Merge 5e13c55f89 into cd62fd9826

conf/fail2ban/jails.conf

@@ -30,14 +30,6 @@ logpath  = /var/log/nginx/access.log
 maxretry = 20
 findtime = 30
 
-[miab-owncloud]
-enabled  = true
-port     = http,https
-filter   = miab-owncloud
-logpath  = STORAGE_ROOT/owncloud/nextcloud.log
-maxretry = 20
-findtime = 120
-
 [miab-postfix587]
 enabled  = true
 port     = 587

conf/fail2ban/nextcloud-jail.conf

@@ -0,0 +1,8 @@
+
+[miab-owncloud]
+enabled  = true
+port     = http,https
+filter   = miab-owncloud
+logpath  = STORAGE_ROOT/owncloud/nextcloud.log
+maxretry = 20
+findtime = 120

conf/nginx-nextcloud.conf

@@ -0,0 +1,60 @@
+
+	# Nextcloud configuration.
+	rewrite ^/cloud$ /cloud/ redirect;
+	rewrite ^/cloud/$ /cloud/index.php;
+	rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
+	rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
+	rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect;
+	location /cloud/ {
+		alias /usr/local/lib/owncloud/;
+	 	location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
+	 		deny all;
+	 	}
+	 	location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
+	 		deny all;
+	 	}
+		# Enable paths for service and cloud federation discovery
+		# Resolves warning in Nextcloud Settings panel
+                location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ {
+                        index index.php;
+                        include fastcgi_params;
+                        fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2;
+                        fastcgi_pass php-fpm;
+                }
+	}
+	location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
+		# note: ~ has precendence over a regular location block
+		# Accept URLs like:
+		# /cloud/index.php/apps/files/
+		# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
+		# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
+		# /cloud/remote.php/webdav/yourfilehere...
+		include fastcgi_params;
+		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
+		fastcgi_param SCRIPT_NAME $1$2;
+		fastcgi_param PATH_INFO $3;
+		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
+		fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
+		fastcgi_read_timeout 630;
+		fastcgi_pass php-fpm;
+		client_max_body_size 1G;
+		fastcgi_buffers 64 4K;
+	}
+	location ^~ /owncloud-xaccel/ {
+		# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. Nextcloud sends the full file
+		# path on disk as a subdirectory under this virtual path.
+		# We must only allow 'internal' redirects within nginx so that the filesystem
+		# is not exposed to the world.
+		internal;
+		alias /;
+	}
+	location ~ ^/((caldav|carddav|webdav).*)$ {
+		# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
+		# Properly proxying like this seems to work fine.
+		proxy_pass https://127.0.0.1/cloud/remote.php/$1;
+	}
+	rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
+	rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
+	rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
+	rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;
+

conf/nginx-primaryonly.conf

@@ -14,63 +14,3 @@
 		add_header Content-Security-Policy "frame-ancestors 'none';";
 	}
 
-	# Nextcloud configuration.
-	rewrite ^/cloud$ /cloud/ redirect;
-	rewrite ^/cloud/$ /cloud/index.php;
-	rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
-	rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
-	rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect;
-	location /cloud/ {
-		alias /usr/local/lib/owncloud/;
-	 	location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
-	 		deny all;
-	 	}
-	 	location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
-	 		deny all;
-	 	}
-		# Enable paths for service and cloud federation discovery
-		# Resolves warning in Nextcloud Settings panel
-                location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ {
-                        index index.php;
-                        include fastcgi_params;
-                        fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2;
-                        fastcgi_pass php-fpm;
-                }
-	}
-	location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
-		# note: ~ has precendence over a regular location block
-		# Accept URLs like:
-		# /cloud/index.php/apps/files/
-		# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
-		# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
-		# /cloud/remote.php/webdav/yourfilehere...
-		include fastcgi_params;
-		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
-		fastcgi_param SCRIPT_NAME $1$2;
-		fastcgi_param PATH_INFO $3;
-		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
-		fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
-		fastcgi_read_timeout 630;
-		fastcgi_pass php-fpm;
-		client_max_body_size 1G;
-		fastcgi_buffers 64 4K;
-	}
-	location ^~ /owncloud-xaccel/ {
-		# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. Nextcloud sends the full file
-		# path on disk as a subdirectory under this virtual path.
-		# We must only allow 'internal' redirects within nginx so that the filesystem
-		# is not exposed to the world.
-		internal;
-		alias /;
-	}
-	location ~ ^/((caldav|carddav|webdav).*)$ {
-		# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
-		# Properly proxying like this seems to work fine.
-		proxy_pass https://127.0.0.1/cloud/remote.php/$1;
-	}
-	rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
-	rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
-	rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
-	rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;
-
-	# ADDITIONAL DIRECTIVES HERE

management/dns_update.py

@@ -11,6 +11,7 @@ import dns.resolver
 
 from mailconfig import get_mail_domains
 from utils import shell, load_env_vars_from_file, safe_domain_name, sort_domains
+from os import environ
 
 # From https://stackoverflow.com/questions/3026957/how-to-validate-a-domain-name-using-regex-php/16491074#16491074
 # This regular expression matches domain names according to RFCs, it also accepts fqdn with an leading dot,
@@ -280,14 +281,14 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en
 		if not has_rec(dmarc_qname, "TXT", prefix="v=DMARC1; "):
 			records.append((dmarc_qname, "TXT", 'v=DMARC1; p=reject', "Recommended. Prevents use of this domain name for outbound mail by specifying that the SPF rule should be honoured for mail from @%s." % (qname + "." + domain)))
 
-	# Add CardDAV/CalDAV SRV records on the non-primary hostname that points to the primary hostname.
-	# The SRV record format is priority (0, whatever), weight (0, whatever), port, service provider hostname (w/ trailing dot).
-	if domain != env["PRIMARY_HOSTNAME"]:
-		for dav in ("card", "cal"):
-			qname = "_" + dav + "davs._tcp"
-			if not has_rec(qname, "SRV"):
-				records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain."))
-
+        if environ.get('DISABLE_NEXTCLOUD') != '0' and domain != env["PRIMARY_HOSTNAME"]:
+        	# Add CardDAV/CalDAV SRV records on the non-primary hostname that points to the primary hostname.
+        	# The SRV record format is priority (0, whatever), weight (0, whatever), port, service provider hostname (w/ trailing dot).
+        		for dav in ("card", "cal"):
+        			qname = "_" + dav + "davs._tcp"
+        			if not has_rec(qname, "SRV"):
+        				records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain."))
+        
 	# Adds autoconfiguration A records for all domains.
 	# This allows the following clients to automatically configure email addresses in the respective applications.
 	# autodiscover.* - Z-Push ActiveSync Autodiscover

management/templates/index.html

@@ -147,9 +147,7 @@
       {% include "aliases.html" %}
       </div>
 
-      <div id="panel_sync_guide" class="admin_panel">
-      {% include "sync-guide.html" %}
-      </div>
+      <div id="panel_sync_guide" class="admin_panel">{% include "sync-guide.html" %}</div>
 
       <div id="panel_web" class="admin_panel">
       {% include "web.html" %}

management/web_update.py

@@ -8,6 +8,7 @@ from mailconfig import get_mail_domains
 from dns_update import get_custom_dns_config, get_dns_zones
 from ssl_certificates import get_ssl_certificates, get_domain_ssl_files, check_certificate
 from utils import shell, safe_domain_name, sort_domains
+from os import environ
 
 def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True):
 	# What domains should we serve HTTP(S) for?
@@ -75,13 +76,17 @@ def do_web_update(env):
 	nginx_conf = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-top.conf")).read()
 
 	# Load the templates.
+        template2_nextcloud = ""
 	template0 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx.conf")).read()
 	template1 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-alldomains.conf")).read()
 	template2 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-primaryonly.conf")).read()
+        # Check if the user doesn't want Nextcloud.
+        if environ.get('DISABLE_NEXTCLOUD') != '0':
+	    template2_nextcloud = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-nextcloud.conf")).read()
 	template3 = "\trewrite ^(.*) https://$REDIRECT_DOMAIN$1 permanent;\n"
 
 	# Add the PRIMARY_HOST configuration first so it becomes nginx's default server.
-	nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2], ssl_certificates, env)
+	nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2, template2_nextcloud], ssl_certificates, env)
 
 	# Add configuration all other web domains.
 	has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)

setup/functions.sh

@@ -47,6 +47,12 @@ function apt_get_quiet {
 	DEBIAN_FRONTEND=noninteractive hide_output apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" "$@"
 }
 
+function apt_purge {
+	# Remove a bunch of packages.
+	PACKAGES=$@
+	apt_get_quiet --purge remove $PACKAGES
+}
+
 function apt_install {
 	# Install a bunch of packages. We used to report which packages were already
 	# installed and which needed installing, before just running an 'apt-get
@@ -158,6 +164,17 @@ function message_box {
 	dialog --title "$1" --msgbox "$2" 0 0
 }
 
+function yesno_box {
+	# yesno_box "title" "prompt" VARIABLE
+	# The exit code resembles the user's input and will be stored in the variable VARIABLE
+	# Temporarily turn off 'set -e' because we need the dialog return code
+	declare -n result=$3
+	set +e
+	dialog --stdout --title "$1" --yesno "$2" 0 0
+	result=$?
+	set -e
+}
+
 function input_box {
 	# input_box "title" "prompt" "defaultvalue" VARIABLE
 	# The user's input will be stored in the variable VARIABLE.

setup/management.sh

@@ -85,6 +85,12 @@ unzip -q /tmp/bootstrap.zip -d $assets_dir
 mv $assets_dir/bootstrap-$bootstrap_version-dist $assets_dir/bootstrap
 rm -f /tmp/bootstrap.zip
 
+# Remove the Contacts/Calendar section from the admin page if the user didn't enable Nextcloud
+if [ "${DISABLE_NEXTCLOUD}" == 0 ]; then
+	sed -i '/sync_guide/d' ../management/templates/index.html
+	rm ../management/templates/sync-guide.html
+fi
+
 # Create an init script to start the management daemon and keep it
 # running after a reboot.
 cat > $inst_dir/start <<EOF;

setup/nextcloud-remove.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# This script will remove Nextcloud from your MiaB server
+##################################################################
+
+source setup/functions.sh # load our functions
+source /etc/mailinabox.conf # load global vars
+
+if [[ $EUID -ne 0 ]]; then
+	echo "This script must be run as root."
+	exit
+fi
+
+# Backup the existing ownCloud/Nextcloud.
+# Create a backup directory to store the current installation and database to
+
+BACKUP_DIRECTORY=$STORAGE_ROOT/owncloud-backup/`date +"%Y-%m-%d-%T"`
+mkdir -p "$BACKUP_DIRECTORY"
+if [ -d /usr/local/lib/owncloud/ ]; then
+	echo "Backing up existing Nextcloud installation, configuration, and database to directory to $BACKUP_DIRECTORY..."
+	cp -r /usr/local/lib/owncloud "$BACKUP_DIRECTORY/owncloud-install"
+	rm -r /usr/local/lib/owncloud
+fi
+if [ -e $STORAGE_ROOT/owncloud/owncloud.db ]; then
+	cp $STORAGE_ROOT/owncloud/owncloud.db $BACKUP_DIRECTORY
+fi
+if [ -e $STORAGE_ROOT/owncloud/config.php ]; then
+	cp $STORAGE_ROOT/owncloud/config.php $BACKUP_DIRECTORY
+fi
+if [ -d $STORAGE/owncloud/ ]; then
+	echo "Removing Nextcloud..."
+	rm -r $STORAGE_ROOT/owncloud
+fi
+# Remove Nextcloud's dependencies
+apt_purge php-imap php-pear php-dev php-xml php-zip php-apcu php-imagick

setup/questions.sh

@@ -193,6 +193,27 @@ if [ -z "${STORAGE_ROOT:-}" ]; then
 	STORAGE_ROOT=$([[ -z "${DEFAULT_STORAGE_ROOT:-}" ]] && echo "/home/$STORAGE_USER" || echo "$DEFAULT_STORAGE_ROOT")
 fi
 
+# Check if Nextcloud is already installed
+# If it isn't, ask the user if Nextcloud should be disabled 
+if [ ! -d $STORAGE_ROOT/owncloud ]; then
+	# Ask the user if he/she wants to disable Nextcloud
+	yesno_box "Disable Nextcloud?"\
+		"Nextcloud offers the Contacts and Calendar features in Mail-in-a-box\
+		\nIt also offers other features like file sharing, gallery, todos, and more.\ 
+		\n\nWould you like to disable it?"\
+		DISABLE_NEXTCLOUD
+else
+	# Ask the user if he wants to remove Nextcloud
+	yesno_box "Remove Nextcloud?"\
+		"It seems that you already have Nextcloud installed\
+		\n\nNextcloud offers the Contacts and Calendar features in Mail-in-a-box\
+		\nIt also offers other features like file sharing, gallery, todos, and more.\ 
+		\n\nWould you like to remove it?"\
+		REMOVE_NEXTCLOUD	
+	if [ "${REMOVE_NEXTCLOUD}" == "0" ]; then
+		DISABLE_NEXTCLOUD="0"	
+	fi
+fi
 # Show the configuration, since the user may have not entered it manually.
 echo
 echo "Primary Hostname: $PRIMARY_HOSTNAME"

setup/start.sh

@@ -104,9 +104,18 @@ source setup/mail-dovecot.sh
 source setup/mail-users.sh
 source setup/dkim.sh
 source setup/spamassassin.sh
+if [ "${REMOVE_NEXTCLOUD}" == "0" ] {
+	source setup/nextcloud-remove.sh
+}
 source setup/web.sh
 source setup/webmail.sh
-source setup/nextcloud.sh
+
+if [ "${DISABLE_NEXTCLOUD}" == "0" ]; then
+	echo "Nextcloud installation was skipped due to a configuration choice"
+else 
+	source setup/nextcloud.sh
+fi
+
 source setup/zpush.sh
 source setup/management.sh
 source setup/munin.sh

setup/system.sh

@@ -344,10 +344,19 @@ systemctl restart systemd-resolved
 # Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc.
 rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore
 rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config
+
+# Check if the user wants to enable Nextcloud and its rules aren't configured yet
+# if both conditions are true, the relevant fail2ban configuration will be added
+if [ "${DISABLE_NEXTCLOUD}" != "0"] && ! grep -q owncloud conf/fail2ban/jails.conf; then
+	cat conf/fail2ban/nextcloud-jail.conf >> conf/fail2ban/jails.conf
+fi
+
 cat conf/fail2ban/jails.conf \
 	| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \
 	| sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \
 	> /etc/fail2ban/jail.d/mailinabox.conf
+
+
 cp -f conf/fail2ban/filter.d/* /etc/fail2ban/filter.d/
 
 # On first installation, the log files that the jails look at don't all exist.

setup/webmail.sh

@@ -68,15 +68,18 @@ if [ $needs_update == 1 ]; then
 	git_clone https://github.com/kitist/html5_notifier.git $HTML5_NOTIFIER_VERSION '' ${RCM_PLUGIN_DIR}/html5_notifier
 
 	# download and verify the full release of the carddav plugin
-	wget_verify \
-		https://github.com/blind-coder/rcmcarddav/releases/download/v${CARDDAV_VERSION}/carddav-${CARDDAV_VERSION}.zip \
-		$CARDDAV_HASH \
-		/tmp/carddav.zip
-
-	# unzip and cleanup
-	unzip -q /tmp/carddav.zip -d ${RCM_PLUGIN_DIR}
-	rm -f /tmp/carddav.zip
 
+	if [ "${DISABLE_NEXTCLOUD}" != "0" ]; then
+		wget_verify \
+			https://github.com/blind-coder/rcmcarddav/releases/download/v${CARDDAV_VERSION}/carddav-${CARDDAV_VERSION}.zip \
+			$CARDDAV_HASH \
+			/tmp/carddav.zip
+	
+		# unzip and cleanup
+		unzip -q /tmp/carddav.zip -d ${RCM_PLUGIN_DIR}
+		rm -f /tmp/carddav.zip
+	
+	fi
 	# record the version we've installed
 	echo $UPDATE_KEY > ${RCM_DIR}/version
 fi
@@ -91,6 +94,14 @@ SECRET_KEY=$(dd if=/dev/urandom bs=1 count=18 2>/dev/null | base64 | fold -w 24
 # For security, temp and log files are not stored in the default locations
 # which are inside the roundcube sources directory. We put them instead
 # in normal places.
+
+PLUGINS="'html5_notifier', 'archive', 'zipdownload', 'password', 'managesieve', 'jqueryui', 'persistent_login'"
+
+# Add the carddav plugin if the user wants to install Nextcloud
+if [ "${DISABLE_NEXTCLOUD}" != "0" ]; then
+	PLUGINS="$PLUGINS, 'carddav'"
+fi
+
 cat > $RCM_CONFIG <<EOF;
 <?php
 /*
@@ -122,7 +133,7 @@ cat > $RCM_CONFIG <<EOF;
 \$config['support_url'] = 'https://mailinabox.email/';
 \$config['product_name'] = '$PRIMARY_HOSTNAME Webmail';
 \$config['des_key'] = '$SECRET_KEY';
-\$config['plugins'] = array('html5_notifier', 'archive', 'zipdownload', 'password', 'managesieve', 'jqueryui', 'persistent_login', 'carddav');
+\$config['plugins'] = array($PLUGINS);
 \$config['skin'] = 'larry';
 \$config['login_autocomplete'] = 2;
 \$config['password_charset'] = 'UTF-8';
@@ -131,7 +142,9 @@ cat > $RCM_CONFIG <<EOF;
 EOF
 
 # Configure CardDav
-cat > ${RCM_PLUGIN_DIR}/carddav/config.inc.php <<EOF;
+if [ "${DISABLE_NEXTCLOUD}" != "0" ]; then
+
+	cat > ${RCM_PLUGIN_DIR}/carddav/config.inc.php <<EOF;
 <?php
 /* Do not edit. Written by Mail-in-a-Box. Regenerated on updates. */
 \$prefs['_GLOBAL']['hide_preferences'] = true;
@@ -150,6 +163,7 @@ cat > ${RCM_PLUGIN_DIR}/carddav/config.inc.php <<EOF;
 );
 ?>
 EOF
+fi
 
 # Create writable directories.
 mkdir -p /var/log/roundcubemail /var/tmp/roundcubemail $STORAGE_ROOT/mail/roundcube
@@ -182,10 +196,12 @@ chmod 775 $STORAGE_ROOT/mail
 chown root.www-data $STORAGE_ROOT/mail/users.sqlite
 chmod 664 $STORAGE_ROOT/mail/users.sqlite
 
-# Fix Carddav permissions:
-chown -f -R root.www-data ${RCM_PLUGIN_DIR}/carddav
-# root.www-data need all permissions, others only read
-chmod -R 774 ${RCM_PLUGIN_DIR}/carddav
+if [ "${DISABLE_NEXTCLOUD}" != "0" ]; then
+	# Fix Carddav permissions:
+	chown -f -R root.www-data ${RCM_PLUGIN_DIR}/carddav
+	# root.www-data need all permissions, others only read
+	chmod -R 774 ${RCM_PLUGIN_DIR}/carddav
+fi
 
 # Run Roundcube database migration script (database is created if it does not exist)
 ${RCM_DIR}/bin/updatedb.sh --dir ${RCM_DIR}/SQL --package roundcube

setup/zpush.sh

@@ -64,13 +64,16 @@ rm -f /usr/local/lib/z-push/backend/imap/config.php
 cp conf/zpush/backend_imap.php /usr/local/lib/z-push/backend/imap/config.php
 sed -i "s%STORAGE_ROOT%$STORAGE_ROOT%" /usr/local/lib/z-push/backend/imap/config.php
 
-# Configure CardDav
-rm -f /usr/local/lib/z-push/backend/carddav/config.php
-cp conf/zpush/backend_carddav.php /usr/local/lib/z-push/backend/carddav/config.php
-
-# Configure CalDav
-rm -f /usr/local/lib/z-push/backend/caldav/config.php
-cp conf/zpush/backend_caldav.php /usr/local/lib/z-push/backend/caldav/config.php
+if [ "${DISABLE_NEXTCLOUD}" != "0" ]; then
+	
+	# Configure CardDav
+	rm -f /usr/local/lib/z-push/backend/carddav/config.php
+	cp conf/zpush/backend_carddav.php /usr/local/lib/z-push/backend/carddav/config.php
+	
+	# Configure CalDav
+	rm -f /usr/local/lib/z-push/backend/caldav/config.php
+	cp conf/zpush/backend_caldav.php /usr/local/lib/z-push/backend/caldav/config.php
+fi
 
 # Configure Autodiscover
 rm -f /usr/local/lib/z-push/autodiscover/config.php