Installed RainLoop for Webmail


This afternoon I decided that it would be nice to have webmail access for my personal email setup in case I am in an area where all I can use is a publicly available computer. Normally I am an experienced Roundcube user and I liked its minimalistic look very much but I happened upon RainLoop quite by accident. Now both RainLoop and Roundcube use PHP and I was really hoping to not have to go back to using anything with PHP but such as life. Anyhow, I learned of RainLoop from Gilles Chehade, the primary developer of OpenBSD’s OpenSMTPD from his article on how to build a secure email server on OpenBSD. As is typical of OpenBSD developers, the technical documentation is outstandingly clear and complete. Gilles made a cursory mention of two options for webmail and I was curious about RainLoop.

Well, RainLoop won me over after checking the demo out. It’s clean and elegant. Furthermore, setup is a breeze! To get RainLoop working on OpenBSD, you just need the following packages installed: php, php-curl, php-pdo_sqlite, unzip, and curl. Then create a server definition similar to the one below. It’s written for OpenBSD’s httpd which lives in /etc/httpd.conf

server "webmail.goblackcat.com" {
        listen on egress port 80
        block return 302 "https://$SERVER_NAME$REQUEST_URI"
}

server "webmail.example.com" {
        listen on egress tls port 443
        root "/htdocs/rainloop"
        directory index "index.php"

        tcp {nodelay, sack, backlog 10}

        tls {
                certificate "/etc/ssl/example.com.crt"
                key "/etc/ssl/private/example.com.key"
        }

        location "/data/*" {
                block return 403
        }

        location "*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}

The first server definition is simply a redirect from http to https because I am lazy and like having OpenBSD do that for me. The second server definition is for RainLoop itself. OpenBSD httpd proxies PHP requests to the PHP FastCGI daemon, php-fpm, so we specifically have to tell it how to handle files with .php in them. It is possible to communicate with the php-fpm daemon via a TCP listener but a UNIX domain socket is faster and uses less memory for small setups like mine. I have a cloud server with only a 1G of RAM so resources have to be carefully used. Now it’s time to fetch the RainLoop archive.

wget https://www.rainloop.net/repository/webmail/rainloop-latest.zip
unzip rainloop-latest.zip -d /var/www/htdocs/rainloop

Enable the PHP modules by soft-linking them from /etc/php-7.3.sample/ to /etc/php-7.3/. From here it is just a matter of enabling and starting the php-fpm daemon, and if you have not done so already, httpd as well. Browse to https://webmail.example.com/?admin to begin the setup. It is really feature rich!


See also