Proposé par Agence IHDEM

Procédure d'installation de Zimbra Open Source avec l'interface fournie par Zextras, le tout sous Ubuntu en conteneur LXC avec Proxmox VE.

Etape n°1 | Téléchargement du template Ubuntu 18.04

Depuis l’interface de Proxmox VE, faite en sorte d’avoir disponible le template Ubuntu 18.04.

 

Ubuntu 18.04 lxc with privilège et nesting option

apt update

apt upgrade

apt install curl wget gawk

wget download.zextras.com/zcs-9.0.0_OSE_UBUNTU18_latest-zextras.tgz

tar xvf zcs….

cd zcs..

./install.sh

Certificat SSL multi-domain

apt install certbot

su zimbra

Set default Zimbra proxy ports for web, pop3, imap and admin

First of all switch to zimbra (su zimbra) user and execute the following command

1
2
3
[zimbra@mail ~]# /opt/zimbra/libexec/zmproxyconfig -e -w -o -a 8080:80:8443:443 -x https -H `zmhostname`
[zimbra@mail ~]# /opt/zimbra/libexec/zmproxyconfig -e -m -o -i 7143:143:7993:993 -p 7110:110:7995:995 -H `zmhostname`
[zimbra@mail ~]# /opt/zimbra/libexec/zmproxyconfig -e -m -H `zmhostname`

Enable reverse proxy

1
[zimbra@mail ~]# zmprov ms `zmhostname` zimbraMailReferMode reverse-proxied

After that enable memcached

1
[zimbra@mail ~]# zmprov ms `zmhostname` +zimbraServiceEnabled memcached

Enable redirect mode

Now, you will definitely want all your webmail traffic to go via https by default. But http must be enabled for certbot to work.

1
2
[zimbra@mail ~]# zmprov ms `zmhostname` zimbraReverseProxyMailMode redirect
[zimbra@mail ~]# exit

 

Install Certbot-Zimbra

First of all install certbot-zimbra. To download latest version execute the following command

1
[root@mail ~]# wget --content-disposition https://github.com/YetOpen/certbot-zimbra/archive/0.7.11.tar.gz

Then install tar and extract the file with following command

1
2
[root@mail ~]# yum install tar -y
[root@mail ~]# tar xzf certbot-zimbra-0.7.11.tar.gz

After that, move the file certbot_zimbra.sh to bin folder using following command.

1
[root@mail ~]# mv certbot-zimbra-0.7.11/certbot_zimbra.sh /usr/local/bin/

Go to bin folder

1
[root@mail ~]# cd /usr/local/bin

Deploy Certificate

The beauty of YetOpen is it can do everything for you, including deploying the certificate and restarting Zimbra. In contrast to other process where you have to do manually this process is automatic.

1
[root@mail bin]# ./certbot_zimbra.sh -n -c

After that answer the questions

1
2
3
4
5
6
7
8
[root@mail bin]# ./certbot_zimbra.sh -n -c
Checking for dependencies...
Detected Zimbra 8.8.15 on RHEL8_64
Using zmhostname to detect domain.
Using domain mail.inlearn.in (as certificate DN)
Is this correct? yes
Detecting additional public service hostnames...

Apart from above usage, you can also do more with YetOpen script. Check out the official guide to learn more.

Renewal of Certificate YetOpen

YetOpen provides two ways to renew the certificate automatically, one through crontab and other through systemmd. Here, I have listed crontab method only.

Renewal using crontab

Edit the crontab using the command

1
[root@mail ~]# crontab -e

Then schedule the command below to renew the certificate, so that it doesn’t interfere in your working hours. This is because after certificate renewal zmcontrol will restart Zimbra, which takes one or two minutes (I hope you already know that)

1
2
# Replace /usr/bin/certbot with the location of your certbot binary, use this to find it: which certbot-auto certbot letsencrypt
12 5 * * * root /usr/bin/certbot renew --pre-hook "/usr/local/bin/certbot_zimbra.sh -p" --deploy-hook "/usr/local/bin/certbot_zimbra.sh -d"

Create DKIM for a domain

su zimbra

/opt/zimbra/libexec/zmdkimkeyutil -a -d domain.name

Install Zextra theme

 

 

 

 

Commentaire(s) sur cet article

  • img
    Rosalina Kelian
    19th May 2023 Reply

    Donec aliquam ex ut odio dictum, ut consequat leo interdum. Aenean nunc ipsum, blandit eu enim sed, facilisis convallis orci. Etiam commodo lectus quis vulputate tincidunt. Mauris tristique velit eu magna maximus condimentum.

  • img
    Arista Williamson
    15th May 2023 Reply

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim.

  • img
    Arista Williamson
    12th May 2023 Reply

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam.

N'hésitez pas à nous laissez un commentaire

Voulez-vous profiter de formations et tutoriels additionnels?

Devenez membre VIP pour profiter de formations avancées.