Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jean-Paul Smets
slapos
Commits
615ec3ff
Commit
615ec3ff
authored
Apr 25, 2013
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update zimbra-kvm documentation
parent
abe5a709
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
65 additions
and
11 deletions
+65
-11
software/zimbra-kvm/README.txt
software/zimbra-kvm/README.txt
+65
-11
No files found.
software/zimbra-kvm/README.txt
View file @
615ec3ff
...
...
@@ -19,6 +19,29 @@ The following ports are reachable from the outside world:
For each port, KVM does a NAT redirection from the VM to the local ipv4. Then, 6tunnel is called to redirect it to the outside world using ipv6.
Hostnames configuration
-----------------------
Here, zimbra.memi.slapos.org is an example. You can replace it by whatever you own (www.mydomain.com).
# HTTP reverse proxy
zimbra.memi.slapos.org 10800 IN A 5.135.166.224
zimbra.memi.slapos.org 10800 IN AAAA 2001:67c:1254:e:b::418
# MX
zimbra.memi.slapos.org 10800 IN MX 10 mail.zimbra.memi.slapos.org.
# SMTP reverse inbound synchronous proxy
mail.zimbra.memi.slapos.org 10800 IN A 5.135.166.224
mail.zimbra.memi.slapos.org 10800 IN AAAA 2001:67c:1254:9:bde1:7e1e:45b3:b189
Important note about architecture
---------------------------------
the Zimbra inside of the KVM doesn't have any connection to the internet
except a tunnel to the external MTA on the frontend machine.
Any outgoing mail uses this tunnel.
Deployment
----------
...
...
@@ -29,23 +52,54 @@ To deploy a new Zimbra service:
setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$SRMD5/parts/kvm/bin/qemu-system-x86_64
setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$SRMD5/parts/6tunnel/bin/6tunnel
* Request new instance, then connect the the machine using ssh with root:zimbra credentials, reconfigure
Zimbra to use another domain name, and change root password.
* Deploy an instance of zimbra-kvm with parameters, replacing by your informations::
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="domain">zimbra.memi.slapos.org</parameter>
<parameter id="ram-size">30000</parameter>
<parameter id="relay-mta-ipv6">2001:67c:1254:e:b::1</parameter>
</instance>
* Connect to VNC and install a ubuntu server 12.04 in it.
* Then from raw Ubuntu 12.04:
1/ Populate /etc/hosts::
127.0.0.1 zimbra.memi.slapos.org
2/ Setup hostname::
hostname zimbra.memi.slapos.org
echo "zimbra.memi.slapos.org"> /etc/hostname
3/ Setup /etc/resolv.conf::
echo "nameserver 127.0.0.1" > /etc/resolvconf/resolv.conf.d/base
echo "nameserver 127.0.0.1" > /etc/resolv.conf
4/ Setup bind by following http://wiki.zimbra.com/index.php?title=Split_dns, and disable dnssec checking in named.conf.options with::
dnssec-enable no; dnssec-validation no;
5/ Add automatic security upgrades::
ln -s $(which unattended-upgrade) /etc/cron.daily
6/ Download Zimbra Community edition 8.0.x and install it the standard way, selecting packages by default and setting password.
6bis/ There are chances you need to add zimbra start at boot::
Disk Image content
------------------
update-rc.d zimbra defaults
Ubuntu 12.04, Zimbra install from official packages, 8.0.3
admin password: Cedric de Saint Martin has it.
bind9: http://wiki.zimbra.com/index.php?title=Split_dns
resolv.conf: http://askubuntu.com/questions/30942/why-does-my-resolv-conf-file-get-regenerated-every-time
7/ In Zimbra admin web interface: Configure -> Server -> MTA -> MTA realy: put local IPv4 of your slapos instance.
Todo
----
* Doesn't need setcap
* SMTP master/slave design implemented
* Reverse proxy for web works
* Automatically download the proper boot disk image.
* Automatically download the proper boot disk image
* Unify smtp frontend and web frontend
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment