Carbonio CE Related...
 
Notifications
Clear all

[Sticky] Carbonio CE Related Scripts

26 Posts
8 Users
6 Reactions
8,676 Views
(@fucine)
New Member
Joined: 12 months ago
Posts: 6
 

@sharif I think that there's repetition in your script; try looking for ${!hostnames[@]} and you'll find two identical blocks:

  • one dealing with "# Function to set the hostname"
  • the other one dealing with "# Function to configure /etc/hosts"

Cheers, e.-


   
ReplyQuote
(@fucine)
New Member
Joined: 12 months ago
Posts: 6
 

I think to have discovered a little bug in the "Fan Made Script" (ce_installation_script_public_UB_v3.sh), when it comes to the "# Function to Change Admin User Password" routine. This is the original source code:

# Function to Change Admin User Password
change_admin_user_password() {
    echo "Changing admin user (zextras@$(hostname -d)) password..."
    read -s -p "Enter new admin password: " ADMIN_PWD
    echo # Move to a new line for clean output
    if su - zextras -c "carbonio prov sp zextras@$(hostname -d) $ADMIN_PWD"; then
        echo "Admin user password changed successfully."
        status[19]="Done"
    else
        echo "Failed to change admin user password."
        status[19]="Failed"
    fi
}

And this is my modification:

# Function to Change Admin User Password
change_admin_user_password() {
    echo "Changing admin user (zextras@$(hostname -f)) password..."
    read -s -p "Enter new admin password: " ADMIN_PWD
    echo # Move to a new line for clean output
    if su - zextras -c "carbonio prov sp zextras@$(hostname -f) $ADMIN_PWD"; then
        echo "Admin user password changed successfully."
        status[19]="Done"
    else
        echo "Failed to change admin user password."
        status[19]="Failed"
    fi
}

In the end it should be used hostname -f and not hostname -d for this command to actually work

su - zextras -c "carbonio prov sp zextras@fucine.email XXXXXX"

See, in fact, here:

root@mail:~# hostname -d
email

root@mail:~# hostname -f
fucine.email

So by using hostname -d I'd have gotten (which actually failed, for obvious reason):

su - zextras -c "carbonio prov sp zextras@email XXXXXX"

Whilst by using hostname -f I got (which worked, as we had to reference zextras@fucine.email):

su - zextras -c "carbonio prov sp zextras@fucine.email XXXXXX"

Quick guide:

Option Description Example
-i Displays the network address (IP) of the host | Example: hostname -i
-f Displays the Fully Qualified Domain Name (FQDN) of the host | Example: hostname -f
-s Displays the short hostname. This is the hostname up to the first ‘.’ | Example: hostname -s
-a Displays the alias name of the host | Example: hostname -a
-d Displays the DNS domain name | Example: hostname -d
-y Displays the NIS/YP domain name | Example: hostname -y
-n Displays the network node hostname | Example: hostname -n
-v Verbose output | Example: hostname -v
-h Displays help message and exit | Example: hostname -h
-V Displays version information and exit | Example: hostname -V

Furthermore, for anyone downloading the script from the link posted as comment to this YouTube video, it might be useful to convert it via:

dos2unix ce_installation_script_public_UB_v3.sh

If dos2unix is not already installed in your system then having it in place would be as easy as (for Debian GNU/Linux systems):

sudo apt install dos2unix

   
ReplyQuote
(@fucine)
New Member
Joined: 12 months ago
Posts: 6
 

In the end it should be used hostname -f and not hostname -d for this command to actually work

Nope, in the end hostname -d is doing its job, but in case FQDN is referring to a 2nd level domain - which I think is the direct consequence of some step during script's execution (mine originally was "mail.fucine.email", but then it became "fucine.email") - then hostname -d would print just 1st level domain, and that should be avoided, of course.
Now I'm going to see at which step an originally defined 3rdlevel.domain.tld is rewritten in terms of domain.tld. Anyway this is what I have in place:

root@mail:~# cat /etc/hosts
127.0.0.1 localhost
78.46.195.130 fucine.email mail
root@mail:~# hostname -f
fucine.email
root@mail:~# hostname -d
email
root@mail:~# hostnamectl
 Static hostname: mail.fucine.email
       Icon name: computer-vm
         Chassis: vm
      Machine ID: 991b613a94d14f96848641da44662a6e
         Boot ID: 8efb55ea1a934084961c820976e67e72
  Virtualization: kvm
Operating System: Ubuntu 22.04.4 LTS              
          Kernel: Linux 5.15.0-105-generic
    Architecture: x86-64
 Hardware Vendor: Hetzner
  Hardware Model: vServer

Cheers, e.-


   
ReplyQuote
(@mr-ripon)
New Member
Joined: 12 months ago
Posts: 1
 

I'm using your script on Ubuntu: 20.04LTS.It's amazing !


   
ReplyQuote
(@sharif)
Reputable Member Admin
Joined: 3 years ago
Posts: 693
Topic starter  

Automated Installation Script for Let's Encrypt SSL Certificate in Carbonio CE

 

In Carbonio CE, we can deploy the Let's Encrypt certificate using both GUI-based Admin UI and CLI. For both the methods, the basic procedures are same:

  • Configure virtual hostname
  • Set the proper value of zimbraReverseProxyMailMode
  • Restart proxy service
  • Generate the Let's Encrypt SSL using GUI or CLI.
  • After the configuration, restart the proxy service.

If you have a single domain, then these steps are okay. But if you have like 5 to 10 domains then redoing these steps for all the domains could be time consuming and annoying.

Therefore I present you this script that will detect all the domains in your server and deploy domain level Let's encrypt certificate for them without any intervention.

#!/bin/bash

# Check if the script is run as zextras
if [ "$(whoami)" != "zextras" ]; then
  echo "This script must be run as the zextras user."
  exit 1
fi

echo "Starting Let's Encrypt SSL installation script."

# Setting zimbraVirtualHostName for each domain as zextras user
for i in $(carbonio prov -l gad); do 
  carbonio prov md $i zimbraVirtualHostName mail.$i
  echo "Virtual Hostname set for domain $i"
done
echo "Virtual Hostnames set for all domains."

sleep 1

# Setting zimbraReverseProxyMailMode to redirect as zextras user
carbonio prov ms $(hostname -f) zimbraReverseProxyMailMode redirect
echo "zimbraReverseProxyMailMode set to redirect."

sleep 1

# Restarting zmproxyctl as zextras user
zmproxyctl restart
echo "zmproxyctl restarted."

sleep 1

# Obtaining certificates for each domain as zextras user
for i in $(carbonio prov -l gad); do 
  /opt/zextras/libexec/certbot certonly --preferred-chain "ISRG Root X1" --agree-tos --email zextras@$(hostname -d) -n --keep --webroot -w /opt/zextras --cert-name $i -d mail.$i
  echo "Certificate obtained for domain $i"
done
echo "Certificates obtained for all domains."

sleep 1

# Restarting zmproxyctl again after obtaining certificates as zextras user
zmproxyctl restart
echo "zmproxyctl restarted after obtaining certificates."

echo "Let's Encrypt SSL installation script completed."

echo "##############################################################"
echo "#                                                            #"
echo "# WARNING: To set up auto-renewal for all domains, please    #"
echo "# execute the following commands as root:                    #"
echo "#                                                            #"
echo "#   sudo systemctl start carbonio-certbot.timer              #"
echo "#   sudo systemctl enable carbonio-certbot.timer             #"
echo "#                                                            #"
echo "##############################################################"

Hereby, I am requesting you to try this and let us know how it goes.

This is a mere effort to encourage you to play and do this kind of stuff that can be helpful for the entire community. I am not saying this is a perfect script. Feel free to modify it at your own discretion.

 

Remarks: I am updating existing SSL related articles be adding this script in them.

 

Have a good day!

Regards,

Sharif

 


   
atuston reacted
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

@fucine 

Your hosts file below is incorrect.

root@mail:~# cat /etc/hosts
127.0.0.1 localhost
78.46.195.130 fucine.email mail

Correct should be as follows:

78.46.195.130 mail.fucine.email mail


   
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

@Md. Shariful Islam

I used your Fan made script to install Carbonio. Mostly went fine. After reboot it took a while for the Ubuntu 22.04 system to start.

apt update gave error:

W: removed link : Key is stored in legacy trusted.gpg keyring ( removed link ), see the DEPRECATION section in apt-key(8) for details.

N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository ' removed link jammy-pgdg InRelease' doesn't support architecture 'i386'

So, I manually ran the following taken from the installation document for Ubuntu 22.04:

Database - Installation of PostgreSQL

sh -c 'echo "deb removed link $(lsb_release -cs)-pgdg main" > removed link '

wget -O- " removed link " | \
gpg --dearmor | sudo tee removed link > \
/dev/null

chmod 644 removed link

sed -i 's/deb/deb [signed-by=\ removed link ] /' removed link

apt update again and it displayed:

N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository ' removed link jammy-pgdg InRelease' doesn't support architecture 'i386'

A little search on the wild wild west gave me as solution as follows:

Changed file: removed link

deb [signed-by= removed link ] removed link jammy-pgdg main

to

deb [arch=amd64 signed-by= removed link ] removed link jammy-pgdg main

apt update once again and it did not complain no more.

It seems your script is made for Ubuntu 20.04

 

Question: Is there a way you can adjust your script to ask which Ubuntu is installed and configure the following section of your fan made script:

# Function to install PostgreSQL DB

 

Regards


   
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

Sorry in above post all links were removed. That makes a copy and paste impossible and one will have to consult the installation manual for Carbonio.

<a title="Database - Installation of PostgreSQL" href=" removed link " target="_blank" rel="noopener"> removed link


   
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

I give up on installing with fan made script on Ubuntu 22.04.

Errors a long the installation and zextras services not all of them start.


   
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

After many more trial and errors I finally got an installation to work. I joined @telegram CarbonioMail and there another user by name Victor Ramb is having the same/similar problem with installation. Does not matter what script we/I used. Official script , fan made script or the one provided by @telegram CarbonioMail. Or even the manual step for that matter. Nothing worked. Long story short.

What I figured out was that the file /opt/zextras/conf/web.xml was not created during the installation process. So the zimbra/zextras services mailbox and webapp did not start. caused basically a total failure to install carbonio.

Anahuac @ Telegram helped in figuring out problems.

 

Bottom line line is:

over github zextras carbonio-core-utils commit d5dd029ef34c8b06dfae5928cf93190c74c463e7

Someone removed: REWRITE conf/web.xml.in conf/web.xml in file /opt/zextras/conf/zmconfigd.cf in the mailbox section.

That caused it to NOT create the file /opt/zextras/conf/web.xml - hence zextras services mailbox and webapp to NOT start.

And in the end the Installation failed.

 

My workaround:

From the failed installation I copied the file /opt/zextras/conf/zmconfigd.cf to my Windows machine with winSCP.

Added the line REWRITE conf/web.xml.in conf/web.xml

in SECTION mailbox

REWRITE conf/spnego_java_options.in conf/spnego_java_options
REWRITE conf/web.xml.in conf/web.xml
RESTART mailboxd

Started a new Installation and when the /opt folder was populated with zextras/conf folder I copied my modded zmconfigd.cf file

over and replaced the existing one.

So, I was able to do a successful Carbonio 25.3.1 Installation.


   
ReplyQuote
(@itguy)
New Member
Joined: 11 years ago
Posts: 15
 

As of April 22 15:52 the above work around is no longer needed. Zextras fix the issue.


   
ReplyQuote
Page 2 / 2