How To Deploy a Private E-mail Server for Free Using Zextras Carbonio Community Edition On RHEL8 | Carbonio CE

The article has been updated to be compatible with Carbonio CE Release 23.12.0, 24.1.0

Carbonio CE is an emerging email solution platform keeping digital sovereignty in mind. In 2022, digital sovereignty is as important as your other security concerns. But that’s (Digital Sovereignty) for another days discussion. In this article, we will stick to the installation process of Carbonio CE on RHEL8.

Carbonio CE is currently only available for 64-bit CPUs and can be installed on top of the below-mentioned distributions:

  • Ubuntu 20.04 LTS
  • RHEL 8

Right now, there are no other officially supported distributions for Carbonio CE.

Linux distributions compatible with Ubuntu 20.04LTS (e.g., Debian) and RHEL 8 (e.g., AlmaLinux, Rocky Linux, CentOS etc) may be used as base OS for Carbonio CE installation in that case to satisfy all required dependencies, you may need to include adding third-party repositories or annually installing software packages which are not included in the official documentation.

But before proceeding to the main installation steps, you can check out this article where you will get the installation steps of Carbonio CE on Ubuntu as well as have some idea about digital sovereignty.

Nevertheless, you can get all the installation steps/guidelines for all the currently supported distributions in our official documentation.

Additional Requirements

Before entering the main installation phase, these are the additional requirements that you should keep it mind.

  1. valid DNS resolution for the domain (MX and A records) and the FQDN (A record)
  2. Python 3, the latest version available on the Operating System chosen
  3. Perl, the latest version available on the Operating System chosen

Install RHEL 8 On Your Server

You can visit this site and download it.

RHEL8 Download Link

In this case, we are using 8.1.0 (RHEL8 x86_64) selecting Minimal Install (Basic Functionality) during the installation.

If you use RHEL 8 as a base OS, you should have a subscription (developer/professional) and enable it to resolve all dependencies during installation which will also help you to meet point-2&3 of Additional Requirements.

Set Static IP Address

Set a static IP Address on your server. It can be a private or a public one.

cat /etc/sysconfig/network-scripts/ifcfg-ens160 | tail -9

Configure hostname and hosts file

Configure the hostname of the server in FQDN format.

cat /etc/hostname

Modify the /etc/hosts file as follows:

cat /etc/hosts   localhost localhost.localdomain localhost4 localhost4.localdomain4        mail

Modify Selinux status

To proceed Carbonio CE Installation on RHEL8, selinux status should be either disabled or permissive.

[root@localhost ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.

Modify The Firewall Service Status

Disable firewalld daemon.

sudo sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo systemctl mask --now firewalld
reboot now

Reboot the Server

As we have modified server hostname & selinux configuration it is recommended to reboot the server.

reboot now

Enable/Manage subscription of RHEL

If you have registered for RHEL developer program, then you can register your machine’s OS to that subscription. It will allow you to avail RHEL repositories which is needed during the resolve of dependencies of additional packages.

[root@mail ~]# subscription-manager register
Registering to:
The system has been registered with ID: 425e04c5-881b-4e8f-bd84-18538ce7a5e5
The registered system name is:

[root@mail ~]# subscription-manager attach --auto
All installed products are covered by valid entitlements. No need to update subscriptions at this time.
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux for x86_64
Status:       Not Subscribed

Now, your system is ready to add RHEL repositories.

Add RHEL and other repositories

Add required repositories.

subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms
Repository 'rhel-8-for-x86_64-appstream-rpms' is enabled for this system.

subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
Repository 'codeready-builder-for-rhel-8-x86_64-rpms' is enabled for this system.

yum -y install

subscription-manager repos --enable codeready-builder-for-rhel-8-$(arch)-rpms

sudo yum -y install

yum clean all
yum repolist

Install and configure dnsmasq [Optional]

If you have active resolvable public DNS records, then you can skip this step. But if you do not have any active/resolvable DNS records against the domain you are using, then follow below mentioned instructions:

dnf install dnsmasq -y

vi /etc/dnsmasq.conf

Modify the /etc/resolv.conf as follows:

cat /etc/resolv.conf
# Generated by NetworkManager

Now restart dnsmasq service.

systemctl restart dnsmasq

Managing Postgres Database in RHEL8

The version of Postgres shipped by RHEL 8 is older than required by Carbonio CE. We need to make sure that Postresql 12 is installed in your system.

yum -y install

dnf -qy module disable postgresql
dnf -y install postgresql12 postgresql12-server

/usr/pgsql-12/bin/postgresql-12-setup initdb
Initializing database ... OK

systemctl enable --now postgresql-12
Created symlink /etc/systemd/system/ → /usr/lib/systemd/system/postgresql-12.service.

Now, we need to modify one more file before reloading postgresql-12

vi /var/lib/pgsql/12/data/pg_hba.conf

[find the line]
host    all             all               ident

[change it to]
host    all             all               md5

Now reload the postgresql-12

systemctl reload postgresql-12

Install wget

Now we need to add zextras repository to the system. For that we need to download the script. For that we need to install wget.

dnf install wget

Add Carbonio repository to the system

You need to download and add zextras repository in your system in order to install necessary carbonio CE packages.

Head to the Carbonio Community Edition webpage and fill out the form. You will soon receive an e-mail including very easy instructions to add the repository to your operating system.

After you successfully added the repository, upgrade the system.

dnf upgrade

Install Carbonio Packages

dnf install service-discover-server carbonio-directory-server \
carbonio-files-db carbonio-mailbox-db carbonio-docs-connector-db carbonio-tasks-db \
carbonio-proxy \
carbonio-webui carbonio-files-ui carbonio-tasks-ui carbonio-files-public-folder-ui \
carbonio-user-management \
carbonio-mta \
carbonio-appserver \
carbonio-storages-ce carbonio-files-ce carbonio-preview-ce \
carbonio-docs-connector-ce carbonio-tasks-ce \
carbonio-docs-editor \
carbonio-prometheus -y

Use the following command to configure and launch Carbonio CE


Setup Carbonio Mesh & pending setups

service-discover setup-wizard

Configure Carbonio CE ROLE & DATABASES

read -s -p "Password:" DB_ADM_PWD

su - postgres -c "psql --command=\"CREATE ROLE carbonio_adm WITH LOGIN SUPERUSER encrypted password '$DB_ADM_PWD';\""
su - postgres -c "psql --command=\"CREATE DATABASE carbonio_adm owner carbonio_adm;\""

Bootstrap Carbonio CE databases

Now we are going to bootstrap Files and Tasks related databases.

PGPASSWORD=DB_ADM_PWD carbonio-files-db-bootstrap carbonio_adm
PGPASSWORD=DB_ADM_PWD carbonio-tasks-db-bootstrap carbonio_adm

Install and configure carbonio-message-dispatcher-db

# Set the DB Password one more time
read -s -p "Password:" DB_ADM_PWD

dnf install carbonio-message-dispatcher-db -y
pending-setups -a
PGPASSWORD=$DB_ADM_PWD carbonio-message-dispatcher-db-bootstrap carbonio_adm

Install and configure carbonio-message-dispatcher

# Set the DB Password one more time
read -s -p "Password:" DB_ADM_PWD

dnf install carbonio-message-dispatcher -y
pending-setups -a
PGPASSWORD=$DB_ADM_PWD carbonio-message-dispatcher-db-bootstrap carbonio_adm 20000

Install and configure carbonio-message-broker

dnf install carbonio-message-broker -y
pending-setups -a
PGPASSWORD=$DB_ADM_PWD carbonio-ws-collaboration-db-bootstrap carbonio_adm

Install and configure carbonio-ws-collaboration-db

dnf install carbonio-ws-collaboration-db -y
pending-setups -a
PGPASSWORD=$DB_ADM_PWD carbonio-ws-collaboration-db-bootstrap carbonio_adm

Install and configure carbonio-ws-collaboration-ce

dnf install carbonio-ws-collaboration-ce -y
pending-setups -a

Install and configure carbonio-videoserver-ce

dnf install carbonio-videoserver-ce -y
pending-setups -a

*** During the installation of carbonio-videoserver-ce package, you will be prompted for a bind address for the video server. You should use your server’s public IP address/External Public IP as the binding IP address of your video server.

Install and configure carbonio-ws-collaboration-ui

dnf install carbonio-ws-collaboration-ui -y
su - zextras -c "carbonio prov mc default carbonioFeatureChatsEnabled TRUE"

Finish the installation

Reboot the server. After rebooting the server, restart below referred services as per mentioned order:

systemctl restart carbonio-prometheus-nginx-exporter.service
systemctl restart carbonio-tasks
systemctl restart carbonio-message-broker
systemctl restart carbonio-videoserver
systemctl restart carbonio-ws-collaboration
systemctl restart carbonio-message-dispatcher

Check the status of all services.

zextras@mail:~$ zmcontrol -v
Release 24.1.0 Community Edition.

zextras@mail:~$ zmcontrol status
        amavis                  Running
        antispam                Running
        antivirus               Running
        directory-server        Running
        mailbox                 Running
        memcached               Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        service webapp          Running
        service-discover        Running
        stats                   Running
        config service          Running

root@mail:~# systemctl list-units carbonio*

zextras is the default admin account in Carbonio CE server. In this case the account is,

zextras@mail:~$ carbonio prov sp 123456

Congratulations! You have successfully deployed your secure and completely private Carbonio CE server.

You can now access your admin panel using your IP or the domain you chose through port 6071:

  • https://yourIP:6071

Similarly, users can access their Carbonio CE without specifying the port as follows:

  • https://yourIP/

And that’s it. 🙂

Post your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Everything You Need to Know about RDNS for Your Servers in Carbonio Community Edition | Carbonio CE
How to Work with SpamAssassin in Carbonio Community Edition | Carbonio CE