Howto zimbra
compile zimbra
install podman:
https://wiki.vidalinux.org/index.php/Howto_podman#install_podman_ubuntu
for ubuntu 18.04:
https://hub.docker.com/r/ovox/zimbrabuild-ubuntu18
for ubuntu 20.04:
https://hub.docker.com/r/ovox/zimbrabuild-ubuntu20
for centos7:
https://hub.docker.com/r/ovox/zimbrabuild-centos7
for almalinux8:
https://hub.docker.com/r/ovox/zimbrabuild-alma8
install zimbra
install the following packages for ubuntu :
apt-get update && apt-get -y install sqlite3 bind9-dnsutils perl perl-base perl-modules nano sudo libpcre3 libgmp10 unzip libgmp3-dev sysstat libexpat1 wget language-pack-en libaio1 pax dnsmasq net-tools
install the following packages rhel:
yum -y install wget nmap-ncat unzip perl-core openssh-clients sysstat net-tools ntpl sudo libidn libstdc++.so.6 gmp libaio dnsmasq
set hostname:
hostnamectl set-hostname vidalinux.net
configure /etc/hosts:
127.0.0.1 localhost 192.168.24.45 vidalinux.net mail.vidalinux.net
configure domain:
cat >> /etc/dnsmasq.conf << EOF listen-address=127.0.0.1 interface=eth0 expand-hosts domain=vidalinux.net server=4.2.2.1 server=4.2.2.2 address=/.vidalinux.net/127.0.0.1 address=/.vidalinux.net/192.168.24.45 mx-host=vidalinux.net,mail.vidalinux.com,1 addn-hosts=/etc/hosts cache-size=9500 EOF
make sure systemd-resolved is disable:
systemctl stop systemd-resolved.service systemctl disable systemd-resolved.service
start and enable dnsmasq:
systemctl enable dnsmasq.service systemctl start dnsmasq.service
configure /etc/resolv.conf:
nameserver 127.0.0.1
test your dns:
nslookup vidalinux.net
decompress zimbra archive:
cd ~/ubuntu20/volume/UBUNTU20_64-DAFFODIL-1000-20230413144723-FOSS-0001 tar xvf zcs-10.0.0_GA_0001.UBUNTU20_64.20230413144723.tgz cd zcs-10.0.0_GA_0001.UBUNTU20_64.20230413144723
run zimbra installer:
./install.sh
make sure to block updates to any zimbra packages:
apt-mark hold zip zimbra-*
access zimbra web interface:
https://vidalinux.net/
access zimbra web administration interface:
https://vidalinux.net:7071
fix webgui error
if you have an error 404 url not found entering the webui use the following command to fix the issue:
su - zimbra -c "zmprov mcf zimbraModernWebClientDisabled TRUE" && /etc/init.d/zimbra restart
07-24-2024
this is a hack to fix error when "Installing mailboxd SSL certificates":
/opt/zimbra/mailboxd/etc/keystore didn't exist. Mon Jul 24 20:49:39 2023 *** Running as zimbra user: /opt/zimbra/bin/zmcertmgr.bk deploycrt self ** Installing imapd certificate '/opt/zimbra/conf/imapd.crt' and key '/opt/zimbra/conf/imapd.key' ** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/imapd.crt' ** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/imapd.key' ** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12' ERROR: openssl pkcs12 export to '/opt/zimbra/ssl/zimbra/jetty.pkcs12' failed(1): pkcs12: Unrecognized flag propquery pkcs12: Use -help for summary.
run the installer, when installation stop do the following:
wget https://pastebin.com/raw/a9Ts3sg9 -O zimbracertmgr.patch patch /opt/zimbra/bin/zmcertmgr < zimbracertmgr.patch chattr +i /opt/zimbra/bin/zmcertmgr
run the setup script to finish installation:
/opt/zimbra/libexec/zmsetup.pl
install new theme for zimbra
for ubuntu:
wget https://download.zextras.com/zextras-theme-installer/latest/zextras-theme-ubuntu.tgz && tar xvf zextras-theme-ubuntu.tgz && cd zextras-theme-installer/packages && dpkg -i zextras-theme_1.0.1_amd64.deb && /etc/init.d/zimbra restart
for centos:
wget https://download.zextras.com/zextras-theme-installer/latest/zextras-theme-centos.tgz && tar xvf zextras-theme-centos.tgz && cd zextras-theme-installer/packages && rpm -ivh zextras-theme-1.0.1.x86_64.rpm && /etc/init.d/zimbra restart
install ssl certificate
script for installing ssl certificate:
cat > /usr/local/bin/install-cert-zimbra << "EOF" #!/bin/bash DOMAIN=vidalinux.net CERT_DIR=/root/certificates CERT_KEY=$DOMAIN.key CERT_CRT=$DOMAIN.crt CERT_ROOT=root.pem SSL_DIR=/opt/zimbra/ssl/letsencrypt if [ ! -d ${SSL_DIR} ]; then echo "creating ssl tmp directory" mkdir -p ${SSL_DIR} fi echo "copying certificates to zimbra directory" rm -rf $SSL_DIR/* cp $CERT_DIR/* $SSL_DIR/ cp $CERT_DIR/$CERT_KEY /opt/zimbra/ssl/zimbra/commercial/commercial.key chown -R zimbra.zimbra $SSL_DIR/ /opt/zimbra/ssl/zimbra/commercial/commercial.key echo "verifying letsencrypt ssl certificates" su - zimbra -c "/opt/zimbra/bin/zmcertmgr verifycrt comm $SSL_DIR/$CERT_KEY $SSL_DIR/$CERT_CRT $SSL_DIR/$CERT_ROOT" echo "install letsencrypt ssl certificates" su - zimbra -c "/opt/zimbra/bin/zmcertmgr deploycrt comm $SSL_DIR/$CERT_CRT $SSL_DIR/$CERT_ROOT" echo "restarting zimbra services" /etc/init.d/zimbra restart EOF
fix file permissions:
chmod +x /usr/local/bin/install-cert-zimbra
run the script as root:
install-cert-zimbra
got the following error when installing new certificate:
** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12' ERROR: openssl pkcs12 export to '/opt/zimbra/ssl/zimbra/jetty.pkcs12' failed(1): Error creating PKCS12 MAC; no PKCS12KDF support? Use -nomac if MAC not required and PKCS12KDF support not available. 80C2EBFDFB7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (PKCS12KDF : 192), Properties (<null>) 80C2EBFDFB7F0000:error:1180006B:PKCS12 routines:pkcs12_gen_mac:key gen error:crypto/pkcs12/p12_mutl.c:147: 80C2EBFDFB7F0000:error:1180006D:PKCS12 routines:PKCS12_set_mac:mac generation error:crypto/pkcs12/p12_mutl.c:220:
to fix this error edit /opt/zimbra/bin/zmcertmgr:
1821 - "pass:$kpass", "2>&1" 1821 + "pass:$kpass", "-nomac", "2>&1"
references
- https://github.com/Zimbra/zm-build
- https://github.com/Zimbra/packages/tree/develop/thirdparty
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
- https://wiki.zimbra.com/wiki/Zimbra_Releases
- https://www.zimbra.com/downloads/zimbra-collaboration-open-source
- https://github.com/Zimbra-Community/ansible-zimbra-single