Carbonio CE is an emerging email solution platform keeping digital sovereignty in mind. In 2022, digital sovereignty is as important as your other security concerns. But that’s (Digital Sovereignty) for another days discussion. In this article, we will stick to the installation process of Carbonio CE on RHEL8.
Carbonio CE is currently only available for 64-bit CPUs and can be installed on top of the below-mentioned distributions:
- Ubuntu 20.04 LTS
- RHEL 8
Right now, there are no other officially supported distributions for Carbonio CE.
Linux distributions compatible with Ubuntu 20.04LTS (e.g., Debian) and RHEL 8 (e.g., AlmaLinux, Rocky Linux, CentOS etc) may be used as base OS for Carbonio CE installation in that case to satisfy all required dependencies, you may need to include adding third-party repositories or annually installing software packages which are not included in the official documentation.
But before proceeding to the main installation steps, you can check out this article where you will get the installation steps of Carbonio CE on Ubuntu as well as have some idea about digital sovereignty.
Nevertheless, you can get all the installation steps/guidelines for all the currently supported distributions in our official documentation.
Before entering the main installation phase, these are the additional requirements that you should keep it mind.
- valid DNS resolution for the domain (
Arecords) and the FQDN (
- Python 3, the latest version available on the Operating System chosen
- Perl, the latest version available on the Operating System chosen
Install RHEL 8 On Your Server
You can visit this site and download it.
In this case, we are using 8.1.0 (RHEL8 x86_64) selecting Minimal Install (Basic Functionality) during the installation.
If you use RHEL 8 as a base OS, you should have a subscription (developer/professional) and enable it to resolve all dependencies during installation which will also help you to meet point-2&3 of Additional Requirements.
Set Static IP Address
Set a static IP Address on your server. It can be a private or a public one.
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 | tail -9 NAME=ens160 UUID=68aba678-63b0-4f3f-915f-87d16d43b1d8 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.1.121 PREFIX=24 GATEWAY=192.168.1.1 DNS1=188.8.131.52 IPV6_PRIVACY=no [root@localhost ~]#
Configure hostname and hosts file
Configure the hostname of the server in FQDN format.
[root@localhost ~]# cat /etc/hostname mail.example.com
/etc/hosts file as follows:
[root@localhost ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.121 mail.example.com mail [root@mail ~]#
Modify Selinux status
To proceed Carbonio CE Installation on RHEL8,
selinux status should be either disabled or permissive.
[root@localhost ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
Modify The Firewall Service Status
[root@localhost ~]# systemctl stop firewalld.service [root@localhost ~]# systemctl disable firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@localhost ~]#
Reboot the Server
As we have modified server
selinux configuration it is recommended to reboot the server.
[root@localhost ~]# reboot now
Enable/Manage subscription of RHEL
If you have registered for RHEL developer program, then you can register your machine’s OS to that subscription. It will allow you to avail RHEL repositories which is needed during the resolve of dependencies of additional packages.
[root@mail ~]# subscription-manager register Registering to: subscription.rhsm.redhat.com:443/subscription Username: XXXXXXXXX Password: XXXXXXXXX The system has been registered with ID: 425e04c5-881b-4e8f-bd84-18538ce7a5e5 The registered system name is: mail.example.com [root@mail ~]# subscription-manager attach --auto All installed products are covered by valid entitlements. No need to update subscriptions at this time. Installed Product Current Status: Product Name: Red Hat Enterprise Linux for x86_64 Status: Not Subscribed
Now, your system is ready to add RHEL repositories.
Add RHEL and other repositories
Add required repositories.
[root@mail ~]# subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms Repository 'rhel-8-for-x86_64-appstream-rpms' is enabled for this system. [root@mail ~]# subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms Repository 'codeready-builder-for-rhel-8-x86_64-rpms' is enabled for this system. [root@mail ~]# yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
Install and configure dnsmasq [Optional]
If you have active resolvable public DNS records, then you can skip this step. But if you do not have any active/resolvable DNS records against the domain you are using, then follow below mentioned instructions:
[root@mail ~]# dnf install dnsmasq [root@mail ~]# vi /etc/dnsmasq.conf server=184.108.40.206 mx-host=example.com,mail.example.com,50 host-record=example.com,192.168.1.121 host-record=mail.example.com,192.168.1.121
/etc/resolv.conf as follows:
[root@mail ~]# cat /etc/resolv.conf # Generated by NetworkManager search example.com nameserver 127.0.0.1
[root@localhost ~]# systemctl restart dnsmasq
Managing Postgres Database in RHEL8
The version of
Postgres shipped by RHEL 8 is older than required by Carbonio CE. We need to make sure that
Postresql 12 is installed in your system.
[root@mail ~]# dnf -qy module disable postgresql [root@mail ~]# dnf -y install postgresql12 postgresql12-server [root@mail ~]# /usr/pgsql-12/bin/postgresql-12-setup initdb Initializing database ... OK [root@mail ~]# systemctl enable --now postgresql-12 Created symlink /etc/systemd/system/multi-user.target.wants/postgresql-12.service → /usr/lib/systemd/system/postgresql-12.service. [root@mail ~]#
Now, we need to modify one more file before reloading postgresql-12
[root@mail ~]# vi /var/lib/pgsql/12/data/pg_hba.conf [find the line] host all all 127.0.0.1/32 ident [change it to] host all all 127.0.0.1/32 md5
Now reload the postgresql-12
[root@localhost ~]# systemctl reload postgresql-12
Now we need to add zextras repository to the system. For that we need to download the script. For that we need to install
[root@localhost ~]# dnf install wget
Add Carbonio repository to the system
You need to download and add zextras repository in your system in order to install necessary carbonio CE packages.
Head to the Carbonio Community Edition webpage and fill out the form. You will soon receive an e-mail including very easy instructions to add the repository to your operating system.
After you successfully added the repository, upgrade the system.
[root@localhost ~]# dnf upgrade
[root@localhost ~]# dnf install service-discover-server
Install Carbonio Packages
[root@localhost ~]# dnf install carbonio-directory-server \ carbonio-proxy \ carbonio-webui carbonio-files-ui \ carbonio-mta \ carbonio-appserver carbonio-logger \ carbonio-user-management \ carbonio-files-ce carbonio-files-db \ carbonio-storages-ce \ carbonio-preview-ce \ carbonio-docs-connector-ce carbonio-docs-editor \ carbonio-admin-ui carbonio-admin-console-ui \ carbonio-admin-login-ui
Use the following command to configure and launch Carbonio CE
[root@mail ~]# carbonio-bootstrap
Setup Carbonio Mesh & pending setups
[root@mail ~]# service-discover setup-wizard [root@mail ~]# pending-setups
Fix permissions of Carbonio Mesh tokens
[root@mail ~]# chmod a+r /etc/zextras/carbonio-mailbox/token
Configure Carbonio CE databases
[root@mail ~]# su - postgres -c "psql --command=\"CREATE ROLE carbonio_adm WITH LOGIN SUPERUSER encrypted password '123456';\"" [root@mail ~]# su - postgres -c "psql --command=\"CREATE DATABASE carbonio_adm owner carbonio_adm;\"" [root@mail ~]# PGPASSWORD=123456 carbonio-files-db-bootstrap carbonio_adm 127.0.0.1
Restart all services and check the status
[root@mail ~]# su - zextras [zextras@mail ~]$ zmcontrol restart [zextras@mail ~]$ zmcontrol -v Carbonio Release 22.11.0 [zextras@mail ~]$ [zextras@mail ~]$ [zextras@mail ~]$ zmcontrol status Host mail.example.com amavis Running antispam Running antivirus Running directory-server Running logger Running mailbox Running memcached Running mta Running opendkim Running proxy Running service webapp Running service-discover Running stats Running zimbra webapp Running zimbraAdmin webapp Running zimlet webapp Running zmconfigd Running [zextras@mail ~]$
And with this step the installation process is completed.
Now you/user can access the Webmail Interface panel using one of the following methods/links:
zextras is the default admin account in Carbonio CE server. In this case the account is, email@example.com
To access the admin account for the first time, you have to set/change it’s password:
[root@mail ~]# su - zextras [zextras@mail ~]$ carbonio prov sp firstname.lastname@example.org 123456
Now you can access the Admin Panel Interface with that credential using one of the following methods/links: