Difference between revisions of "CentOS 7.x Install Zimbra on AWS lightsail instance"

From Notes_Wiki
m
m
Line 13: Line 13:
# <tt>ssh -i &lt;private-key&gt; centos@&lt;instance-public-ip&gt;</tt>
# <tt>ssh -i &lt;private-key&gt; centos@&lt;instance-public-ip&gt;</tt>
# <tt>sudo su -</tt>
# <tt>sudo su -</tt>
# Disable SELinux
# <tt>yum -y install vim wget epel-release firewalld</tt>
# <tt>yum -y install vim wget epel-release firewalld</tt>
# <tt>vim ~/.ssh/authorized_keys</tt>  
# <tt>vim ~/.ssh/authorized_keys</tt>  

Revision as of 11:40, 6 March 2019

<yambe:breadcrumb self="Install Zimbra on AWS lightsail instance">CentOS_7.x_Install_Zimbra|Install Zimbra</yambe:breadcrumb> <yambe:breadcrumb self="Install Zimbra on AWS lightsail instance">CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>

CentOS 7.x Install Zimbra on AWS lightsail instance

To Install Zimbra (Eg 8.8.11) on AWS lightsail instance use:

  1. Create appropriate lightsail instance with possibly 8GB or more RAM
  2. For production instances create static IP and attach with instance
  3. Create DNS entry for FQDN mapping to static IP. *Ensure that appropriate MX records for mail domains are also configured.*
  4. Allow access to server in lightsail instance networking firewall section for following ports: 22, 25, 80, 110, 443, 465, 587, 993 and 7071
    Note that POP related ports are intentionally omitted. Also note that 110, 25, etc. are required for TLS
  5. Download corresponding regions private key
  6. chmod 400 <private-key>
  7. ssh -i <private-key> centos@<instance-public-ip>
  8. sudo su -
  9. Disable SELinux
  10. yum -y install vim wget epel-release firewalld
  11. vim ~/.ssh/authorized_keys
    Add own key, Allow <private-key> direct root aaccess. (First line 155x)
  12. Set hostname
    hostname <desired-fqdn>
    vim /etc/hostname
  13. Exit
  14. ssh directly as root with self public key
  15. wget Zimbra 8.8.11 or desired version setup from Zimbra website to /root folder
  16. Validate no process is listening on port 25
    ss -alnp | grep 25
    if there is sendmail or postfix, stop and disable corresponding service
    systemctl stop postfix
    systemctl disable postfix
  17. Create appropriate swap space using CentOS 7.x adding swap space using file
  18. Setup fail2ban using CentOS 7.x fail2ban including firewalld using CentOS 7.x Basic firewalld configuration
    Create firewalld exception for ports same as lightsail instance networking exceptions
  19. Have /etc/hosts similar to:
    127.0.0.1 localhost.localdomain localhost
    172.26.15.186 mail.zimbra.sbarjatiya.com
    where 172.26.15.186 is the lightsail private IP of the Zimbra instance.
  20. Install dependencies
    yum -y install perl perl-core ntp nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite epel-release
    yum -y install less bind-utils htop logwatch
  21. If installation would be repeated often and caching is desired edit /etc/yum.conf and set keepcache=1
  22. Set correct time zone CentOS 7.x Change system timezone
  23. Configure system to store history date time using Storing date / time along with commands in history
  24. exit or possibly reboot and ssh again for history settings to take effect. In case of reboot note that lightsail firewall might block ICMP communication so ping as method of checking if server is up again, wont work.
  25. Install zimbra by extracting .tgz file and running ./install.sh
    1. EULA: Y
    2. Use Zimbra package repository: Y
    3. For most packages leave to default Y.
    4. On system would be modified caution: Y
    5. Typically hostname of zimbra server is mail.zimbra.sbarjatiya.com while the server is supposed to act as email server for domain zimbra.sbarjatiya.com. In such cases use something similar to:
      DNS ERROR resolving MX for mail.zimbra.sbarjatiya.com
      It is suggested that the domain name have an MX record configured in DNS
      Change domain name? [Yes] Yes
      Create domain: [mail.zimbra.sbarjatiya.com] zimbra.sbarjatiya.com
      DNS ERROR - none of the MX records for zimbra.sbarjatiya.com
      resolve to this host
      It is suggested that the MX record resolve to this host
      Re-Enter domain name? [Yes] No
    6. Set admin password and rest all can be left as it is (7, 4)
    7. Use 'r' to return to main menu and 'a' for applying configuration
    8. Further use responses similar to:
      Save configuration data to a file? [Yes]
      Save config in file: [/opt/zimbra/config.7626]
      Saving config in /opt/zimbra/config.7626...done.
      The system will be modified - continue? [No] Yes
      Now setup should take really long time for various installations and configurations
    9. Enter 'No' for notify Zimbra of installation for test machines. In case of production machines you can optionally enter 'Yes'.
    10. Press return to exit on 'Press return to exit' message :)
  26. Check status of Zimbra services which take a few minutes to start
    su - zimbra
    zmcontrol status
  27. Access admin panel via browser at https://mail.zimbra.sbarjatiya.com:7071
  28. Use CentOS 7.x Configuring dnsmasq for Zimbra behind NAT to resolve email not delivered to self domains issue
  29. Send a few test email to external domains such as gmail and also try to receive emails from external domains.


Retrying installation

In case installation fails mid-way then remove by referring Zimbra uninstallation and try again after resolving issue which caused the previous installation to fail.


<yambe:breadcrumb self="Install Zimbra on AWS lightsail instance">CentOS_7.x_Install_Zimbra|Install Zimbra</yambe:breadcrumb> <yambe:breadcrumb self="Install Zimbra on AWS lightsail instance">CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>