1 WEBCIT for the Citadel System
3 Copyright (C) 1996-2011 by the authors. Portions written by:
17 This program is open source software released under the terms of the GNU
18 General Public License, version 3. Please read COPYING.txt for more
19 licensing information.
21 WebCit bundles the Prototype JavaScript Framework, writen by Sam
22 Stephenson [http://prototype.conio.net]. These components are licensed to
23 you under the terms of an MIT-style license.
25 WebCit bundles the script.aculo.us JavaScript library, written by
26 Thomas Fuchs [http://script.aculo.us, http://mir.aculo.us]. These
27 components are licensed to you under the terms of an MIT-style license.
29 WebCit bundles the TinyMCE text editor, written by Moxiecode Systems AB
30 (http://tinymce.moxiecode.com/tinymce/docs/credits.html). This component
31 is licensed to you under the terms of the GNU Lesser General Public
34 Most of our Icons are taken from the "Essen" set by the people on
35 http://pc.de/icons/. We like to thank them for their astonishing work!
36 Their site explicitly states: "Free for commercial use as well."
38 One or more icons are from Milosz Wlazlo [http://miloszwl.deviantart.com]
39 whose license explicitly allows inclusion in open source projects on the
40 condition of this attribution.
42 WebCit bundles the CSS3PIE library [http://css3pie.com] which is offered
43 under both the Apache license and the GNU General Public License.
45 The Citadel logo was designed by Lisa Aurigemma.
51 Citadel is a sophisticated groupware platform which allows multiple
52 users to simultaneously access the system using a variety of user interfaces.
53 This package (WebCit) is a web based front end and user interface to the
56 What this means in practice is that after you've installed WebCit, users can
57 access all functions of your system using any web browser. Since this may be
58 the first Citadel experience for many new users, the screens have been designed
59 to be attractive and easy to navigate.
65 Unlike some web-based packages, WebCit contains its own standalone HTTP
66 engine. As a result, you can get it running quickly without all that tedious
67 mucking about with Apache configuration files and directories. WebCit is not
68 intended to be a general-purpose web server, however -- it *only* provides a
69 front end to Citadel. If you do not have another web server running, you may
70 run WebCit on port 80; however, if you have Apache or some other web server
71 listening on port 80, you must run WebCit on another port. If you do not
72 specify a port number, WebCit will bind to port 2000.
74 To compile from source, enter the usual commands:
75 ./configure --prefix=/usr/local/webcit [or whatever directory you prefer]
79 Package/Ports Maintainers: to make webcit fit smart into LHFS-ified systems
80 read on at the end of this file, Advanced configure options.
82 Then to initialize it:
86 After running setup, you just point your web browser to whatever port you
91 (or if you specified some other port, such as 2000 in this example...)
93 http://your.host.name:2000
97 The included "setup" program is basically just an installation helper that
98 asks a series of questions and then adds the appropriate init files to
99 start WebCit. For most installations, this will do just fine. If you have
100 special circumstances, or if you'd prefer to configure WebCit manually, you
101 may skip the setup program. Instead, open /etc/inittab and add an entry
104 wc:2345:respawn:/usr/local/webcit/webcit
107 Several command-line options are also available. Here's the usage for
108 the "webcit" program:
110 webcit [-i ip_addr] [-p http_port] [-s] [-S cipher_suite] [-t tracefile]
111 [-c] [-f] [remotehost [remoteport]]
115 webcit [-i ip_addr] [-p http_port] [-s] [-S cipher_suite] [-t tracefile]
116 [-c] [-f] uds /your/citadel/directory
120 -> ip_addr: the IP address on which you wish your WebCit server to run.
121 You can leave this out, in which case WebCit will listen on all
122 available network interfaces. Normally this will be the case, but if
123 you are running multiple Citadel systems on one host, it can be useful.
124 You can also use this option to run Apache and WebCit on different IP
125 addresses instead of different ports, if you have them available.
127 -> http_port: the TCP port on which you wish your WebCit server to run. If
128 you are installing WebCit on a dedicated server, you can use the
129 standard port 80. Otherwise, if port 80 is already occupied by some
130 other web service (probably Apache), then you'll need to select a
131 different port. If you do not specify a port number, WebCit will attempt
134 -> tracefile: where you want WebCit to log to. This can be a file, a
135 virtual console, or /dev/null to suppress logging altogether.
137 -> The "-c" option causes WebCit to output an extra cookie containing the
138 identity of the WebCit server. The cookie will look like this:
139 Set-cookie: wcserver=your.host.name
140 This is useful if you have a cluster of WebCit servers sitting behind a
141 load balancer, and the load balancer has the ability to use cookies to
142 keep track of which server to send HTTP requests to.
144 -> The "-s" option causes WebCit to present an HTTPS (SSL-encrypted) web
145 service. If you want to do both HTTP and HTTPS, you can simply run two
146 instances of WebCit on two different ports.
148 -> The "-S" option also enables HTTPS, but must be followed by a list of
149 cipher suites you wish to enable. Please see http://openssl.org/docs/apps/ciphers.html
150 for a list of cipher strings.
152 -> The "-f" option tells WebCit that it is allowed to follow the
153 "X-Forwarded-For:" HTTP headers which may be added if your WebCit service
154 is sitting behind a front end proxy. This will allow users in your "Who
155 is online?" list to appear as connecting from their actual host address
156 instead of the address of the proxy. In addition, the
157 "X-Forwarded-Host:" header from the front end proxy will also be honored,
158 which will help to make automatically generated absolute URL's (for
159 things like GroupDAV and mailing list subscriptions) correct.
161 -> remotehost: the name or IP address of the host on which your Citadel
162 server is running. The default is "localhost".
164 -> remoteport: the port number on which your Citadel server is running.
165 The default is port 504, the IANA-designated standard port for Citadel.
167 -> "uds" is a keyword which tells WebCit that you wish to connect to a
168 Citadel server running on the same computer, rather than using a TCP/IP
169 socket. /your/citadel/directory should be set to the actual name of the
170 directory in which you have Citadel installed
171 (such as /usr/local/citadel). If you run Citadel and WebCit on the same
172 computer, this is recommended, as it will run much faster.
178 WebCit contains graphics, templates, JavaScript code, etc. which are kept
179 in its "static" subdirectory. All site-specific graphics, however, are
180 fetched from the Citadel server.
182 The "images" directory on a Citadel system contains these graphics. The
183 ones which you may be interested in are:
185 -> background.gif: a background texture displayed under all web pages
186 -> hello.gif: your system's logo. It is displayed along with the logon
187 banner, and on the top left corner of each page.
189 If you would like to deploy a "favicon.ico" graphic, please put it in
190 the static/ directory. WebCit will properly serve it from there.
196 The default WebCit installation will create an empty directory called
197 "static.local". In this directory you may place a file called "webcit.css"
198 into the "styles" directory which, if present, is referenced *after* the
199 default stylesheet. If you know CSS and wish to customize your WebCit
200 installation, any styles you declare in static.local/styles/webcit.css
201 will override the styles found in static/styles/webcit.css -- and your
202 customizations will not be overwritten when you upgrade WebCit later.
204 You may also place other files, such as images, in static.local for
205 further customization.
211 WebCit contains support for calendaring and scheduling. In order to use it
212 you must have libical v0.26 (or newer) on your system.
214 WebCit also provides iCalendar format free/busy data for calendar clients.
215 Unlike with some other servers, there is no need for each user to "publish"
216 free/busy data -- it is generated on-the-fly from the server-side calendar
217 of the user being queried.
220 HTTPS (encryption) SUPPORT
221 --------------------------
223 WebCit now supports HTTPS for encrypted connections. When a secure server
224 port is specified via the "-s" flag, an HTTPS service is enabled.
226 The service will look in the "keys" directory for the following files:
228 citadel.key (your server's private key)
229 citadel.csr (a certificate signing request)
230 citadel.cer (your server's public certificate)
232 If any of these files are not found, WebCit will first attempt to link to the
233 SSL files in the Citadel service's directory (if Citadel is running on the
234 same host as WebCit), and if that does not succeed, it will automatically
235 generate a key and certificate.
237 It is up to you to decide whether to use an automatically generated,
238 self-signed certificate, or purchase a certificate signed by a well known
242 INTEGRATING INTO APACHE
243 -----------------------
245 It is best to run WebCit natively on its own HTTP port. If, however, you wish
246 to have WebCit run as part of an Apache web server installation (for example,
247 you only have one IP address and you need to stay on port 80 or 443 in order to
248 maintain compatibility with corporate firewall policy), you can do this with
249 the "mod_proxy" Apache module.
251 The preferred way to do this is to configure a NameVirtualHost for your WebCit
252 installation (for example, http://webcit.example.com) and then proxy that
253 virtual host through to WebCit. The alternative way, which does work but is not
254 quite as robust, is to "mount" the WebCit paths as directory aliases to your
257 Here is how to configure the NameVirtualHost method (recommended) :
259 <VirtualHost mydomain.com:443>
260 #here some of your config stuff like logging, serveradmin...
261 NameVirtualHost www.mydomain.com
265 ProxyPass / http://127.0.0.1:2000/
266 ProxyPassReverse / http://127.0.0.1:2000/
267 # The following line is optional. It allows WebCit's static content
268 # such as images to be served directly by Apache.
269 alias /static /var/lib/citadel/www/static
272 Here is how to configure the "subdirectory" method (not recommended) :
274 <VirtualHost mydomain.com:443>
275 #here some of your config stuff like logging, serveradmin...
276 NameVirtualHost www.mydomain.com
286 <location /who_inner_html>
290 ProxyPass /webcit/ http://127.0.0.1:2000/webcit/
291 ProxyPassReverse /webcit/ http://127.0.0.1:2000/webcit/
292 ProxyPass /listsub/ http://127.0.0.1:2000/listsub/
293 ProxyPassReverse /listsub/ http://127.0.0.1:2000/listsub/
294 ProxyPass /groupdav/ http://127.0.0.1:2000/groupdav/
295 ProxyPassReverse /groupdav/ http://127.0.0.1:2000/groupdav/
296 ProxyPass /who_inner_html http://127.0.0.1:2000/who_inner_html
297 ProxyPassReverse /who_inner_html http://127.0.0.1:2000/who_inner_html
301 ADVANCED CONFIGURATION OPTIONS
302 ------------------------------
304 If you are building packages and prefer not to have WebCit reside entirely in
305 a single directory, there are several compile-time options available.
307 --with-wwwdir defines where webcit should locate and search its templates and images.
308 --with-localedir defines where to put webcits locale files.
310 Also, there are possibilities to load the TinyMCE editor into a system-wide location. WebCit
311 uses this standard component to compose its messages for messages and postings. Several WebCit installations
312 that may differ in design but use the same TinyMCE (which is the default that WebCit ships with)
313 (set --with-editordir for that, it defaults to the dir the templates go)
315 Install targets have diversified to reflect these changes too:
317 locale: the webcit .mo files for gettext & locales.
318 tinymce: the editor. if your system brings one, just ommit this.
319 wwwdata: our templates.
320 setupbin: if you want to use webcits setup facility... but isn't needed in case you provide own init & config scripts.
327 That's all you need to know to get started. If you have any questions or
328 comments, visit the Citadel Support room on UNCENSORED! BBS, the home of Citadel:
329 http://uncensored.citadel.org/dotgoto?room=Citadel%20Support