1 WEBCIT for the Citadel System
3 Copyright (C) 1996-2011 by the authors. Portions written by:
18 This program is open source software released under the terms of the GNU
19 General Public License, version 3. Please read COPYING.txt for more
20 licensing information.
22 WebCit bundles the Prototype JavaScript Framework, writen by Sam
23 Stephenson [http://prototype.conio.net]. These components are licensed to
24 you under the terms of an MIT-style license.
26 WebCit bundles the script.aculo.us JavaScript library, written by
27 Thomas Fuchs [http://script.aculo.us, http://mir.aculo.us]. These
28 components are licensed to you under the terms of an MIT-style license.
30 WebCit bundles the TinyMCE text editor, written by Moxiecode Systems AB
31 (http://tinymce.moxiecode.com/tinymce/docs/credits.html). This component
32 is licensed to you under the terms of the GNU Lesser General Public
35 Most of our Icons are taken from the "Essen" set by the people on
36 http://pc.de/icons/. We like to thank them for their astonishing work!
37 Their site explicitly states: "Free for commercial use as well."
39 One or more icons are from Milosz Wlazlo [http://miloszwl.deviantart.com]
40 whose license explicitly allows inclusion in open source projects on the
41 condition of this attribution.
43 WebCit bundles the CSS3PIE library [http://css3pie.com] which is offered
44 under both the Apache license and the GNU General Public License.
46 The Citadel logo was designed by Lisa Aurigemma.
52 Citadel is a sophisticated groupware platform which allows multiple
53 users to simultaneously access the system using a variety of user interfaces.
54 This package (WebCit) is a web based front end and user interface to the
57 What this means in practice is that after you've installed WebCit, users can
58 access all functions of your system using any web browser. Since this may be
59 the first Citadel experience for many new users, the screens have been designed
60 to be attractive and easy to navigate.
66 Unlike some web-based packages, WebCit contains its own standalone HTTP
67 engine. As a result, you can get it running quickly without all that tedious
68 mucking about with Apache configuration files and directories. WebCit is not
69 intended to be a general-purpose web server, however -- it *only* provides a
70 front end to Citadel. If you do not have another web server running, you may
71 run WebCit on port 80; however, if you have Apache or some other web server
72 listening on port 80, you must run WebCit on another port. If you do not
73 specify a port number, WebCit will bind to port 2000.
75 To compile from source, enter the usual commands:
76 ./configure --prefix=/usr/local/webcit [or whatever directory you prefer]
80 Package/Ports Maintainers: to make webcit fit smart into LHFS-ified systems
81 read on at the end of this file, Advanced configure options.
83 Then to initialize it:
87 After running setup, you just point your web browser to whatever port you
92 (or if you specified some other port, such as 2000 in this example...)
94 http://your.host.name:2000
98 The included "setup" program is basically just an installation helper that
99 asks a series of questions and then adds the appropriate init files to
100 start WebCit. For most installations, this will do just fine. If you have
101 special circumstances, or if you'd prefer to configure WebCit manually, you
102 may skip the setup program. Instead, open /etc/inittab and add an entry
105 wc:2345:respawn:/usr/local/webcit/webcit
108 Several command-line options are also available. Here's the usage for
109 the "webcit" program:
111 webcit [-i ip_addr] [-p http_port] [-s] [-S cipher_suite] [-t tracefile]
112 [-c] [-f] [remotehost [remoteport]]
116 webcit [-i ip_addr] [-p http_port] [-s] [-S cipher_suite] [-t tracefile]
117 [-c] [-f] uds /your/citadel/directory
121 -> ip_addr: the IP address on which you wish your WebCit server to run.
122 You can leave this out, in which case WebCit will listen on all
123 available network interfaces. Normally this will be the case, but if
124 you are running multiple Citadel systems on one host, it can be useful.
125 You can also use this option to run Apache and WebCit on different IP
126 addresses instead of different ports, if you have them available.
128 -> http_port: the TCP port on which you wish your WebCit server to run. If
129 you are installing WebCit on a dedicated server, you can use the
130 standard port 80. Otherwise, if port 80 is already occupied by some
131 other web service (probably Apache), then you'll need to select a
132 different port. If you do not specify a port number, WebCit will attempt
135 -> tracefile: where you want WebCit to log to. This can be a file, a
136 virtual console, or /dev/null to suppress logging altogether.
138 -> The "-c" option causes WebCit to output an extra cookie containing the
139 identity of the WebCit server. The cookie will look like this:
140 Set-cookie: wcserver=your.host.name
141 This is useful if you have a cluster of WebCit servers sitting behind a
142 load balancer, and the load balancer has the ability to use cookies to
143 keep track of which server to send HTTP requests to.
145 -> The "-s" option causes WebCit to present an HTTPS (SSL-encrypted) web
146 service. If you want to do both HTTP and HTTPS, you can simply run two
147 instances of WebCit on two different ports.
149 -> The "-S" option also enables HTTPS, but must be followed by a list of
150 cipher suites you wish to enable. Please see http://openssl.org/docs/apps/ciphers.html
151 for a list of cipher strings.
153 -> The "-f" option tells WebCit that it is allowed to follow the
154 "X-Forwarded-For:" HTTP headers which may be added if your WebCit service
155 is sitting behind a front end proxy. This will allow users in your "Who
156 is online?" list to appear as connecting from their actual host address
157 instead of the address of the proxy. In addition, the
158 "X-Forwarded-Host:" header from the front end proxy will also be honored,
159 which will help to make automatically generated absolute URL's (for
160 things like GroupDAV and mailing list subscriptions) correct.
162 -> remotehost: the name or IP address of the host on which your Citadel
163 server is running. The default is "localhost".
165 -> remoteport: the port number on which your Citadel server is running.
166 The default is port 504, the IANA-designated standard port for Citadel.
168 -> "uds" is a keyword which tells WebCit that you wish to connect to a
169 Citadel server running on the same computer, rather than using a TCP/IP
170 socket. /your/citadel/directory should be set to the actual name of the
171 directory in which you have Citadel installed
172 (such as /usr/local/citadel). If you run Citadel and WebCit on the same
173 computer, this is recommended, as it will run much faster.
179 WebCit contains graphics, templates, JavaScript code, etc. which are kept
180 in its "static" subdirectory. All site-specific graphics, however, are
181 fetched from the Citadel server.
183 The "images" directory on a Citadel system contains these graphics. The
184 ones which you may be interested in are:
186 -> background.gif: a background texture displayed under all web pages
187 -> hello.gif: your system's logo. It is displayed along with the logon
188 banner, and on the top left corner of each page.
190 If you would like to deploy a "favicon.ico" graphic, please put it in
191 the static/ directory. WebCit will properly serve it from there.
197 The default WebCit installation will create an empty directory called
198 "static.local". In this directory you may place a file called "webcit.css"
199 into the "styles" directory which, if present, is referenced *after* the
200 default stylesheet. If you know CSS and wish to customize your WebCit
201 installation, any styles you declare in static.local/styles/webcit.css
202 will override the styles found in static/styles/webcit.css -- and your
203 customizations will not be overwritten when you upgrade WebCit later.
205 You may also place other files, such as images, in static.local for
206 further customization.
212 WebCit contains support for calendaring and scheduling. In order to use it
213 you must have libical v0.26 (or newer) on your system.
215 WebCit also provides iCalendar format free/busy data for calendar clients.
216 Unlike with some other servers, there is no need for each user to "publish"
217 free/busy data -- it is generated on-the-fly from the server-side calendar
218 of the user being queried.
221 HTTPS (encryption) SUPPORT
222 --------------------------
224 WebCit now supports HTTPS for encrypted connections. When a secure server
225 port is specified via the "-s" flag, an HTTPS service is enabled.
227 The service will look in the "keys" directory for the following files:
229 citadel.key (your server's private key)
230 citadel.csr (a certificate signing request)
231 citadel.cer (your server's public certificate)
233 If any of these files are not found, WebCit will first attempt to link to the
234 SSL files in the Citadel service's directory (if Citadel is running on the
235 same host as WebCit), and if that does not succeed, it will automatically
236 generate a key and certificate.
238 It is up to you to decide whether to use an automatically generated,
239 self-signed certificate, or purchase a certificate signed by a well known
243 INTEGRATING INTO APACHE
244 -----------------------
246 It is best to run WebCit natively on its own HTTP port. If, however, you wish
247 to have WebCit run as part of an Apache web server installation (for example,
248 you only have one IP address and you need to stay on port 80 or 443 in order to
249 maintain compatibility with corporate firewall policy), you can do this with
250 the "mod_proxy" Apache module.
252 The preferred way to do this is to configure a NameVirtualHost for your WebCit
253 installation (for example, http://webcit.example.com) and then proxy that
254 virtual host through to WebCit. The alternative way, which does work but is not
255 quite as robust, is to "mount" the WebCit paths as directory aliases to your
258 Here is how to configure the NameVirtualHost method (recommended) :
260 <VirtualHost mydomain.com:443>
261 #here some of your config stuff like logging, serveradmin...
262 NameVirtualHost www.mydomain.com
266 ProxyPass / http://127.0.0.1:2000/
267 ProxyPassReverse / http://127.0.0.1:2000/
268 # The following line is optional. It allows WebCit's static content
269 # such as images to be served directly by Apache.
270 alias /static /var/lib/citadel/www/static
273 Here is how to configure the "subdirectory" method (not recommended) :
275 <VirtualHost mydomain.com:443>
276 #here some of your config stuff like logging, serveradmin...
277 NameVirtualHost www.mydomain.com
287 <location /who_inner_html>
291 ProxyPass /webcit/ http://127.0.0.1:2000/webcit/
292 ProxyPassReverse /webcit/ http://127.0.0.1:2000/webcit/
293 ProxyPass /listsub/ http://127.0.0.1:2000/listsub/
294 ProxyPassReverse /listsub/ http://127.0.0.1:2000/listsub/
295 ProxyPass /groupdav/ http://127.0.0.1:2000/groupdav/
296 ProxyPassReverse /groupdav/ http://127.0.0.1:2000/groupdav/
297 ProxyPass /who_inner_html http://127.0.0.1:2000/who_inner_html
298 ProxyPassReverse /who_inner_html http://127.0.0.1:2000/who_inner_html
302 ADVANCED CONFIGURATION OPTIONS
303 ------------------------------
305 If you are building packages and prefer not to have WebCit reside entirely in
306 a single directory, there are several compile-time options available.
308 --with-wwwdir defines where webcit should locate and search its templates and images.
309 --with-localedir defines where to put webcits locale files.
311 Also, there are possibilities to load the TinyMCE editor into a system-wide location. WebCit
312 uses this standard component to compose its messages for messages and postings. Several WebCit installations
313 that may differ in design but use the same TinyMCE (which is the default that WebCit ships with)
314 (set --with-editordir for that, it defaults to the dir the templates go)
316 Install targets have diversified to reflect these changes too:
318 locale: the webcit .mo files for gettext & locales.
319 tinymce: the editor. if your system brings one, just ommit this.
320 wwwdata: our templates.
321 setupbin: if you want to use webcits setup facility... but isn't needed in case you provide own init & config scripts.
328 That's all you need to know to get started. If you have any questions or
329 comments, visit the Citadel Support room on UNCENSORED! BBS, the home of Citadel:
330 http://uncensored.citadel.org/dotgoto?room=Citadel%20Support