Dev May 2009

dev@lists.roundcube.net

36 participants
65 discussions

proposed patch to allow Layer 7 (per user) balancing of roundcube traffic
by Thomas Mangin 09 May '09

09 May '09

Hello, Like most web applications, roundcube is intended to be used on a single machine. In a high load environment, simple LVS source ip balancing may not be enough to simply dispatch evenly end users to several roundcube instances. I happen to have a situation where many customers (multiple 10s if not 100s) are logging in all at once and using the same proxy server, hence all hitting the same backend roundcube machine. It may be possible to get around this problem using a shared DB for the session and use an NFS partition for the upload folder, but it then creates single points of failure (and I happen to already have some nginx reverse proxy installed). In order to perform per user balancing of request, ticket 1485721 [1] contains a small patch [2] to roundcube to add a new cookie to the roundcube session. This cookie can be used by nginx (for example) to perform a layer 7 routing of the request, an example of such configuration is attached to the ticket [3] This patch is used in production and is as harmless as harmless can be. It does not change anything used by roundcube itself. I would be interrested in hearing any comment the list may have about it. Another benefit for me is that it allowed me to go from an active/ passive lvs setup to an active/active one (using wackamole [4]) Regards, Thomas Mangin [1] http://trac.roundcube.net/ticket/1485721 [2] http://trac.roundcube.net/attachment/ticket/1485721/roundcube-nginx-cluster… [3] http://trac.roundcube.net/attachment/ticket/1485721/nginx-config-example.txt [4] http://packages.ubuntu.com/hardy/net/wackamole _______________________________________________ List info: http://lists.roundcube.net/dev/

4 8

Re: [RCD] proposed patch to allow Layer 7 (per user) balancing of roundcube traffic
by Thomas Mangin 08 May '09

08 May '09

Cor, >> I am not exactly sure what you are referring to when speaking of >> the SSL Session ID but AFAIU the information would be encrypted >> (assuming the web server perform is running SSL) and not available >> on the proxy. > > It must be possible somehow, as our hardware based loadbalancers do > it as well. I understand now that your load balancer is as well your SSL accelerator. In that scenario, it makes sense. I may wait for NGINX to add the feature :) or just use Pound which seems to have it as well (never noticed it was there before). >> It's extremely easy in your case. Just grab a small plugin example >> from SVN. Then change the hooks to login_after and login_failed. >> As a source patch, add a hook for logout and call that hook in your >> plugin as well. (but I wouldnt be surprised if a logout hook would >> show up soon in SVN, as it seems really useful for other plugins). > > Just read a bit here: > > http://trac.roundcube.net/wiki/Doc_Plugins and here: http://trac.roundcube.net/wiki/Plugin_Hooks Thanks, if I can do it without having to patch the code and use the provided API - I will do so (when I have time) and just then post the result. I can live with my patch for the time being. > I dont have a need for this plugin, and I really doubt many people > do. But you can do it, its not hard. We use Foundry hardware > loadbalancers, which I agree with Till is a better solution for this > problem. Then again, we may be a little bigger, so its easier to > justify the costs. I know about them, they are not a bad product but the cost does not justify a purchase for my usage when I can perform the same in software without CAPEX atm. Citrix Netscaler AS 7000 are supposed to be good as well. I will take from this discussion that you/the roundcube team are not really interested in merging this patch. Could someone close the ticket in that case as I am not able to do it. Thank you to everyone for your time in answering me and all the information shared. Thomas _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Re: [RCD] proposed patch to allow Layer 7 (per user) balancing of roundcube traffic
by Thomas Mangin 08 May '09

08 May '09

Hi Cor, > Can't you use SSL Session ID to do loadbalancing? Assuming you force > SSL on everyone. I am not exactly sure what you are referring to when speaking of the SSL Session ID but AFAIU the information would be encrypted (assuming the web server perform is running SSL) and not available on the proxy. I do force SSL on everyone neither at the moment (but the idea is attractive to prevent dead-broken proxies caching the JS badly and causing grief to my users on upgrade). Furthermore, I am using NGINX to perform the HTTPS encapsulation (which mean that the cookie trick works even with SSL). > It should be possible to use the API. If I look at your patch, you > can do > your set_backend() in the API call login_after. > You can use login_failed for one of your kill_backend() calls, but > the other 2 would need an added api hook. I think we might want api > hooks there anyways, so one can always clean up after a plugin in > case a user disappears. I think a 'logout' api hook would be very > welcome. Thank you for giving me more details, about how it could be done. I have a very limited understanding of roundcube internals (only what was necessary to write the patch). You most likely know better than I do what can and can not be done and if so and you think it is the way forward, feel free to change my code all together if you feel inclined to. My interest is in not supporting any out-of-tree patches on my installation :) > I dont think you'd need one in the session loss code. If they lose > their session they re-login and a new cookie would get set in > set_backend(). Make sense. Thomas _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Updated Swedish localization of labels.inc
by Jonas Nasholm 07 May '09

07 May '09

Hi, I’ve attached an updated Swedish localization of labels.inc. Regards, Jonas Nasholm Bitfuse Network --- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/FJ/3ZOP2XoO/sv_SE.zip Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< --- _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Strange behavior change with 0.3 trunk
by Robert King 07 May '09

07 May '09

I updated my local development branch to the current trunk release, and I noticed an odd change with one of my plugins. The plugin was developed to keep the prying eyes of the public away from the at times unstable development branch of roundcube that I am using. The following is the paraphrased version of the plugin: class foobar extends rcube_plugin { function init() { $this->add_hook('list_mailboxes', array($this, 'check_access')); } function check_access($args) { $rcmail = rcmail::get_instance(); list ($uid, $host) = split("@", $rcmail->user->get_username()); if ( !in_array($uid, $this->allow_list)) { $rcmail->output->command('display_message', $this->gettext('unauth'), 'error'); $rcmail->logout_actions(); $rcmail->kill_session(); } return $args; } } What changed is that the forced logout action no longer occurs. Any insight into why? -- Robert King System Administrator Computing & Communications Memorial University _______________________________________________ List info: http://lists.roundcube.net/dev/

1 2

Message Highlighting Plugin - Initial comments welcome
by Eric Appelt 07 May '09

07 May '09

Hi Chris, the Message Highlight Plugin works fine and is a important and nice Feature, some little Labels are only in french and in the color picker only in english and the Button add to new Message Highlight Rules use the Label from Add new Identity a better solution are New Message Highlight or Rule. Many thanks for this plugin Eric _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Re: [RCD] proposed patch to allow Layer 7 (per user) balancing of roundcube traffic
by Thomas Mangin 06 May '09

06 May '09

Cor, > Couldnt you do all of this in a plugin using the API. Possibly > adding some hooks in places you need them. The more hooks the > merrier imho. Thank you for the idea but I doubt it would work. I need to set the cookie on login and invalidate it when the session is killed BUT NOT when the 302 redirect is sent back on login. Anyone please feel free to let me know if I am mistaken. Regards, Thomas _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

show_message/display_message key value replacement
by Robert King 06 May '09

06 May '09

How does the show_message/display_message key value replacement function operate? I've been trying the following: $rcmail->output->command( 'display_message', $this->gettext('offline'), 'error', array('reason' => 'maintenance' )); with the localization string: $labels['offline'] = "Webmail is currently unavailable due to $reason."; How do I link the replacement value from my localization string and the call to display_message? -- Robert King System Administrator Computing & Communications Memorial University _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Integration
by Sandro Pazzi 05 May '09

05 May '09

Hi all, I've integrated the RC in my crm. I'd like to send an email with attachment directly from the crm. There is some pages to call appending the binary of file to attach and the To mail address? My crm was developed in c#. Thanks for any ideas. -- Sandro Pazzi IdWeb s.r.l. Viale Romagna 69/A - 06012 Citta' di Castello (PG) Tel. 075 851 97 28 Fax 075 851 97 30 _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

Little Bug in visualization of message
by Sandro Pazzi 05 May '09

05 May '09

Hi all, I notice that in FF the move to dropdown go over the icon of a plugin after double click on message. Thanks -- Sandro Pazzi IdWeb s.r.l. Viale Romagna 69/A - 06012 Citta' di Castello (PG) Tel. 075 851 97 28 Fax 075 851 97 30 _______________________________________________ List info: http://lists.roundcube.net/dev/

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Dev May 2009