Kuendeswa kweZextras/Zimbra office workstations muYandex.Cloud

Nhanganyaya

Kugadzirisa zvivakwa zvehofisi uye kuendesa nzvimbo nyowani dzekushandira idambudziko guru kumakambani emarudzi ese uye saizi. Sarudzo yakanakisa yepurojekiti nyowani kuhaya zviwanikwa mugore uye kutenga marezinesi anogona kushandiswa zvese kubva kune anopa uye mune yako wega data data. Imwe mhinduro yemamiriro ezvinhu akadaro ndeye Zextras Suite, iyo inokutendera iwe kuti ugadzire chikuva chekubatana uye kutaurirana kwemakambani ebhizinesi mune zvese zviri mukati megore uye pane yako wega zvivakwa.

Mhinduro yacho yakagadzirirwa mahofisi emhando ipi neipi uye ine maviri makuru ekutumira mameseji: kana iwe uine anosvika zviuru zvitatu zvemabhokisi etsamba uye pasina zvakanyanya zvinodikanwa zvekushivirira kukanganisa, unogona kushandisa imwe-server yekumisikidza, uye iyo yakawanda-server yekuisa sarudzo. inotsigira kushanda kwakavimbika uye kunoteerera kwemakumi nemazana ezviuru zvemabhokisi etsamba. Muzviitiko zvese, mushandisi anowana mukana wetsamba, zvinyorwa uye mameseji kuburikidza newebhu imwe chete interface kubva kubasa inomhanyisa chero OS pasina kuisa uye kugadzirisa imwe software, kana kuburikidza nenharembozha yeIOS neAroid. Iwe unogona kushandisa yakajairika Outlook uye Thunderbird vatengi.

Kuendesa chirongwa ichi, Zextras shamwari - SVZ yakasarudza Yandex.Cloud nokuti mavakirwo ayo akafanana neAWS uye kune tsigiro yeS3 inopindirana yekuchengetedza, iyo inoderedza mari yekuchengetedza mavhoriyamu makuru etsamba, mameseji uye zvinyorwa uye kuwedzera kukanganisa kushivirira kwemhinduro.

Munzvimbo yeYandex.Cloud, maturusi ekutanga emuchina wekushandisa anoshandiswa kuisa imwe-server "Compute Cloud" uye virtual network manejimendi kugona "Virtual Private Cloud". Kune akawanda-server kuisirwa, kuwedzera kune yakatsanangurwa maturusi, zvinodikanwa kushandisa matekinoroji "Boka rekuisa", kana zvichidikanwa (zvichienderana nehuwandu hwehurongwa) - zvakare "Instance Groups", uye network balancer Yandex Load Balancer.

S3-inoenderana chinhu kuchengetedza Yandex Object Storage inogona kushandiswa mune ese maviri ekuisa sarudzo, uye zvakare inogona kubatanidzwa kune masisitimu akaiswa pane-nzvimbo yehupfumi uye inoshivirira-inoshivirira kuchengetedza yemail server data muYandex.Cloud.

Kune imwe-server yekumisikidza, zvichienderana nehuwandu hwevashandisi uye / kana mabhokisi etsamba, zvinotevera zvinodikanwa: kune iyo huru server 4-12 vCPU, 8-64 GB vRAM (chaiyo kukosha kwevCPU uye vRAM zvinoenderana nehuwandu. yemabhokisi etsamba uye mutoro chaiwo), ingangoita 80 GB yedhisiki yeiyo inoshanda sisitimu uye maapplication, pamwe nekuwedzera dhisiki nzvimbo yekuchengetera tsamba, indexes, matanda, nezvimwewo, zvichienderana nehuwandu uye avhareji saizi yemabhokisi etsamba uye anogona dynamically shanduko panguva yekushanda kwehurongwa; kune anobatsira maDocs maseva: 2-4 vCPU, 2-16 GB vRAM, 16 GB disk space (yakatarwa zviwanikwa zviwanikwa uye nhamba yemaseva zvinoenderana nemutoro chaiwo); Uyezve, TURN/STUN server inogona kudiwa (inoda sevhavha yakaparadzana uye zviwanikwa zvinoenderana nemutoro chaiwo). Nekumisikidzwa kwema-multi-server, nhamba uye chinangwa chekutamba-kutamba-mashini chaiwo uye zviwanikwa zvakagoverwa kwavari zvinotemerwa mumwe nemumwe zvichienderana nezvinodiwa nemushandisi.

Chinangwa chechinyorwa

Tsanangudzo yekutumirwa muYandex.Cloud nharaunda yeZextras Suite zvigadzirwa zvichibva paZimbra mail server mune imwe-server yekumisikidza sarudzo. Iyo inokonzeresa yekumisikidza inogona kushandiswa munzvimbo yekugadzira (vane ruzivo vashandisi vanogona kugadzira inodiwa marongero uye kuwedzera zviwanikwa).

Iyo Zextras Suite/Zimbra system inosanganisira:

• zimbra - email yekambani ine kugona kugovera mabhokisi eemail, makarenda uye mazita ekufonera (mabhuku ekero).
• Zextras Docs - yakavakirwa-mukati hofisi suite yakavakirwa paLibreOffice yepamhepo yekugadzira uye nekubatana nemagwaro, maspredishiti, uye mharidzo.
• Zextras Drive - yega faira chengetedzo iyo inokutendera iwe kugadzirisa, kuchengeta uye kugovera mafaera uye maforodha nevamwe vashandisi.
• Zextras Chikwata - mutumwa ane tsigiro yekuteerera uye vhidhiyo musangano. Shanduro dziripo iTeam Basic, iyo inobvumira chete 1: 1 kutaurirana, uye Team Pro, iyo inotsigira akawanda-mushandisi makonferensi, machaneli, kugovana skrini, kugovana faira uye mamwe mabasa.
• Zextras Mobile - Tsigiro yenharembozha kuburikidza neExchange ActiveSync kuwiriranisa tsamba nenharembozha ine MDM (Mobile Chishandiso Management) manejimendi mabasa. Inokutendera kuti ushandise Microsoft Outlook seye email mutengi.
• Zextras Admin -kuitwa kweakawanda-anoroja sisitimu manejimendi pamwe nenhume yevatariri kubata mapoka evatengi uye makirasi emasevhisi.
• Zextras Backup -yakazara-kutenderera data backup uye kudzoreredza munguva chaiyo
• Zextras Powerstore - hierarchical kuchengetedza ye mail system zvinhu nerutsigiro rwemakirasi ekugadzirisa data, nekugona kuchengetedza data munharaunda kana mumafu storages eS3 architecture, kusanganisira Yandex Object Storage.

Pakupera kwekuisa, mushandisi anogamuchira sisitimu inoshanda muYandex.Cloud nharaunda.

Mitemo nezvirambidzo

1. Kugovera dhisiki nzvimbo yemabhokisi etsamba, indekisi, uye mamwe marudzi edata haina kuvharwa nekuti Zextras Powerstore inotsigira akawanda ekuchengetedza marudzi. Mhando uye saizi yekuchengetera zvinoenderana nemabasa uye system paramita. Kana zvichidikanwa, izvi zvinogona kuitwa gare gare munzira yekushandura yakatsanangurwa yekumisikidza kuita imwe yekugadzira.
2. Kurerutsa kuisirwa, kushandiswa kwemaneja-inotungamirwa DNS server kugadzirisa emukati (asiri eruzhinji) mazita emadomasi haatariswe; yakajairwa Yandex.Cloud DNS server inoshandiswa. Kana ichishandiswa munzvimbo yekugadzira, zvinokurudzirwa kushandisa sevha yeDNS, iyo inogona kunge yatovepo muhurongwa hwemakambani.
3. Zvinofungidzirwa kuti account muYandex.Cloud inoshandiswa neyakagadzika marongero (kunyanya, kana uchipinda mu "Console" yebasa, pane chete dhairekitori (mu "Available clouds" list pasi pezita default). vanoziva nekushanda muYandex.Cloud, Vanogona, pakufunga kwavo, kugadzira dhairekitori rakasiyana rebhenji rekuyedza, kana kushandisa iripo.
4. Mushandisi anofanirwa kuve neruzhinji DNS zone kwaanofanirwa kuwana manejimendi.
5. Mushandisi anofanira kuwana dhairekitori muYandex.Cloud "Console" ine kanenge "editor" basa (iyo "Cloud Owner" ine kodzero dzese dzinodiwa nekusarudzika; kune madhairekitori ekupa mukana kune gore kune vamwe vashandisi. : nguva, два, vatatu)
6. Chinyorwa chino hachitsananguri kuisa zvitupa zve X.509 zvechinyakare zvinoshandiswa kuchengetedza network netiweki michina uchishandisa TLS. Kana kuisirwa kwapera, zvitupa zvekuzvisaina zvichashandiswa, zvichibvumira mabhurawuza kuti ashandiswe kuwana iyo yakaiswa system. Vanowanzo ratidza chiziviso chekuti sevha haina chitupa chinobatika, asi inobvumidza iwe kuti uenderere mberi uchishanda. Kusvika pakuiswa kwezvitupa zvakasimbiswa nemidziyo yemutengi (yakasainwa neveruzhinji uye/kana yemakambani zvitupa zvitupa), zvikumbiro zvenharembozha zvinogona kusashanda neiyo yakaiswa. Naizvozvo, kuisirwa zvitupa zvakatsanangurwa munzvimbo yekugadzira kwakakosha, uye kunoitwa mushure mekupedza bvunzo zvinoenderana nemakambani ekuchengetedza marongero.

Tsanangudzo yekumisikidzwa kweZextras/Zimbra system mune "single-server" vhezheni

1. Kugadzirira kwekutanga

Usati watanga kuisa unofanirwa kuve nechokwadi:

a) Kuita shanduko kune yeruzhinji DNS zone (kugadzira A rekodhi yeZimbra sevha uye MX rekodhi yeiyo yakashumirwa mail domain).
b) Kumisikidza chaiyo network network muYandex.Cloud.

Panguva imwecheteyo, mushure mekuita shanduko kuDNS zone, zvinotora nguva kuti shanduko idzi dziparadzire, asi, kune rumwe rutivi, haugone kugadzira A rekodhi pasina kuziva IP kero yakabatana nayo.

Saka, maitiro anoitwa mune inotevera nhevedzano:

1. Chengetedza kero yeruzhinji IP muYandex.Cloud

1.1 Mu "Yandex.Cloud Console" (kana zvichidikanwa, kusarudza maforodha mu "makore anowanikwa"), enda kuchikamu cheVirtual Private Cloud, IP kero chikamu, wobva wadzvanya bhatani rekuti "Reserve kero", sarudza nzvimbo yaunoda kuwanikwa (kana bvuma). ine kukosha kwakarongwa; iyi nzvimbo yekuwanikwa inofanira kuzoshandiswa kune zvese zviito zvinotsanangurwa gare gare muYandex.Cloud, kana mafomu anoenderana aine sarudzo yekusarudza nzvimbo inowanikwa), mubhokisi rehurukuro rinovhura, unogona, kana uchida, asi. kwete hazvo, sarudza iyo "DDoS Dziviriro" sarudzo, uye tinya "Reserve" bhatani (ona zvakare zvinyorwa).

Mushure mekuvhara dialog, iyo static IP kero yakagoverwa nehurongwa ichave iripo mune runyorwa rwe IP kero, iyo inogona kukopwa uye kushandiswa munhanho inotevera.

1.2 Mu "mberi" DNS zone, gadzira A rekodhi yeZimbra server inongedza kune yakambogoverwa IP kero, rekodhi A reiyo TURN server inonongedza kune imwecheteyo IP kero, uye MX rekodhi yeakagamuchirwa mail domain. Mumuenzaniso wedu, idzi dzichava mail.testmail.svzcloud.ru (Zimbra server), turn.testmail.svzcloud.ru (TURN server), uye testmail.svzcloud.ru (mail domain), maererano.

1.3 MuYandex.Cloud, munzvimbo yakasarudzwa inowanikwa ye subnet ichashandiswa kuendesa mashini chaiwo, ita kuti NAT paInternet.

Kuti uite izvi, muchikamu cheVirtual Private Cloud, chikamu che "Cloud network", sarudza iyo yakakodzera Cloud network (nekudaro, chete default network inowanikwa ipapo), sarudza yakakodzera nzvimbo inowanikwa mairi uye sarudza "Gonesa NAT paInternet. ” muzvirongwa zvayo.

Mamiriro acho achachinja mune runyorwa rwe subnets:

Kuti uwane rumwe ruzivo, ona zvinyorwa: nguva и два.

2. Kugadzira virtual machines

2.1. Kugadzira muchina chaiwo weZimbra

Kuenzanisa kwezviito:

2.1.1 Mu “Yandex.Cloud Console”, enda kuchikamu cheCompute Cloud, chikamu che“Virtual machines”, tinya bhatani rekuti “Gadzira VM” (kuti uwane rumwe ruzivo nezvekugadzira VM, ona. zvinyorwa).

2.1.2 Pano iwe unofanirwa kugadzirisa:

• Zita - zvekupokana (maererano nefomati inotsigirwa neYandex.Cloud)
• Inowanikwa nzvimbo - inofanirwa kuenderana neyakambosarudzwa kune chaiyo network.
• Mu "Mifananidzo yeruzhinji" sarudza Ubuntu 18.04 lts
• Isa dhisiki rebhoti rinosvika 80GB muhukuru. Nezvinangwa zvekuyedza, rudzi rweHDD rwakakwana (uye zvakare nekushandisa zvine pundutso, chero mamwe marudzi e data achiendeswa kune SSD-mhando disks). Kana zvichidikanwa, mamwe madhisiki anogona kuwedzerwa mushure mekugadzira iyo VM.

Mu "computing resources" set:

• vCPU: angangoita 4.
• Yakavimbiswa chikamu chevCPU: kwenguva yezviito zvinotsanangurwa muchinyorwa, ingangoita 50%; mushure mekuiswa, kana zvichidikanwa, inogona kuderedzwa.
• RAM: 8GB inokurudzirwa.
• Subnet: sarudza subnet iyo iyo Internet NAT yakagoneswa panguva yekutanga nhanho yekugadzirira.
• Kero yeruzhinji: sarudza kubva pane iyo IP kero yakamboshandiswa kugadzira iyo A rekodhi muDNS.
• Mushandisi: pakufunga kwako, asi zvakasiyana kubva kumudzi wemushandisi uye kubva kuLinux system account.
• Iwe unofanirwa kutsanangura kiyi yeruzhinji (yakavhurika) SSH.

→ Dzidza zvakawanda nezvekushandisa SSH

Onawo 1 kushanda. Kugadzira makiyi eSSH mune openssh uye putty uye kushandura makiyi kubva putty kune openssh fomati.

2.1.3 Kana iyo setup yapera, tinya "Gadzira VM".

2.2. Kugadzira muchina chaiwo weZextras Docs

Kuenzanisa kwezviito:

2.2.1 Mu “Yandex.Cloud Console”, enda kuchikamu cheCompute Cloud, chikamu che“Virtual machines”, tinya bhatani rekuti “Gadzira VM” (kuti uwane rumwe ruzivo nezvekugadzira VM, ona. pano).

2.2.2 Pano iwe unofanirwa kugadzirisa:

• Zita - zvekupokana (maererano nefomati inotsigirwa neYandex.Cloud)
• Inowanikwa nzvimbo - inofanirwa kuenderana neyakambosarudzwa kune chaiyo network.
• Mu "Mifananidzo yeruzhinji" sarudza Ubuntu 18.04 lts
• Isa dhisiki rebhoti rinosvika 80GB muhukuru. Nezvinangwa zvekuyedza, rudzi rweHDD rwakakwana (uye zvakare nekushandisa zvine pundutso, chero mamwe marudzi e data achiendeswa kune SSD-mhando disks). Kana zvichidikanwa, mamwe madhisiki anogona kuwedzerwa mushure mekugadzira iyo VM.

Mu "computing resources" set:

• vCPU: angangoita 2.
• Yakavimbiswa chikamu chevCPU: kwenguva yezviito zvinotsanangurwa muchinyorwa, ingangoita 50%; mushure mekuiswa, kana zvichidikanwa, inogona kuderedzwa.
• RAM: ingangoita 2GB.
• Subnet: sarudza subnet iyo iyo Internet NAT yakagoneswa panguva yekutanga nhanho yekugadzirira.
• Kero yeruzhinji: hapana kero (muchina uyu haudi kuwanikwa kubva paInternet, kungobuda chete kubva muchina uyu kuenda kuInternet, iyo inopihwa ne "NAT kuInternet" sarudzo ye subnet inoshandiswa).
• Mushandisi: pakufunga kwako, asi zvakasiyana kubva kumudzi wemushandisi uye kubva kuLinux system account.
• Iwe unofanirwa kunyatso kuseta yeruzhinji (yakavhurika) SSH kiyi, unogona kushandisa yakafanana neyeZimbra sevha, unogona kugadzira yakaparadzana kiyi peya, sezvo yakavanzika kiyi yeZextras Docs server ichada kuiswa paZimbra server. disk.

Onawo Appendikisi 1. Kugadzira makiyi eSSH mune openssh uye putty uye kushandura makiyi kubva ku putty kuenda ku openssh fomati.

2.2.3 Kana iyo setup yapera, tinya "Gadzira VM".

2.3 Iwo akagadzirwa chaiwo michina ichave iripo mune rondedzero yemachina chaiwo, ayo anoratidza, kunyanya, chimiro chavo uye IP kero inoshandiswa, yeruzhinji neyemukati. Ruzivo nezve IP kero ichadikanwa mune anotevera ekuisa matanho.

3. Kugadzirira Zimbra server yekuisa

3.1 Kuisa zvigadziriso

Iwe unofanirwa kupinda muZimbra server pane yayo yeruzhinji IP kero uchishandisa yako yaunofarira ssh mutengi uchishandisa yakavanzika ssh kiyi uye uchishandisa zita rezita rakatsanangurwa paunenge uchigadzira chaiwo muchina.

Mushure mekupinda mukati, mhanyisa mirairo:

sudo apt update
sudo apt upgrade

(kana uchiita murairo wekupedzisira, pindura "y" kumubvunzo wekuti une chokwadi chekuisa rondedzero yakarongwa yezvigadziriso)

Mushure mekuisa zvigadziriso, unogona (asi haufanirwe ku) mhanyisa murairo:

sudo apt autoremove

Uye pakupera kwenhanho, mhanya murairo

sudo shutdown –r now

3.2 Kuwedzera kuiswa kwemaapplication

Iwe unofanirwa kuisa mutengi weNTP kuwiriranisa iyo system nguva uye skrini yekushandisa nemurairo unotevera:

sudo apt install ntp screen

(Paunenge uchiita murairo wekupedzisira, pindura "y" paunobvunzwa kana uine chokwadi chekuisa rondedzero yakabatanidzwa yemapakeji)

Iwe unogona zvakare kuisa zvimwe zvekushandisa kuitira kuti maneja zvive nyore. Semuenzaniso, Midnight Commander inogona kuiswa nemurairo:

sudo apt install mc

3.3. Kuchinja masisitimu ehurongwa

3.3.1 Mufaira /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg shandura kukosha kweparameter maneja_etc_hosts c zvechokwadi pamusoro venhema.

Ongorora: kuti uchinje faira iyi, mupepeti anofanirwa kumhanyiswa nemidzi yemushandisi kodzero, semuenzaniso, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg” kana, kana iyo mc package yakaiswa, unogona kushandisa murairo “sudo mceedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg»

3.3.2 Edit / etc / maoko sezvinotevera, kutsiva mumutsara unotsanangura FQDN yemugamuchiri kero kubva 127.0.0.1 kuenda kukero yemukati yeIP yeserver iyi, uye zita kubva pazita rakazara mu.internal zone kuenda kuzita reruzhinji reserver rataurwa kare muA. -rekodha yeDNS zone, uye inowirirana nekushandura zita remutambi (kana rakasiyana kubva kupfupi zita rekutambira kubva kuruzhinji DNS A rekodhi).

Semuenzaniso, kwatiri isu faira rekugamuchira raitaridzika senge:

Mushure mekugadzirisa zvakaratidzika seizvi:

Ongorora: kuti uchinje faira iyi, mupepeti anofanirwa kumhanyiswa nemidzi yemushandisi kodzero, semuenzaniso, "sudo vi /etc/hosts” kana, kana iyo mc package yakaiswa, unogona kushandisa murairo “sudo mceedit /etc/hosts»

3.4 Seta password yemushandisi

Izvi zvakakosha nekuda kwekuti mune ramangwana firewall ichagadziriswa, uye kana paine matambudziko akamuka nayo, kana mushandisi aine password, zvinokwanisika kupinda mumushini chaiwo uchishandisa serial console kubva kuYandex. Cloud web console uye dzima firewall uye/kana kugadzirisa kukanganisa. Paunenge uchigadzira muchina chaiwo, mushandisi haana password, uye saka kuwana kunogoneka chete kuburikidza neSSH uchishandisa kiyi yekusimbisa.

Kuti uise password iwe unofanirwa kumhanya murairo:

sudo passwd <имя пользователя>

Semuenzaniso, kwatiri ichava murairo "sudo passwd mushandisi".

4. Kuiswa kweZimbra neZextras Suite

4.1. Kudhaunirodha Zimbra uye Zextras Suite kugovera

4.1.1 Kurodha kugovera kweZimbra

Kuenzanisa kwezviito:

1) Enda kuURL nebrowser www.zextras.com/download-zimbra-9 uye zadza fomu racho. Iwe uchagashira email ine zvinongedzo zvekurodha Zimbra yemaOS akasiyana.

2) Sarudza yazvino yekugovera vhezheni yeUbuntu 18.04 LTS chikuva uye tevedzera chinongedzo

3) Dhawunirodha kugovera kweZimbra kuZimbra server uye kuiburitsa. Kuti uite izvi, mhanyisa mirairo mune ssh chikamu pane zimbra server

cd ~
mkdir zimbra
cd zimbra
wget <url, скопированный на предыдущем шаге>
tar –zxf <имя скачанного файла>

(mumuenzaniso wedu izvi "tara -zxf zcs-9.0.0_OSE_UBUNTU18_latest-zextras.tgz")

4.1.2 Kurodha kugovera kweZextras Suite

Kuenzanisa kwezviito:

1) Enda kuURL nebrowser www.zextras.com/download

2) Zadza fomu nekuisa data rinodiwa uye tinya bhatani re "DOWNLOAD ZVINO".

3) Peji yekudhawunirodha ichavhurwa

Iyo ine ma URL maviri ekufarira kwatiri: imwe kumusoro kwepeji yeZextras Suite pachayo, iyo yatinoda ikozvino, uye imwe pazasi muDocs Server block yeUbuntu 18.04 LTS, iyo ichadikanwa gare gare isa Zextras Docs paVM yeDocs.

4) Dhawunirodha kugovera kweZextras Suite kuZimbra server uye kuiburitsa. Kuti uite izvi, mhanyisa mirairo mune ssh chikamu pane zimbra server

cd ~
mkdir zimbra
cd zimbra

(kana dhairekitori razvino risati rachinja mushure menhanho yapfuura, mirairo iri pamusoro inogona kusiiwa)

wget http://download.zextras.com/zextras_suite-latest.tgz
tar –zxf zextras_suite-latest.tgz

4.2. Kuiswa kweZimbra

Kuenzanisa kwezviito

1) Enda kudhairekitori uko mafaera akaburitswa mudanho 4.1.1 (rinogona kutariswa nemirairo yels uchiri mu ~/zimbra directory).

Mumuenzaniso wedu zvingava:

cd ~/zimbra/zcs-9.0.0_OSE_UBUNTU18_latest-zextras/zimbra-installer

2) Mhanya iyo Zimbra yekuisa uchishandisa rairo

sudo ./install.sh

3) Isu tinopindura mibvunzo yemugadziri

Iwe unogona kupindura mibvunzo yemugadziri ne "y" (inoenderana ne "hongu"), "n" (inoenderana ne" kwete"), kana kusiya zano remugadziri risina kuchinjwa (inopa sarudzo, ichiratidza mumabhuraketi akaenzana, semuenzaniso, " [Y]” kana “[N].”

Unobvumirana here nemitemo yechibvumirano cherezinesi resoftware? - Ehe.

Shandisa Zimbra's package repository? - nekusingaperi (hongu).

"Isa zimbra-ldap?","Isa zimbra-logger?","Isa zimbra-mta?”- default (hongu).

Isa zimbra-dnscache? - kwete (iyo inoshanda sisitimu ine yayo caching DNS server inogoneswa nekusarudzika, saka iyi package ichave nekupokana nayo nekuda kwezvikepe zvinoshandiswa).

Isa zimbra-snmp? - kana uchida, unogona kusiya iyo yakasarudzika sarudzo (hongu), haufanirwe kuisa iyi package. Mumuenzaniso wedu, sarudzo yakasara yasara.

"Isa zimbra-chitoro?","Isa zimbra-apache?","Isa zimbra-spell?","Isa zimbra-memcached?","Isa zimbra-proxy?”- default (hongu).

Isa zimbra-snmp? - kwete (pakeji yacho haina kutsigirwa uye inotsiviwa neZextras Drive).

Isa zimbra-imapd? - default (kwete).

Isa zimbra-chat? - kwete (inoshanda yakatsiviwa neZextras Team)

Mushure mezvo mugadziri anozobvunza kana kuenderera mberi nekuisirwa?

Tinopindura "hongu" kana tikakwanisa kuenderera mberi, kana tikasadaro tinopindura "kwete" uye tinowana mukana wekuchinja mhinduro dzemibvunzo yakabvunzwa kare.

Mushure mekubvuma kuenderera mberi, mugadziri anoisa iwo mapakeji.

4.) Isu tinopindura mibvunzo kubva kune yekutanga configurator

4.1) Sezvo mumuenzaniso wedu zita reDNS revhavha yemeseji (Zita rekodhi) uye zita reiyo yakashumirwa mail domain (MX rekodhi zita) zvakasiyana, iyo configurator inoratidza yambiro uye inokukurudzira kuti uise zita reiyo yakashumirwa mail domain. Isu tinobvumirana nechikumbiro chake uye toisa zita reiyo MX rekodhi. Mumuenzaniso wedu zvinotaridzika seizvi:

Ongorora: iwe unogona zvakare kuseta iyo yakashumirwa mail domain kuti ive yakasiyana kubva kune server zita kana zita reseva riine MX rekodhi yezita rimwe chete.

4.2) Iyo configurator inoratidza iyo huru menyu.

Isu tinofanirwa kuseta iyo Zimbra administrator password (menu chinhu 6 mumuenzaniso wedu), pasina izvo hazvibviri kuenderera mberi nekuisa, uye shandura zimbra-proxy set (menu chinhu 8 mumuenzaniso wedu; kana zvichidikanwa, iyi sarudzo inogona kuchinjwa. mushure mekuiswa).

4.3) Kuchinja zimbra-chitoro marongero

Mune configurator kukurumidza, isa iyo menyu chinhu nhamba uye tinya Enter. Isu tinosvika kune yekuchengetedza zvigadziriso menyu:

uko mukukoka kwemugadziri isu tinoisa nhamba yeAdmin Password menyu chinhu (mumuenzaniso wedu 4), tinya Enter, mushure meiyo iyo configurator inopa isina kurongeka inogadzirwa password, iyo iwe yaunogona kubvumirana nayo (uchiirangarira) kana kupinda yako. Muzviitiko zvese zviri zviviri, pakupera unofanira kudzvanya Enter, mushure mezvo chinhu che "Admin Password" chinobvisa chicherechedzo chekumirira kupinza ruzivo kubva kumushandisi:

Isu tinodzokera kune yakapfuura menyu (tinobvumirana nechikumbiro chemugadziri).

4.4) Kuchinja zimbra-proxy marongero

Nekufananidza nenhanho yapfuura, mumenyu huru, sarudza nhamba ye "zimbra-proxy" chinhu uye uiise mukugadzirisa kukurumidza.

MuProxy configuration menu inovhura, sarudza nhamba ye "Proxy server mode" chinhu uye uiise mu configurator nokukurumidza.

Iyo configurator ichapa kusarudza imwe yemamodhi, isa "redirect" mukukurumidza kwayo uye tinya Enter.

Mushure mezvo tinodzokera kumenyu huru (tinobvumirana nechikumbiro chemugadziri).

4.5) Running configuration

Kuti utange kurongeka, isa "a" pane configurator kukurumidza. Mushure mezvo ichabvunza kana kuchengetedza iyo yakapinda kumisikidzwa kufaira (iyo inogona kushandiswa kuisirwazve) - iwe unogona kubvumirana neyakagadzikirwa zano, kana kuchengetedza kwaitwa - inobvunza mune iyo faira kuchengetedza iyo gadziriso (iwe inogona zvakare kubvumirana neyakagadzika chikumbiro kana kuisa rako wega zita refaira).

Panguva ino, iwe unogona kuramba kuenderera mberi uye kuita shanduko kugadziriso nekubvumirana nemhinduro yakasarudzika kumubvunzo wekuti "Sitimu ichagadziridzwa - enderera?"

Kuti utange kuisirwa, unofanirwa kupindura "Hongu" kumubvunzo uyu, mushure meizvozvo iyo configurator inoshandisa iyo yakambopinda marongero kwenguva yakati.

4.6) Kupedzisa kuiswa kweZimbra

Asati apedza, mugadziri anobvunza kana kuzivisa Zimbra nezve kuisirwa. Iwe unogona kubvumirana neyakagadzika chirevo kana kuramba (nekupindura "Kwete") chiziviso.

Mushure mezvo mugadziri anozoenderera mberi nekuita mashandiro ekupedzisira kwechinguva uye kuratidza chiziviso chekuti sisitimu yekumisikidza yakwana nekukasira kudzvanya chero kiyi yekubuda muinstall.

4.3. Kuiswa kweZextras Suite

Kuti uwane rumwe ruzivo nezve kuisa Zextras Suite, ona mirayiridzo.

Kuenzanisa kwezviito:

1) Enda kudhairekitori uko mafaera akaburitswa mudanho 4.1.2 (rinogona kutariswa nemirairo yels uchiri mu ~/zimbra directory).

Mumuenzaniso wedu zvingava:

cd ~/zimbra/zextras_suite

2) Mhanya iyo Zextras Suite yekuisa uchishandisa rairo

sudo ./install.sh all

3) Isu tinopindura mibvunzo yemugadziri

Nheyo yekushanda kweiyo installer yakafanana neiyo yeZimbra installer, kunze kwekushaikwa kwemugadziri. Iwe unogona kupindura mibvunzo yemugadziri ne "y" (inoenderana ne "hongu"), "n" (inoenderana ne" kwete"), kana kusiya zano remugadziri risina kuchinjwa (inopa sarudzo, ichiratidza mumabhuraketi akaenzana, semuenzaniso, " [Y]” kana “[N].”

Kuti utange maitiro ekuisa, unofanirwa kupindura "hongu" kumibvunzo inotevera:

Unobvumirana here nemitemo yechibvumirano cherezinesi resoftware?
Unoshuvira here kuti Zextras Suite idhawunirodhe, isa nekusimudzira ZAL Library?

Mushure mezvo chiziviso chicharatidzwa chichikukumbira kuti udzvanye Enter kuti uenderere mberi:

Mushure mekudzvanya Enter, maitiro ekuisa anotanga, dzimwe nguva achikanganiswa nemibvunzo, iyo, zvisinei, isu tinopindura nekubvumirana nemazano akasarudzika ("hongu"), anoti:

Zextras Suite Core zvino ichaiswa. Proceed?
Unoshuvira kumisa Zimbra Webhu Chikumbiro (bhokisi retsamba)?
Iyo Zextras Suite Zimlet yave kuiswa. Proceed?

Chikamu chekupedzisira chekuisa chisati chatanga, iwe unozoziviswa kuti unofanirwa kugadzirisa iyo DOS sefa uye nekukumbira kuti udzvanye Enter kuti uenderere mberi. Mushure mekudzvanya Enter, chikamu chekupedzisira chekuisa chinotanga, pakupera chiziviso chekupedzisira chinoratidzwa uye mugadziri anopedzisa.

4.4. Kwekutanga kuseta tuning uye kutsunga kweLDAP kumisikidza paramita

1) Zvose zvinotevera zviito zvinoitwa pasi pemushandisi we zimbra. Kuti uite izvi unofanirwa kumhanya murairo

sudo su - zimbra

2) Chinja iyo DOS sefa yekuseta nekuraira

zmprov mcf zimbraHttpDosFilterMaxRequestsPerSec 150

3) Kuisa Zextras Docs, iwe uchada ruzivo nezve dzimwe Zimbra zvigadziriso sarudzo. Kuti uite izvi unogona kumhanya murairo:

zmlocalconfig –s | grep ldap

Mumuenzaniso wedu, ruzivo runotevera rucharatidzwa:

Kuti ushandise zvakare, unozoda ldap_url, zimbra_ldap_password (uye zimbra_ldap_userdn, kunyangwe muisimi weZextras Docs achiwanzoita fungidziro chaiyo nezvezita rekushandisa reLDAP).

4) Rega semushandisi we zimbra nekumhanyisa rairo
kubuda

5. Kugadzirira Docs server kuti igadzirwe

5.1. Kuisa SSH yakavanzika kiyi kuZimbra server uye kupinda muDocs server

Izvo zvinodikanwa kuisa paZimbra sevha kiyi yakavanzika yeSSH kiyi pair, kiyi yeruzhinji yakashandiswa mudanho 2.2.2 ye clause 2.2 pakugadzira iyo Docs virtual muchina. Inogona kuiswa kune sevha kuburikidza neSSH (somuenzaniso, kuburikidza ne sftp) kana kunamirwa kuburikidza ne clipboard (kana kugona kweSSH mutengi akashandiswa uye nharaunda yekuuraya inobvumira).

Isu tinofungidzira kuti kiyi yakavanzika yakaiswa mufaira ~/.ssh/docs.key uye mushandisi anoshandiswa kupinda muZimbra server ndiye muridzi wayo (kana kudhawunirodha/kugadzirwa kwefaira iri kwakaitwa pasi pemushandisi uyu, iye otomatiki. akava muridzi wayo).

Iwe unofanirwa kumhanya murairo kamwe chete:

chmod 600 ~/.ssh/docs.key

Mune ramangwana, kuti upinde muDocs server, unofanirwa kuita zvinotevera kutevedzana kwezviito:

1) Pinda kune Zimbra server

2) Run command

ssh -i ~/.ssh/docs.key user@<внутренний ip-адрес сервера Docs>

Iko kukosha <yemukati IP kero yeDocs server> inogona kuwanikwa mu "Yandex.Cloud Console", semuenzaniso, sezvakaratidzwa mundima 2.3.

5.2. Kuisa zvigadziriso

Mushure mekupinda muDocs server, mhanyisa mirairo yakafanana neiyo yeZimbra server:

sudo apt update
sudo apt upgrade

(kana uchiita murairo wekupedzisira, pindura "y" kumubvunzo wekuti une chokwadi chekuisa rondedzero yakarongwa yezvigadziriso)

Mushure mekuisa zvigadziriso, unogona (asi haufanirwe ku) mhanyisa murairo:

sudo apt autoremove

Uye pakupera kwenhanho, mhanya murairo

sudo shutdown –r now

5.3. Kuwedzera kuiswa kwemaapplication

Iwe unofanirwa kuisa mutengi weNTP kuwiriranisa iyo system nguva uye skrini yekushandisa, yakafanana nechiito chimwechete cheZimbra server, nemurairo unotevera:

sudo apt install ntp screen

(Paunenge uchiita murairo wekupedzisira, pindura "y" paunobvunzwa kana uine chokwadi chekuisa rondedzero yakabatanidzwa yemapakeji)

Iwe unogona zvakare kuisa zvimwe zvekushandisa kuitira kuti maneja zvive nyore. Semuenzaniso, Midnight Commander inogona kuiswa nemurairo:

sudo apt install mc

5.4. Kuchinja masisitimu ehurongwa

5.4.1. Mufaira /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg, nenzira yakafanana neyeZimbra server, shandura kukosha kwemanage_etc_hosts parameter kubva pachokwadi kune nhema.

Ongorora: kuti uchinje faira iyi, mupepeti anofanirwa kumhanyiswa nemidzi yemushandisi kodzero, semuenzaniso, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg” kana, kana iyo mc package yakaiswa, unogona kushandisa murairo “sudo mceedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg»

5.4.2. Rongedza /etc/hosts, uchiwedzera FQDN yeruzhinji yeZimbra server, asi nekero yemukati yeIP yakapihwa neYandex.Cloud. Kana iwe uine maneja-inodzorwa yemukati DNS server inoshandiswa nemashini chaiwo (semuenzaniso, munzvimbo yekugadzira), uye inokwanisa kugadzirisa veruzhinji FQDN yeZimbra server neiyo yemukati IP kero kana uchigamuchira chikumbiro kubva kune yemukati network (ye zvikumbiro kubva paInternet, iyo FQDN yeZimbra server inofanirwa kugadziriswa neruzhinji IP kero, uye TURN server inofanirwa kugara ichigadziriswa neruzhinji IP kero, kusanganisira kana ichipinda kubva mukati kero), kushanda uku hakudiwi.

Semuenzaniso, kwatiri isu faira rekugamuchira raitaridzika senge:

Mushure mekugadzirisa zvakaratidzika seizvi:

Ongorora: kuti uchinje faira iyi, mupepeti anofanirwa kumhanyiswa nemidzi yemushandisi kodzero, semuenzaniso, "sudo vi /etc/hosts” kana, kana iyo mc package yakaiswa, unogona kushandisa murairo “sudo mceedit /etc/hosts»

6. Kuiswa kweZextras Docs

6.1. Pinda kuDocs server

Maitiro ekupinda muDocs server anotsanangurwa muchikamu 5.1.

6.2. Kudhaunirodha kugovera kweZextras Docs

Kuenzanisa kwezviito:

1) Kubva papeji kubva muchikamu 4.1.2. Kudhaunirodha kugovera kweZextras Suite Dhawunirodha kugovera kweZextras Suite (mudanho rechitatu), kopira iyo URL yekuvaka Docs yeUbuntu 3 LTS (kana isina kukopirwa kare).

2) Dhawunirodha kugovera kweZextras Suite kuZimbra server uye kuiburitsa. Kuti uite izvi, mhanyisa mirairo mune ssh chikamu pane zimbra server

cd ~
mkdir zimbra
cd zimbra
wget <URL со страницы скачивания>

(kwedu murairo "wget" unoitwa download.zextras.com/zextras-docs-installer/latest/zextras-docs-ubuntu18.tgz")

tar –zxf <имя скачанного файла>

(kwedu, murairo we "tar -zxf zextras-docs-ubuntu18.tgz" unoitwa)

6.3. Kuiswa kweZextras Docs

Kuti uwane rumwe ruzivo nezve kuisa nekugadzirisa Zextras Docs, ona pano.

Kuenzanisa kwezviito:

1) Enda kudhairekitori uko mafaera akaburitswa mudanho 4.1.1 (rinogona kutariswa nemirairo yels uchiri mu ~/zimbra directory).

Mumuenzaniso wedu zvingava:

cd ~/zimbra/zextras-docs-installer

2) Mhanya iyo Zextras Docs yekuisa uchishandisa rairo

sudo ./install.sh

3) Isu tinopindura mibvunzo yemugadziri

Iwe unogona kupindura mibvunzo yemugadziri ne "y" (inoenderana ne "hongu"), "n" (inoenderana ne" kwete"), kana kusiya zano remugadziri risina kuchinjwa (inopa sarudzo, ichiratidza mumabhuraketi akaenzana, semuenzaniso, " [Y]” kana “[N]”).

Sisitimu ichagadziridzwa, ungade kuenderera? - gamuchira iyo yakasarudzika sarudzo ("hongu").

Mushure meizvi, kuisirwa kwezvinotsamira kunotanga: mugadziri acharatidza kuti ndeapi mapakeji aanoda kuisa uye kukumbira kusimbiswa kwekuamisa. Muzviitiko zvese, tinobvumirana nezvakagadzirirwa zvinopihwa.

Somuenzaniso, anogona kubvunza "python2.7 haina kuwanikwa. Unoda kuiisa here?»,«python-ldap haina kuwanikwa. Unoda kuiisa here?"nezvimwe.

Mushure mekuisa mapakeji ese anodiwa, mugadziri anokumbira mvumo yekuisa Zextras Docs:

Unoda kuisa Zextras DOCS? - gamuchira iyo yakasarudzika sarudzo ("hongu").

Mushure mezvo imwe nguva inopedzwa kuisa mapakeji, Zextras Docs pachayo, uye kuenda kumibvunzo yekumisikidza.

4) Isu tinopindura mibvunzo kubva kune configurator

Iyo configurator inokumbira gadziriso paramita imwe neimwe; mukupindura, hunhu hunowanwa mudanho 3 muchikamu 4.4 inopinzwa. Kwekutanga tuning yezvirongwa uye kutsunga kweLDAP kumisikidza paramita.

Mumuenzaniso wedu, marongero anoita senge:

5) Kupedzisa kuiswa kweZextras Docs

Mushure mekupindura mibvunzo yemugadziri, mugadziri anopedzisa dhizaini yemunharaunda uye anonyoresa sevhisi yakaiswa pane huru Zimbra server yakaiswa kare.

Kuisirwa-sevha-sevha, izvi zvinowanzokwana, asi mune dzimwe nguva (kana zvinyorwa zvikasavhurwa muDocs mune yewebhu mutengi paDrive tab) ungangoda kuita chiito chinodiwa pakuisirwa-multi-server. - mumuenzaniso wedu, pane huru Zimbra server, iwe uchafanirwa kuiita kubva pasi peZimbra Teams mushandisi /opt/zimbra/libexec/zmproxyconfgen и zmproxyctl restart.

7. Kugadzwa kwekutanga kweZimbra neZextras Suite (kunze kweChikwata)

7.1. Pinda kune admin console kekutanga

Pinda mubrowser uchishandisa URL: https:// :7071

Kana uchida, unogona kupinda mukati mewebhu mutengi uchishandisa iyo URL: https://

Paunenge uchipinda mukati, mabhurawuza anoratidza yambiro nezve isina chengetedzo yekubatanidza nekuda kwekutadza kuonesa chitupa. Iwe unofanirwa kupindura kune browser nezve mvumo yako yekuenda kune saiti kunyangwe yambiro iyi. Izvi zvinokonzerwa nekuti mushure mekuisa, chitupa che X.509 chakazvisainira chinoshandiswa kune TLS connections, iyo inogona gare gare (mukushandisa zvinobudirira - inofanira) kutsiviwa nechitupa chekutengesa kana chimwe chitupa chinozivikanwa nemabhurawuza anoshandiswa.

Mune fomu rechokwadi, isa zita rekushandisa mufomati admin@<yako yakagamuchirwa mail domain> uye password yeZimbra administrator yakataurwa pakuisa Zimbra server mudanho 4.3 muchikamu 4.2.

Mumuenzaniso wedu zvinotaridzika seizvi:

Admin Console:

Webhu mutengi:

Cherekedza 1 Kana iwe ukasatsanangura iyo inogamuchirwa mail domain paunenge uchipinda mu admin console kana webhu mutengi, vashandisi vanozotenderwa kune iyo mail domain yakagadzirwa pakuisa Zimbra server. Mushure mekuisa, iyi ndiyo chete inogamuchirwa mail domain iripo pane iyi sevha, asi sekushanda kwehurongwa, mamwe mazita e-mail anogona kuwedzerwa, uye zvino kunyatsojekesa domain muzita rekushandisa kuchaita mutsauko.

Cherekedza 2 Paunopinda mutengi yewebhu, browser yako inogona kukumbira mvumo yekuratidza zviziviso kubva pane saiti. Iwe unofanirwa kubvuma kugamuchira zviziviso kubva kune ino saiti.

Cherekedza 3 Mushure mekupinda mumutungamiri console, unogona kuziviswa kuti kune mameseji kune maneja, kazhinji achikuyeuchidza kuti umise Zextras Backup uye / kana kutenga rezinesi reZextras risati rapera rezinesi rekuyedza. Zviito izvi zvinogona kuitwa gare gare, uye saka mameseji aripo panguva yekupinda anogona kufuratirwa uye/kana kumakwa sekuverengwa kuZextras menyu: Zextras Alert.

Cherekedza 4 Izvo zvinonyanya kukosha kuziva kuti mune server mamiriro ekutarisa mamiriro eiyo Docs sevhisi inoratidzwa se "isipo" kunyangwe Docs muwebhu mutengi ari kushanda nemazvo:

Ichi chikamu cheyedzo vhezheni uye chinogona kugadziriswa chete mushure mekutenga rezinesi uye kubata rutsigiro.

7.2. Kuendeswa kweZextras Suite zvikamu

MuZextras: Core menyu, unofanirwa kudzvanya pakanzi "Deploy" kune ese mazamu auri kuda kushandisa.

Pakuisa winterlets, dialog inoonekwa ine mhedzisiro yekushanda sezvinotevera:

Mumuenzaniso wedu, ese Zextras Suite winterlets anoiswa, mushure meiyo Zextras: Core fomu inotora inotevera fomu:

7.3. Kuchinja magadzirirwo ekupinda

7.3.1. Kuchinja Global Settings

Mumenu yeZvirongwa: Zvirongwa zvepasi rose, Proxy server submenu, shandura zvinotevera paramita:

Webhu proxy mode: redirect
Gonesa manejimendi console proxy server: tarisa bhokisi.
Wobva wadzvanya pakanzi "Chengetedza" kumusoro kurudyi rwefomu.

Mumuenzaniso wedu, mushure mekuchinja kwaitwa, fomu rinotaridzika seizvi:

7.3.2. Shanduko kune huru Zimbra server marongero

Mumenu yeZvirongwa: Masevha: <zita reZimbra server>, submenu Proxy server, shandura maparamendi anotevera:

Webhu proxy mode: tinya pane "Reset to default value" bhatani (iyo kukosha pachayo haizoshanduke, sezvo yakatoiswa panguva yekuiswa). Gonesa iyo manejimendi console proxy server: tarisa kuti cheki bhokisi rakatariswa (iyo default kukosha inofanira kunge yaiswa, kana zvisiri, unogona kudzvanya bhatani re "Reset to default value" uye / kana kurimisa nemaoko). Wobva wadzvanya pakanzi "Chengetedza" kumusoro kurudyi rwefomu.

Mumuenzaniso wedu, mushure mekuchinja kwaitwa, fomu rinotaridzika seizvi:

Ongorora: (kutangazve kunogona kudikanwa kana kupinda pachiteshi ichi kusashanda)

7.4. Nyowani admin console login

Pinda kune admin console mubrowser yako uchishandisa URL: https:// :9071
Mune ramangwana, shandisa URL iyi kupinda

Cherechedza: kune imwe-sevha yekuisa, sekutonga, shanduko dzakaitwa munhanho yapfuura dzakakwana, asi mune dzimwe nguva (kana peji yevhavha isina kuratidzwa paunopinda mu URL yakatsanangurwa), ungada kuita chiito chinodiwa. yekumisikidza akawanda-server - mumuenzaniso wedu, pane iyo huru Zimbra server mirairo inoda kuurayiwa semushandisi weZimbra. /opt/zimbra/libexec/zmproxyconfgen и zmproxyctl restart.

7.5. Kugadzirisa default COS

Mune Zvirongwa: Sevhisi Kirasi menyu, sarudza COS ine zita rekuti "default".

Mune "Mikana" submenu, bvisa iyo "Portfolio" basa, wobva wadzvanya "Chengetedza" kumusoro kumusoro kurudyi kwefomu.

Mumuenzaniso wedu, mushure mekugadzirisa, fomu inotaridzika seizvi:

Zvinokurudzirwawo kuti utarise iyo "Gonesa kugovera mafaera nemaforodha" kuseta muDrive submenu, wobva wadzvanya "Chengetedza" kumusoro kumusoro kurudyi kwefomu.

Mumuenzaniso wedu, mushure mekugadzirisa, fomu inotaridzika seizvi:

Munzvimbo yekuyedza, mukirasi imwechete yesevhisi, unogona kugonesa Team Pro kushanda nekubatidza bhokisi rekutarisa rine zita rimwechete muChikwata submenu, mushure meiyo fomu yekumisikidza inotora fomu rinotevera:

Kana Team Pro maficha akaremara, vashandisi vanongowana mukana weTimu Basic maficha.
Ndokumbira utarise kuti Zextras Team Pro ine rezinesi yakazvimiririra yeZextras Suite, iyo inokutendera kuti uitengere mabhokisi etsamba mashoma pane iyo Zextras Suite pachayo; Team Basic maficha anosanganisirwa muZextras Suite rezinesi. Naizvozvo, kana ikashandiswa munzvimbo yekugadzira, ungangoda kugadzira yakaparadzana sevhisi kirasi yevashandisi veTimu Pro inosanganisira akakodzera maficha.

7.6. Firewall setup

Inodiwa kune huru Zimbra server:

a) Bvumira kupinda kubva paInternet kuenda kune ssh, http/https, imap/imaps, pop3/pop3s, smtp ports (iyo huru port uye mamwe madoko ekushandiswa nevatengi vetsamba) uye manejimendi console port.

b) Bvumira zvese zvinongedzo kubva kune yemukati network (iyo NAT paInternet yakagoneswa munhanho 1.3 mudanho 1).

Iko hakuna chikonzero chekugadzirisa firewall yeZextras Docs server, nokuti haiwanike kubva paInternet.

Kuti uite izvi, iwe unofanirwa kuita zvinotevera kutevedzana kwezviito:

1) Pinda mukati meiyo text console ye main Zimbra server. Paunenge uchipinda mukati neSSH, unofanirwa kumhanyisa "screen" kuraira kuti udzivise kukanganisa kwekuita kwekuraira kana kubatana nesevha kwarasika kwenguva pfupi nekuda kwekuchinja kwezvirongwa zvefirewall.

2) Mhanyai mirairo

sudo ufw allow 22,25,80,110,143,443,465,587,993,995,9071/tcp
sudo ufw allow from <адрес_вашей_сети>/<длина CIDR маски>
sudo ufw enable

Mumuenzaniso wedu zvinotaridzika seizvi:

7.7. Kutarisa kuwana kune webhu mutengi uye admin console

Kuti utarise mashandiro efirewall, unogona kuenda kune inotevera URL mubrowser yako

Administrator console: https:// :9071
Webhu mutengi: http:// (pachave neatomatiki redirect to https:// )
Panguva imwecheteyo, uchishandisa imwe nzira URL https:// :7071 Iyo admin console haifanire kuvhura.

Mutengi wewebhu mumuenzaniso wedu anotaridzika seizvi:

Cherechedza. Paunopinda mutengi yewebhu, browser yako inogona kukumbira mvumo yekuratidza zviziviso kubva pasaiti. Iwe unofanirwa kubvuma kugamuchira zviziviso kubva kune ino saiti.

8. Kuve nechokwadi chekushanda kwemaodhiyo nemavhidhiyo makonferensi muZextras Team

8.1. General information

Zviito zvinotsanangurwa pazasi hazvidiwi kana vatengi vese veZextras Team vachidyidzana pasina kushandisa NAT (munyaya iyi, kupindirana neZimbra server pachayo kunogona kuitwa uchishandisa NAT, i.e. zvakakosha kuti hapana NAT pakati pevatengi), kana kana zvinyorwa chete zvichishandiswa messenger.

Kuve nechokwadi chekudyidzana kwevatengi kuburikidza neodhiyo uye vhidhiyo musangano:

a) Iwe unofanirwa kuisa kana kushandisa iripo TURN server.

b) Nokuti iyo TURN sevha kazhinji inewo kushanda kweSTUN server, inokurudzirwa kuti uishandise munzvimbo iyi zvakare (seimwe nzira, unogona kushandisa veruzhinji STUN maseva, asi STUN mashandiro ega kazhinji haana kukwana).

Munzvimbo yekugadzira, nekuda kwekunge yakakwira mutoro, zvinokurudzirwa kufambisa iyo TURN server kune yakaparadzana chaiyo muchina. Yekuyedza uye/kana kuremerwa, iyo TURN sevha inogona kusanganiswa neiyo huru Zimbra server.

Muenzaniso wedu unotarisa kuisa TURN server pane huru Zimbra server. Kuisa TURN pane imwe sevha yakafanana, kunze kwekuti matanho ane chekuita nekuisa nekugadzirisa iyo TURN software anoitwa pane TURN server, uye matanho ekugadzirisa Zimbra server kuti ishandise iyo sevha inoitwa pane huru Zimbra server.

8.2. Kuisa TURN server

Sezvo wakambopinda mukati kuburikidza neSSH kune huru Zimbra server, mhanyisa murairo

sudo apt install resiprocate-turn-server

8.3. Kugadzira TURN server

Cherechedza. Kuti uchinje mafaera ese anotevera ekugadzirisa, mupepeti anofanirwa kumhanyiswa nemidzi yemushandisi kodzero, semuenzaniso, "sudo vi /etc/reTurn/reTurnServer.config” kana, kana iyo mc package yakaiswa, unogona kushandisa murairo “sudo mceedit /etc/reTurn/reTurnServer.config»

Kugadzirwa kwemushandisi kwakareruka

Kurerutsa kusikwa uye kugadzirisa bvunzo yekubatanidza kune TURN server, isu tichadzima kushandiswa kwemapassword ane hashed muTURN server mushandisi database. Munzvimbo yekugadzira, zvinokurudzirwa kushandisa hashed passwords; munyaya iyi, chizvarwa che password hashes kwavari inofanira kuitwa maererano nemirairo iri mu /etc/reTurn/reTurnServer.config uye /etc/reTurn/users.txt mafaira.

Kuenzanisa kwezviito:

1) Rongedza iyo /etc/reTurn/reTurnServer.config faira

Chinja kukosha kwe "UserDatabaseHashedPasswords" parameter kubva pa "chokwadi" kuenda ku "nhema".

2) Rongedza faira /etc/reTurn/users.txt

Gadzirisa kune zita rekushandisa, password, realm (zvisingabvumirwe, zvisinga shandiswe pakumisikidza Zimbra yekubatanidza) uye isa iyo account account ku "VAKAREVA".

Mumuenzaniso wedu, faira pakutanga yaiita senge:

Mushure mekugadzirisa zvaiita senge:

3) Kushandisa configuration

Run command

sudo systemctl restart resiprocate-turn-server

8.4. Kugadzira firewall yeTURN server

Panguva ino, mitemo yekuwedzera firewall inodiwa pakushanda kweiyo TURN server yakaiswa. Iwe unofanirwa kubvumidza kupinda kune yekutanga chiteshi pane iyo sevha inogashira zvikumbiro, uye kune ine simba renji yezviteshi zvinoshandiswa nesevha kuronga midhiya midhiya.

Zviteshi zvinotsanangurwa mu /etc/reTurn/reTurnServer.config faira, kwatiri ndezvekuti:

и

Kuti uise mitemo ye firewall, unofanirwa kumhanyisa mirairo

sudo ufw allow 3478,49152:65535/udp
sudo ufw allow 3478,49152:65535/tcp

8.5. Kugadzirisa kushandisa TURN server muZimbra

Kugadzirisa, iyo FQDN yeserver inoshandiswa, iyo TURN server, yakagadzirwa mudanho 1.2 yendima 1, uye iyo inofanirwa kugadziriswa nemaseva eDNS ane imwecheteyo IP kero yeruzhinji kune zvese zvikumbiro kubva kuInternet uye kune zvikumbiro kubva kukero dzemukati.

Wona kugadziridzwa kwazvino kwe "zxsuite timu iceServer get" yekubatanidza inoshanda pasi pemushandisi we zimbra.

Kuti uwane rumwe ruzivo nezve kuseta kushandiswa kweiyo TURN server, ona chikamu "Kuisa Zextras Chikwata chekushandisa iyo TURN server" mukati zvinyorwa.

Kuti ugadzirise, unofanirwa kumhanyisa inotevera mirairo pane Zimbra server:

sudo su - zimbra
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478?transport=udp
zxsuite team iceServer add turn:<FQDN вашего сервера TURN>:3478?transport=udp credential <пароль> username <имя пользователя>
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478?transport=tcp
zxsuite team iceServer add turn:<FQDN вашего сервера TURN>:3478?transport=tcp credential <пароль> username <имя пользователя>
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478
logout

Hunhu hwezita remushandisi nepassword, zvichiteerana, dzakatsanangurwa mudanho 2 muchikamu 8.3 dzinoshandiswa se <username> uye <password>.

Mumuenzaniso wedu zvinotaridzika seizvi:

9. Kubvumira tsamba kupfuura nepakati peSmTP protocol

Maererano ne zvinyorwa, muYandex.Cloud, traffic inobuda kuenda kuTCP port 25 paInternet uye kuYandex Compute Cloud virtual machines inogara yakavharwa kana yasvika kuburikidza neruzhinji IP kero. Izvi hazvikutadzise kutarisa kugamuchirwa kwetsamba inotumirwa kubva kune imwe mail server kune inogamuchirwa mail domain, asi zvinokutadzisa kutumira tsamba kunze kweZimbra server.

Zvinyorwa zvinoti Yandex.Cloud inogona kuvhura TCP port 25 pane chikumbiro chekutsigira kana iwe ukatevedzera Mirayiridzo Yekushandisa Inogamuchirwa, uye inochengetedza kodzero yekuvharira chiteshi zvakare kana paine kutyora kwemitemo. Kuti uvhure chiteshi, unofanirwa kubata Yandex.Cloud rutsigiro.

Kushanda

Kugadzira makiyi eSSH mune openssh uye putty uye kushandura makiyi kubva putty kune openssh fomati

1. Kugadzira makiyi maviri eSSH

PaWindows uchishandisa putty: mhanyisa puttygen.exe kuraira uye tinya bhatani re "Gadzira".

PaLinux: run command

ssh-keygen

2. Kushandura makiyi kubva ku putty kuenda ku openssh fomati

PaWindows:

Kuenzanisa kwezviito:

1. Mhanya iyo puttygen.exe chirongwa.
2. Rodha kiyi yakavanzika muppk fomati, shandisa chinhu chemenyu Faira → Rodha kiyi yakavanzika.
3. Isa izwi rekupfuura kana richidikanwa pakiyi iyi.
4. Kiyi yeruzhinji muOpenSSH fomati inoratidzwa muputtygen ine chinyorwa "Public kiyi yekunamira muOpenSSH authorized_keys file field"
5. Kutumira kunze kiyi yakavanzika kuOpenSSH fomati, sarudza Shanduko → Export OpenSSH kiyi mumenyu huru
6. Sevha kiyi yakavanzika kufaira idzva.

PaLinux

1. Isa iyo PuTTY zvishandiso package:

mu Ubuntu:

sudo apt-get install putty-tools

paDebian-sekugovera:

apt-get install putty-tools

muRPM-yakavakirwa kugoverwa kwakavakirwa payum (CentOS, nezvimwewo):

yum install putty

2. Kushandura kiyi yakavanzika, mhanyisa murairo:

puttygen <key.ppk> -O private-openssh -o <key_openssh>

3. Kugadzira kiyi yeruzhinji (kana zvichidikanwa):

puttygen <key.ppk> -O public-openssh -o <key_openssh.pub>

mugumisiro

Mushure mekuisa zvinoenderana nekurudziro, mushandisi anogamuchira Zimbra mail server yakagadziridzwa muYandex.Cloud infrastructure neZextras yekuwedzera yekutaurirana kwemakambani uye kubatana nemagwaro. Zvirongwa zvinogadzirwa nezvimwe zvirambidzo zvenzvimbo yekuyedza, asi hazvina kuoma kushandura iyo yekumisikidza kune yekugadzira modhi uye kuwedzera sarudzo dzekushandisa Yandex.Cloud chinhu chekuchengetedza nezvimwe. Pamibvunzo ine chekuita nekuendesa uye kushandiswa kwemhinduro, ndapota taura nemudiwa wako weZextras - SVZ kana vamiririri Yandex.Cloud.

Pamibvunzo yese ine chekuita neZextras Suite, unogona kubata Zextras Representative Ekaterina Triandafilidi neemail. [email inodzivirirwa]

Source: www.habr.com