Tine 2.0

Tine 2.0 – #1 The Installation

First of all it’s pretty easy and in this guide I’ll mention all important steps to succeed and avoid all known pitfalls. Second of all, this guide represents a best practise installation of Tine 2.0 and you should be able to achieve best results with this guide.

Please keep in mind, that you and only you are in charge of your installation. You are responsible for reliability and safety. If you don’t comply with that you should consider to use a hosted solution!

This guide was last updated at 26th February, 2018.

Changes:
26.02.2018 – Add Cron Job – thanks estradis

Requirements

Tine 2.0 is a PHP based application which runs great with just a MariaDB. But you clearly improve your experience with setting up Redis as a session storage, cache and queue worker.

I hereby suggest PHP 7 or higher due to it’s performance improvements.

Tine 2.0 runs great with PHP 5.5 + but  7.0+ is a better choice.

For PHP you’d like to make sure, that you have the following extensions enabled: ctype, date, xml, dom, SimpleXML, gd, hash, iconv, json, mysql, pdo_mysql, SPL and zip. Those packages are pretty common and should be available on all linux distributions.

Tine 2.0 is optimised for Mysql/MariaDB, I wouldn’t suggest to use PostgreSQL or Oracle, especially because the PostgreSQL support is about to be probably dropped in the future and a migration is not that easy.

The best experience can be achieved with MariaDB 5.5.4+. We are using some features of 5.5.4, if you don’t have or your provider doesn’t support it, it’s not a game breaker, but the fallbacks are less performant.

About the webserver, nginx or apache2 are both working great and the important rewrite rules are available for both. This is just up to you!

Find the right package

All packages can be found on Github, the most relevant package is called All-in-One and ships the whole thing like Addressbook, Calendar, Mail and even more. Literally everything a groupware should offer.

We also have repositories for some distributions, I personally prefer the manual installation which is describe in this guide.

Preparing the setup

At this point I assume that you have a running server, with properly configured database, web server and application server.

Tine 2.0 need some rewrite rules to support activesync and *dav.

For apache2 put this into your  .htaccess file:

 

For nginx you need to put it into your host configuration:

This is the minimal config for nginx, you can tune nginx a lot of improve the performance of Tine 2.0! But that’s up to you.

The next step is to unzip the All-in-One package into your webroot.

The setup

This step expects your web server to be set up with all required rewrite rules as well as database server and redis (optional). 

Tine 2.0 needs some folders writable to fully operate. This folders are cache, files, session and temp. All these folders shouldn’t be accessible from the web. Only your application server needs to write and read there.

cache and session can be replaced by redis which improves the overall experience a lot!

Exposing those folders to the web can cause severe vulnerabilities to your installation. I suggest to place them somewhere out of your web root.

For example you can create a dedicated folder for Tine 2.0 in /srv or somewhere else and make it write and readable only to your application server which is php-fpm in best case.

You’ll find a file called config.inc.php.dist in your webroot, you need to rename it to config.inc.php to proceed. Once done you edit it and fill any username and password for the Tine 2.0 setup interface. Keep in mind, that the setup page will be available after installation and you should chose a good password.

Fig 1. Tine 2.0 Setup Login

Once done navigate with your web browser to https://<your url>/setup.php. You should be able to see a login like in Fig 1.

Once logged in you need to accept the terms and conditions to proceed. On the next page Tine 2.0 will check your server installation for compatibility. If everything is green you should be able to proceed.

The configuration

Tine 2.0 offers many configuration options and some of them are more important than others. At this point we’ll go through the more important and useful settings.

Config Manager

Fig 2. Config Manager example

What you need to configure is:

  • Database
  • Caching
  • Session
  • Temporary files
  • Filestore directory

What you can configure is:

  • Logging
  • Queue

I would suggest you to configure queue as well, it can improve the userexperience and improves the performance! To use the queuing feature in Tine 2.0 you need a redis server.

Attention: The queue worker requires an additional worker running on your server which is not covered by this tutorial yet!

In theory there is no real need to set a session path, PHP should know itself where to store them. But I had problems without an explicit session path.

If you decided to use redis, you should set caching and session to redis otherwise you should find a save place on yo

ur server and create folders for caching, temporary files and filestore directory. Make sure those folders are writable by the application server and are not exposed to the www.

Authentication/Accounts

Fig 3. Authentication/Accounts example

Tine 2.0 is mighty. Really. Tine 2.0 can integrate into several authentication backends and is able to interact with your mailserver. I won’t cover all of those aspects in this tutorial.

Important sections are Authentication provider and Accounts storage, first one decides if the login is valid and second one where the accounts are stored. I use IMAP as an authentication provider but Tine 2.0 can also use itself. Most people would like to set both to SQL and just proceed.

IMAP becomes interesting if you run Tine 2.0 for example for your family and everyone has a family mail account. Or same with a small company.

In case you have LDAP you can also set both to LDAP which might be cool for companies.

Asynchronous jobs

Some features require a cron job to work properly. For example some calendar notifications using the cron to mail users.

The cron job:

Please make sure, that the paths are matching your installation!

Email

Fig 4. Email example

You should fill SMTP and IMAP with mailserver information, Tine 2.0 will use it to send event invitations and so on!

Use system account comes handy when you have one mail account per user and all have the same mail server. When set to true, all your users will have a fixed mail account. That’s super useful for when you don’t want to set up all user profiles yourself.

In case your mail server provides sieve, you can set it up as well. Tine 2.0 offers a sieve client for all users, so they are able to define vacation notices and server sided filter rules.

Application manager

Now it’s your turn to decide which applications you like to have. I would suggest for a fully featured setup:

  • Addressbook
  • Calendar
  • ActiveSync
  • Felamimail
  • Filemanager

And congratulations you are done. No have fun and enjoy Tine 2.0! 🙂

Seek help or want to contribute?

There is a community page with all relevant resources! 🙂

Comments (11)

    • Not really. Nginx is usually already the boost you are looking for. The biggest gains are proper fpm settings depending on the hardware (nothing Tine 2.0 specific here) as well as a recent MariaDB.

  1. Following your guide and your nginx config, our Apple users are no longer able to access their calendars. The apple calendar app insists that the calendar url is not valid and would return a 404 but when opening the url in a browser, it works fine. Is this a known issue?

    • Hm, odd, just tested it by setting it up in calendar app and it worked.
      That’s my full nginx config:

  2. Vielen Dank für die Infos (wenn auch leider nur auf englisch). Und dann, nach dem Setup, wo werden denn die Benutzer angelegt? Zudem wäre spannend zu wissen, wie denn die Rechte für Verzeichnisse und Ordner sein müssen, z. B. 604 oder 705 oder 744 (das steht auch nicht auf der offiziellen Tine-Webseite). Gruß vom Heiner

    • Hallo Heiner,

      im Setup definierst du einen Admin-Benutzer, mit diesem kannst du dich anmelden und dann unterhalb der Admin-Anwendung, weitere Benutzer anlegen und auch deren Rechte verwalten. Die angelegten Benutzer werden dann in der Datenbank abgelegt. Du kannst allerdings auch LDAP verwenden!

      Für Schreibrechte gibt es keine Anleitung, weil es kein richtig oder falsch gibt, es hängt sehr von deinem Setup ab was sicher und was nicht sicher wäre bzw. gut wäre. Die Rechte müssen so sein, dass der PHP Prozess auf alle Tine 2.0 Dateien zugreifen kann, ebenfalls muss PHP auf Cache, Files etc., die du im Setup definiert hast, zugreifen dürfen. Der Webserver selbst verteilt den statischen Inhalt wie z.B. JavaScript Dateien und Assets wie Icons, Bilder etc. sollte also auf die Tine 2.0 Sources lesen dürfen. Schreiben muss der Webserver selbst gar nicht, es sei denn, du verwendest Apache2 mit mod_php, dieser läuft dann unter dem gleichen Benutzer. Ich selbst verwende fpm und erlaube dem fpm auf meine Tine 2.0 relevanten Dateien zu lesen und zu schreiben.

      Vielleicht verstehst du nun, warum es dafür keine allgemeine Anleitung gibt. Das Setup prüft allerdings ob die notwendigen Ordner beschrieben werden können. Was du auf keinen Fall zulassen solltest ist, dass von außen Ordner für Cache, Files, Temp und auch Session ausgelesen werden können, den dort liegen sensible Daten!

      Ich hoffe dir hilft das etwas, dir ein besseres Bild von der Materie zu machen.

      Viele Grüße
      Misha

      • Danke Misha, für die Infos zu den Schreibrechten!

        Der Admin-Benutzer imS etup kann allerdings nicht eingetragen werden, die drei Felder unter “Initialer Admin-Benutzer” …

        Initialer Admin Loginname:
        Initiales Admin Password:
        Passwort Bestätigung:

        … können nicht beschrieben/gefüllt werden. Deshalb auch meine Frage nach den Schreibrechten, die ggf. (und wo?) geändert werden müssen.

        Gruß, Heiner

        • Hallo Heiner,

          die sind ausgegraut wenn Tine 2.0 bereits installiert ist. Die Benutzerführung ist da nicht ganz eindeutig…
          Was gehen sollte wäre die setup cli. Bspw: php setup.php --create_admin, dann musst du nur einen Benutzernamen und ein Passwort angeben! 🙂

          Vg
          Misha

          • Danke für Deine Antwort.

            Eine CLI (vermutlich ist Command Line gemeint) steht mir nicht zur Verfügung. Gerne würde ich die Installation (FTP) hier auf dem 1und1-Webserver abschließen.

            Wo kann der “Initiale Admin-Benutzer” eingetragen werden?

            Gruß, Heiner

          • Hallo Heiner,

            jetzt verstehe ich das Problem. Das einfachste wäre, alle Tabellen löschen und im Anschluss die setup.php aufrufen und dieses mal den initialen Admin-Benutzer mit ausfüllen bevor du auf installieren klickst! Dann kannst du dich ganz normal mit diesem Benutzer im Frontend anmelden und von dort aus natürlich weitere Benutzer anlegen.

            Vg
            Misha

Leave a Reply

Your email address will not be published. Required fields are marked *

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close