2
I Use This!
Activity Not Available

News

Analyzed 3 months ago. based on code collected 10 months ago.
Posted over 6 years ago by [email protected] (Manvendra Bhangui)
Indimail has the ability of configuring multiple local and remote queues. A queue is a location on your hard disk where email are deposited before actual delivery. When you have massive injecting rates, your software may place multiple files in a ... [More] single directory. This drastically reduces file system performance. IndiMail avoids this by injecting your email in a queue consisting of multiple directories and mails distributed as evenly as possible across these directories.Balancing of emails across multiple queues is achieved by the program qmail-multi(8), which is actuall just a qmail-queue(8) replacement. Any qmail-queue frontend can use qmail-multi. The list of qmail-queue frontends in IndiMail are sendmail qmail-inject qmail-smtpd qmail-qmqpd qmail-qmtpd qreceipt condredirect dotforward fastforward forward maildirserial new-inject ofmipd replier rrforward You just need to configure the following environment variables to have the qmail-queue(8) frontends using qmail-multi(8)1. QUEUE_BASE – Base directory where all queues will be placed2. QUEUE_COUNT – number of queues3. QUEUE_START – numeric prefix of the first queuee.g. If you want IndiMail to use 10 queues, this is what you will do% su # for i in qmail-smtpd.25 qmail-smtpd.465 qmail-smtpd.587 qmail-send.25 \> qmail-qmqpd.628 qmail-qmtpd.209> do> echo 10 > /service/$i/variables/QUEUE_COUNT> echo “/var/indimail/queue” > /service/$i/variables/QUEUE_BASE> echo “1” > /service/$i/variables/QUEUE_START> done# You also need to make sure that you have ten queues in /var/indimail/queue.% su# for i 1 2 3 4 5 6 7 8 9 10> do> /usr/bin/queue-fix /var/indimail/queue/queue”$i” > /dev/null> done# exit% ls -ld var/indimail/queue/queue*drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue1drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue10drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue2drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue3drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue4drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue5drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue6drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue7drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue8drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue9 Now all you need is restart of all services to use the new QUEUE_BASE, QUEUE_COUNT, QUEUE_START environment variables % sudo svc -d /service/qmail smtpd* /service/qmail-send.25 /service/qmail-qm?pd.*% sudo svc -u /service/qmail smtpd* /service/qmail send.25 /service/qmail-qm?pd.* [Less]
Posted over 6 years ago by [email protected] (Manvendra Bhangui)
Indimail has the ability of configuring multiple local and remote queues. A queue is a location on your hard disk where email are deposited before actual delivery. When you have massive injecting rates, your software may place multiple files in a ... [More] single directory. This drastically reduces file system performance. IndiMail avoids this by injecting your email in a queue consisting of multiple directories and mails distributed as evenly as possible across these directories.Balancing of emails across multiple queues is achieved by the program qmail-multi(8), which is actuall just a qmail-queue(8) replacement. Any qmail-queue frontend can use qmail-multi. The list of qmail-queue frontends in IndiMail are sendmail qmail-inject qmail-smtpd qmail-qmqpd qmail-qmtpd qreceipt condredirect dotforward fastforward forward maildirserial new-inject ofmipd replier rrforward You just need to configure the following environment variables to have the qmail-queue(8) frontends using qmail-multi(8)1. QUEUE_BASE – Base directory where all queues will be placed2. QUEUE_COUNT – number of queues3. QUEUE_START – numeric prefix of the first queuee.g. If you want IndiMail to use 10 queues, this is what you will do% su # for i in qmail-smtpd.25 qmail-smtpd.465 qmail-smtpd.587 qmail-send.25 \> qmail-qmqpd.628 qmail-qmtpd.209> do> echo 10 > /service/$i/variables/QUEUE_COUNT> echo “/var/indimail/queue” > /service/$i/variables/QUEUE_BASE> echo “1” > /service/$i/variables/QUEUE_START> done# You also need to make sure that you have ten queues in /var/indimail/queue.% su# for i 1 2 3 4 5 6 7 8 9 10> do> /usr/bin/queue-fix /var/indimail/queue/queue”$i” > /dev/null> done# exit% ls -ld var/indimail/queue/queue*drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue1drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue10drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue2drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue3drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue4drwxr-x---. 12 qmailq qmail 4096 Mar 30 2017 /var/indimail/queue/queue5drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue6drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue7drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue8drwxr-x---. 12 qmailq qmail 4096 Dec 7 10:45 /var/indimail/queue/queue9 Now all you need is restart of all services to use the new QUEUE_BASE, QUEUE_COUNT, QUEUE_START environment variables % sudo svc -d /service/qmail smtpd* /service/qmail-send.25 /service/qmail-qm?pd.*% sudo svc -u /service/qmail smtpd* /service/qmail send.25 /service/qmail-qm?pd.* [Less]
Posted over 6 years ago by [email protected] (Manvendra Bhangui)
These instructions will work on CentOS, RHEL, Fedora. For Debian/Ubuntu and other distros, please use your knowledge to make changes accordingly. In this guide, replace indimail.org with your own hostname. Non SSL Version Install/Configuration ... [More] (look below for SSL config) Install RoundCube. On older systems, use the yum command $ sudo dnf -y install roundcubemail php-mysqlnd Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password. $ /usr/bin/mysql -u mysql -p mysqlMySQL> create database RoundCube_db;MySQL> create user roundcube identified by 'subscribed';MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;MySQL> FLUSH PRIVILEGES;MySQL> QUIT;$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php $ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php Edit the lines in /etc/roundcube/config.inc.php$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['smtp_server'] = 'localhost';$config['smtp_port'] = 587;$config['smtp_user'] = '%u';$config['smtp_pass'] = '%p';$config['support_url'] = 'http://indimail.sourceforge.net';$config['product_name'] = 'IndiMail Webmail';$config['plugins'] = array( 'archive', 'sauserprefs', 'markasjunk2', 'iwebadmin',);NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)This file should have read permission for apache group$ sudo chown root:apache /etc/roundcube/config.inc.php$ sudo chmod 640 /etc/roundcube/config.inc.php For markasjunk2 to work you need to set permission for apache to write /etc/indimail/spamignore$ sudo chown apache:indimail /etc/indimail/spamignore$ sudo chmod 644 /etc/indimail/spamignore Edit the lines in /etc/roundcube/defaults.inc.php $config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['imap_auth_type'] = 'LOGIN';$config['smtp_auth_type'] = 'LOGIN';This file should have read permission for apache group$ sudo chown root:apache /etc/roundcube/defaults.inc.php$ sudo chmod 640 /etc/roundcube/defaults.inc.php Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php $rcmail_config['iwebadmin_path'] = 'http://127.0.0.1/cgi-bin/iwebadmin'; Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php $rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db'; Restore indimail plugins for roundcube $ sudo yum install ircube or$ cd /tmp$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-1.0.tar.gz # This file$ cd /$ sudo tar xvfz /tmp/indimail-roundcube-1.0.tar.gz usr/share/roundcubemail/plugins$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql change pdo_mysql.default_socket /etc/php.ini For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socketpdo_mysql.default_socket= /var/run/mysqld/mysqld.sock You can verify if the path has been correctly entered by executing the below command. The command should return without any error$ php -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');" HTTPD config Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines ## Round Cube Webmail is a browser-based multilingual IMAP client#Alias /indimail /usr/share/roundcubemail# Define who can access the Webmail# You can enlarge permissions once configured # Apache 2.4 Require ip 127.0.0.1 Require all granted Require local # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 This file should be owned by root$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf Restart httpd $ sudo service httpd restart Login to webmail at http://localhost/indimail SSL / TLS Version Install RoundCube. On older systems, use the yum command $ sudo dnf -y install roundcubemail php-mysqlnd Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password. $ /usr/bin/mysql -u mysql -p mysqlMySQL> create database RoundCube_db;MySQL> create user roundcube identified by 'subscribed';MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;MySQL> FLUSH PRIVILEGES;MySQL> QUIT;$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php $ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php Edit the lines in /etc/roundcube/config.inc.php$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['default_host'] = 'ssl://indimail.org';$config['smtp_server'] = 'localhost';$config['smtp_port'] = 587;$config['smtp_user'] = '%u';$config['smtp_pass'] = '%p';$config['support_url'] = 'http://indimail.sourceforge.net';$config['product_name'] = 'IndiMail Webmail';$config['plugins'] = array( 'archive', 'sauserprefs', 'markasjunk2', 'iwebadmin',);NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)This file should have read permissions for apache group$ sudo chown root:apache /etc/roundcube/config.inc.php$ sudo chmod 640 /etc/roundcube/config.inc.php Edit the lines in /etc/roundcube/defaults.inc.php i.e. $config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['default_host'] = 'ssl://indimail.org';$config['default_port'] = 993;$config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false, ),);$config['imap_auth_type'] = 'LOGIN';$config['smtp_auth_type'] = 'LOGIN';$config['force_https'] = true;$config['product_name'] = 'IndiMail Webmail';$config['useragent'] = 'IndiMail Webmail/'.RCMAIL_VERSION; This file should have read permission for apache group$config['force_https'] = true;$ sudo chown root:apache /etc/roundcube/defaults.inc.php$ sudo chmod 640 /etc/roundcube/defaults.inc.php Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php $rcmail_config['iwebadmin_path'] = 'https://127.0.0.1/cgi-bin/iwebadmin';Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php $rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';Restore indimail plugins for roundcube $ cd /tmp$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-ssl-1.0.tar.gz # This file$ cd /$ sudo tar xvfz /tmp/indimail-roundcube-ssl-1.0.tar.gz usr/share/roundcubemail/plugins$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql Change pdo_mysql.default_socket /etc/php.ini For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socketpdo_mysql.default_socket= /var/run/mysqld/mysqld.sock You can verifiy if the path has been correctly entered by executing the below command. The command should return without any errorphp -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');" HTTPD config Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines ## Round Cube Webmail is a browser-based multilingual IMAP client#Alias /indimail /usr/share/roundcubemail# Define who can access the Webmail# You can enlarge permissions once configured # Apache 2.4 Require ip 127.0.0.1 Require all granted Require local # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 This file should be owned by root$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf This is assuming you have already generated indimail cert after indimail installation. If not execute the following command. We will assume that your host is indimail.org $ sudo /usr/sbin/svctool [email protected] –config=cert" --common_name=indimail.orgEdit the file /etc/httpd/conf.d/ssl.conf i.e.ServerName indimail.org:443SSLCertificateFile /etc/indimail/certs/servercert.pem Now apache server needs access to servercert.pem. Add apache user to the qmail group. You can chose either of the below two options (Options 2 is less secure, as it gives httpd access to qmail files).Option 1$ sudo chown indimail:apache /etc/indimail/certs/servercert.pem$ sudo chmod 640 /etc/indimail/certs/servercert.pem Option 2$ sudo usermod -aG qmail apache Now you should see apache getting qmail group access$ grep "qmail:x:" /etc/groupqmail:x:1002:qscand,apache Edit file /etc/php.ini. For some funny reason, the cert needs to be mentioned. i.e.openssl.cafile=/etc/indimail/certs/servercert.pemopenssl.capath=/etc/pki/tls/certsRun the following command to get the cert locations. [ini_cafile] should point to servercert.pem location.$ php -r "print_r(openssl_get_cert_locations());"Array( [default_cert_file] => /etc/pki/tls/cert.pem [default_cert_file_env] => SSL_CERT_FILE [default_cert_dir] => /etc/pki/tls/certs [default_cert_dir_env] => SSL_CERT_DIR [default_private_dir] => /etc/pki/tls/private [default_default_cert_area] => /etc/pki/tls [ini_cafile] => /etc/indimail/certs/servercert.pem [ini_capath] => /etc/pki/tls/certs) Follow instructions to setup https https://wiki.centos.org/HowTos/Https Restart httpd $ sudo service httpd restart It appears that in PHP 5.6.0, functions are now validating SSL certificates(in a variety of ways). First, it appears to fail for untrusted certificates (i.e. no matching CA trusted locally), and secondly, it appears to fail for mismatched hostnames in the request and certificate. Verify that php is using the correct certificate with proper CN. Use the program testssl.php download from the location you downloaded this README/INSTALL file. In Step 9ii you created a certificate with common_name as indimail.org. Use the same host that you gave when creating the certificate. $ php ./testssl.php indimail.orgSuccess Login to webmail edit /etc/hosts and edit the line for localhost i.e. 127.0.0.1 localhost indimail.orgRestart httpd $ sudo service httpd restartLogin to webmail at https://indimail.org/indimailNOTE: Replace indimail.org with domain that you have configured [Less]
Posted over 6 years ago by [email protected] (Manvendra Bhangui)
These instructions will work on CentOS, RHEL, Fedora. For Debian/Ubuntu and other distros, please use your knowledge to make changes accordingly. In this guide, replace indimail.org with your own hostname. Non SSL Version Install/Configuration ... [More] (look below for SSL config) Install RoundCube. On older systems, use the yum command $ sudo dnf -y install roundcubemail php-mysqlnd Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password. $ /usr/bin/mysql -u mysql -p mysqlMySQL> create database RoundCube_db;MySQL> create user roundcube identified by 'subscribed';MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;MySQL> FLUSH PRIVILEGES;MySQL> QUIT;$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php $ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php Edit the lines in /etc/roundcube/config.inc.php$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['smtp_server'] = 'localhost';$config['smtp_port'] = 587;$config['smtp_user'] = '%u';$config['smtp_pass'] = '%p';$config['support_url'] = 'http://indimail.sourceforge.net';$config['product_name'] = 'IndiMail Webmail';$config['plugins'] = array( 'archive', 'sauserprefs', 'markasjunk2', 'iwebadmin',);NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)This file should have read permission for apache group$ sudo chown root:apache /etc/roundcube/config.inc.php$ sudo chmod 640 /etc/roundcube/config.inc.php For markasjunk2 to work you need to set permission for apache to write /etc/indimail/spamignore$ sudo chown apache:indimail /etc/indimail/spamignore$ sudo chmod 644 /etc/indimail/spamignore Edit the lines in /etc/roundcube/defaults.inc.php $config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['imap_auth_type'] = 'LOGIN';$config['smtp_auth_type'] = 'LOGIN';This file should have read permission for apache group$ sudo chown root:apache /etc/roundcube/defaults.inc.php$ sudo chmod 640 /etc/roundcube/defaults.inc.php Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php $rcmail_config['iwebadmin_path'] = 'http://127.0.0.1/cgi-bin/iwebadmin'; Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php $rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db'; Restore indimail plugins for roundcube $ sudo yum install ircube or$ cd /tmp$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-1.0.tar.gz # This file$ cd /$ sudo tar xvfz /tmp/indimail-roundcube-1.0.tar.gz usr/share/roundcubemail/plugins$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql change pdo_mysql.default_socket /etc/php.ini For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socketpdo_mysql.default_socket= /var/run/mysqld/mysqld.sock You can verify if the path has been correctly entered by executing the below command. The command should return without any error$ php -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');" HTTPD config Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines ## Round Cube Webmail is a browser-based multilingual IMAP client#Alias /indimail /usr/share/roundcubemail# Define who can access the Webmail# You can enlarge permissions once configured # Apache 2.4 Require ip 127.0.0.1 Require all granted Require local # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 This file should be owned by root$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf Restart httpd $ sudo service httpd restart Login to webmail at http://localhost/indimail SSL / TLS Version Install RoundCube. On older systems, use the yum command $ sudo dnf -y install roundcubemail php-mysqlnd Connect to MySQL using a privileged user. IndiMail installation creates a privileged mysql user 'mysql'. It does not have the user 'root'. Look at the variable PRIV_PASS in /usr/sbin/svctool to know the password. $ /usr/bin/mysql -u mysql -p mysqlMySQL> create database RoundCube_db;MySQL> create user roundcube identified by 'subscribed';MySQL> GRANT ALL PRIVILEGES on RoundCube_db.* to roundcube;MySQL> FLUSH PRIVILEGES;MySQL> QUIT;$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/SQL/mysql.initial.sql Copy /etc/roundcube/config.inc.php.sample to /etc/roundcube.inc.php $ sudo cp /etc/roundcube/config.inc.php.sample /etc/roundcubemail/config.inc.php Edit the lines in /etc/roundcube/config.inc.php$config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['default_host'] = 'ssl://indimail.org';$config['smtp_server'] = 'localhost';$config['smtp_port'] = 587;$config['smtp_user'] = '%u';$config['smtp_pass'] = '%p';$config['support_url'] = 'http://indimail.sourceforge.net';$config['product_name'] = 'IndiMail Webmail';$config['plugins'] = array( 'archive', 'sauserprefs', 'markasjunk2', 'iwebadmin',);NOTE: the iwebadmin plugin will not work for postmaster account or IndiMail users having QA_ADMIN privileges. man vmoduser(1)This file should have read permissions for apache group$ sudo chown root:apache /etc/roundcube/config.inc.php$ sudo chmod 640 /etc/roundcube/config.inc.php Edit the lines in /etc/roundcube/defaults.inc.php i.e. $config['db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';$config['default_host'] = 'ssl://indimail.org';$config['default_port'] = 993;$config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false, ),);$config['imap_auth_type'] = 'LOGIN';$config['smtp_auth_type'] = 'LOGIN';$config['force_https'] = true;$config['product_name'] = 'IndiMail Webmail';$config['useragent'] = 'IndiMail Webmail/'.RCMAIL_VERSION; This file should have read permission for apache group$config['force_https'] = true;$ sudo chown root:apache /etc/roundcube/defaults.inc.php$ sudo chmod 640 /etc/roundcube/defaults.inc.php Change iwebadmin path in /usr/share/roundcubemail/iwebadmin/config.inc.php $rcmail_config['iwebadmin_path'] = 'https://127.0.0.1/cgi-bin/iwebadmin';Change sauserprefs_db_dsnw in /usr/share/roundcubemail/sauserprefs/config.inc.php $rcmail_config['sauserprefs_db_dsnw'] = 'mysql://roundcube:subscribed@localhost/RoundCube_db';Restore indimail plugins for roundcube $ cd /tmp$ wget http://downloads.sourceforge.net/indimail/indimail-roundcube-ssl-1.0.tar.gz # This file$ cd /$ sudo tar xvfz /tmp/indimail-roundcube-ssl-1.0.tar.gz usr/share/roundcubemail/plugins$ /usr/bin/mysql -u mysql -p RoundCube_db < /usr/share/roundcubemail/sauserprefs/sauserprefs.sql Change pdo_mysql.default_socket /etc/php.ini For some reason pdo_mysql uses wrong mysql socket on some systems. Uses /var/lib/mysql/mysql.sock instead of /var/run/mysqld/mysqld.sock. You need to edit the file /etc/php.ini and define pdo_mysql.default_socketpdo_mysql.default_socket= /var/run/mysqld/mysqld.sock You can verifiy if the path has been correctly entered by executing the below command. The command should return without any errorphp -r "new PDO('mysql:host=localhost;dbname=RoundCube_db', 'roundcube', 'subscribed');" HTTPD config Edit file /etc/httpd/conf.d/roundcubemail.conf and edit the following lines ## Round Cube Webmail is a browser-based multilingual IMAP client#Alias /indimail /usr/share/roundcubemail# Define who can access the Webmail# You can enlarge permissions once configured # Apache 2.4 Require ip 127.0.0.1 Require all granted Require local # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 This file should be owned by root$ sudo chown root:root /etc/httpd/conf.d/roundcubemail.conf$ sudo chmod 644 /etc/httpd/conf.d/roundcubemail.conf This is assuming you have already generated indimail cert after indimail installation. If not execute the following command. We will assume that your host is indimail.org $ sudo /usr/sbin/svctool [email protected] –config=cert" --common_name=indimail.orgEdit the file /etc/httpd/conf.d/ssl.conf i.e.ServerName indimail.org:443SSLCertificateFile /etc/indimail/certs/servercert.pem Now apache server needs access to servercert.pem. Add apache user to the qmail group. You can chose either of the below two options (Options 2 is less secure, as it gives httpd access to qmail files).Option 1$ sudo chown indimail:apache /etc/indimail/certs/servercert.pem$ sudo chmod 640 /etc/indimail/certs/servercert.pem Option 2$ sudo usermod -aG qmail apache Now you should see apache getting qmail group access$ grep "qmail:x:" /etc/groupqmail:x:1002:qscand,apache Edit file /etc/php.ini. For some funny reason, the cert needs to be mentioned. i.e.openssl.cafile=/etc/indimail/certs/servercert.pemopenssl.capath=/etc/pki/tls/certsRun the following command to get the cert locations. [ini_cafile] should point to servercert.pem location.$ php -r "print_r(openssl_get_cert_locations());"Array( [default_cert_file] => /etc/pki/tls/cert.pem [default_cert_file_env] => SSL_CERT_FILE [default_cert_dir] => /etc/pki/tls/certs [default_cert_dir_env] => SSL_CERT_DIR [default_private_dir] => /etc/pki/tls/private [default_default_cert_area] => /etc/pki/tls [ini_cafile] => /etc/indimail/certs/servercert.pem [ini_capath] => /etc/pki/tls/certs) Follow instructions to setup https https://wiki.centos.org/HowTos/Https Restart httpd $ sudo service httpd restart It appears that in PHP 5.6.0, functions are now validating SSL certificates(in a variety of ways). First, it appears to fail for untrusted certificates (i.e. no matching CA trusted locally), and secondly, it appears to fail for mismatched hostnames in the request and certificate. Verify that php is using the correct certificate with proper CN. Use the program testssl.php download from the location you downloaded this README/INSTALL file. In Step 9ii you created a certificate with common_name as indimail.org. Use the same host that you gave when creating the certificate. $ php ./testssl.php indimail.orgSuccess Login to webmail edit /etc/hosts and edit the line for localhost i.e. 127.0.0.1 localhost indimail.orgRestart httpd $ sudo service httpd restartLogin to webmail at https://indimail.org/indimailNOTE: Replace indimail.org with domain that you have configured [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.sudo groupadd docker sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions.Now we need to pull the IndiMail docker imagesudo groupadd docker sudo usermod -aG docker your_usernameNow we need to pull the docker image for IndiMail$ docker pull cprogrammer/indimail(for indimail-mta image, execute docker pull cprogrammer/indimail-mtaYou can now list the docker image by executing# docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above# docker run -d -h indimail.org --privileged -ti a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bThe above will start a fully funcational Fedora 23 OS with IndiMail, MySQL, httpd services up and running.We can list the running container by running the command# docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host# docker exec -ti fd09c7ca75be /bin/bash --loginindimail:>indimail:> /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 seconds You now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :)You can stop the container by executing# docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation.If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics that you may be familiar with. Do send few bottles of beer if you can. [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group. Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.$ sudo groupadd docker $ sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.$ id -auid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know. You can find the list of all images here.$ docker pull cprogrammer/indimail:tag(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tagYou can now list the docker image by executing the docker images command.$ docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bI have now figured out the you don't require the --privileged flag. This flag gives the container access to the host's systemd. A better way is to add SYS_ADMIN capability$ docker run -ti --cap-add=SYS_ADMIN -e "container-docker" -v /sys/fs/cgroup:/sys/fs/cgroup:ro a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bThe above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.We can list the running container by running the docker ps command$ docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive. $ docker exec -ti fd09c7ca75be /bin/bash --login## /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 seconds You now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :) You can stop the container by executing the docker stop command.$ docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.NOTE: There are few defaults for the indimail docker container image root password is passxxx@xxx mysql user, password for indimail is indimail, ssh-1.5- mysql privileged user, password is mysql, 4-57343- password for [email protected] virtual imap/pop3 account is passxxx password for [email protected] virtual imap/pop3 account is passxxx [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.$ sudo groupadd docker $ sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.$ id -auid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know.$ docker pull cprogrammer/indimail:tag(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tagYou can now list the docker image by executing the docker images command.$ docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bThe above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.We can list the running container by running the docker ps command$ docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive.$ docker exec -ti fd09c7ca75be /bin/bash --loginindimail:>indimail:> /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 secondsYou now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :)You can stop the container by executing the docker stop command.$ docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.NOTE: There are few defaults for the indimail docker container imageroot password is passxxx@xxxmysql user, password for indimail is indimail, ssh-1.5-mysql privileged user, password is mysql, 4-57343-password for [email protected] virtual imap/pop3 account is passxxxpassword for [email protected] virtual imap/pop3 account is passxxx [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group. Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.$ sudo groupadd docker $ sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.$ id -auid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know.$ docker pull cprogrammer/indimail:tag(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tagYou can now list the docker image by executing the docker images command.$ docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bThe above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.We can list the running container by running the docker ps command$ docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive. $ docker exec -ti fd09c7ca75be /bin/bash --loginindimail:>indimail:> /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 seconds You now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :) You can stop the container by executing the docker stop command.$ docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.NOTE: There are few defaults for the indimail docker container image root password is passxxx@xxx mysql user, password for indimail is indimail, ssh-1.5- mysql privileged user, password is mysql, 4-57343- password for [email protected] virtual imap/pop3 account is passxxx password for [email protected] virtual imap/pop3 account is passxxx [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.$ sudo groupadd docker $ sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.$ id -auid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Now we need to pull the docker image for IndiMail. use the docker pull command.$ docker pull cprogrammer/indimail(for indimail-mta image, execute docker pull cprogrammer/indimail-mtaYou can now list the docker image by executing the docker images command.$ docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7bThe above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.We can list the running container by running the docker ps command$ docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive.$ docker exec -ti fd09c7ca75be /bin/bash --loginindimail:>indimail:> /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 secondsYou now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :)You can stop the container by executing the docker stop command.$ docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.NOTE: There are few defaults for the indimail docker container imageroot password is passxxx@xxxmysql user, password for indimail is indimail, ssh-1.5-mysql privileged user, password is mysql, 4-57343-password for [email protected] virtual imap/pop3 account is passxxxpassword for [email protected] virtual imap/pop3 account is passxxx [Less]
Posted almost 8 years ago by [email protected] (Manvendra Bhangui)
IndiMail now has docker images. You can read about installing Docker here. Once you have installed docker-engine, you need to start it. Typically it would be$ sudo service docker startTo avoid having to use sudo when you use the docker command ... [More] , create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group. Warning: The docker group is equivalent to the root user; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.$ sudo groupadd docker $ sudo usermod -aG docker your_usernameLog out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.$ id -auid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know. You can find the list of all images here.$ docker pull cprogrammer/indimail:tag(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tagYou can now list the docker image by executing the docker images command.$ docker imagesREPOSITORY                 TAG                 IMAGE ID            CREATED             SIZEcprogrammer/indimail       fedora-23           a02e6014a67b        53 minutes ago      1.774 GBNow let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/initI have now figured out the you don't require the --privileged flag. This flag gives the container access to the host's systemd. A better way is to add SYS_ADMIN capability$ docker run -ti --cap-add=SYS_ADMIN -e "container-docker" -v /sys/fs/cgroup:/sys/fs/cgroup:ro a02e6014a67b /sbin/initThe above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.We can list the running container by running the docker ps command$ docker psCONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESfd09c7ca75be        a02e6014a67b        "/sbin/init"        38 seconds ago      Up 37 seconds                      desperate_jones We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive. $ docker exec -ti fd09c7ca75be /bin/bash --login## /var/indimail/bin/svstat /service/*/service/fetchmail: down 32 seconds/service/greylist.1999: up (pid 203) 32 seconds/service/indisrvr.4000: up (pid 178) 32 seconds/service/inlookup.infifo: up (pid 192) 32 seconds/service/mysql.3306: up (pid 181) 32 seconds/service/proxy-imapd.4143: up (pid 191) 32 seconds/service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds/service/proxy-pop3d.4110: up (pid 197) 32 seconds/service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds/service/pwdlookup: up (pid 195) 32 seconds/service/qmail-imapd.143: up (pid 222) 32 seconds/service/qmail-imapd-ssl.993: up (pid 200) 32 seconds/service/qmail-pop3d.110: up (pid 212) 32 seconds/service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds/service/qmail-poppass.106: up (pid 216) 32 seconds/service/qmail-qmqpd.628: down 32 seconds/service/qmail-qmtpd.209: up (pid 153) 32 seconds/service/qmail-send.25: up (pid 182) 32 seconds/service/qmail-smtpd.25: up (pid 187) 32 seconds/service/qmail-smtpd.366: up (pid 208) 32 seconds/service/qmail-smtpd.465: up (pid 194) 32 seconds/service/qmail-smtpd.587: up (pid 196) 32 seconds/service/qmail-spamlog: up (pid 221) 32 seconds/service/qscanq: up (pid 213) 32 seconds/service/udplogger.3000: up (pid 211) 32 seconds You now have a fully functional mail server with a pre-configured virtual domain indimail.org and a pre-configured virtual user [email protected]. You can use IMAP/POP3/SMTP to your heart's content. If not satisfied, try out the ssl enabled services IMAPS/POP3S/SMTPS or STARTTLS command. If still not satisfied, read the man pages in /var/indimail/man/* :) You can stop the container by executing the docker stop command.$ docker stop fd09c7ca75beYou can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.NOTE: There are few defaults for the indimail docker container image root password is passxxx@xxx mysql user, password for indimail is indimail, ssh-1.5- mysql privileged user, password is mysql, 4-57343- password for [email protected] virtual imap/pop3 account is passxxx password for [email protected] virtual imap/pop3 account is passxxx [Less]