How to Install Roundcube Webmail on Ubuntu 16.04 with Nginx

Roundcube is a free and open source webmail software written in PHP. A webmail is  a mail client in your browser, which means instead of reading and sending emails from a desktop mail client like Thunderbird, you can also access your email server from a web browser. This tutorial is going to show you how to install Roundcube webmail on Ubuntu 16.04 VPS with Nginx, MariaDB and PHP7.

Prerequisites

It’s assumed that

If not, please click the above links and follow those instructions to complete prerequisites. While this tutorial is written for Ubuntu 16.04, it can be easily adapted to Debian, CentOS, and Arch Linux. Now let’s begin.

Step 1: Download Roundcube Webmail on Ubuntu 16.04

Although Roundcube is available from Ubuntu repository, but it requires Apache web server as a dependency. We are using Nginx web server, so we download Roundcube from Github and install it without Apache.

Download the latest 1.3.8 stable version.

wget https://github.com/roundcube/roundcubemail/releases/download/1.3.8/roundcubemail-1.3.8.tar.gz

Extract the tarball and move the newly created folder inside Nginx document root.

tar xvf roundcubemail-1.3.8.tar.gz

sudo mv roundcubemail-1.3.8 /usr/share/nginx/roundcubemail

Let’s move into that directory.

cd /usr/share/nginx/roundcubemail

Install Composer which is a dependency manager for PHP.

sudo apt install composer
Rename the composer.json-dist file to composer.json.
mv composer.json-dist composer.json

To use LDAP address books, edit composer.json file.

nano composer.json

Move the items in "suggest" to the "require"section like below. Remove the explanation texts after the version number. Also note that the last item doesn’t end with a comma.

ubuntu 16.04 install roundcube webmail client

Save and close the file. Then install PHP LDAP extensions.

sudo apt install php-net-ldap2 php-net-ldap3

Next, use Composer to install all needed dependencies (3rd party libraries) for Roundcube Webmail.

sudo composer install --no-dev

You might see the PHP extension php-gd is missing from your system. You can install it with the following command and then re-run the composer command.

sudo apt install php7.0-gd

Install JavaScript dependencies.

sudo apt install unzip

sudo ./bin/install-jsdeps.sh

Make Nginx user (www-data) as the owner of the temp and logs directory so that Nginx can write to these two directories.

sudo chown www-data:www-data temp/ logs/ -R

Step 2: Create a MariaDB Database and User for Roundcube

Log into MariaDB shell as root.

sudo mysql -u root

Note: On Ubuntu 16.04, MariaDB uses unix_socket to authenticate user login. When you login as root, you need to prefix with command with sudo and enter your password. (You don’t need to enter MariaDB root user password like below.)

mysql -u root -p

Then create a new database for Roundcube using the following command. This tutorial name it roundcubemail, you can use whatever name you like for the database.

create database roundcubemail;

Next, create a new database user on localhost using the following command. Again, this tutorial name it roundcubeuser, you can use whatever name you like.

create user roundcubeuser@localhost;

Set a password for the user. Replace your-password with your preferred password.

set password for roundcubeuser@localhost= password("your-password");

Then grant all permission of the new database to the new user so later on Roundcube webmail can write to the database.

grant all privileges on roundcubemail.* to roundcubeuser@localhost identified by 'your-password';

Flush the privileges for the changes to take effect.

flush privileges;

Exit MariaDB Shell:

exit;

Import initial tables to roundcubemail database.

mysql -u roundcubeuser -p roundcubemail < /usr/share/nginx/roundcubemail/SQL/mysql.initial.sql

Enter the password for the roundcubeuser. You need to specify this password later in ‘config/db.inc.php’.

Step 3: Create a Nginx Server Block File for Roundcube

Create a server block file under /etc/nginx/conf.d/ directory.

sudo nano /etc/nginx/conf.d/mail.your-domain.com.conf

Put the following text into the file. Replace the domain name.

server {
 listen 80;
  server_name mail.your-domain.com;
  root /usr/share/nginx/roundcubemail/;
  index index.php index.html index.htm;

  error_log /var/log/nginx/roundcube.error;
  access_log /var/log/nginx/roundcube.access;

  location / {
    try_files $uri $uri/ /index.php;
  }

  location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
    deny all;
  }
  location ~ ^/(bin|SQL)/ {
    deny all;
  }

  location ~ \.php$ {
   try_files $uri =404;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }

  location ~ /.well-known/acme-challenge {
    allow all;
  }
}

Save and close the file. Then test Nginx configurations.

sudo nginx -t

If the test is successful, reload Nginx for the changes to take effect.

sudo systemctl reload nginx

Step 4: Enabling HTTPS

It’s highly recommended that you use TLS to encrypt your webmail. If Roundcube, Postfix and Dovecot are installed on the same machine, then you can reuse the TLS certificate you created for Postfix and Dovecot . If Roundcube is installed on a separate machine, then you can always get a free certificate from Let’s Encrypt.

First, install Let’s Encrypt client (certbot).

sudo apt install software-properties-common
sudo add-apt-repository ppa:certbot/certbot 
sudo apt update
sudo apt install certbot python3-certbot-nginx

Then use the nginx plugin to obtain a TLS certificate from Let’s Encrypt.

sudo certbot --nginx --agree-tos --redirect --hsts --email your-email-address -d mail.your-domain.com

Step 5: Finish the Installation in Web Browser

In your web browser, go to the Roundcube installer page.

https://mail.your-domain.com/installer

The web installer will first check if PHP extensions, database and 3rd party libraries are installed.

ubuntu 16.04 roundcube nginx

Execute the following command to install all required and optional PHP extensions.

sudo apt install php7.0-mbstring php7.0-xml php7.0-mysql php7.0-common php7.0-gd php7.0-json php7.0-cli php7.0-curl php7.0-intl php-imagick

Reload PHP-FPM to enable these extensions.

sudo systemctl reload php7.0-fpm

Then refresh the Roundcube installer page and click Next. In the 2nd step, you need to fill in MariaDB database details that you created earlier.

roundcube webmail mariadb setup

In the IMAP and SMTP section, Enter the details of your own postfix SMTP server and Dovecot IMAP server.  To use SSL/TLS connection on IMAP, enter hostname with prefix ssl:// . The port number is 993 for secure IMAPS connection. (I remember in previous versions of Roundcube, you can use the prefix imaps:// with hostname. It may not work anymore.)

roundecube imap ssl hostname

In SMTP Settings, enter email server hostname with prefix tls:// to use STARTTLS on port 587. If your email server supports SMTPS, then enter email server hostname with prefix ssl:// to use SSL on port 465. In the smtp_user and smtp_pass field, enter %u and %p respectively.

Roundcube Webmail SMTP settings

Next, you can scroll down to the Plugins section to enable some plugins. For example: the password plugin, mark as junk plugin and so on.

Once that’s done, click create config button which will create configuration based on the information you entered. You need to copy the configuration and save it as config.inc.php within the /usr/share/nginx/roundcube/config/ directory.

roundcube-webmail-config-inc-php

Click continue button. In the final step, test your SMTP and IMAP settings by sending a test email and checking IMAP login.

roundcube installer test SMTP and IMAP

If the test fails, then you can click the 2. Create config link on the top of page to go back to step 2 and recreate the config.inc.php file.

If test is successful, go to your Webmail domain without /installer and login.

ubuntu 16.04 roundcube lemp stack

Roundcube Webmail interface

roundcube webmail interface

Now you should remove the whole installer folder from the document root or make sure that enable_installer option in config.inc.php is disabled.

sudo rm /usr/share/nginx/roundcubemail/installer/ -r

These files may expose sensitive configuration data like server passwords and encryption keys to the public. Make sure you cannot access this installer from your browser.

I hope this tutorial helped you install Roundcube Webmail on Ubuntu 16.04 with Nginx, MariaDB and PHP7. As always, if you found this post useful,  subscribe to our free newsletter or follow us on Google+Twitter or like our Facebook page.

Rate this tutorial
[Total: 13 Average: 3.9]

6 Responses to “How to Install Roundcube Webmail on Ubuntu 16.04 with Nginx

  • Ross Smith
    2 years ago

    Hey, can you provide steps for me to install Squirrelmail on Ubuntu?

    I found a tutorial on the Rosehosting blog, but it is intended for Centos. So I don’t think that it will be of use.

    Thank you.

  • Hi Xiao, thanks for the reply on Disqus. I checked my Nginx error log and found nothing. But I went and checked the Roundcube error log and saw that this line in my config file might be the issue:

    location = /50x.html {
        root /usr/share/nginx/html;
      }

    The error log produces this line each time I visit mail.myserver.com/installer

    [error] 5461#5461: *295 open() "/usr/share/nginx/html/50x.html" failed (2: No such file or directory), client: 157.157.31.82, server: mail.myserver.com, request: "GET /installer/ HTTP/2.0", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock", host: "mail.myserver.com"
    • When I remove that above line from my config, I get a 502 bad gateway & the following error:

      [crit] 10695#10695: *300 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: xxx.xxx.xx.xx, server: mail.myserver.com, request: "GET /installer/ HTTP/2.0", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "mail.myserver.com"
      • That means Nginx can’t access unix:/run/php/php7.0-fpm.sock, which is the unix socket php-fpm is listening on. You can check whether that file exists with:

        ls -l /run/php/php7.0-fpm.sock

        Usually you would see something like this:

         srw-rw---- 1 www-data www-data 0 May 28 02:41 /run/php/php7.0-fpm.sock

        By default that file is owned by www-data user and group. Make sure your Nginx is running as www-data. You can set the user in Nginx by adding the this line at the top of /etc/nginx/nginx.conf.

         user www-data;

        If you install Nginx from nginx.org repository, the default user is nginx.

    • This is good stuff, Linuxbabe! Thank you so much. It seems that php7.0-fpm wasn’t even installed! I installed it, enabled it, and restarted nginx and all is good. Thank you again! 🙂

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • If my answer helped you, please consider supporting this site. Thanks :)