Hi Dude. in a previous article I’ve posted about installing zimbra single server on Ubuntu 20.04. And then in this article I want to post about install zimbra multi server on ubuntu 20.04.
- Preparation Before Install Zimbra 8.8.15 in Ubuntu 20.14 (Part 1)
- Install Zimbra 8.8.15 in Ubuntu 20.04 (Part 2)
With several stages that must be done in sequence. In my case, I created a server summary table which we will install later. There are 4 servers in total, see the table below.
No | Server | Server IP Address | Hostname |
---|---|---|---|
1 | LDAP dan DNS Server | 10.12.12.10 | ldap.habibza.in |
2 | Mailbox 1 | 10.12.12.11 | mbox1.habibza.in |
3 | Transport/MTA/proxy | 10.12.12.12 | mta.habibza.in |
4 | Mailbox 2 | 10.12.12.13 | mbox2.habibza.in |
To make it easier for users to access later, I will create a global domain host access as a proxy later.
Global Access Email Server ==> 10.12.12.12 mail.habibza.in
So the user does not have to know the name of the server hostname one by one. Just know 1 server that will be accessed later.
In my case, i will use three scope server base on service served. That is Zimbra LDAP, Mailbox, and MTA.
Order Installation Zimbra Multi Server on Ubuntu
Before starting the installation process, we will first prepare a roadmap for installation zimbra multi server on ubuntu 20.04.
- ZCS LDAP server(s), with additional service:
- DNS, use Bind
- NTP, Required system clocks are synced on all servers.
- ZCS Mailbox server(s) options:
- Zimbra Logger
- ZCS Mailbox server(s)
- Zimbra Web Application
- ZCS MTA server(s), with additional service:
- Zimbra Memcache.
- Zimbra Proxy.
- AS/AV.
Preparation for Zimbra LDAP
Step 1 through step 3 are performed for each server to be installed. Open an SSH session to the Zimbra server and follow the steps below:
Set /etc/hosts and Static IP Address Static for LDAP
In this case, i am use 10.12.12.10 for Zimbra LDAP.
root@ldap:~# vim /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
ens33:
dhcp4: no
addresses:
<strong> - 10.12.12.10/24</strong>
gateway4: 10.12.12.2
nameservers:
addresses: [10.12.12.10, 8.8.8.8]
version: 2
Do netplan apply
. and then Set /etc/hosts.
root@ldap:~# vim /etc/hosts
127.0.0.1 localhost
10.12.12.10 ldap.habibza.in ldap
10.12.12.11 mbox1.habibza.in mbox1
10.12.12.12 mta.habibza.in mta
10.12.12.13 mbox2.habibza.in mbox2
Setting Hostname and Date Time
This is command to set hostname in Ubuntu.
hostnamectl set-hostname ldap.habibza.in
And then set time and date.
timedatectl set-timezone Asia/Jakarta
Disable firewall
Why disable firewall? I am prefer disable firewall because:
- Servers is under Zone DMZ. Firewall role taken by router, so can reduce resource.
- Minimizes troubleshooting of open ports and closed ports of communication that occur between servers. And also service security internal permit and not permit like
selinux
on Centos/Redhat andapparmor
on Ubuntu.
systemctl stop apparmor.service
systemctl disable apparmor.service
systemctl stop ufw.service
systemctl disable ufw.service
Install NTP Server.
Set NTP Server on LDAP Server. Why install NTP in LDAP? This is LDAP server is firts time must running on Zimbra Multi Server.
apt install ntp ntpdate
Modify ntp server in /etc/ntp.conf
. Just allow local subnet can query time server.
restrict 10.0.0.0 mask 255.0.0.0 nomodify notrap
And then restart service NTP.
systemctl restart ntp
Install DNS Bind
Install DNS Bind for local authoritative.
apt install bind9
Modify named.conf. options
root@ldap:/# vim /etc/bind/named.conf.options
recursion yes;
allow-query { 127.0.0.1; 10.0.0.0/8; };
allow-transfer { none; };
forwarders { 8.8.8.8; 1.1.1.1; };
listen-on port 53 { 127.0.0.1; 10.12.12.10; };
version "not current available";
querylog yes;
Touch file /etc/bind/named.conf.local.
root@ldap:/# vim /etc/bind/named.conf.local
zone "habibza.in" {
type master;
file "/etc/bind/db.habibza.in";
};
Create file /etc/bind/db.habibza.in
root@ldap:/# vim /etc/bind/db.habibza.in
$TTL 604800
@ IN SOA ns1.habibza.in. root.habibza.in. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.habibza.in.
@ IN A 10.12.12.12
@ IN MX 0 mail.habibza.in.
ldap IN A 10.12.12.10
ns1 IN A 10.12.12.10
mbox1 IN A 10.12.12.11
mta IN A 10.12.12.12
mbox2 IN A 10.12.12.13
mail IN A 10.12.12.12
After finish, restart service bind.
root@ldap:/# systemctl restart bind9.service
root@ldap:/# systemctl status bind9.service
● named.service - BIND Domain Name Server
Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-07-28 11:05:28 WIB; 7s ago
Docs: man:named(8)
Main PID: 125121 (named)
Tasks: 8 (limit: 1037)
Memory: 17.0M
CGroup: /system.slice/named.service
└─125121 /usr/sbin/named -f -u bind
Jul 28 11:05:28 ldap.habibza.in named[125121]: configuring command channel from '/etc/bind/rndc.key'
Jul 28 11:05:28 ldap.habibza.in named[125121]: command channel listening on ::1#953
Jul 28 11:05:28 ldap.habibza.in named[125121]: managed-keys-zone: loaded serial 3
Jul 28 11:05:28 ldap.habibza.in named[125121]: zone 0.in-addr.arpa/IN: loaded serial 1
Jul 28 11:05:28 ldap.habibza.in named[125121]: zone 127.in-addr.arpa/IN: loaded serial 1
Jul 28 11:05:28 ldap.habibza.in named[125121]: zone 255.in-addr.arpa/IN: loaded serial 1
Jul 28 11:05:28 ldap.habibza.in named[125121]: zone localhost/IN: loaded serial 2
Jul 28 11:05:28 ldap.habibza.in named[125121]: zone habibza.in/IN: loaded serial 2
Jul 28 11:05:28 ldap.habibza.in named[125121]: all zones loaded
Jul 28 11:05:28 ldap.habibza.in named[125121]: running
In this LDAP Server, stop and disable service systemd-resolved.service
. Because role resolver take over by bind9.service
. After that re-create /etc/resolv.conf
systemctl stop systemd-resolved.service
systemctl disable systemd-resolved.service
rm -rf /etc/resolv.conf
vim /etc/resolv.conf
nameserver 127.0.0.1
domain habibza.in
Test lookup, and make sure name server running properly with answer form 127.0.0.1
root@ldap:/# nslookup ldap.habibza.in
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: ldap.habibza.in
Address: 10.12.12.10
root@ldap:/# nslookup mail.habibza.in
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: mail.habibza.in
Address: 10.12.12.12
root@ldap:/# nslookup mbox1.habibza.in
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: mbox1.habibza.in
Address: 10.12.12.11
root@ldap:/# nslookup mta.habibza.in
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: mta.habibza.in
Address: 10.12.12.12
Install Zimbra LDAP
At first, download tarball from official repository.
REMEMBER. In this server just install zimbra-ldap
service.
wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954.tgz tar -zxvf zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954.tgz cd zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954 ./install.sh Operations logged to /tmp/install.log.v39fi0HW Checking for existing installation... zimbra-drive...NOT FOUND zimbra-imapd...NOT FOUND zimbra-patch...NOT FOUND zimbra-mta-patch...NOT FOUND zimbra-proxy-patch...NOT FOUND zimbra-license-tools...NOT FOUND zimbra-license-extension...NOT FOUND zimbra-network-store...NOT FOUND zimbra-network-modules-ng...NOT FOUND zimbra-chat...NOT FOUND zimbra-talk...NOT FOUND zimbra-ldap...NOT FOUND zimbra-logger...NOT FOUND zimbra-mta...NOT FOUND zimbra-dnscache...NOT FOUND zimbra-snmp...NOT FOUND zimbra-store...NOT FOUND zimbra-apache...NOT FOUND zimbra-spell...NOT FOUND zimbra-convertd...NOT FOUND zimbra-memcached...NOT FOUND zimbra-proxy...NOT FOUND zimbra-archiving...NOT FOUND zimbra-core...NOT FOUND ---------------------------------------------------------------------- PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE. SYNACOR, INC. ("SYNACOR") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT. License Terms for this Zimbra Collaboration Suite Software: https://www.zimbra.com/license/zimbra-public-eula-2-6.html ---------------------------------------------------------------------- Do you agree with the terms of the software license agreement? [N] y Use Zimbra's package repository [Y] Warning: apt-key output should not be parsed (stdout is not a terminal) Importing Zimbra GPG key Configuring package repository Checking for installable packages Found zimbra-core (local) Found zimbra-ldap (local) Found zimbra-logger (local) Found zimbra-mta (local) Found zimbra-dnscache (local) Found zimbra-snmp (local) Found zimbra-store (local) Found zimbra-apache (local) Found zimbra-spell (local) Found zimbra-memcached (repo) Found zimbra-proxy (local) Found zimbra-drive (repo) Found zimbra-imapd (local) Found zimbra-patch (repo) Found zimbra-mta-patch (repo) Found zimbra-proxy-patch (repo) Select the packages to install Install zimbra-ldap [Y] Install zimbra-logger [Y] n Install zimbra-mta [Y] n Install zimbra-dnscache [N] n Install zimbra-snmp [Y] n Install zimbra-store [Y] n Install zimbra-apache [Y] n Install zimbra-spell [Y] n Install zimbra-memcached [Y] n Install zimbra-proxy [Y] n Checking required space for zimbra-core Installing: zimbra-core zimbra-ldap The system will be modified. Continue? [N] Exit? [N] n The system will be modified. Continue? [N] y Beginning Installation - see /tmp/install.log.v39fi0HW for details... ... ... Running Post Installation Configuration: Operations logged to /tmp/zmsetup.20220410-123639.log Installing LDAP configuration database...done. Setting defaults... DNS ERROR resolving MX for ldap.habibza.in It is suggested that the domain name have an MX record configured in DNS Change domain name? [Yes] Create domain: [ldap.habibza.in] habibza.in done. Checking for port conflicts Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled s) Save config to file x) Expand menu q) Quit *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) 1 Common configuration 1) Hostname: ldap.habibza.in 2) Ldap master host: ldap.habibza.in 3) Ldap port: 389 4) Ldap Admin password: set 5) Store ephemeral attributes outside Ldap: no 6) Secure interprocess communications: yes 7) TimeZone: Asia/Bangkok 8) IP Mode: ipv4 9) Default SSL digest: sha256 Select, or 'r' for previous menu [r] r Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled s) Save config to file x) Expand menu q) Quit *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] Save config in file: [/opt/zimbra/config.12512] ... ... Configuration complete - press return to exit
After install zimbra ldap finished. Check Status
zimbra@ldap:~$ zmcontrol status
Host ldap.habibza.in
ldap Running
stats Running
zmconfigd Running
Next, continue to install zimbra mailbox and Zimbra MTA in part 2 article.
Let's Buy Me Coffee. https://saweria.co/habibzain https://ko-fi.com/habibzain