Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Paul Graydon
slapos
Commits
615ec3ff
Commit
615ec3ff
authored
Apr 25, 2013
by
Cédric de Saint Martin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update zimbra-kvm documentation
parent
abe5a709
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
65 additions
and
11 deletions
+65
-11
software/zimbra-kvm/README.txt
software/zimbra-kvm/README.txt
+65
-11
No files found.
software/zimbra-kvm/README.txt
View file @
615ec3ff
...
...
@@ -19,6 +19,29 @@ The following ports are reachable from the outside world:
For each port, KVM does a NAT redirection from the VM to the local ipv4. Then, 6tunnel is called to redirect it to the outside world using ipv6.
Hostnames configuration
-----------------------
Here, zimbra.memi.slapos.org is an example. You can replace it by whatever you own (www.mydomain.com).
# HTTP reverse proxy
zimbra.memi.slapos.org 10800 IN A 5.135.166.224
zimbra.memi.slapos.org 10800 IN AAAA 2001:67c:1254:e:b::418
# MX
zimbra.memi.slapos.org 10800 IN MX 10 mail.zimbra.memi.slapos.org.
# SMTP reverse inbound synchronous proxy
mail.zimbra.memi.slapos.org 10800 IN A 5.135.166.224
mail.zimbra.memi.slapos.org 10800 IN AAAA 2001:67c:1254:9:bde1:7e1e:45b3:b189
Important note about architecture
---------------------------------
the Zimbra inside of the KVM doesn't have any connection to the internet
except a tunnel to the external MTA on the frontend machine.
Any outgoing mail uses this tunnel.
Deployment
----------
...
...
@@ -29,23 +52,54 @@ To deploy a new Zimbra service:
setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$SRMD5/parts/kvm/bin/qemu-system-x86_64
setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$SRMD5/parts/6tunnel/bin/6tunnel
* Request new instance, then connect the the machine using ssh with root:zimbra credentials, reconfigure
Zimbra to use another domain name, and change root password.
* Deploy an instance of zimbra-kvm with parameters, replacing by your informations::
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="domain">zimbra.memi.slapos.org</parameter>
<parameter id="ram-size">30000</parameter>
<parameter id="relay-mta-ipv6">2001:67c:1254:e:b::1</parameter>
</instance>
* Connect to VNC and install a ubuntu server 12.04 in it.
* Then from raw Ubuntu 12.04:
1/ Populate /etc/hosts::
127.0.0.1 zimbra.memi.slapos.org
2/ Setup hostname::
hostname zimbra.memi.slapos.org
echo "zimbra.memi.slapos.org"> /etc/hostname
3/ Setup /etc/resolv.conf::
echo "nameserver 127.0.0.1" > /etc/resolvconf/resolv.conf.d/base
echo "nameserver 127.0.0.1" > /etc/resolv.conf
4/ Setup bind by following http://wiki.zimbra.com/index.php?title=Split_dns, and disable dnssec checking in named.conf.options with::
dnssec-enable no; dnssec-validation no;
5/ Add automatic security upgrades::
ln -s $(which unattended-upgrade) /etc/cron.daily
6/ Download Zimbra Community edition 8.0.x and install it the standard way, selecting packages by default and setting password.
6bis/ There are chances you need to add zimbra start at boot::
Disk Image content
------------------
update-rc.d zimbra defaults
Ubuntu 12.04, Zimbra install from official packages, 8.0.3
admin password: Cedric de Saint Martin has it.
bind9: http://wiki.zimbra.com/index.php?title=Split_dns
resolv.conf: http://askubuntu.com/questions/30942/why-does-my-resolv-conf-file-get-regenerated-every-time
7/ In Zimbra admin web interface: Configure -> Server -> MTA -> MTA realy: put local IPv4 of your slapos instance.
Todo
----
* Doesn't need setcap
* SMTP master/slave design implemented
* Reverse proxy for web works
* Automatically download the proper boot disk image.
* Automatically download the proper boot disk image
* Unify smtp frontend and web frontend
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment