('CALDAV_PROTOCOL', 'http');
define('CALDAV_SERVER', '127.0.0.1');
define('CALDAV_PORT', '20000');
define('CALDAV_PATH', '/SOGo/dav/%u/Calendar/');
define('CALDAV_PERSONAL', '/SOGo/dav/%u/Calendar/personal/');

define('CALDAV_SUPPORTS_SYNC', true);
  • /opt/www/zpush/backend/carddav/config.php:
define('CARDDAV_PROTOCOL', 'http');
define('CARDDAV_SERVER', '127.0.0.1');
define('CARDDAV_PORT', '20000');
define('CARDDAV_PATH', '/SOGo/dav/%u/Contacts/');
define('CARDDAV_DEFAULT_PATH', '/SOGo/dav/%u/Contacts/personal/');

// Disable global address book.
// define('CARDDAV_GAL_PATH', '/caldav.php/%d/GAL/');
// define('CARDDAV_GAL_MIN_LENGTH', 5);

// SOGo doesn't support sync-collection.
define('CARDDAV_SUPPORTS_SYNC', false);

Update Nginx and php-fpm

Install required php modules:

apt install php-imap php-curl libawl-php php-xml php-ldap php-soap php-mbstring php-intl
  • Edit /etc/php/8.3/fpm/php.ini, update parameter disable_function and remove parse_ini_file.
  • Create /etc/nginx/templates/zpush.tmpl with content below:
location /Microsoft-Server-ActiveSync {
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME /opt/www/zpush/index.php;
    fastcgi_read_timeout 630;
    include /etc/nginx/templates/fastcgi_php.tmpl;
    client_max_body_size 128M;
}
  • Edit /etc/nginx/templates/sogo.tmpl, comment out the location /Microsoft-Server-ActiveSync {...} block. Otherwise Nginx fails to start due to duplicate locations.
  • Edit /etc/nginx/sites-enabled/00-default-ssl.conf, load zpush.tmpl before sogo.tmpl:
    include /etc/nginx/templates/zpush.tmpl;    # <- Add this line.
    include /etc/nginx/templates/sogo.tmpl;
  • Restart nginx and php-fpm services
systemctl restart nginx php8.3-fpm.service

Testing

  • Grab a MUA which supports Exchange ActiveSync and add an email account as ActiveSync account. for example, setup on an iPhone with builtin Mail app.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment