Zimbra — различия между версиями
Материал из pNp Wiki
Suser (обсуждение | вклад) (→Установка zimbrа в СentOS 7) |
Suser (обсуждение | вклад) |
||
Строка 209: | Строка 209: | ||
enter | enter | ||
+ | |||
+ | ===Настройка фаервола=== | ||
+ | * Устанавливаем firewalld | ||
+ | yum install firewalld | ||
+ | |||
+ | * Делаем автостарт и запускаем службу | ||
+ | systemctl enable firewalld | ||
+ | systemctl start firewalld | ||
+ | |||
+ | * Добавляем правила для публичных портов | ||
+ | firewall-cmd --zone=public --add-service=http --permanent | ||
+ | firewall-cmd --zone=public --add-service=https --permanent | ||
+ | firewall-cmd --zone=public --add-service=smtp --permanent | ||
+ | firewall-cmd --zone=public --add-service=smtps --permanent | ||
+ | firewall-cmd --zone=public --add-service=imap --permanent | ||
+ | firewall-cmd --zone=public --add-service=imaps --permanent | ||
+ | firewall-cmd --zone=public --add-service=pop3 --permanent | ||
+ | firewall-cmd --zone=public --add-service=pop3s --permanent | ||
+ | firewall-cmd --zone=public --add-port=8433/tcp --permanent | ||
+ | |||
+ | * Дбоавляем правила для админских служб (ldap и админка) | ||
+ | firewall-cmd --permanent --zone="admin" --add-source="'''xx.xx.xx.xx'''" | ||
+ | firewall-cmd --zone=work --add-service=ldap --permanent | ||
+ | firewall-cmd --zone=work --add-port=7071/tcp --permanent | ||
+ | |||
+ | * Применяем настройки | ||
+ | systemctl reload firewalld | ||
===полезные команды=== | ===полезные команды=== |
Версия 18:22, 10 октября 2019
Содержание
Установка zimbrа в СentOS 7
- Устанавливаем нужные пакеты
yum install perl
- Скачиваем дистрибутив и md5 файл (Скачать с оффсайта можно здесь https://www.zimbra.com/try/zimbra-collaboration-open-source/)
curl https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz -o zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz curl https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz.sha256 -o zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz.sha256
- Проверяем целостность тарбола
sha256sum -c zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz.sha256
- Распаковываем архив
tar xzpf zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz
- Переходим в директорию с дистрибутивом
cd zcs-8.8.15_GA_3869.RHEL7_64.20190918004220
- Запускаем инсталятор (ключ --platform-override разрешает продолжить работу инсталятора вне зависимости какая версия ОС)
./install.sh
- Отвечаем на вопросы
you agree with the terms of the software license agreement? [N] yes yes
Select the packages to install Install zimbra-ldap [Y] Install zimbra-logger [Y] Install zimbra-mta [Y] Install zimbra-snmp [Y] Install zimbra-store [Y] Install zimbra-apache [Y] Install zimbra-spell [Y] Install zimbra-memcached [N] Install zimbra-proxy [N] Checking required space for zimbra-core checking space for zimbra-store Installing: zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-store zimbra-apache zimbra-spell The system will be modified. Continue? [N] y
DNS ERROR - none of the MX records for mx.test.com resolve to this host Change domain name? [Yes]
Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: admin@test.com ******* +Admin Password UNSET +Anti-virus quarantine user: virus-quarantine.91gsyvz3s@test.com +Enable automated spam training: yes +Spam training user: spam.lwe5ftt1x@test.com +Non-spam(Ham) training user: ham.o4rvke97og@test.com +SMTP host: mx.test.com +Web server HTTP port: 80 +Web server HTTPS port: 443 +Web server mode: http +IMAP server port: 143 +IMAP server SSL port: 993 +POP server port: 110 +POP server SSL port: 995 +Use spell check server: yes +Spell server URL: http://mx.test.com:7780/aspell.php +Configure for use with mail proxy: FALSE +Configure for use with web proxy: FALSE +Enable version update checks: TRUE +Enable version update notifications: TRUE +Version update notification email: admin@test.com +Version update source email: admin@test.com
4) zimbra-mta: Enabled 5) zimbra-snmp: Enabled 6) zimbra-logger: Enabled 7) zimbra-spell: Enabled 8) Default Class of Service Configuration: r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit
3-4 enter pass or press enter r-a *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] enter Save configuration data to a file? [Yes] enter The system will be modified - continue? [No] yes- enter Setting local config values...done. Setting up CA...done. Deploying CA to /opt/zimbra/conf/ca ...done. Creating SSL certificate...done. Installing mailboxd SSL certificates...done. Initializing ldap...done. Setting replication password...done. Setting Postfix password...done. Setting amavis password...done. Setting nginx password...done. Creating server entry for mx.test.com...done. Saving CA in ldap ...done. Saving SSL Certificate in ldap ...done. Setting spell check URL...done. Setting service ports on mx.test.com...done. Adding mx.test.com to zimbraMailHostPool in default COS...done. Installing webclient skins... hotrod...done. tree...done. lavender...done. sand...done. oasis...done. steel...done. pebble...done. lemongrass...done. waves...done. bones...done. sky...done. carbon...done. lake...done. twilight...done. beach...done. bare...done. smoke...done. Finished installing webclient skins. Setting zimbraFeatureTasksEnabled=TRUE...done. Setting zimbraFeatureBriefcasesEnabled=TRUE...done. Setting MTA auth host...done. Setting TimeZone Preference...done. Initializing mta config...done. Setting services on mx.test.com...done. Creating domain mx.test.com...done. Setting default domain name...done. Creating domain mx.test.com...already exists. Creating admin account admin@test.com...done. Creating root alias...done. Creating postmaster alias...done. Creating user spam.lqe5ftt1x@test.com...done. Creating user ham.o4avse97og@test.com...done. Creating user virus-quarantine.91gsyvx3s@test.com...done. Setting spam training and Anti-virus quarantine accounts...done. Initializing store sql database...done. Setting zimbraSmtpHostname for mx.test.com...done. Configuring SNMP...done. Checking for default IM conference room...not present. Initializing default IM conference room...done. Setting up syslog.conf...done.
You have the option of notifying Zimbra of your installation. This helps us to track the uptake of the Zimbra Collaboration Suite. The only information that will be transmitted is: The VERSION of zcs installed (7.2.0_GA_3140_CENTOS6_64) The ADMIN EMAIL ADDRESS created (admin@test.com) Notify Zimbra of your installation? [Yes] enter
Starting servers...Could not create the Java virtual machine. Unable to determine enabled services from ldap. Enabled services read from cache. Service list may be inaccurate. done. Installing common zimlets... com_zimbra_linkedin...done. com_zimbra_email...done. com_zimbra_adminversioncheck...done. com_zimbra_date...done. com_zimbra_srchhighlighter...done. com_zimbra_attachmail...done. com_zimbra_url...done. com_zimbra_phone...done. com_zimbra_cert_manager...done. com_zimbra_bulkprovision...done. com_zimbra_dnd...done. com_zimbra_social...done.
com_zimbra_attachcontacts...done.
com_zimbra_webex...done. Finished installing common zimlets. Restarting mailboxd...done. Setting up zimbra crontab...done.
Moving /tmp/zmsetup.05092011-171934.log to /opt/zimbra/log Configuration complete - press return to exit enter
Настройка фаервола
- Устанавливаем firewalld
yum install firewalld
- Делаем автостарт и запускаем службу
systemctl enable firewalld systemctl start firewalld
- Добавляем правила для публичных портов
firewall-cmd --zone=public --add-service=http --permanent firewall-cmd --zone=public --add-service=https --permanent firewall-cmd --zone=public --add-service=smtp --permanent firewall-cmd --zone=public --add-service=smtps --permanent firewall-cmd --zone=public --add-service=imap --permanent firewall-cmd --zone=public --add-service=imaps --permanent firewall-cmd --zone=public --add-service=pop3 --permanent firewall-cmd --zone=public --add-service=pop3s --permanent firewall-cmd --zone=public --add-port=8433/tcp --permanent
- Дбоавляем правила для админских служб (ldap и админка)
firewall-cmd --permanent --zone="admin" --add-source="xx.xx.xx.xx" firewall-cmd --zone=work --add-service=ldap --permanent firewall-cmd --zone=work --add-port=7071/tcp --permanent
- Применяем настройки
systemctl reload firewalld
полезные команды
- сброс пароля админа
su zimbra zmprov sp <admin email address> <new password>
- разблокировка учётной записи
su zimbra zmprov ma accountname@domain.com zimbraAccountStatus active
Полезные ссылки
- https://github.com/jsilence/zmbkpose
- https://github.com/Fitblip/Zimbra-PGP
- https://github.com/tubezleb/ADZimbraAccountSync
- http://sourceforge.net/projects/zimbrabackend/?source=directory
- http://sourceforge.net/projects/zimbratoaster/files/Windows/
Синхронизация мобильных устройств (activesync)
Установка ПО (Z-push (http://z-push.org/download/) и плагина zimbra (http://sourceforge.net/projects/zimbrabackend/))
- Скачиваем z-push и zimbrabackend
wget http://download.z-push.org/final/2.1/z-push-2.1.2-1873.tar.gz wget http://netcologne.dl.sourceforge.net/project/zimbrabackend/Release60/zimbra60.tgz
- Распаковываем в корень веб сервера (исправить)
tar xzpf z-push-2.1.2-1873.tar.gz mkdir ./backend/zimbra cd ./backend/zimbra tar xzpf zimbra60.tgz
- Создаем каталоги для логов и данных
mkdir /var/log/z-push chown www-data:www-data /var/log/z-push mkdir /var/lib/z-push chown www-data:www-data /var/lib/z-push
Настройка z-push
- Настраиваем апач
<VirtualHost *:80> ServerAdmin admin@test.com ServerName async.test.com
# Indexes + Directory Root. DirectoryIndex index.php DocumentRoot /var/www/ Alias /Microsoft-Server-ActiveSync /var/wwww/index.php <Directory /> AllowOverride All </Directory> php_flag magic_quotes_gpc off php_flag register_globals off php_flag magic_quotes_runtime off php_flag short_open_tag on
</VirtualHost>
- Включаем плагин zimbr'ы
nano ./config.php
Строку
define('BACKEND_PROVIDER', );
заменяем на
define('BACKEND_PROVIDER', "BackendZimbra");
- Прописываем наш сервер Zimbra:
nano backend/zimbra/config.php define('ZIMBRA_URL', 'https://zimbra.test.com');