Hello,
Like most web applications, roundcube is intended to be used on a
single machine.
In a high load environment, simple LVS source ip balancing may not be
enough to simply dispatch evenly end users to several roundcube
instances.
I happen to have a situation where many customers (multiple 10s if not
100s) are logging in all at once and using the same proxy server,
hence all hitting the same backend roundcube machine.
It may be possible to get around this problem using a shared DB for
the session and use an NFS partition for the upload folder, but it
then creates single points of failure (and I happen to already have
some nginx reverse proxy installed).
In order to perform per user balancing of request, ticket 1485721 [1]
contains a small patch [2] to roundcube to add a new cookie to the
roundcube session.
This cookie can be used by nginx (for example) to perform a layer 7
routing of the request, an example of such configuration is attached
to the ticket [3]
This patch is used in production and is as harmless as harmless can
be. It does not change anything used by roundcube itself.
I would be interrested in hearing any comment the list may have about
it.
Another benefit for me is that it allowed me to go from an active/
passive lvs setup to an active/active one (using wackamole [4])
Regards,
Thomas Mangin
[1] http://trac.roundcube.net/ticket/1485721
[2] http://trac.roundcube.net/attachment/ticket/1485721/roundcube-nginx-cluster…
[3] http://trac.roundcube.net/attachment/ticket/1485721/nginx-config-example.txt
[4] http://packages.ubuntu.com/hardy/net/wackamole
_______________________________________________
List info: http://lists.roundcube.net/dev/
Cor,
>> I am not exactly sure what you are referring to when speaking of
>> the SSL Session ID but AFAIU the information would be encrypted
>> (assuming the web server perform is running SSL) and not available
>> on the proxy.
>
> It must be possible somehow, as our hardware based loadbalancers do
> it as well.
I understand now that your load balancer is as well your SSL
accelerator. In that scenario, it makes sense.
I may wait for NGINX to add the feature :) or just use Pound which
seems to have it as well (never noticed it was there before).
>> It's extremely easy in your case. Just grab a small plugin example
>> from SVN. Then change the hooks to login_after and login_failed.
>> As a source patch, add a hook for logout and call that hook in your
>> plugin as well. (but I wouldnt be surprised if a logout hook would
>> show up soon in SVN, as it seems really useful for other plugins).
>
> Just read a bit here:
>
> http://trac.roundcube.net/wiki/Doc_Plugins and here: http://trac.roundcube.net/wiki/Plugin_Hooks
Thanks, if I can do it without having to patch the code and use the
provided API - I will do so (when I have time) and just then post the
result.
I can live with my patch for the time being.
> I dont have a need for this plugin, and I really doubt many people
> do. But you can do it, its not hard. We use Foundry hardware
> loadbalancers, which I agree with Till is a better solution for this
> problem. Then again, we may be a little bigger, so its easier to
> justify the costs.
I know about them, they are not a bad product but the cost does not
justify a purchase for my usage when I can perform the same in
software without CAPEX atm.
Citrix Netscaler AS 7000 are supposed to be good as well.
I will take from this discussion that you/the roundcube team are not
really interested in merging this patch.
Could someone close the ticket in that case as I am not able to do it.
Thank you to everyone for your time in answering me and all the
information shared.
Thomas
_______________________________________________
List info: http://lists.roundcube.net/dev/
Hi Cor,
> Can't you use SSL Session ID to do loadbalancing? Assuming you force
> SSL on everyone.
I am not exactly sure what you are referring to when speaking of the
SSL Session ID but AFAIU the information would be encrypted (assuming
the web server perform is running SSL) and not available on the proxy.
I do force SSL on everyone neither at the moment (but the idea is
attractive to prevent dead-broken proxies caching the JS badly and
causing grief to my users on upgrade). Furthermore, I am using NGINX
to perform the HTTPS encapsulation (which mean that the cookie trick
works even with SSL).
> It should be possible to use the API. If I look at your patch, you
> can do
> your set_backend() in the API call login_after.
> You can use login_failed for one of your kill_backend() calls, but
> the other 2 would need an added api hook. I think we might want api
> hooks there anyways, so one can always clean up after a plugin in
> case a user disappears. I think a 'logout' api hook would be very
> welcome.
Thank you for giving me more details, about how it could be done. I
have a very limited understanding of roundcube internals (only what
was necessary to write the patch).
You most likely know better than I do what can and can not be done and
if so and you think it is the way forward, feel free to change my code
all together if you feel inclined to.
My interest is in not supporting any out-of-tree patches on my
installation :)
> I dont think you'd need one in the session loss code. If they lose
> their session they re-login and a new cookie would get set in
> set_backend().
Make sense.
Thomas
_______________________________________________
List info: http://lists.roundcube.net/dev/
Hi,
I’ve attached an updated Swedish localization of labels.inc.
Regards,
Jonas Nasholm
Bitfuse Network
--- 8< --- detachments --- 8< ---
The following attachments have been detached and are available for viewing.
http://detached.gigo.com/rc/FJ/3ZOP2XoO/sv_SE.zip
Only click these links if you trust the sender, as well as this message.
--- 8< --- detachments --- 8< ---
_______________________________________________
List info: http://lists.roundcube.net/dev/
I updated my local development branch to the current trunk release, and I
noticed an odd change with one of my plugins. The plugin was developed to
keep the prying eyes of the public away from the at times unstable
development branch of roundcube that I am using. The following is the
paraphrased version of the plugin:
class foobar extends rcube_plugin
{
function init()
{
$this->add_hook('list_mailboxes', array($this, 'check_access'));
}
function check_access($args)
{
$rcmail = rcmail::get_instance();
list ($uid, $host) = split("@", $rcmail->user->get_username());
if ( !in_array($uid, $this->allow_list))
{
$rcmail->output->command('display_message', $this->gettext('unauth'),
'error');
$rcmail->logout_actions();
$rcmail->kill_session();
}
return $args;
}
}
What changed is that the forced logout action no longer occurs. Any
insight into why?
--
Robert King
System Administrator
Computing & Communications
Memorial University
_______________________________________________
List info: http://lists.roundcube.net/dev/
Hi Chris,
the Message Highlight Plugin works fine and is a
important and nice Feature, some little Labels
are only in french and in the color picker only in
english and the Button add to new Message Highlight
Rules use the Label from Add new Identity a better
solution are New Message Highlight or Rule.
Many thanks for this plugin
Eric
_______________________________________________
List info: http://lists.roundcube.net/dev/
Cor,
> Couldnt you do all of this in a plugin using the API. Possibly
> adding some hooks in places you need them. The more hooks the
> merrier imho.
Thank you for the idea but I doubt it would work. I need to set the
cookie on login and invalidate it when the session is killed BUT NOT
when the 302 redirect is sent back on login.
Anyone please feel free to let me know if I am mistaken.
Regards,
Thomas
_______________________________________________
List info: http://lists.roundcube.net/dev/
How does the show_message/display_message key value replacement function
operate?
I've been trying the following:
$rcmail->output->command(
'display_message', $this->gettext('offline'), 'error', array('reason' =>
'maintenance' ));
with the localization string:
$labels['offline'] =
"Webmail is currently unavailable due to $reason.";
How do I link the
replacement value from my localization string and the call to
display_message?
--
Robert King
System Administrator
Computing &
Communications
Memorial University
_______________________________________________
List info: http://lists.roundcube.net/dev/
Hi all,
I've integrated the RC in my crm. I'd like to send an email with attachment
directly from the crm. There is some pages to call appending the binary of
file to attach and the To mail address?
My crm was developed in c#.
Thanks for any ideas.
--
Sandro Pazzi
IdWeb s.r.l.
Viale Romagna 69/A - 06012 Citta' di Castello (PG)
Tel. 075 851 97 28
Fax 075 851 97 30
_______________________________________________
List info: http://lists.roundcube.net/dev/
Hi all,
I notice that in FF the move to dropdown go over the icon of a plugin after
double click on message.
Thanks
--
Sandro Pazzi
IdWeb s.r.l.
Viale Romagna 69/A - 06012 Citta' di Castello (PG)
Tel. 075 851 97 28
Fax 075 851 97 30
_______________________________________________
List info: http://lists.roundcube.net/dev/