Procédure d'installation de Zimbra Open Source avec l'interface fournie par Zextras, le tout sous Ubuntu en conteneur LXC avec Proxmox VE.
Etape n°1 | Téléchargement du template Ubuntu 18.04
Depuis l’interface de Proxmox VE, faite en sorte d’avoir disponible le template Ubuntu 18.04.
Ubuntu 18.04 lxc with privilège et nesting option
apt update apt upgrade apt install curl wget gawk wget https://go.zextras.com/e/902851/SE-UBUNTU18-latest-zextras-tgz/2l2y/194556390?h=30Aa98jHHJrVFYACiQNCNw9rUWbEi10MzgUx_tLyjpc tar xvf zcs.... cd zcs.. ./install.sh
Certificat SSL multi-domain
apt install certbot su zimbra
Activer les ports pour le proxy des protocoles http, pop3, imap et l’espace d’administration
Tout d’abord, basculer sur le compre Zimbra afin d’executer les commandes suivantes :
su zimbra
/opt/zimbra/libexec/zmproxyconfig -e -w -o -a 8080:80:8443:443 -x https -H `zmhostname` /opt/zimbra/libexec/zmproxyconfig -e -m -o -i 7143:143:7993:993 -p 7110:110:7995:995 -H `zmhostname` /opt/zimbra/libexec/zmproxyconfig -e -m -H `zmhostname`
Enable reverse proxy
|
1
|
[zimbra@mail ~]# zmprov ms `zmhostname` zimbraMailReferMode reverse-proxied |
After that enable memcached
|
1
|
[zimbra@mail ~]# zmprov ms `zmhostname` +zimbraServiceEnabled memcached |
Enable redirect mode
Now, you will definitely want all your webmail traffic to go via https by default. But http must be enabled for certbot to work.
|
1
2
|
[zimbra@mail ~]# zmprov ms `zmhostname` zimbraReverseProxyMailMode redirect[zimbra@mail ~]# exit |
Install Certbot-Zimbra
First of all install certbot-zimbra. To download latest version execute the following command
|
1
|
|
Then install tar and extract the file with following command
|
1
2
|
[root@mail ~]# yum install tar -y[root@mail ~]# tar xzf certbot-zimbra-0.7.11.tar.gz |
After that, move the file certbot_zimbra.sh to bin folder using following command.
|
1
|
[root@mail ~]# mv certbot-zimbra-0.7.11/certbot_zimbra.sh /usr/local/bin/ |
Go to bin folder
|
1
|
[root@mail ~]# cd /usr/local/bin |
Deploy Certificate
The beauty of YetOpen is it can do everything for you, including deploying the certificate and restarting Zimbra. In contrast to other process where you have to do manually this process is automatic.
|
1
|
[root@mail bin]# ./certbot_zimbra.sh -n -c |
After that answer the questions
|
1
2
3
4
5
6
7
8
|
[root@mail bin]# ./certbot_zimbra.sh -n -cChecking for dependencies...Detected Zimbra 8.8.15 on RHEL8_64Using zmhostname to detect domain.Using domain mail.inlearn.in (as certificate DN)Is this correct? yesDetecting additional public service hostnames... |
Apart from above usage, you can also do more with YetOpen script. Check out the official guide to learn more.
Renewal of Certificate YetOpen
YetOpen provides two ways to renew the certificate automatically, one through crontab and other through systemmd. Here, I have listed crontab method only.
Renewal using crontab
Edit the crontab using the command
|
1
|
[root@mail ~]# crontab -e |
Then schedule the command below to renew the certificate, so that it doesn’t interfere in your working hours. This is because after certificate renewal zmcontrol will restart Zimbra, which takes one or two minutes (I hope you already know that)
|
1
2
|
# Replace /usr/bin/certbot with the location of your certbot binary, use this to find it: which certbot-auto certbot letsencrypt12 5 * * * root /usr/bin/certbot renew --pre-hook "/usr/local/bin/certbot_zimbra.sh -p" --deploy-hook "/usr/local/bin/certbot_zimbra.sh -d" |
Create DKIM for a domain
su zimbra
/opt/zimbra/libexec/zmdkimkeyutil -a -d domain.name
Install Zextra theme
- wget download.zextras.com/
zextras-theme-installer/ latest/zextras-theme-ubuntu. tgz - tar xvf zextras-theme-ubuntu.tgz
- cd zextras-theme-installer && sudo ./install.sh
- su – zimbra -c ‘zmmailboxdctl restart’
Commentaire(s) sur cet article
Rosalina Kelian
19th May 2023Donec aliquam ex ut odio dictum, ut consequat leo interdum. Aenean nunc ipsum, blandit eu enim sed, facilisis convallis orci. Etiam commodo lectus quis vulputate tincidunt. Mauris tristique velit eu magna maximus condimentum.
Arista Williamson
15th May 2023Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim.
Arista Williamson
12th May 2023Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam.