From cdc92aa65be068c1e4b79d6d238698ba3887bfb4 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Thu, 10 Mar 2022 10:29:11 +0100
Subject: [PATCH] Mobileconfig apple style

---
 core/admin/mailu/internal/views/autoconfig.py | 89 +++++++++++++++++++
 core/nginx/conf/nginx.conf                    |  6 ++
 2 files changed, 95 insertions(+)

diff --git a/core/admin/mailu/internal/views/autoconfig.py b/core/admin/mailu/internal/views/autoconfig.py
index b93794b3..7c549900 100644
--- a/core/admin/mailu/internal/views/autoconfig.py
+++ b/core/admin/mailu/internal/views/autoconfig.py
@@ -72,3 +72,92 @@ def autoconfig_microsoft():
 </Response>
 </Autodiscover>\r\n'''
     return flask.Response(xml, mimetype='text/xml', status=200)
+
+@internal.route("/autoconfig/apple")
+def autoconfig_apple():
+    # https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf
+    hostname = app.config['HOSTNAME']
+    sitename = app.config['SITENAME']
+    xml = f'''<?xml version=\"1.0\" encoding=\"UTF-8\"?>
+<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\"
+\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
+<plist version=\"1.0\">
+<dict>
+<key>PayloadContent</key>
+<array>
+<dict>
+<key>EmailAccountDescription</key>
+<string>{sitename}</string>
+<key>EmailAccountName</key>
+<string>{hostname}</string>
+<key>EmailAccountType</key>
+<string>EmailTypeIMAP</string>
+<key>EmailAddress</key>
+<string></string>
+<key>IncomingMailServerAuthentication</key>
+<string>EmailAuthPassword</string>
+<key>IncomingMailServerHostName</key>
+<string>{hostname}</string>
+<key>IncomingMailServerPortNumber</key>
+<integer>993</integer>
+<key>IncomingMailServerUseSSL</key>
+<true/>
+<key>IncomingMailServerUsername</key>
+<string></string>
+<key>IncomingPassword</key>
+<string></string>
+<key>OutgoingMailServerAuthentication</key>
+<string>EmailAuthPassword</string>
+<key>OutgoingMailServerHostName</key>
+<string>{hostname}</string>
+<key>OutgoingMailServerPortNumber</key>
+<integer>465</integer>
+<key>OutgoingMailServerUseSSL</key>
+<true/>
+<key>OutgoingMailServerUsername</key>
+<string></string>
+<key>OutgoingPasswordSameAsIncomingPassword</key>
+<true/>
+<key>PayloadDescription</key>
+<string>{sitename}</string>
+<key>PayloadDisplayName</key>
+<string>{hostname}</string>
+<key>PayloadIdentifier</key>
+<string>{hostname}.email</string>
+<key>PayloadOrganization</key>
+<string></string>
+<key>PayloadType</key>
+<string>com.apple.mail.managed</string>
+<key>PayloadUUID</key>
+<string>72e152e2-d285-4588-9741-25bdd50c4d11</string>
+<key>PayloadVersion</key>
+<integer>1</integer>
+<key>PreventAppSheet</key>
+<true/>
+<key>PreventMove</key>
+<false/>
+<key>SMIMEEnabled</key>
+<false/>
+<key>disableMailRecentsSyncing</key>
+<false/>
+</dict>
+</array>
+<key>PayloadDescription</key>
+<string>{hostname} - E-Mail Account Configuration</string>
+<key>PayloadDisplayName</key>
+<string>E-Mail Account {hostname}</string>
+<key>PayloadIdentifier</key>
+<string>E-Mail Account {hostname}</string>
+<key>PayloadOrganization</key>
+<string>{hostname}</string>
+<key>PayloadRemovalDisallowed</key>
+<false/>
+<key>PayloadType</key>
+<string>Configuration</string>
+<key>PayloadUUID</key>
+<string>56db43a5-d29e-4609-a908-dce94d0be48e</string>
+<key>PayloadVersion</key>
+<integer>1</integer>
+</dict>
+</plist>\r\n'''
+    return flask.Response(xml, mimetype='text/xml', status=200)
diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf
index 87775f80..4edb5dcd 100644
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -132,6 +132,12 @@ http {
         include /etc/nginx/proxy.conf;
         proxy_pass http://$admin;
       }
+      # apple mobileconfig
+      location ^~ /mobileconfig {
+        rewrite ^ /internal/autoconfig/apple break;
+        include /etc/nginx/proxy.conf;
+        proxy_pass http://$admin;
+      }
 
       {% if TLS_FLAVOR == 'mail-letsencrypt' %}
       location ^~ /.well-known/acme-challenge/ {