After having installed kolab (following the appropriate install guide in this knowledge base) it needs to be configured. The script ‘setup-kolab’ is distributed with the out-of-the-box installation and is taking care of the basic configuration, but a successful configuration is depending on the environment that Kolab is installed into. Many aspects and variables will have an impact on the configuration. This guide is only touching on the absolute basics. For information and assistance with more complex installation scenarios, please contact contact@apheleia-it.ch
The Kolab server host needs to have a fully qualified domain name as hostname:
[root@maipo ~]# hostname maipo.kolab.io
If the server needs to communicate with the internet, the network needs to be configured to ensure that reverse DNS lookups are responded to in an appropriate fashion:
[root@maipo ~]# host maipo.kolab.io maipo.kolab.io has address 95.135.58.46 [root@maipo ~]# host 95.135.58.46 46.58.135.95.in-addr.arpa domain name pointer maipo.kolab.io.
If applicable, ‘selinux’ needs to be in ‘permissive’ mode:
[root@maipo ~]# getenforce Permissive
If firewalls are enabled, the appropriate ports need to be open. The following is a standard list of ports. Most of those are opened in a default linux installation, but more configuration of firewalls can be necessary. On RedHat’ish distributions this can be done with firewalld:
25 - SMTP 80 - HTTP 110 - POP3 143 - IMAP 443 - HTTPS 465 - SMTPS (Not configured in default setup) 587 - Submission 993 - IMAPS 995 - POP3S 4190 - Sieve
Running the script ‘setup-kolab’ is going to configure the installed components with a standard configuration and create the needed users, roles and databases.
It is recommended that you run setup-kolab with the default parameters like so:
[root@maipo ~]# setup-kolab --default --timezone=Europe/Zurich --mysqlserver=new --directory-manager-pwd=MyAdminPassword --fqdn=maipo.kolab.io --domain=maipo.kolab.io
Alternatively you can use the interactive mode which will prompt for input of desired usernames and passwords – though suggestions are provided:
[root@maipo ~]# setup-kolab Created symlink from /etc/systemd/system/multi-user.target.wants/guam.service to /usr/lib/systemd/system/guam.service. Please supply a password for the LDAP administrator user 'admin', used to login to the graphical console of 389 Directory server. Administrator password [Ckhtj23S4QK7lOO]: Confirm Administrator password: Please supply a password for the LDAP Directory Manager user, which is the administrator user you will be using to at least initially log in to the Web Admin, and that Kolab uses to perform administrative tasks. Directory Manager password [nOI7btemU4Pjk7l]: Confirm Directory Manager password: Please choose the system user and group the service should use to run under. These should be existing, unprivileged, local system POSIX accounts with no shell. User [dirsrv]: Group [dirsrv]: This setup procedure plans to set up Kolab Groupware for the following domain name space. This domain name is obtained from the reverse DNS entry on your network interface. Please confirm this is the appropriate domain name space. kolab.io [Y/n]: y The standard root dn we composed for you follows. Please confirm this is the root dn you wish to use. dc=kolab,dc=io [Y/n]: y Setup is now going to set up the 389 Directory Server. This may take a little while (during which period there is no output and no progress indication). Created symlink from /etc/systemd/system/multi-user.target.wants/dirsrv.target to /usr/lib/systemd/system/dirsrv.target. Please supply a Cyrus Administrator password. This password is used by Kolab to execute administrative tasks in Cyrus IMAP. You may also need the password yourself to troubleshoot Cyrus IMAP and/or perform other administrative tasks against Cyrus IMAP directly. Cyrus Administrator password [Ch1VQL3yLF4PMTc]: Confirm Cyrus Administrator password: Please supply a Kolab Service account password. This account is used by various services such as Postfix, and Roundcube, as anonymous binds to the LDAP server will not be allowed. Kolab Service password [n-AcTIyYnEQ7dof]: Confirm Kolab Service password: Created symlink from /etc/systemd/system/multi-user.target.wants/amavisd.service to /usr/lib/systemd/system/amavisd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/clamd@amavisd.service to /etc/systemd/system/clamd@.service. Created symlink from /etc/systemd/system/multi-user.target.wants/wallace.service to /usr/lib/systemd/system/wallace.service. Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service. What MySQL server are we setting up? - 1: Existing MySQL server (with root password already set). - 2: New MySQL server (needs to be initialized). Choice: 2 Please supply a root password for MySQL. This password will be the administrative user for this MySQL server, and it should be kept a secret. After this setup process has completed, Kolab is going to discard and forget about this password, but you will need it for administrative tasks in MySQL. MySQL root password [7zple-R09LcNex-]: Confirm MySQL root password: Please supply a password for the MySQL user 'kolab'. This password will be used by Kolab services, such as the Web Administration Panel. MySQL kolab password [ZEFNA1GuYm2cvaK]: Confirm MySQL kolab password: Please supply the timezone PHP should be using. You have to use a Continent or Country / City locality name like 'Europe/Berlin', but not just 'CEST'. Timezone ID [UTC]: Europe/Zurich Please supply a password for the MySQL user 'roundcube'. This password will be used by the Roundcube webmail interface. MySQL roundcube password [A5H-4FF8313TV3A]: Confirm MySQL roundcube password: Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kolab-saslauthd.service to /usr/lib/systemd/system/kolab-saslauthd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/cyrus-imapd.service to /usr/lib/systemd/system/cyrus-imapd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kolabd.service to /usr/lib/systemd/system/kolabd.service. [root@maipo ~]#
After successfully running ‘setup-kolab’:
- The web admin panel is available at http://FQDN/kolab-webadmin
- The webclient is available at: http://FQDN/webmail
After having configured Kolab, you probably want to secure it with SSL/TLS. You can use certificates from LETSECRYPT
0 Comments