1 WEBCIT for the Citadel System
4 Copyright (C) 1996-2006 by the authors. Portions written by:
15 This program is open source software released under the terms of the GNU
16 General Public License, version 2. Please read COPYING.txt for more
17 licensing information.
19 WebCit bundles the Prototype JavaScript Framework, writen by Sam
20 Stephenson [http://prototype.conio.net]. These components are licensed to
21 you under the terms of an MIT-style license.
23 WebCit bundles the script.aculo.us JavaScript library, written by
24 Thomas Fuchs [http://script.aculo.us, http://mir.aculo.us]. These
25 components are licensed to you under the terms of an MIT-style license.
27 WebCit bundles the TinyMCE text editor, written by Moxiecode Systems AB
28 (http://tinymce.moxiecode.com/tinymce/docs/credits.html). This component
29 is licensed to you under the terms of the GNU Lesser General Public
32 WebCit bundles the Nifty Corners library, written by Alessandro Fulciniti
33 [http://cerca.html.it/cgi-bin/cerca.cgi?q=nifty+corners]. This component
34 is licensed to you under the terms of the GNU General Public License.
36 The Citadel logo was designed by Lisa Aurigemma.
42 Citadel is a sophisticated groupware and BBS package which allows multiple
43 users to simultaneously access the system using a variety of user interfaces.
44 This package (WebCit) is a "middleware" package which presents an HTML/HTTP
45 user interface to the Citadel system.
47 What this means in practice is that after you've installed WebCit, users can
48 access all functions of your system using any web browser. Since this may be
49 the first Citadel experience for many new users, the screens have been designed
50 to be attractive and easy to navigate.
56 Unline some web-based packages, WebCit contains its own standalone HTTP
57 engine. As a result, you can get it running quickly without all that tedious
58 mucking about with Apache configuration files and directories. WebCit is not
59 intended to be a general-purpose web server, however -- it *only* provides a
60 front end to Citadel. If you do not have another web server running, you may
61 run WebCit on port 80; however, if you have Apache or some other web server
62 listening on port 80, you must run WebCit on another port. If you do not
63 specify a port number, WebCit will bind to port 2000.
65 To compile from source, enter the usual commands:
66 ./configure --prefix=/usr/local/webcit [or whatever directory you prefer]
70 Package/Ports Maintainers: to make webcit fit smart into LHFS-ified systems
71 read on at the end of this file, Advanced configure options.
73 Then to initialize it:
77 After running setup, you just point your web browser to whatever port you
82 (or if you specified some other port, such as 2000 in this example...)
84 http://your.host.name:2000
88 The included "setup" program is basically just an installation helper that
89 asks a series of questions and then adds the appropriate line to inittab to
90 start WebCit. For most installations, this will do just fine. If you have
91 special circumstances, or if you'd prefer to configure WebCit manually, you
92 may skip the setup program. Instead, open /etc/inittab and add an entry
95 wc:2345:respawn:/usr/local/webcit/webserver
98 Several command-line options are also available. Here's the usage for
99 the "webserver" program:
101 webserver [-i ip_addr] [-p http_port] [-s] [-t tracefile]
102 [-c] [-f] [remotehost [remoteport]]
106 webserver [-i ip_addr] [-p http_port] [-s] [-t tracefile]
107 [-c] [-f] uds /your/citadel/directory
111 -> ip_addr: the IP address on which you wish your WebCit server to run.
112 You can leave this out, in which case WebCit will listen on all
113 available network interfaces. Normally this will be the case, but if
114 you are running multiple Citadel systems on one host, it can be useful.
115 You can also use this option to run Apache and WebCit on different IP
116 addresses instead of different ports, if you have them available.
118 -> http_port: the TCP port on which you wish your WebCit server to run. If
119 you are installing WebCit on a dedicated server, you can use the
120 standard port 80. Otherwise, if port 80 is already occupied by some
121 other web service (probably Apache), then you'll need to select a
122 different port. If you do not specify a port number, WebCit will attempt
125 -> tracefile: where you want WebCit to log to. This can be a file, a
126 virtual console, or /dev/null to suppress logging altogether.
128 -> The "-c" option causes WebCit to output an extra cookie containing the
129 identity of the WebCit server. The cookie will look like this:
130 Set-cookie: wcserver=your.host.name
131 This is useful if you have a cluster of WebCit servers sitting behind a
132 load balancer, and the load balancer has the ability to use cookies to
133 keep track of which server to send HTTP requests to.
135 -> The "-s" option causes WebCit to present an HTTPS (SSL-encrypted) web
136 service. If you want to do both HTTP and HTTPS, you can simply run two
137 instances of WebCit on two different ports.
139 -> The "-f" option tells WebCit that it is allowed to follow the
140 "X-Forwarded-For:" HTTP headers which may be added if your WebCit service
141 is sitting behind a front end proxy. This will allow users in your "Who
142 is online?" list to appear as connecting from their actual host address
143 instead of the address of the proxy. In addition, the
144 "X-Forwarded-Host:" header from the front end proxy will also be honored,
145 which will help to make automatically generated absolute URL's (for
146 things like GroupDAV and mailing list subscriptions) correct.
148 -> remotehost: the name or IP address of the host on which your Citadel
149 server is running. The default is "localhost".
151 -> remoteport: the port number on which your Citadel server is running.
152 The default is port 504, the IANA-designated standard port for Citadel.
154 -> "uds" is a keyword which tells WebCit that you wish to connect to a
155 Citadel server running on the same computer, rather than using a TCP/IP
156 socket. /your/citadel/directory should be set to the actual name of the
157 directory in which you have Citadel installed
158 (such as /usr/local/citadel). If you run Citadel and WebCit on the same
159 computer, this is recommended, as it will run much faster.
165 WebCit contains graphics, templates, JavaScript code, etc. which are kept
166 in its "static" subdirectory. All site-specific graphics, however, are
167 fetched from the Citadel server.
169 The "images" directory on a Citadel system contains these graphics. The
170 ones which you may be interested in are:
172 -> background.gif: a background texture displayed under all web pages
173 -> hello.gif: your system's logo. It is displayed along with the logon
174 banner, and on the top left corner of each page.
176 If you would like to deploy a "favicon.ico" graphic, please put it in
177 the static/ directory. WebCit will properly serve it from there.
183 WebCit contains support for calendaring and scheduling. In order to use it
184 you must have libical v0.26 (or newer) on your system. You must also be
185 running a Citadel server with calendaring support. The calendar service will
186 be automatically configured and installed if your host system supports it.
188 WebCit also provides iCalendar format free/busy data for calendar clients.
189 Unlike with some other servers, there is no need for each user to "publish"
190 free/busy data -- it is generated on-the-fly from the server-side calendar
191 of the user being queried.
194 HTTPS (encryption) SUPPORT
195 --------------------------
197 WebCit now supports HTTPS for encrypted connections. When a secure server
198 port is specified via the "-s" flag, an HTTPS service is enabled.
200 The service will look in the "keys" directory for the following files:
202 citadel.key (your server's private key)
203 citadel.csr (a certificate signing request)
204 citadel.cer (your server's public certificate)
206 If any of these files are not found, WebCit will first attempt to link to the
207 SSL files in the Citadel service's directory (if Citadel is running on the
208 same host as WebCit), and if that does not succeed, it will automatically
209 generate a key and certificate.
211 It is up to you to decide whether to use an automatically generated,
212 self-signed certificate, or purchase a certificate signed by a well known
216 INTEGRATING INTO APACHE
217 -----------------------
219 It is best to run WebCit natively on its own HTTP port. If, however, you wish
220 to have WebCit run as part of an Apache web server installation (for example,
221 you only have one IP address and you need to stay on port 80 or 443 in order to
222 maintain compatibility with corporate firewall policy), you can do this with
223 the "mod_proxy" Apache module.
225 The preferred way to do this is to configure a NameVirtualHost for your WebCit
226 installation (for example, http://webcit.example.com) and then proxy that
227 virtual host through to WebCit. The alternative way, which does work but is not
228 quite as robust, is to "mount" the WebCit paths as directory aliases to your
231 Here is how to configure the NameVirtualHost method:
233 <VirtualHost mydomain.com:443>
234 #here some of your config stuff like logging, serveradmin...
235 NameVirtualHost www.mydomain.com
239 ProxyPass / http://127.0.0.1:2000/
240 ProxyPassReverse / http://127.0.0.1:2000/
241 # The following line is optional. It allows WebCit's static content
242 # such as images to be served directly by Apache.
243 alias /static /var/lib/citadel/www/static
246 Here is how to configure the "subdirectory" method:
248 <VirtualHost mydomain.com:443>
249 #here some of your config stuff like logging, serveradmin...
250 NameVirtualHost www.mydomain.com
260 <location /who_inner_html>
264 ProxyPass /webcit/ http://127.0.0.1:2000/webcit/
265 ProxyPassReverse /webcit/ http://127.0.0.1:2000/webcit/
266 ProxyPass /listsub/ http://127.0.0.1:2000/listsub/
267 ProxyPassReverse /listsub/ http://127.0.0.1:2000/listsub/
268 ProxyPass /groupdav/ http://127.0.0.1:2000/groupdav/
269 ProxyPassReverse /groupdav/ http://127.0.0.1:2000/groupdav/
270 ProxyPass /who_inner_html http://127.0.0.1:2000/who_inner_html
271 ProxyPassReverse /who_inner_html http://127.0.0.1:2000/who_inner_html
272 # The following line is optional. It allows WebCit's static content
273 # such as images to be served directly by Apache.
274 alias /static /var/lib/citadel/www/static
278 ADVANCED CONFIGURE OPTIONS
279 --------------------------
281 If you are building packages and prefer not to have WebCit reside entirely in
282 a single directory, there are several compile-time options available.
284 --with-staticdir defines where webcit should locate and search its templates and images. If you
285 want to go with a different installation location then the point at which it is accessed at runtime,
286 you can use --with-staticrundir. This option is meant to ease your needs if you're going
287 to install the static files as 'examples' in a location like /usr/share/doc/webcit/examples,
288 and enable the user to copy them over to another dir (like /var/lib/citadel/www), where
289 they're accessed at runtime. (The debian instatll scripts provided with this package
290 do this to preserve user changes to the template system, see debian/citadel-webcit.postinstall)
292 Also, there are possibilities to load the TinyMCE editor into a system-wide location. WebCit
293 uses this standard component to compose its messages for messages and postings. Several WebCit installations
294 that may differ in design but use the same TinyMCE (which is the default that WebCit ships with)
295 (set --with-editordir for that, it defaults to the dir the templates go)
301 That's all you need to know to get started. If you have any questions or
302 comments, please visit UNCENSORED! BBS, the home of Citadel, at
303 http://uncensored.citadel.org - and go to the "Citadel Support" room.