configure carbonio cbpolicyd
1. enable carbonio policyd service as zextras
zmprov ms $(zmhostname) +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicyd
2. enable access control for link to policyd
carbonio prov ms `zmhostname` zimbraCBPolicydAccessControlEnabled TRUE
3. edit database configuration as root
nano /opt/zextras/common/share/webui/includes/config.php
then make sure your config similiar like this
#$DB_DSN="mysql:host=localhost;dbname=cluebringer";
$DB_DSN="sqlite:/opt/zextras/data/cbpolicyd/db/cbpolicyd.sqlitedb";
$DB_USER="root";
4. install required apps
apt install apache2 libapache2-mod-php php-sqlite3
5. as root do
sed -i 's/Listen 80/Listen 7780/g' /etc/apache2/ports.conf
ln -s /opt/zextras/common/share/webui /var/www/html/
6. finaly open your policyd
http://your IP:7780/webui/
Ok, this guide is a good start. But did you test this? It needs a few changes:
I edited /etc/apache2/sites-available/000-default.conf and changed the port to 7780 as well, not sure if it works otherwise...
I like ssl so I enabled default.ssl.conf after changing the ports as well (I picked 7743, you can choose anything that's not in use by Carbonio)
a2ensite default-ssl.conf a2enmod ssl
Now when you try to reach the webui and click anything you will get a database error, of course, as Apache2 runs as www-data by default and can't read the sqlite files. The easiest method is to change the user Apache2 runs with into 'zextras', change it in /etc/apache2/envvars. I reckon adding www-data to the zextras group and modifying the permissions on the sqlite files works as well (and might be a bit more secure).
Finally, restart Apache2 (reload should work as well)
service apache2 restart
Now it's worth to mention there's no authentication whatsoever so either you need to configure basic auth OR just shut the firewall on this service when you don't use it. Actually, I would shut down apache2 when you don't need this policy editor.