How To Deploy a Private E-mail Server for Free Using Zextras Carbonio Community Edition On RHEL8 | Carbonio CE

Carbonio CE is an emerging email solution platform keeping digital sovereignty in mind. In 2022, digital sovereignty is as important as your other security concerns. But that’s (Digital Sovereignty) for another days discussion. In this article, we will stick to the installation process of Carbonio CE on RHEL8.

Carbonio CE is currently only available for 64-bit CPUs and can be installed on top of the below-mentioned distributions:

  • Ubuntu 20.04 LTS
  • RHEL 8

Right now, there are no other officially supported distributions for Carbonio CE.

Warning:
Linux distributions compatible with Ubuntu 20.04LTS (e.g., Debian) and RHEL 8 (e.g., AlmaLinux, Rocky Linux, CentOS etc) may be used as base OS for Carbonio CE installation in that case to satisfy all required dependencies, you may need to include adding third-party repositories or annually installing software packages which are not included in the official documentation.

But before proceeding to the main installation steps, you can check out this article where you will get the installation steps of Carbonio CE on Ubuntu as well as have some idea about digital sovereignty.

Nevertheless, you can get all the installation steps/guidelines for all the currently supported distributions in our official documentation.

Additional Requirements

Before entering the main installation phase, these are the additional requirements that you should keep it mind.

  1. valid DNS resolution for the domain (MX and A records) and the FQDN (A record)
  2. Python 3, the latest version available on the Operating System chosen
  3. Perl, the latest version available on the Operating System chosen

Install RHEL 8 On Your Server

You can visit this site and download it.

RHEL8 Download Link

In this case, we are using 8.1.0 (RHEL8 x86_64) selecting Minimal Install (Basic Functionality) during the installation.

If you use RHEL 8 as a base OS, you should have a subscription (developer/professional) and enable it to resolve all dependencies during installation which will also help you to meet point-2&3 of Additional Requirements.

Set Static IP Address

Set a static IP Address on your server. It can be a private or a public one.

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 | tail -9
NAME=ens160
UUID=68aba678-63b0-4f3f-915f-87d16d43b1d8
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.1.121
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
IPV6_PRIVACY=no
[root@localhost ~]#

Configure hostname and hosts file

Configure the hostname of the server in FQDN format.

[root@localhost ~]# cat /etc/hostname
mail.example.com

Modify the /etc/hosts file as follows:

[root@localhost ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.121   mail.example.com        mail
[root@mail ~]#

Modify Selinux status

To proceed Carbonio CE Installation on RHEL8, selinux status should be either disabled or permissive.

[root@localhost ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Modify The Firewall Service Status

Disable firewalld daemon.

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]#

Reboot the Server

As we have modified server hostname & selinux configuration it is recommended to reboot the server.

[root@localhost ~]# reboot now

Enable/Manage subscription of RHEL

If you have registered for RHEL developer program, then you can register your machine’s OS to that subscription. It will allow you to avail RHEL repositories which is needed during the resolve of dependencies of additional packages.

[root@mail ~]# subscription-manager register
Registering to: subscription.rhsm.redhat.com:443/subscription
Username: XXXXXXXXX
Password: XXXXXXXXX
The system has been registered with ID: 425e04c5-881b-4e8f-bd84-18538ce7a5e5
The registered system name is: mail.example.com

[root@mail ~]# subscription-manager attach --auto
All installed products are covered by valid entitlements. No need to update subscriptions at this time.
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux for x86_64
Status:       Not Subscribed

Now, your system is ready to add RHEL repositories.

Add RHEL and other repositories

Add required repositories.

[root@mail ~]# subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms
Repository 'rhel-8-for-x86_64-appstream-rpms' is enabled for this system.

[root@mail ~]# subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
Repository 'codeready-builder-for-rhel-8-x86_64-rpms' is enabled for this system.

[root@mail ~]# yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm

Install and configure dnsmasq [Optional]

If you have active resolvable public DNS records, then you can skip this step. But if you do not have any active/resolvable DNS records against the domain you are using, then follow below mentioned instructions:

[root@mail ~]# dnf install dnsmasq

[root@mail ~]# vi /etc/dnsmasq.conf
server=1.1.1.1
mx-host=example.com,mail.example.com,50
host-record=example.com,192.168.1.121
host-record=mail.example.com,192.168.1.121

Modify the /etc/resolv.conf as follows:

[root@mail ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 127.0.0.1

Now restart dnsmasq service.

[root@localhost ~]# systemctl restart dnsmasq

Managing Postgres Database in RHEL8

The version of Postgres shipped by RHEL 8 is older than required by Carbonio CE. We need to make sure that Postresql 12 is installed in your system.

[root@mail ~]# dnf -qy module disable postgresql
[root@mail ~]# dnf -y install postgresql12 postgresql12-server

[root@mail ~]# /usr/pgsql-12/bin/postgresql-12-setup initdb
Initializing database ... OK

[root@mail ~]# systemctl enable --now postgresql-12
Created symlink /etc/systemd/system/multi-user.target.wants/postgresql-12.service → /usr/lib/systemd/system/postgresql-12.service.
[root@mail ~]#

Now, we need to modify one more file before reloading postgresql-12

[root@mail ~]# vi /var/lib/pgsql/12/data/pg_hba.conf

[find the line]
host    all             all             127.0.0.1/32            ident

[change it to]
host    all             all             127.0.0.1/32            md5

Now reload the postgresql-12

[root@localhost ~]# systemctl reload postgresql-12

Install wget

Now we need to add zextras repository to the system. For that we need to download the script. For that we need to install wget.

[root@localhost ~]# dnf install wget

Add Carbonio repository to the system

You need to download and add zextras repository in your system in order to install necessary carbonio CE packages.

Head to the Carbonio Community Edition webpage and fill out the form. You will soon receive an e-mail including very easy instructions to add the repository to your operating system.

After you successfully added the repository, upgrade the system.

[root@localhost ~]# dnf upgrade

Install service-discover-server

[root@localhost ~]# dnf install service-discover-server

Install Carbonio Packages

[root@localhost ~]# dnf install carbonio-directory-server \
carbonio-proxy \
carbonio-webui carbonio-files-ui \
carbonio-mta  \
carbonio-appserver carbonio-logger  \
carbonio-user-management \
carbonio-files-ce carbonio-files-db \
carbonio-storages-ce \
carbonio-preview-ce \
carbonio-docs-connector-ce carbonio-docs-editor \
carbonio-admin-ui carbonio-admin-console-ui \
carbonio-admin-login-ui

Use the following command to configure and launch Carbonio CE

[root@mail ~]# carbonio-bootstrap

Setup Carbonio Mesh & pending setups

[root@mail ~]# service-discover setup-wizard
[root@mail ~]# pending-setups

Fix permissions of Carbonio Mesh tokens

[root@mail ~]# chmod a+r /etc/zextras/carbonio-mailbox/token

Configure Carbonio CE databases

[root@mail ~]# su - postgres -c "psql --command=\"CREATE ROLE carbonio_adm WITH LOGIN SUPERUSER encrypted password '123456';\""
[root@mail ~]# su - postgres -c "psql --command=\"CREATE DATABASE carbonio_adm owner carbonio_adm;\""
[root@mail ~]# PGPASSWORD=123456 carbonio-files-db-bootstrap carbonio_adm 127.0.0.1

Restart all services and check the status

[root@mail ~]# su - zextras
[zextras@mail ~]$ zmcontrol restart

[zextras@mail ~]$ zmcontrol -v
Carbonio Release 22.11.0
[zextras@mail ~]$
[zextras@mail ~]$
[zextras@mail ~]$ zmcontrol status
Host mail.example.com
        amavis                  Running
        antispam                Running
        antivirus               Running
        directory-server        Running
        logger                  Running
        mailbox                 Running
        memcached               Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        service webapp          Running
        service-discover        Running
        stats                   Running
        zimbra webapp           Running
        zimbraAdmin webapp      Running
        zimlet webapp           Running
        zmconfigd               Running
[zextras@mail ~]$

And with this step the installation process is completed.

😊👍😎

Now you/user can access the Webmail Interface panel using one of the following methods/links:

https://Server_IP_Address
https://mail.example.com
https://192.168.1.121

zextras is the default admin account in Carbonio CE server. In this case the account is, zextras@example.com

To access the admin account for the first time, you have to set/change it’s password:

[root@mail ~]# su - zextras
[zextras@mail ~]$ carbonio prov sp zextras@example.com 123456

Now you can access the Admin Panel Interface with that credential using one of the following methods/links:
https://Server_IP_Address:6071/login
https://mail.example.com:6071/login
https://192.168.1.121:6071/login

That’s it.

😊

Post your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Everything You Need to Know about RDNS for Your Servers in Carbonio Community Edition | Carbonio CE
How to Work with SpamAssassin in Carbonio Community Edition | Carbonio CE