7,164
edits
Zimbra on EC2 tips: Difference between revisions
→コンフィグレーション
(→内部 DNS) |
|||
| (17 intermediate revisions by the same user not shown) | |||
| Line 171: | Line 171: | ||
my_hostname = os.popen("/bin/hostname -s").read().rstrip() | my_hostname = os.popen("/bin/hostname -s").read().rstrip() | ||
# replace the ubuntu hostname in /etc/hosts | # replace the ubuntu hostname in /etc/hosts | ||
mp = {'localipv4' : my_ip, 'hostname' : my_hostname, 'fqdn' : my_fqdn} | mp = {'localipv4' : my_ip, 'hostname' : my_hostname, 'fqdn' : my_fqdn} | ||
t = Template(file="/usr/local/etc/bind/templates/hosts.tmpl", searchList=[mp]) | t = Template(file="/usr/local/etc/bind/templates/hosts.tmpl", searchList=[mp]) | ||
| Line 180: | Line 180: | ||
f.close() | f.close() | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<syntaxhighlight lang="bash" enclose="div"> | <syntaxhighlight lang="bash" enclose="div"> | ||
| Line 343: | Line 342: | ||
dhcp client が自動生成する /etc/resolv.conf に反映する為に、/etc/dhcp3/dhclient.conf を修正します。 | dhcp client が自動生成する /etc/resolv.conf に反映する為に、/etc/dhcp3/dhclient.conf を修正します。 | ||
<syntaxhighlight lang="text" enclose="div"> | |||
prepend domain-name-servers 127.0.0.1; | |||
supersede domain-name "example.com"; | |||
</syntaxhighlight> | |||
ここで一度この script を起動して動作確認します。 | ここで一度この script を起動して動作確認します。 | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
sudo /usr/local/etc/init/ec2-set-hosts | sudo /usr/local/etc/init/ec2-set-hosts | ||
cat /etc/hosts | cat /etc/hosts | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
sudo /usr/local/etc/init/ec2-set-dns-zone | sudo /usr/local/etc/init/ec2-set-dns-zone | ||
sudo /etc/init.d/bind9 restart | sudo /etc/init.d/bind9 restart | ||
| Line 362: | Line 363: | ||
== パッケージ == | == パッケージ == | ||
Zimbra に必要なパッケージを導入します。 | Zimbra に必要なパッケージを導入します。 | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
sudo aptitude install libperl5.10 | sudo aptitude install libperl5.10 | ||
sudo aptitude install sysstat | sudo aptitude install sysstat | ||
| Line 370: | Line 371: | ||
== セキュリティグループ == | == セキュリティグループ == | ||
EC2 の Security Group で Zimbra に必要な port を設定します。 | EC2 の Security Group で Zimbra に必要な port を設定します。 | ||
<syntaxhighlight lang="text" enclose="div"> | |||
SMTP 25 | |||
HTTP 80 | |||
HTTPS 443 | |||
IMAP 143 | |||
IMAP (Secure) 993 | |||
POP3 110 | |||
POP3 (Secure) 995 | |||
Custom で 7071 (Administration Console) | |||
</syntaxhighlight> | |||
もちろん、使わないサービスの port は閉じておくべきです。 | もちろん、使わないサービスの port は閉じておくべきです。 | ||
| Line 392: | Line 395: | ||
[http://www.zimbra.com/community/downloads.html Zimbra のサイト]から、パッケージを EC2 の EBS ボリュームに持って展開しておきます。 | [http://www.zimbra.com/community/downloads.html Zimbra のサイト]から、パッケージを EC2 の EBS ボリュームに持って展開しておきます。 | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
cd /opt | cd /opt | ||
wget http://files2.zimbra.com/downloads/7.1.0_GA/zcs-7.1.0_GA_3140.UBUNTU10_64.20110329151347.tgz | wget http://files2.zimbra.com/downloads/7.1.0_GA/zcs-7.1.0_GA_3140.UBUNTU10_64.20110329151347.tgz | ||
| Line 401: | Line 404: | ||
== コンフィグレーション == | == コンフィグレーション == | ||
Zimbra のパッケージを展開したディレクトリで、 | Zimbra のパッケージを展開したディレクトリで、 | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
./install.sh | ./install.sh | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 407: | Line 410: | ||
インストーラーが起動します。 | インストーラーが起動します。 | ||
'''<RETURN>'''と書いてあるところで入力待ちがあります。 | '''<RETURN>'''と書いてあるところで入力待ちがあります。 | ||
< | <syntaxhighlight lang="text" enclose="div"> | ||
Operations logged to /tmp/install.log.9999 | Operations logged to /tmp/install.log.9999 | ||
Checking for existing installation... | Checking for existing installation... | ||
| Line 532: | Line 535: | ||
Main menu | Main menu | ||
1) Common Configuration: | 1) Common Configuration: | ||
2) zimbra-ldap: Enabled | 2) zimbra-ldap: Enabled | ||
3) zimbra-store: Enabled | 3) zimbra-store: Enabled | ||
+Create Admin User: yes | +Create Admin User: yes | ||
+Admin user to create: admin@aws.example.com | +Admin user to create: admin@aws.example.com | ||
******* +Admin Password UNSET | ******* +Admin Password UNSET | ||
+Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | +Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | ||
+Enable automated spam training: yes | +Enable automated spam training: yes | ||
+Spam training user: spam.xxxxxxxxx@aws.example.com | +Spam training user: spam.xxxxxxxxx@aws.example.com | ||
+Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | +Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | ||
+SMTP host: aws.example.com | +SMTP host: aws.example.com | ||
+Web server HTTP port: 80 | +Web server HTTP port: 80 | ||
+Web server HTTPS port: 443 | +Web server HTTPS port: 443 | ||
+Web server mode: http | +Web server mode: http | ||
+IMAP server port: 143 | +IMAP server port: 143 | ||
+IMAP server SSL port: 993 | +IMAP server SSL port: 993 | ||
+POP server port: 110 | +POP server port: 110 | ||
+POP server SSL port: 995 | +POP server SSL port: 995 | ||
+Use spell check server: yes | +Use spell check server: yes | ||
+Spell server URL: http://aws.example.com:7780/aspell.php | +Spell server URL: http://aws.example.com:7780/aspell.php | ||
+Configure for use with mail proxy: FALSE | +Configure for use with mail proxy: FALSE | ||
+Configure for use with web proxy: FALSE | +Configure for use with web proxy: FALSE | ||
+Enable version update checks: TRUE | +Enable version update checks: TRUE | ||
+Enable version update notifications: TRUE | +Enable version update notifications: TRUE | ||
+Version update notification email: admin@aws.example.com | +Version update notification email: admin@aws.example.com | ||
+Version update source email: admin@aws.example.com | +Version update source email: admin@aws.example.com | ||
4) zimbra-mta: Enabled | 4) zimbra-mta: Enabled | ||
5) zimbra-snmp: Enabled | 5) zimbra-snmp: Enabled | ||
6) zimbra-logger: Enabled | 6) zimbra-logger: Enabled | ||
7) zimbra-spell: Enabled | 7) zimbra-spell: Enabled | ||
8) Default Class of Service Configuration: | 8) Default Class of Service Configuration: | ||
r) Start servers after configuration yes | r) Start servers after configuration yes | ||
s) Save config to file | s) Save config to file | ||
x) Expand menu | x) Expand menu | ||
q) Quit | q) Quit | ||
Address unconfigured (**) items (? - help) 1<RETURN> | Address unconfigured (**) items (? - help) 1<RETURN> | ||
| Line 574: | Line 577: | ||
Common configuration | Common configuration | ||
1) Hostname: aws.example.com | 1) Hostname: aws.example.com | ||
2) Ldap master host: aws.example.com | 2) Ldap master host: aws.example.com | ||
3) Ldap port: 389 | 3) Ldap port: 389 | ||
4) Ldap Admin password: set | 4) Ldap Admin password: set | ||
5) Secure interprocess communications: yes | 5) Secure interprocess communications: yes | ||
6) TimeZone: America/Los_Angeles | 6) TimeZone: America/Los_Angeles | ||
Select, or 'r' for previous menu [r] 6<RETURN> | Select, or 'r' for previous menu [r] 6<RETURN> | ||
| Line 593: | Line 596: | ||
Common configuration | Common configuration | ||
1) Hostname: aws.example.com | 1) Hostname: aws.example.com | ||
2) Ldap master host: aws.example.com | 2) Ldap master host: aws.example.com | ||
3) Ldap port: 389 | 3) Ldap port: 389 | ||
4) Ldap Admin password: set | 4) Ldap Admin password: set | ||
5) Secure interprocess communications: yes | 5) Secure interprocess communications: yes | ||
6) TimeZone: Asia/Tokyo | 6) TimeZone: Asia/Tokyo | ||
Select, or 'r' for previous menu [r] <RETURN> | Select, or 'r' for previous menu [r] <RETURN> | ||
| Line 604: | Line 607: | ||
Main menu | Main menu | ||
1) Common Configuration: | 1) Common Configuration: | ||
2) zimbra-ldap: Enabled | 2) zimbra-ldap: Enabled | ||
3) zimbra-store: Enabled | 3) zimbra-store: Enabled | ||
+Create Admin User: yes | +Create Admin User: yes | ||
+Admin user to create: admin@aws.example.com | +Admin user to create: admin@aws.example.com | ||
******* +Admin Password UNSET | ******* +Admin Password UNSET | ||
+Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | +Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | ||
+Enable automated spam training: yes | +Enable automated spam training: yes | ||
+Spam training user: spam.xxxxxxxxx@aws.example.com | +Spam training user: spam.xxxxxxxxx@aws.example.com | ||
+Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | +Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | ||
+SMTP host: aws.example.com | +SMTP host: aws.example.com | ||
+Web server HTTP port: 80 | +Web server HTTP port: 80 | ||
+Web server HTTPS port: 443 | +Web server HTTPS port: 443 | ||
+Web server mode: http | +Web server mode: http | ||
+IMAP server port: 143 | +IMAP server port: 143 | ||
+IMAP server SSL port: 993 | +IMAP server SSL port: 993 | ||
+POP server port: 110 | +POP server port: 110 | ||
+POP server SSL port: 995 | +POP server SSL port: 995 | ||
+Use spell check server: yes | +Use spell check server: yes | ||
+Spell server URL: http://aws.example.com:7780/aspell.php | +Spell server URL: http://aws.example.com:7780/aspell.php | ||
+Configure for use with mail proxy: FALSE | +Configure for use with mail proxy: FALSE | ||
+Configure for use with web proxy: FALSE | +Configure for use with web proxy: FALSE | ||
+Enable version update checks: TRUE | +Enable version update checks: TRUE | ||
+Enable version update notifications: TRUE | +Enable version update notifications: TRUE | ||
+Version update notification email: admin@aws.example.com | +Version update notification email: admin@aws.example.com | ||
+Version update source email: admin@aws.example.com | +Version update source email: admin@aws.example.com | ||
4) zimbra-mta: Enabled | 4) zimbra-mta: Enabled | ||
5) zimbra-snmp: Enabled | 5) zimbra-snmp: Enabled | ||
6) zimbra-logger: Enabled | 6) zimbra-logger: Enabled | ||
7) zimbra-spell: Enabled | 7) zimbra-spell: Enabled | ||
8) Default Class of Service Configuration: | 8) Default Class of Service Configuration: | ||
r) Start servers after configuration yes | r) Start servers after configuration yes | ||
s) Save config to file | s) Save config to file | ||
x) Expand menu | x) Expand menu | ||
q) Quit | q) Quit | ||
Address unconfigured (**) items (? - help) 3<RETURN> | Address unconfigured (**) items (? - help) 3<RETURN> | ||
| Line 646: | Line 649: | ||
Store configuration | Store configuration | ||
1) Status: Enabled | 1) Status: Enabled | ||
2) Create Admin User: yes | 2) Create Admin User: yes | ||
3) Admin user to create: admin@aws.example.com | 3) Admin user to create: admin@aws.example.com | ||
** 4) Admin Password UNSET | ** 4) Admin Password UNSET | ||
5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | 5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | ||
6) Enable automated spam training: yes | 6) Enable automated spam training: yes | ||
7) Spam training user: spam.xxxxxxxxx@aws.example.com | 7) Spam training user: spam.xxxxxxxxx@aws.example.com | ||
8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | 8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | ||
9) SMTP host: aws.example.com | 9) SMTP host: aws.example.com | ||
10) Web server HTTP port: 80 | 10) Web server HTTP port: 80 | ||
11) Web server HTTPS port: 443 | 11) Web server HTTPS port: 443 | ||
12) Web server mode: http | 12) Web server mode: http | ||
13) IMAP server port: 143 | 13) IMAP server port: 143 | ||
14) IMAP server SSL port: 993 | 14) IMAP server SSL port: 993 | ||
15) POP server port: 110 | 15) POP server port: 110 | ||
16) POP server SSL port: 995 | 16) POP server SSL port: 995 | ||
17) Use spell check server: yes | 17) Use spell check server: yes | ||
18) Spell server URL: http://aws.example.com:7780/aspell.php | 18) Spell server URL: http://aws.example.com:7780/aspell.php | ||
19) Configure for use with mail proxy: FALSE | 19) Configure for use with mail proxy: FALSE | ||
20) Configure for use with web proxy: FALSE | 20) Configure for use with web proxy: FALSE | ||
21) Enable version update checks: TRUE | 21) Enable version update checks: TRUE | ||
22) Enable version update notifications: TRUE | 22) Enable version update notifications: TRUE | ||
23) Version update notification email: admin@aws.example.com | 23) Version update notification email: admin@aws.example.com | ||
24) Version update source email: admin@aws.example.com | 24) Version update source email: admin@aws.example.com | ||
Select, or 'r' for previous menu [r] 4<RETURN> | Select, or 'r' for previous menu [r] 4<RETURN> | ||
| Line 677: | Line 680: | ||
Store configuration | Store configuration | ||
1) Status: Enabled | 1) Status: Enabled | ||
2) Create Admin User: yes | 2) Create Admin User: yes | ||
3) Admin user to create: admin@aws.example.com | 3) Admin user to create: admin@aws.example.com | ||
4) Admin Password set | 4) Admin Password set | ||
5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | 5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | ||
6) Enable automated spam training: yes | 6) Enable automated spam training: yes | ||
7) Spam training user: spam.xxxxxxxxx@aws.example.com | 7) Spam training user: spam.xxxxxxxxx@aws.example.com | ||
8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | 8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | ||
9) SMTP host: aws.example.com | 9) SMTP host: aws.example.com | ||
10) Web server HTTP port: 80 | 10) Web server HTTP port: 80 | ||
11) Web server HTTPS port: 443 | 11) Web server HTTPS port: 443 | ||
12) Web server mode: http | 12) Web server mode: http | ||
13) IMAP server port: 143 | 13) IMAP server port: 143 | ||
14) IMAP server SSL port: 993 | 14) IMAP server SSL port: 993 | ||
15) POP server port: 110 | 15) POP server port: 110 | ||
16) POP server SSL port: 995 | 16) POP server SSL port: 995 | ||
17) Use spell check server: yes | 17) Use spell check server: yes | ||
18) Spell server URL: http://aws.example.com:7780/aspell.php | 18) Spell server URL: http://aws.example.com:7780/aspell.php | ||
19) Configure for use with mail proxy: FALSE | 19) Configure for use with mail proxy: FALSE | ||
20) Configure for use with web proxy: FALSE | 20) Configure for use with web proxy: FALSE | ||
21) Enable version update checks: TRUE | 21) Enable version update checks: TRUE | ||
22) Enable version update notifications: TRUE | 22) Enable version update notifications: TRUE | ||
23) Version update notification email: admin@aws.example.com | 23) Version update notification email: admin@aws.example.com | ||
24) Version update source email: admin@aws.example.com | 24) Version update source email: admin@aws.example.com | ||
Select, or 'r' for previous menu [r] 12<RETURN> | Select, or 'r' for previous menu [r] 12<RETURN> | ||
| Line 708: | Line 711: | ||
Store configuration | Store configuration | ||
1) Status: Enabled | 1) Status: Enabled | ||
2) Create Admin User: yes | 2) Create Admin User: yes | ||
3) Admin user to create: admin@aws.example.com | 3) Admin user to create: admin@aws.example.com | ||
4) Admin Password set | 4) Admin Password set | ||
5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | 5) Anti-virus quarantine user: virus-quarantine.xxxxxxxxx@aws.example.com | ||
6) Enable automated spam training: yes | 6) Enable automated spam training: yes | ||
7) Spam training user: spam.xxxxxxxxx@aws.example.com | 7) Spam training user: spam.xxxxxxxxx@aws.example.com | ||
8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | 8) Non-spam(Ham) training user: ham.xxxxxxxxx@aws.example.com | ||
9) SMTP host: aws.example.com | 9) SMTP host: aws.example.com | ||
10) Web server HTTP port: 80 | 10) Web server HTTP port: 80 | ||
11) Web server HTTPS port: 443 | 11) Web server HTTPS port: 443 | ||
12) Web server mode: https | 12) Web server mode: https | ||
13) IMAP server port: 143 | 13) IMAP server port: 143 | ||
14) IMAP server SSL port: 993 | 14) IMAP server SSL port: 993 | ||
15) POP server port: 110 | 15) POP server port: 110 | ||
16) POP server SSL port: 995 | 16) POP server SSL port: 995 | ||
17) Use spell check server: yes | 17) Use spell check server: yes | ||
18) Spell server URL: http://aws.example.com:7780/aspell.php | 18) Spell server URL: http://aws.example.com:7780/aspell.php | ||
19) Configure for use with mail proxy: FALSE | 19) Configure for use with mail proxy: FALSE | ||
20) Configure for use with web proxy: FALSE | 20) Configure for use with web proxy: FALSE | ||
21) Enable version update checks: TRUE | 21) Enable version update checks: TRUE | ||
22) Enable version update notifications: TRUE | 22) Enable version update notifications: TRUE | ||
23) Version update notification email: admin@aws.example.com | 23) Version update notification email: admin@aws.example.com | ||
24) Version update source email: admin@aws.example.com | 24) Version update source email: admin@aws.example.com | ||
Select, or 'r' for previous menu [r] <RETURN> | Select, or 'r' for previous menu [r] <RETURN> | ||
| Line 737: | Line 740: | ||
Main menu | Main menu | ||
1) Common Configuration: | 1) Common Configuration: | ||
2) zimbra-ldap: Enabled | 2) zimbra-ldap: Enabled | ||
3) zimbra-store: Enabled | 3) zimbra-store: Enabled | ||
4) zimbra-mta: Enabled | 4) zimbra-mta: Enabled | ||
5) zimbra-snmp: Enabled | 5) zimbra-snmp: Enabled | ||
6) zimbra-logger: Enabled | 6) zimbra-logger: Enabled | ||
7) zimbra-spell: Enabled | 7) zimbra-spell: Enabled | ||
8) Default Class of Service Configuration: | 8) Default Class of Service Configuration: | ||
r) Start servers after configuration yes | r) Start servers after configuration yes | ||
s) Save config to file | s) Save config to file | ||
x) Expand menu | x) Expand menu | ||
q) Quit | q) Quit | ||
*** CONFIGURATION COMPLETE - press 'a' to apply | *** CONFIGURATION COMPLETE - press 'a' to apply | ||
Select from menu, or press 'a' to apply config (? - help) a<RETURN> | Select from menu, or press 'a' to apply config (? - help) a<RETURN> | ||
Save configuration data to a file? [Yes] <RETURN> | Save configuration data to a file? [Yes] <RETURN> | ||
Save config in file: [/opt/zimbra/config.9999] | Save config in file: [/opt/zimbra/config.9999] | ||
Saving config in /opt/zimbra/config.9999...done. | Saving config in /opt/zimbra/config.9999...done. | ||
The system will be modified - continue? [No] Yes<RETURN> | The system will be modified - continue? [No] Yes<RETURN> | ||
| Line 770: | Line 773: | ||
Configuration complete - press return to exit <RETURN> | Configuration complete - press return to exit <RETURN> | ||
</ | </syntaxhighlight> | ||
Zimbra が正常に稼働しているか確認します。 | Zimbra が正常に稼働しているか確認します。 | ||
< | <syntaxhighlight lang="text" enclose="div"> | ||
root@aws:/opt/zcs-7.1.0_GA_3140.UBUNTU10_64.20110329151347# su - zimbra | root@aws:/opt/zcs-7.1.0_GA_3140.UBUNTU10_64.20110329151347# su - zimbra | ||
zimbra@aws:~$ zmcontrol status | zimbra@aws:~$ zmcontrol status | ||
| Line 787: | Line 790: | ||
stats Running | stats Running | ||
zmconfigd Running | zmconfigd Running | ||
</syntaxhighlight> | |||
</ | |||
= Zimbra Administration Console = | = Zimbra Administration Console = | ||
| Line 794: | Line 796: | ||
Zimbra Administration Console にログインします。 | Zimbra Administration Console にログインします。 | ||
[https://aws.example.com:7071/ https://aws.example.com:7071/] | |||
証明書は「オレオレ証明書」になっているので、警告が出ますが、継続してください。 | 証明書は「オレオレ証明書」になっているので、警告が出ますが、継続してください。 | ||
| Line 811: | Line 813: | ||
(これも古い ec2-init から流用して EC2 Instance Metadata から自動設定する script を書きました) | (これも古い ec2-init から流用して EC2 Instance Metadata から自動設定する script を書きました) | ||
<syntaxhighlight lang="python"> | <syntaxhighlight lang="python" enclose="div"> | ||
#!/usr/bin/python | #!/usr/bin/python | ||
# | # | ||
| Line 855: | Line 857: | ||
= OS からのメールを受け取る = | = OS からのメールを受け取る = | ||
Sending Mail from Terminal (optional) | Sending Mail from Terminal (optional) | ||
<syntaxhighlight> | <syntaxhighlight lang="bash" enclose="div"> | ||
wget http://ubuntu.lnix.net/misc/mta-dummy/mta-dummy_1.0_all.deb | wget http://ubuntu.lnix.net/misc/mta-dummy/mta-dummy_1.0_all.deb | ||
dpkg -i mta-dummy_1.0_all.deb | dpkg -i mta-dummy_1.0_all.deb | ||
aptitude install bsd-mailx | aptitude install bsd-mailx | ||
# Add the following to /etc/mail.rc: | |||
# set sendmail=/opt/zimbra/postfix/sbin/sendmail | |||
</syntaxhighlight> | </syntaxhighlight> | ||