Carbonio CE is an emerging email solution platform keeping digital sovereignty in mind. In 2022, digital sovereignty is as important as your other security concerns. But that’s (Digital Sovereignty) for another days discussion. In this article, we will stick to the installation process of Carbonio CE on RHEL8.
Carbonio CE is currently only available for 64-bit CPUs and can be installed on top of the below-mentioned distributions:
- Ubuntu 20.04 LTS
- RHEL 8
Right now, there are no other officially supported distributions for Carbonio CE.
Warning:
Linux distributions compatible with Ubuntu 20.04LTS (e.g., Debian) and RHEL 8 (e.g., AlmaLinux, Rocky Linux, CentOS etc) may be used as base OS for Carbonio CE installation in that case to satisfy all required dependencies, you may need to include adding third-party repositories or annually installing software packages which are not included in the official documentation.
But before proceeding to the main installation steps, you can check out this article where you will get the installation steps of Carbonio CE on Ubuntu as well as have some idea about digital sovereignty.
Nevertheless, you can get all the installation steps/guidelines for all the currently supported distributions in our official documentation.
Additional Requirements
Before entering the main installation phase, these are the additional requirements that you should keep it mind.
- valid DNS resolution for the domain (
MX
andA
records) and the FQDN (A
record) - Python 3, the latest version available on the Operating System chosen
- Perl, the latest version available on the Operating System chosen
Install RHEL 8 On Your Server
You can visit this site and download it.
In this case, we are using 8.1.0 (RHEL8 x86_64) selecting Minimal Install (Basic Functionality) during the installation.
If you use RHEL 8 as a base OS, you should have a subscription (developer/professional) and enable it to resolve all dependencies during installation which will also help you to meet point-2&3 of Additional Requirements.
Set Static IP Address
Set a static IP Address on your server. It can be a private or a public one.
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160 | tail -9
NAME=ens160
UUID=68aba678-63b0-4f3f-915f-87d16d43b1d8
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.1.121
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
IPV6_PRIVACY=no
[root@localhost ~]#
Configure hostname and hosts file
Configure the hostname of the server in FQDN format.
[root@localhost ~]# cat /etc/hostname
mail.example.com
Modify the /etc/hosts
file as follows:
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.121 mail.example.com mail
[root@mail ~]#
Modify Selinux status
To proceed Carbonio CE Installation on RHEL8, selinux
status should be either disabled or permissive.
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
Modify The Firewall Service Status
Disable firewalld
daemon.
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]#
Reboot the Server
As we have modified server hostname
& selinux
configuration it is recommended to reboot the server.
[root@localhost ~]# reboot now
Enable/Manage subscription of RHEL
If you have registered for RHEL developer program, then you can register your machine’s OS to that subscription. It will allow you to avail RHEL repositories which is needed during the resolve of dependencies of additional packages.
[root@mail ~]# subscription-manager register
Registering to: subscription.rhsm.redhat.com:443/subscription
Username: XXXXXXXXX
Password: XXXXXXXXX
The system has been registered with ID: 425e04c5-881b-4e8f-bd84-18538ce7a5e5
The registered system name is: mail.example.com
[root@mail ~]# subscription-manager attach --auto
All installed products are covered by valid entitlements. No need to update subscriptions at this time.
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux for x86_64
Status: Not Subscribed
Now, your system is ready to add RHEL repositories.
Add RHEL and other repositories
Add required repositories.
[root@mail ~]# subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms
Repository 'rhel-8-for-x86_64-appstream-rpms' is enabled for this system.
[root@mail ~]# subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
Repository 'codeready-builder-for-rhel-8-x86_64-rpms' is enabled for this system.
[root@mail ~]# yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
Install and configure dnsmasq [Optional]
If you have active resolvable public DNS records, then you can skip this step. But if you do not have any active/resolvable DNS records against the domain you are using, then follow below mentioned instructions:
[root@mail ~]# dnf install dnsmasq
[root@mail ~]# vi /etc/dnsmasq.conf
server=1.1.1.1
mx-host=example.com,mail.example.com,50
host-record=example.com,192.168.1.121
host-record=mail.example.com,192.168.1.121
Modify the /etc/resolv.conf
as follows:
[root@mail ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 127.0.0.1
Now restart dnsmasq
service.
[root@localhost ~]# systemctl restart dnsmasq
Managing Postgres Database in RHEL8
The version of Postgres
shipped by RHEL 8 is older than required by Carbonio CE. We need to make sure that Postresql 12
is installed in your system.
[root@mail ~]# dnf -qy module disable postgresql
[root@mail ~]# dnf -y install postgresql12 postgresql12-server
[root@mail ~]# /usr/pgsql-12/bin/postgresql-12-setup initdb
Initializing database ... OK
[root@mail ~]# systemctl enable --now postgresql-12
Created symlink /etc/systemd/system/multi-user.target.wants/postgresql-12.service → /usr/lib/systemd/system/postgresql-12.service.
[root@mail ~]#
Now, we need to modify one more file before reloading postgresql-12
[root@mail ~]# vi /var/lib/pgsql/12/data/pg_hba.conf
[find the line]
host all all 127.0.0.1/32 ident
[change it to]
host all all 127.0.0.1/32 md5
Now reload the postgresql-12
[root@localhost ~]# systemctl reload postgresql-12
Install wget
Now we need to add zextras repository to the system. For that we need to download the script. For that we need to install wget
.
[root@localhost ~]# dnf install wget
Add Carbonio repository to the system
You need to download and add zextras repository in your system in order to install necessary carbonio CE packages.
Head to the Carbonio Community Edition webpage and fill out the form. You will soon receive an e-mail including very easy instructions to add the repository to your operating system.
After you successfully added the repository, upgrade the system.
[root@localhost ~]# dnf upgrade
Install service-discover-server
[root@localhost ~]# dnf install service-discover-server
Install Carbonio Packages
[root@localhost ~]# dnf install carbonio-directory-server \
carbonio-proxy \
carbonio-webui carbonio-files-ui \
carbonio-mta \
carbonio-appserver carbonio-logger \
carbonio-user-management \
carbonio-files-ce carbonio-files-db \
carbonio-storages-ce \
carbonio-preview-ce \
carbonio-docs-connector-ce carbonio-docs-editor \
carbonio-admin-ui carbonio-admin-console-ui \
carbonio-admin-login-ui
Use the following command to configure and launch Carbonio CE
[root@mail ~]# carbonio-bootstrap
Setup Carbonio Mesh & pending setups
[root@mail ~]# service-discover setup-wizard
[root@mail ~]# pending-setups
Configure Carbonio CE databases
[root@mail ~]# su - postgres -c "psql --command=\"CREATE ROLE carbonio_adm WITH LOGIN SUPERUSER encrypted password '123456';\""
[root@mail ~]# su - postgres -c "psql --command=\"CREATE DATABASE carbonio_adm owner carbonio_adm;\""
[root@mail ~]# PGPASSWORD=123456 carbonio-files-db-bootstrap carbonio_adm 127.0.0.1
Restart all services and check the status
[root@mail ~]# su - zextras
[zextras@mail ~]$ zmcontrol restart
[zextras@mail ~]$ zmcontrol -v
Carbonio Release 22.11.0
[zextras@mail ~]$
[zextras@mail ~]$
[zextras@mail ~]$ zmcontrol status
Host mail.example.com
amavis Running
antispam Running
antivirus Running
directory-server Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
service-discover Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
[zextras@mail ~]$
And with this step the installation process is completed.
😊👍😎
Now you/user can access the Webmail Interface panel using one of the following methods/links:
https://Server_IP_Address
https://mail.example.com
https://192.168.1.121
zextras is the default admin account in Carbonio CE server. In this case the account is, zextras@example.com
To access the admin account for the first time, you have to set/change it’s password:
[root@mail ~]# su - zextras
[zextras@mail ~]$ carbonio prov sp zextras@example.com 123456
Now you can access the Admin Panel Interface with that credential using one of the following methods/links:
https://Server_IP_Address:6071/login
https://mail.example.com:6071/login
https://192.168.1.121:6071/login
That’s it.
😊