Gelitaanka goobaha shaqada ee Zextras/Zimbra ee Yandex.Cloud

Horudhac

Hagaajinta kaabayaasha xafiisyada iyo geynta goobo shaqo oo cusub ayaa caqabad weyn ku ah shirkadaha nooc kasta iyo xajmi kasta. Doorashada ugu fiican ee mashruuc cusub waa in la kiraysto ilaha daruuraha iyo iibsashada shatiyada loo isticmaali karo bixiyaha iyo xaruntaada xogta labadaba. Mid ka mid ah xalalka xaaladdan oo kale ayaa ah Zextras Suite, kaas oo kuu ogolaanaya inaad abuurto madal wadashaqayn iyo isgaarsiineed shirkadeed labadaba deegaanka daruuraha iyo kaabayaashaaga.

Xalka waxaa loogu talagalay xafis kasta oo cabbir kasta ah wuxuuna leeyahay laba xaaladood oo dejineed oo muhiim ah: haddii aad haysato ilaa 3000 kun sanduuqyada boostada oo aysan jirin shuruudo sare oo loogu talagalay dulqaadashada qaladka, waxaad isticmaali kartaa rakibaadda hal-server, iyo ikhtiyaarka rakibida server-ka badan. waxay taageertaa hawlgal la isku halayn karo oo jawaab celin leh oo tobanaan iyo boqolaal kun oo sanduuq boosto ah. Dhammaan kiisaska, isticmaaluhu wuxuu gelayaa boostada, dukumeentiyada iyo farriimaha iyada oo loo marayo interface hal shabakad ah oo ka timid goobta shaqada ee ku socota OS kasta iyada oo aan la rakibin oo aan habayn software dheeraad ah, ama codsiyada moobiilka ee iOS iyo Android. Waa suurtagal in la isticmaalo macaamiisha Outlook iyo Thunderbird ee la yaqaan.

Si loo geeyo mashruuca, saaxiibka Zextras - SVZ doortay Yandex.Cloud sababtoo ah qaabdhismeedkeedu wuxuu la mid yahay AWS waxaana jira taageero S3 kaydinta ku habboon, taas oo yareyn doonta kharashka kaydinta xajmiyada badan ee boostada, fariimaha iyo dukumentiyada iyo kordhinta dulqaadka qaladka ee xalka.

Deegaanka Yandex.Cloud, aaladaha maaraynta mashiinnada farsamada gacanta ayaa loo isticmaalaa in lagu rakibo hal-server "Compute Cloud" iyo awoodaha maaraynta shabakada farsamada "Cloud Private Cloud". Ku rakibida server-ka badan, marka lagu daro qalabka la cayimay, waxaa lagama maarmaan ah in la isticmaalo tignoolajiyada "Kooxda meelaynta", haddii loo baahdo (iyadoo ku xiran miisaanka nidaamka) - sidoo kale "Kooxaha Tusaalooyinka", iyo isku dheeli tirka shabakada Isku dheelitirka Load Yandex.

Kaydinta walaxda ku habboon S3 Kaydinta Shayga Yandex waxaa loo isticmaali karaa labada ikhtiyaar ee rakibidda, iyo sidoo kale waxaa lagu xiri karaa nidaamyada la geeyey goobta si loogu kaydiyo dhaqaale ahaan iyo cillad-u-dulqaadka xogta server-ka ee Yandex.Cloud.

Ku rakibida hal-server, iyadoo kuxiran tirada isticmaaleyaasha iyo/ama sanduuqyada boostada, kuwan ayaa loo baahan yahay: server-ka ugu weyn 4-12 vCPU, 8-64 GB vRAM (qiimaha gaarka ah ee vCPU iyo vRAM waxay kuxirantahay tirada sanduuqyada boostada iyo culeyska dhabta ah), ugu yaraan 80 GB oo disk ah nidaamka hawlgalka iyo codsiyada, iyo sidoo kale boos disk dheeri ah oo lagu kaydiyo waraaqaha, tusmooyinka, logyada, iwm, taas oo ku xidhan tirada iyo celceliska cabbirka sanduuqyada boostada isbedel firfircoon inta lagu jiro hawlgalka nidaamka; loogu talagalay dukumiintiyada kaaliyaha ah: 2-4 vCPU, 2-16 GB vRAM, 16 GB meel bannaan (qiyamka kheyraadka gaarka ah iyo tirada adeegayaashu waxay ku xiran yihiin culeyska dhabta ah); Intaa waxaa dheer, server-ka TURN/STUN ayaa laga yaabaa in loo baahdo (baahida server-ka goonida ah iyo agabku waxay ku xiran tahay culeyska dhabta ah). Ku rakibida server-yada badan, tirada iyo ujeedada mashiinnada wax-qabadka ee doorka iyo agabka loo qoondeeyay iyaga ayaa si gaar ah loo go'aamiyaa iyadoo ku xiran shuruudaha isticmaalaha.

Ujeedada maqaalka

Sharaxaadda geynta deegaanka Yandex.Cloud ee alaabada Zextras Suite ee ku salaysan seerfarka boostada ee Zimbra ee xulashada rakibaadda hal-server. Rakibaadda soo baxday waxaa loo isticmaali karaa jawi wax soo saar ah (isticmaalayaasha khibrada leh waxay samayn karaan goobaha lagama maarmaanka ah waxayna ku dari karaan ilaha).

Nidaamka Zextras Suite/Zimbra waxaa ka mid ah:

• Zimbra - iimaylka shirkadda oo awood u leh inay wadaagaan sanduuqyada boostada, jadwalka taariikhda iyo liiska xiriirka (buugaagta ciwaanka).
• Zextras Docs - xafiis ku dhex dhisan oo ku salaysan LibreOffice online si loo abuuro loona wada shaqeeyo dukumeentiyada, xaashiyaha, iyo bandhigyada.
• Zextras Drive - Kaydinta faylalka gaarka ah ee kuu oggolaanaya inaad wax ka beddesho, kaydiso oo aad la wadaagto faylasha iyo faylalka isticmaaleyaasha kale.
• Kooxda Zextras – Rasuul taageero u ah shirarka maqalka iyo muuqaalka ah. Noocyada la heli karo waa Kooxda Aasaasiga ah, taas oo u oggolaanaysa kaliya 1: 1 isgaarsiin, iyo Kooxda Pro, oo taageerta shirarka isticmaalaha badan, kanaalada, wadaagista shaashadda, wadaagista faylka iyo hawlo kale.
• Zextras Mobile - Taageerada aaladaha mobilada iyada oo loo sii marayo Exchange ActiveSync si loogula jaanqaado boostada iyo aaladaha mobilada ee MDM (Maareynta Aaladaha Mobilka) hawlaha maamulka. Kuu ogolaanayaa inaad u isticmaasho Microsoft Outlook macmiil email ahaan.
• Zextras Admin - hirgelinta maamulka nidaamka kiraystayaasha badan oo ay weheliyaan ergada maamulayaasha si ay u maareeyaan kooxaha macaamiisha iyo noocyada adeegyada.
• Kaabta Zextras -buuxa xogta gurmad iyo soo kabashada in waqtiga dhabta ah
• Zextras Powerstore - Kaydinta kala sareynta ee walxaha nidaamka boostada oo taageero u ah fasallada habaynta xogta, oo awood u leh in lagu kaydiyo xogta gudaha ama kaydinta daruuraha ee qaab dhismeedka S3, oo ay ku jiraan Kaydinta Shayga Yandex.

Marka la dhammeeyo rakibidda, isticmaaluhu wuxuu helayaa nidaam ka shaqeeya deegaanka Yandex.Cloud.

Shuruudaha iyo xayiraadaha

1. U qoondaynta booska saxanka ee sanduuqyada boostada, tusmooyinka, iyo noocyada kale ee xogta lama daboolin sababtoo ah Zextras Powerstore waxay taageertaa noocyo badan oo kaydin ah. Nooca iyo xajmiga kaydinta waxay ku xiran tahay hawlaha iyo xuduudaha nidaamka. Haddii loo baahdo, tan waxaa la samayn karaa mar dambe habka loo beddelo rakibaadda lagu tilmaamay mid wax soo saar ah.
2. Si loo fududeeyo rakibaadda, adeegsiga server-ka maamulaha maamulo ee DNS si loo xalliyo magacyada domain gudaha (aan dadweynaha ahayn) lama tixgeliyo; server-ka caadiga ah ee Yandex.Cloud DNS ayaa la isticmaalaa. Marka lagu isticmaalo jawi wax soo saar, waxaa lagu talinayaa in la isticmaalo server-ka DNS, kaas oo laga yaabo inuu horeyba ugu jiray kaabayaasha shirkadaha.
3. Waxaa loo maleynayaa in koontada Yandex.Cloud loo isticmaalo goobaha caadiga ah (gaar ahaan, marka la galayo "Console" adeegga, waxaa jira kaliya hagaha (liiska "daruuraha la heli karo" ee hoos yimaada magaca default) Isticmaalayaasha Aqoon u leh ka shaqaynta Yandex.Cloud, Iyaga, go'aankooda, waxay samayn karaan hage gaar ah kursiga imtixaanka, ama isticmaali karaan mid jira.
4. Isticmaaluhu waa inuu lahaadaa aag guud oo DNS ah oo ay tahay inay galaangal maamul u yeeshaan.
5. Isticmaaluhu waa inuu galo tusaha ku jira Yandex.Cloud "Console" oo leh ugu yaraan doorka "editor" ("Cloud Milkiilaha" wuxuu leeyahay dhammaan xuquuqaha lagama maarmaanka ah si caadi ah; waxaa jira hagayaal loogu talagalay gelitaanka daruuraha isticmaalayaasha kale : jeer, два, saddex)
6. Maqaalkani ma qeexayo rakibidda shahaadooyinka caadiga ah ee X.509 ee loo isticmaalo si loo sugo isgaarsiinta shabakada iyadoo la adeegsanayo hababka TLS. Marka rakibidda la dhammeeyo, shahaadooyin is-saxiix ayaa la isticmaali doonaa, taasoo u oggolaanaysa daalacashada in loo isticmaalo si ay u galaan nidaamka rakiban. Caadi ahaan waxay soo bandhigaan ogeysiis ah in server-ku aanu lahayn shahaado la xaqiijin karo, laakiin ay kuu oggolaadaan inaad sii wadato shaqada. Ilaa rakibidda shahaadooyinka ay hubiyaan aaladaha macmiilku (ay saxeexeen maamulka shahaado bixinta dadweynaha iyo/ama shirkadaha), codsiyada aaladaha mobaylada kuma shaqayn karaan nidaamka rakiban. Sidaa darteed, rakibidda shahaadooyinka la cayimay ee deegaanka wax soo saarka waa lagama maarmaan, waxaana la sameeyaa ka dib marka la dhammeeyo imtixaanka iyadoo la raacayo siyaasadaha amniga shirkadaha.

Sharaxaada habka rakibida nidaamka Zextras/Zimbra ee nooca “server-kaliya”

1. Diyaarin horudhac ah

Kahor intaadan bilaabin rakibaadda waa inaad hubisaa:

a) Ku samaynta isbeddelada aagga DNS ee dadweynaha (abuurista rikoodhka server-ka Zimbra iyo rikoodhka MX ee bogga boostada la adeego).
b) Dejinta kaabayaasha shabakad dalwaddii Yandex.Cloud.

Isla mar ahaantaana, ka dib marka isbeddel lagu sameeyo aagga DNS, waxay qaadataa wakhti wakhti ah in isbeddelladani ay faafiyaan, laakiin, dhinaca kale, ma samayn kartid rikoor A adigoon ogaanin cinwaanka IP-ga ee la xidhiidha.

Sidaa darteed, ficillada waxaa loo sameeyaa sida soo socota:

1. Ku hay ciwaanka IP-ga guud ee Yandex.Cloud

1.1 Gudaha "Yandex.Cloud Console" (haddii loo baahdo, xulashada faylalka ku jira "daruuraha la heli karo"), u gudub qaybta Cloud Private Private Cloud, ciwaannada IP-yada, ka dibna riix badhanka "Cinwaanka Kaydinta", dooro aagga helitaanka aad doorbidayso (ama ogolaw oo leh qiimaha la soo jeediyay; aagga helitaanka waa in loo adeegsadaa dhammaan ficillada lagu sharraxay dambe ee Yandex.Cloud, haddii foomamka u dhigma ay ikhtiyaar u leeyihiin inay doortaan aagga la heli karo), sanduuqa wada-hadalka ee furmaya, waad awoodaa, haddii la doonayo, laakiin qasab maaha, dooro “DDoS Protection” doorashada, oo dhagsii badhanka “Reserve” (sidoo kale eeg dukumeenti).

Ka dib marka la xiro wada hadalka, ciwaanka IP-ga ee nidaamka loo qoondeeyay ayaa laga heli karaa liiska cinwaannada IP-ga, kaas oo la koobiyn karo oo loo isticmaali karo tallaabada xigta.

1.2 Aagga "horumarka" ee DNS, samee diiwaanka server-ka Zimbra oo tilmaamaya cinwaanka IP-ga ee hore loo qoondeeyey, diiwaanka server-ka TURN oo tilmaamaya isla cinwaanka IP-ga, iyo diiwaanka MX ee bogga boostada ee la aqbalay. Tusaalahayaga, kuwani waxay noqon doonaan mail.testmail.svzcloud.ru (Seerarka Zimbra), turn.testmail.svzcloud.ru (Sarkaalka TURN), iyo testmail.svzcloud.ru (mail domain), siday u kala horreeyaan.

1.3 Gudaha Yandex.Cloud, oo ku taal aagga la heli karo ee la doortay ee subnet-ka loo isticmaali doono in la geeyo mashiinnada farsamada, awood NAT ee internetka.

Si tan loo sameeyo, qaybta Cloud Virtual Private Cloud, qayb-hoosaadka "Shabakadaha Cloud", dooro shabakada daruuriga ah ee ku habboon (sida caadiga ah, kaliya shabakada caadiga ah ayaa halkaas laga heli karaa), dooro aagga helitaanka ku habboon ee ku dhex jira oo dooro "Ku suurtageli NAT internetka ” in goobaha ay.

Xaaladdu way iska beddeli doontaa liiska shabakadaha hoose:

Faahfaahin dheeraad ah, eeg dukumentiyada: jeer и два.

2. Abuuritaanka mashiinnada casriga ah

2.1. Abuuritaanka mashiinka farsamada ee Zimbra

Qabashada falalka:

2.1.1 Gudaha "Yandex.Cloud Console" u tag qaybta Compute Cloud, qayb hoosaadka "Mashiinada Virtual", dhagsii badhanka "Create VM" (si aad u hesho macluumaad dheeraad ah oo ku saabsan abuurista VM, eeg dukumeenti).

2.1.2 Halkaa waxaad u baahan tahay inaad dejiso:

• Magaca – sabab la’aan (si waafaqsan qaabka ay taageerto Yandex.Cloud)
• Aagga la heli karo – waa in uu u dhigmaa tii hore loogu doortay shabakadda farsamada.
• Gudaha "Sawirada Dadweynaha" dooro Ubuntu 18.04 lts
• Ku rakib disk boot oo cabbirkiisu yahay ugu yaraan 80GB. Ujeeddooyin tijaabo ah, nooca HDD ayaa ku filan (iyo sidoo kale adeegsiga wax soo saarka leh, waase in noocyada xogta qaarkood loo wareejiyo saxannada nooca SSD). Haddii loo baahdo, saxanno dheeraad ah ayaa lagu dari karaa ka dib marka la abuuro VM.

In "khayraadka xisaabinta" dhigay:

• vCPU: ugu yaraan 4.
• Qaybta la dammaanad qaaday ee vCPU: muddada falalka lagu sifeeyay maqaalka, ugu yaraan 50%; ka dib marka la rakibo, haddii loo baahdo, waa la dhimi karaa.
• RAM: 8GB ayaa lagula talinayaa.
• Subnet: dooro shabakad hoose oo Internet NAT loo sahlay intii lagu jiray marxalada diyaarinta hordhaca ah.
• Cinwaanka dadwaynaha: liiska ka dooro ciwaanka IP-ga ee hore loo isticmaalay si loo abuuro rikoodhka A ee DNS.
• Isticmaale: ikhtiyaarkaaga, laakiin ka duwan kan isticmaala xididka iyo xisaabaadka nidaamka Linux.
• Waa inaad sheegtaa furaha SSH ee dadweynaha (furan).

→ Wax badan ka baro isticmaalka SSH

Sidoo kale fiiri 1 app. Abuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh.

2.1.3 Marka habayntu dhammaato, dhagsii "Create VM".

2.2. Abuuritaanka mishiinka farsamada ee Zextras Docs

Qabashada falalka:

2.2.1 Gudaha "Yandex.Cloud Console" u tag qaybta Compute Cloud, qayb hoosaadka "Mashiinada Virtual", dhagsii badhanka "Create VM" (si aad u hesho macluumaad dheeraad ah oo ku saabsan abuurista VM, eeg halkan).

2.2.2 Halkaa waxaad u baahan tahay inaad dejiso:

• Magaca – sabab la’aan (si waafaqsan qaabka ay taageerto Yandex.Cloud)
• Aagga la heli karo – waa in uu u dhigmaa tii hore loogu doortay shabakadda farsamada.
• Gudaha "Sawirada Dadweynaha" dooro Ubuntu 18.04 lts
• Ku rakib disk boot oo cabbirkiisu yahay ugu yaraan 80GB. Ujeeddooyin tijaabo ah, nooca HDD ayaa ku filan (iyo sidoo kale adeegsiga wax soo saarka leh, waase in noocyada xogta qaarkood loo wareejiyo saxannada nooca SSD). Haddii loo baahdo, saxanno dheeraad ah ayaa lagu dari karaa ka dib marka la abuuro VM.

In "khayraadka xisaabinta" dhigay:

• vCPU: ugu yaraan 2.
• Qaybta la dammaanad qaaday ee vCPU: muddada falalka lagu sifeeyay maqaalka, ugu yaraan 50%; ka dib marka la rakibo, haddii loo baahdo, waa la dhimi karaa.
• RAM: ugu yaraan 2GB.
• Subnet: dooro shabakad hoose oo Internet NAT loo sahlay intii lagu jiray marxalada diyaarinta hordhaca ah.
• Cinwaanka dadweynaha: ma jiro ciwaanka (mashiinkani uma baahna gelitaanka internetka, kaliya gelitaanka ka baxsan mashiinkan ee internetka, kaas oo ay bixiso "NAT ilaa Internetka" ikhtiyaarka subnet-ka ee la isticmaalo).
• Isticmaale: ikhtiyaarkaaga, laakiin ka duwan kan isticmaala xididka iyo xisaabaadka nidaamka Linux.
• Dhab ahaantii waa inaad dejisaa furaha SSH ee dadweynaha (furan), waxaad isticmaali kartaa isla midka kan server-ka Zimbra, waxaad abuuri kartaa lamaane fure oo gaar ah, maadaama furaha gaarka ah ee server-ka Zextras Docs uu u baahan doono in la dhigo server-ka Zimbra disk.

Sidoo kale eeg Lifaaqa 1. Abuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh.

2.2.3 Marka habayntu dhammaato, dhagsii "Create VM".

2.3 Mashiinnada farsamada casriga ah ee la sameeyay ayaa laga heli doonaa liiska mashiinnada farsamada, kuwaas oo muujinaya, gaar ahaan, xaaladooda iyo ciwaannada IP-yada ee la isticmaalo, labadaba dadweynaha iyo gudahaba. Macluumaadka ku saabsan ciwaanka IP-ga ayaa loo baahan doonaa talaabooyinka rakibida xiga.

3. Diyaarinta server-ka Zimbra si loo rakibo

3.1 Ku rakibida wararka

Waxaad u baahan tahay inaad gasho server-ka Zimbra ciwaanka IP-ga ee dadweynaha adiga oo isticmaalaya macmiilka ssh ee aad door bidayso adiga oo isticmaalaya furaha ssh ee gaarka ah oo isticmaalaya magaca isticmaale ee lagu cayimay marka la abuurayo mashiinka farsamada.

Kadib markaad gasho, socodsii amarrada:

sudo apt update
sudo apt upgrade

(marka aad fulinayso amarkii ugu dambeeyay, ka jawaab "y" su'aasha ku saabsan haddii aad hubto rakibidda liiska la soo jeediyay ee cusbooneysiinta)

Kadib rakibidda cusbooneysiinta, waxaad awoodi kartaa (laakiin looma baahna) inaad socodsiiso amarka:

sudo apt autoremove

Oo dhamaadka tallaabada, ordi amarka

sudo shutdown –r now

3.2 Rakibaadda dheeraadka ah ee codsiyada

Waxaad u baahan tahay inaad ku rakibto macmiilka NTP si aad ula xidhiidho wakhtiga nidaamka iyo codsiga shaashadda amarkan soo socda:

sudo apt install ntp screen

(Marka aad fulinayso amarka ugu dambeeya, ka jawaab "y" marka lagu weydiiyo haddii aad hubto inaad rakibtay liiska baakadaha ku lifaaqan)

Waxa kale oo aad ku rakibi kartaa yutiilitida dheeraadka ah si ay ugu habboonaato maamulaha. Tusaale ahaan, Taliyaha Midnight waxaa lagu rakibi karaa amarka:

sudo apt install mc

3.3. Beddelidda qaabeynta nidaamka

3.3.1 Faylka ku jira /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg beddel qiimaha cabbirka maamula_iwm_martigeliyayaasha c run on been ah.

Xusuusin: si aad u bedesho faylkan, tafatiraha waa in lagu socodsiiyaa xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg»

3.3.2 Wax ka beddel / iwm sida soo socota, adigoo bedelaya xariiqda qeexaysa FQDN-ga martida loo yahay cinwaanka laga bilaabo 127.0.0.1 ilaa cinwaanka IP-ga gudaha ee server-kan, iyo magaca laga bilaabo magaca buuxa ee aagga gudaha . magaca dadweynaha ee server-ka hore loogu sheegay A -diiwaanka aagga DNS, iyo u dhigma adigoo beddelaya magaca martida gaaban (haddii ay ka duwan tahay magaca martida gaaban ee diiwaanka DNS A).

Tusaale ahaan, xaaladdeena faylka martida loo yahay wuxuu u ekaa:

Tafatirka kadib waxay u ekayd sidan:

Xusuusin: si aad u bedesho faylkan, tafatiraha waa in lagu socodsiiyaa xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/hosts"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/hosts»

3.4 Deji erayga sirta ah ee isticmaalaha

Tani waxay lagama maarmaan u tahay xaqiiqda ah in mustaqbalka dab-damiska la habeyn doono, iyo haddii wax dhibaato ah ay ka soo baxaan, haddii isticmaaluhu uu leeyahay erayga sirta ah, waxaa suurtagal ah in la galo mashiinka farsamada iyadoo la adeegsanayo console serial from Yandex. Cloud web console oo jooji firewall-ka iyo/ama hagaajin khaladka Marka la abuurayo mashiinka farsamada gacanta, isticmaaluhu ma haysto sir, sidaas darteed gelitaanka waxaa suurtagal ah oo keliya SSH iyada oo la adeegsanayo aqoonsiga muhiimka ah.

Si aad u dejiso erayga sirta ah waxaad u baahan tahay inaad socodsiiso amarka:

sudo passwd <имя пользователя>

Tusaale ahaan, xaaladdeena waxay noqon doontaa amarka "sudo passwd user".

4. Rakibaadda Zimbra iyo Zextras Suite

4.1. Soo dejinta Zimbra iyo Zextras Suite qaybinta

4.1.1 Soo dejinta Zimbra qaybinta

Qabashada falalka:

1) Ku gal URL browserka www.zextras.com/download-zimbra-9 oo buuxi foomka. Waxaad heli doontaa iimaylo wata xiriiriyeyaal si aad u soo dejiso Zimbra OS-yada kala duwan.

2) U dooro nooca qaybinta hadda ee Ubuntu 18.04 LTS madal oo koobiyi isku xirka

3) Soo deji qaybinta Zimbra server-ka Zimbra oo ka fur baakadaha. Si tan loo sameeyo, ku socodsii amarrada fadhiga ssh ee server-ka zimbra

cd ~
mkdir zimbra
cd zimbra
wget <url, скопированный на предыдущем шаге>
tar –zxf <имя скачанного файла>

(tusaale ahaan tani waa "tar –zxf zcs-9.0.0_OSE_UBUNTU18_latest-zextras.tgz")

4.1.2 Soo dejinta Zextras Suite qaybinta

Qabashada falalka:

1) Ku gal URL browserka www.zextras.com/download

2) Buuxi foomka adiga oo gelaya xogta loo baahan yahay oo guji "Download NOW" badhanka

3) Bogga soo dejinta ayaa furmi doona

Waxay leedahay laba URL oo xiiso noo leh: mid ka mid ah bogga ugu sarreeya ee Zextras Suite laftiisa, kaas oo aan hadda u baahan doono, iyo kan kale ee hoose ee Docs Server block ee Ubuntu 18.04 LTS, kaas oo loo baahan doono hadhow ku rakib Zextras Docs VM-ka Docs-ka.

4) Soo deji qaybinta Zextras Suite seerfarka Zimbra oo ka fur furka. Si tan loo sameeyo, ku socodsii amarrada fadhiga ssh ee server-ka zimbra

cd ~
mkdir zimbra
cd zimbra

(haddii tusaha hadda uusan isbeddelin tallaabadii hore ka dib, amarrada kore waa laga saari karaa)

wget http://download.zextras.com/zextras_suite-latest.tgz
tar –zxf zextras_suite-latest.tgz

4.2. Rakibaadda Zimbra

Noocyada waxqabadka

1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.1 (waxaa lagu arki karaa amarka ls inta lagu jiro buugga ~/zimbra).

Tusaalahayaga waxay noqon doontaa:

cd ~/zimbra/zcs-9.0.0_OSE_UBUNTU18_latest-zextras/zimbra-installer

2) Ku socodsii rakibaadda Zimbra adoo isticmaalaya amarka

sudo ./install.sh

3) Waxaan ka jawaabeynaa su'aalaha rakibaha

Waxaad kaga jawaabi kartaa su'aalaha rakibaha "y" (waxay la mid tahay "haa"), "n" (waxay la mid tahay "maya"), ama ka tago soo jeedinta rakibaha oo aan isbeddelin (waxay bixisaa doorashooyin, oo ku soo bandhigaya xargaha labajibbaaran, tusaale ahaan, " [Y]" ama "[N]."

Ma ku raacsan tahay shuruudaha heshiiska shatiga software? - Haa.

Ma isticmaashaa kaydka baakadda Zimbra? - sida caadiga ah (haa).

"Ku rakib zimbra-ldap?","Ku rakib zimbra-logger?","Ku rakib zimbra-mta?"- default (haa).

Ku rakib zimbra-dnscache? - Maya (Nidaamka hawlgalka wuxuu leeyahay server-ka DNS caching u gaar ah oo karti u leh si caadi ah, markaa xirmadan waxay la yeelan doontaa khilaaf iyada oo ay ugu wacan tahay dekedaha la isticmaalo).

Ku rakib zimbra-snmp? - haddii la rabo, waxaad ka tagi kartaa ikhtiyaarka caadiga ah (haa), uma baahnid inaad rakibto xirmadan. Tusaalahayaga, ikhtiyaarka caadiga ah waa laga tagay.

"Ku rakib zimbra-store?","Ku rakib zimbra-apache?","Ku rakib zimbra- higaada?","Ku rakib zimbra-memcached?","Ku rakib zimbra-proxy?"- default (haa).

Ku rakib zimbra-snmp? - maya (xirmada run ahaantii lama taageero waxaana si shaqaynaya u bedelay Zextras Drive).

Ku rakib zimbra-imapd? - default (maya).

Ku rakib zimbra-chat? - maya (si shaqaynaysa waxaa bedelay Kooxda Zextras)

Taas ka dib rakibaha ayaa ku weydiin doona in la sii wado rakibidda?

Waxaan ku jawaabeynaa "haa" haddii aan sii wadi karno, haddii kale waxaan ku jawaabnaa "maya" oo waxaan helnaa fursad aan ku bedelno jawaabaha su'aalaha hore loo weydiiyay.

Ka dib marka la ogolaado in la sii wado, rakibaha ayaa rakibi doona xirmooyinka.

4.) Waxaan ka jawaabeynaa su'aalaha qaabeeyaha aasaasiga ah

4.1) Maadaama tusaale ahaan magaca DNS ee server-ka boostada (Magaca rikoodhka) iyo magaca domain-ka boostada (MX record name) ay kala duwan yihiin, iskudubariduhu wuxuu soo bandhigayaa digniin wuxuuna kugu dhiirigelinayaa inaad dejiso magaca boostada loo adeego. Waanu ku raacsannahay soo jeedintiisa waxaanan galnay magaca diiwaanka MX. Tusaalahayaga waxay u egtahay sidan:

Fiiro gaar ah: waxa kale oo aad dejin kartaa domain-ka boostada la keeno si uu uga duwanaado magaca server-ka haddii magaca server-ku leeyahay diiwaan MX oo isku magac ah.

4.2) Habeeyaha ayaa soo bandhigaya liiska ugu muhiimsan.

Waxaan u baahanahay inaan dejino erayga sirta ah ee maamulaha Zimbra ( shayga menu 6 ee tusaalaheena ah), taas oo la'aanteed aysan suurtagal ahayn in la sii wado rakibaadda, oo aan beddelno dejinta zimbra-proxy ( shayga 8 ee tusaalahayada; haddii loo baahdo, goobtan waa la beddeli karaa ka dib rakibidda).

4.3) Beddelida dejinta zimbra-store

Dakhliga isku xidhka, geli lambarka shayga menu oo taabo Gelida. Waxaan tagnaa liiska dejinta kaydinta:

halkaas oo martiqaadka isku xidhka aanu galno lambarka Admin Password menu shayga (tusaale ahaan 4), taabo Gelida, ka dib qaabeeyaha wuxuu bixiyaa erayga sirta ah ee si aan kala sooc lahayn loo soo saaray, kaas oo aad ku heshiin karto (xusuusan tahay) ama geli adiga. Labada xaaladood, dhamaadka waa inaad riixdaa Gelida, ka dib shayga "Admin Password" ayaa ka saari doona sumadda sugitaanka macluumaadka isticmaalaha:

Waxaan ku laabaneynaa liiska hore (waxaan ku raacsannahay soo jeedinta isku xiraha).

4.4) Beddelida goobaha zimbra-proxy

Marka la barbar dhigo talaabadii hore, menu-ka ugu weyn, dooro lambarka shayga "zimbra-proxy" oo geli isla markiiba qaabeeyaha.

Menu-ka qaabeynta wakiil ee furmo, dooro nambarka shayga “Habka server-ka wakiil” oo geli isla markiiba qaabeeyaha.

Isku-habeeyuhu wuxuu soo bandhigi doonaa inuu doorto mid ka mid ah hababka, geli "dib u hagaajin" isla markiiba oo taabo Gelida.

Taas ka dib waxaan ku laabaneynaa liiska ugu muhiimsan (waxaan ku raacsanahay soo jeedinta qaabeeyaha).

4.5) Habaynta socodsiinta

Si aad u bilowdo qaabaynta, geli “a” xaga isku xidhka isla markiiba. Taas ka dib waxay ku weydiin doontaa in lagu keydiyo qaabeynta la geliyey faylka (kaas oo loo isticmaali karo dib-u-soo-celinta) - waxaad ku heshiin kartaa soo jeedinta caadiga ah, haddii kaydinta la sameeyo - waxay ku weydiin doontaa faylka si loo badbaadiyo qaabeynta (adiga sidoo kale waad ku heshiin kartaa soo jeedinta caadiga ah ama geli magacaaga faylka).

Marxaladdan, waxaad weli diidi kartaa inaad sii waddo oo aad isbeddel ku sameyso qaabeynta adiga oo ku heshiinaya jawaabta caadiga ah ee su'aasha "Nidaamka waa la beddeli doonaa - sii wad?"

Si aad u bilowdo rakibidda, waa in aad ka jawaabto "Haa" su'aashan, ka dib markii ay configurator ku dabaqi doonaa goobaha hore loo galay in muddo ah.

4.6) Dhamaystirka rakibaadda Zimbra

Kahor inta aan la dhamaystirin, rakibaha ayaa ku weydiin doona in lagu ogeysiiyo Zimbra wax ku saabsan rakibaadda. Waad ku raaci kartaa soo jeedinta caadiga ah ama waad diidi kartaa (adiga oo ka jawaabaya "Maya") ogeysiiska.

Intaa ka dib rakibayuhu wuxuu sii wadi doonaa inuu sameeyo hawlgaladii ugu dambeeyay in muddo ah wuxuuna soo bandhigi doonaa ogeysiin ah in qaabaynta nidaamku dhammaystiran yahay oo leh isla markiiba si uu u riixo fure kasta si uu uga baxo rakibaha.

4.3. Rakibaadda Zextras Suite

Wixii macluumaad dheeraad ah oo ku saabsan rakibidda Zextras Suite, arag tilmaamid.

Qabashada falalka:

1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.2 (waxaa lagu arki karaa amarka ls inta lagu jiro buugga ~/zimbra).

Tusaalahayaga waxay noqon doontaa:

cd ~/zimbra/zextras_suite

2) Ku socodsii rakibaadda Zextras Suite adoo isticmaalaya amarka

sudo ./install.sh all

3) Waxaan ka jawaabeynaa su'aalaha rakibaha

Mabda'a hawlgalka rakibayuhu wuxuu la mid yahay rakibaha Zimbra, marka laga reebo maqnaanshaha qaabeeyaha. Waxaad kaga jawaabi kartaa su'aalaha rakibaha "y" (waxay la mid tahay "haa"), "n" (waxay la mid tahay "maya"), ama ka tago soo jeedinta rakibaha oo aan isbeddelin (waxay bixisaa doorashooyin, oo ku soo bandhigaya xargaha labajibbaaran, tusaale ahaan, " [Y]" ama "[N]."

Si aad u bilowdo habka rakibidda, waa inaad si joogto ah uga jawaabtaa "haa" su'aalaha soo socda:

Ma ku raacsan tahay shuruudaha heshiiska shatiga software?
Ma jeceshahay in Zextras Suite uu si toos ah u soo dejiyo, u rakibo oo u cusboonaysiiyo maktabadda ZAL?

Markaas ka dib ogeysiis ayaa la soo bandhigi doonaa oo ku weydiinaya inaad taabto Gelida si aad u sii waddo:

Ka dib markaad riixdo Gelida, habka rakibida ayaa bilaabmi doona, mararka qaarkood waxaa hakad gala su'aalo, taas oo, si kastaba ha ahaatee, waxaan kaga jawaabeynaa annagoo ku heshiinayna talooyinka caadiga ah ("haa"), kuwaas oo:

Zextras Suite Core hadda waa la rakibi doonaa. Sii wad?
Ma jeceshahay inaad joojiso Codsiga Shabakadda Zimbra (sanduuqa boostada)?
Zextras Suite Zimlet hadda waa la rakibi doonaa. Sii wad?

Kahor inta aysan bilaabmin qaybta ugu dambeysa ee rakibidda, waxaa lagugu wargelin doonaa inaad u baahan tahay inaad habayso shaandhada DOS oo ku waydiiso inaad riixdo Gelida si aad u sii wadato. Ka dib markaad riixdo Gelida, qaybta ugu dambeysa ee rakibidda ayaa bilaabmaysa, dhammaadka ogeysiiska kama dambaysta ah ayaa la soo bandhigayaa oo rakibayuhu wuu dhammeeyaa.

4.4. Habaynta bilowga ah iyo go'aaminta cabirrada qaabeynta LDAP

1) Dhammaan ficilada xiga waxaa lagu sameeyaa isticmaalaha zimbra. Si aad tan u sameyso waxaad u baahan tahay inaad socodsiiso amarka

sudo su - zimbra

2) Ku beddel goobta shaandhada DOS amarka

zmprov mcf zimbraHttpDosFilterMaxRequestsPerSec 150

3) Si loo rakibo Docsyada Zextras, waxaad u baahan doontaa macluumaad ku saabsan qaar ka mid ah xulashooyinka qaabeynta Zimbra. Si aad tan u sameyso waxaad socodsiin kartaa amarka:

zmlocalconfig –s | grep ldap

Tusaalahayaga, macluumaadka soo socda ayaa la soo bandhigi doonaa:

Si aad u sii isticmaasho, waxaad u baahan doontaa ldap_url, zimbra_ldap_password (iyo zimbra_ldap_userdn, in kasta oo rakibaha Zextras Docs uu caadi ahaan sameeyo qiyaaso sax ah oo ku saabsan magaca isticmaalaha LDAP).

4) Jooji sida isticmaale zimbra adiga oo socodsiinaya amarka
ka bax

5. Diyaarinta server-ka Docs si loo rakibo

5.1. U soo raritaanka furaha gaarka ah ee SSH seerferka Zimbra iyo gelitaanka serfarka Docs

Waa lagama maarmaan in la dul dhigo server-ka Zimbra furaha gaarka ah ee lamaanaha muhiimka ah ee SSH, furaha dadweynaha kaas oo loo adeegsaday tallaabada 2.2.2 ee faqradda 2.2 marka la abuurayo mashiinka farsamada ee Docs. Waxaa lagu dhejin karaa server-ka iyada oo loo sii marayo SSH (tusaale ahaan, iyada oo loo marayo sftp) ama lagu dhejin karaa sabuuradda (haddii awoodaha macmiilka SSH la isticmaalo iyo jawiga fulinta uu oggol yahay).

Waxaan u qaadaneynaa in furaha khaaska ah la geliyo faylka ~/.ssh/docs.key iyo adeegsadaha loo isticmaalo in lagu galo server-ka Zimbra uu yahay milkiilaha (haddii soo dejinta/abuurista faylkan lagu sameeyay hoosta isticmaalaha, si toos ah noqotay mulkiilaheeda).

Waxaad u baahan tahay inaad socodsiiso amarka hal mar:

chmod 600 ~/.ssh/docs.key

Mustaqbalka, si aad u gasho server-ka Docs, waa inaad fulisaa tallaabooyinkan taxanaha ah:

1) Soo gal server-ka Zimbra

2) Orod amarka

ssh -i ~/.ssh/docs.key user@<внутренний ip-адрес сервера Docs>

Halka qiimaha <ciwaanka IP-ga gudaha ee server-ka Docs> laga heli karo "Yandex.Cloud Console", tusaale ahaan, sida ku cad cutubka 2.3.

5.2. Ku rakibida wararka

Ka dib markaad gasho server-ka Docs, socodsii amarrada la midka ah kan server-ka Zimbra:

sudo apt update
sudo apt upgrade

(marka aad fulinayso amarkii ugu dambeeyay, ka jawaab "y" su'aasha ku saabsan haddii aad hubto rakibidda liiska la soo jeediyay ee cusbooneysiinta)

Kadib rakibidda cusbooneysiinta, waxaad awoodi kartaa (laakiin looma baahna) inaad socodsiiso amarka:

sudo apt autoremove

Oo dhamaadka tallaabada, ordi amarka

sudo shutdown –r now

5.3. Rakibaadda dheeraadka ah ee codsiyada

Waxaad u baahan tahay inaad ku rakibto macmiilka NTP si aad ula xidhiidho wakhtiga nidaamka iyo codsiga shaashadda, oo la mid ah isla falkii serverka Zimbra, oo leh amarka soo socda:

sudo apt install ntp screen

(Marka aad fulinayso amarka ugu dambeeya, ka jawaab "y" marka lagu weydiiyo haddii aad hubto inaad rakibtay liiska baakadaha ku lifaaqan)

Waxa kale oo aad ku rakibi kartaa yutiilitida dheeraadka ah si ay ugu habboonaato maamulaha. Tusaale ahaan, Taliyaha Midnight waxaa lagu rakibi karaa amarka:

sudo apt install mc

5.4. Beddelidda qaabeynta nidaamka

5.4.1. Faylka /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg, si la mid ah server-ka Zimbra, ka beddel qiimaha maareeyaha_etc_hosts cabbirka run iyo been.

Xusuusin: si aad u bedesho faylkan, tafatiraha waa in lagu socodsiiyaa xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg»

5.4.2. Tafatir /etc/hosts, ku darista dadweynaha FQDN ee server-ka Zimbra, laakiin leh ciwaanka IP gudaha ee Yandex.Cloud. Haddii aad leedahay server-ka gudaha ee uu maamulo maamulaha DNS ee ay adeegsadaan mashiinnada farsamada (tusaale ahaan, deegaanka wax soo saarka), oo awood u leh in lagu xalliyo FQDN dadweynaha ee server-ka Zimbra oo leh ciwaanka IP-ga gudaha marka codsiga laga helo shabakadda gudaha codsiyada internetka, FQDN ee server-ka Zimbra waa in lagu xalliyaa cinwaanka IP-ga dadweynaha, iyo server-ka TURN waa in had iyo jeer lagu xalliyaa ciwaanka IP-ga dadweynaha, oo ay ku jiraan marka laga soo galo ciwaannada gudaha), hawlgalkan looma baahna.

Tusaale ahaan, xaaladdeena faylka martida loo yahay wuxuu u ekaa:

Tafatirka kadib waxay u ekayd sidan:

Xusuusin: si aad u bedesho faylkan, tafatiraha waa in lagu socodsiiyaa xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/hosts"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/hosts»

6. Rakibaadda Zextras Docs

6.1. Soo gal server-ka Docs

Habka loo galo server-ka Docs-ka waxaa lagu qeexay faqradda 5.1.

6.2. Soo dejinta Zextras Docs qaybinta

Qabashada falalka:

1) Laga soo bilaabo bogga faqradda 4.1.2. Soo dejinta Zextras Suite qaybinta Soo deji qaybinta Zextras Suite (tallaabo 3), nuqul ka samee URL-ka loogu dhisayo Docs-ka Ubuntu 18.04 LTS (haddii aan hore loo koobiyn).

2) Soo deji qaybinta Zextras Suite seerfarka Zimbra oo ka fur furka. Si tan loo sameeyo, ku socodsii amarrada fadhiga ssh ee server-ka zimbra

cd ~
mkdir zimbra
cd zimbra
wget <URL со страницы скачивания>

(xaaladdeena amarka "wget" waa la fuliyay download.zextras.com/zextras-docs-installer/latest/zextras-docs-ubuntu18.tgz»)

tar –zxf <имя скачанного файла>

( xaaladdeena, amarka "tar -zxf zextras-docs-ubuntu18.tgz" waa la fuliyay)

6.3. Rakibaadda Zextras Docs

Wixii macluumaad dheeraad ah oo ku saabsan rakibidda iyo habaynta Zextras Docs, arag halkan.

Qabashada falalka:

1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.1 (waxaa lagu arki karaa amarka ls inta lagu jiro buugga ~/zimbra).

Tusaalahayaga waxay noqon doontaa:

cd ~/zimbra/zextras-docs-installer

2) Ku socodsii rakibaadda Zextras Docs adoo isticmaalaya amarka

sudo ./install.sh

3) Waxaan ka jawaabeynaa su'aalaha rakibaha

Waxaad kaga jawaabi kartaa su'aalaha rakibaha "y" (waxay la mid tahay "haa"), "n" (waxay la mid tahay "maya"), ama ka tago soo jeedinta rakibaha oo aan isbeddelin (waxay bixisaa doorashooyin, oo ku soo bandhigaya xargaha labajibbaaran, tusaale ahaan, " [Y]” ama “[N]”).

Nidaamka waa la beddeli doonaa, ma jeclaan lahayd inaad sii waddo? - aqbal ikhtiyaarka caadiga ah ("haa").

Taas ka dib, rakibidda ku-tiirsanaanta ayaa bilaabmi doonta: rakibayuhu wuxuu tusi doonaa baakadaha uu rabo inuu rakibo oo weydiiyo xaqiijin si loo rakibo. Xaaladaha oo dhan, waxaan ku raacsanahay dalabyada caadiga ah.

Tusaale ahaan, wuxuu ku weydiin karaa "Python2.7 lama helin. Ma jeclaan lahayd inaad ku rakibto?","Python-ldap lama helin. Ma jeclaan lahayd inaad ku rakibto?" iwm.

Ka dib marka la rakibo dhammaan xirmooyinka lagama maarmaanka ah, rakibaha wuxuu codsanayaa oggolaanshaha si loo rakibo Docs Zextras:

Ma jeclaan lahayd inaad ku rakibto Zextras DOCS? - aqbal ikhtiyaarka caadiga ah ("haa").

Taas ka dib wakhti ayaa lagu qaataa rakibidda baakadaha, Zextras Docs lafteeda, iyo u gudubka su'aalaha qaabeeyaha.

4) Waxaan ka jawaabeynaa su'aalaha qaabeeyaha

Habeeyaha ayaa hal hal u codsadaa cabirrada qaabeynta; iyadoo laga jawaabayo, qiyamka lagu helay tallaabada 3 ee faqradda 4.4 ayaa la galiyay. Hagaajinta bilowga ah ee dejinta iyo go'aaminta cabirrada qaabeynta LDAP.

Tusaalahayaga, dejintu waxay u egtahay:

5) Dhameystirka rakibidda Zextras Docs

Ka dib marka uu ka jawaabo su'aalaha isku xidhaha, rakibayuhu waxa uu dhamaystirayaa qaabaynta Docs-ka deegaanka oo waxa uu diiwaan galinayaa adeega lagu rakibay serfarka wayn ee Zimbra oo hore loo rakibay.

Rakibaadda hal-server, tani inta badan waa ku filan, laakiin xaaladaha qaarkood (haddii dukumentiyada aan lagu furi doonin Dukumentiyada ku jira macmiilka shabakadda ee tab Drive) waxa laga yaabaa inaad u baahato inaad samayso ficil looga baahan yahay rakibaadda server-ka badan. - Tusaalahayaga, server-ka ugu weyn ee Zimbra, waxaad u baahan doontaa inaad ka sameyso hoosta isticmaalayaasha Kooxaha Zimbra /opt/zimbra/libexec/zmproxyconfgen и zmproxyctl dib u bilow.

7. Dejinta hore ee Zimbra iyo Zextras Suite (marka laga reebo kooxda)

7.1. Gal konsole maamulka markii ugu horeysay

Soo gal browserka adiga oo isticmaalaya URL: https:// :7071

Haddii la rabo, waxaad gali kartaa macmiilka shabakada adoo isticmaalaya URL: https://

Marka la soo galo, daalacayaashu waxay soo bandhigaan digniin ku saabsan xiriir aan ammaan ahayn sababtoo ah awood la'aanta si loo xaqiijiyo shahaadada. Waa inaad uga jawaabtaa browserka ku saabsan ogolaanshahaaga inaad goobta tagto inkastoo digniintan. Tani waxay sabab u tahay xaqiiqda ah in ka dib markii la rakibo, shahaadada is-saxiixa X.509 loo isticmaalo isku xirka TLS, kaas oo mar dambe (isticmaalka wax soo saarka - waa in) lagu beddelo shahaado ganacsi ama shahaado kale oo la aqoonsan yahay daalacashada loo isticmaalo.

Foomka xaqiijinta, geli magaca isticmaalaha qaabka admin@<Booggaaga boostada ee la aqbalay> iyo erayga sirta ah ee maamulaha Zimbra ee la cayimay marka la rakibayo server-ka Zimbra tallaabada 4.3 ee faqradda 4.2.

Tusaalahayaga waxay u egtahay sidan:

Maamulaha Console:

Macmiilka shabakadda:

Xusuusin 1. Haddii aadan cayimin bogga boostada ee la aqbalay marka aad gelayso maamulaha konsole ama macmiilka shabakadda, isticmaaleyaasha waxaa lagu xaqiijin doonaa bogga boostada ee la sameeyay marka la rakibayo server-ka Zimbra. Ka dib markii la rakibo, kani waa bogga kaliya ee la aqbali karo ee ku jira server-kan, laakiin sida nidaamku u shaqeeyo, waxaa lagu dari karaa meelo dheeraad ah oo boostada ah, ka dibna si cad u qeexida domainka magaca isticmaalaha waxay sameyn doontaa isbeddel.

Xusuusin 2. Markaad gasho macmiilka shabakada, barowsarkaaga ayaa laga yaabaa inuu ku weydiiyo ogolaansho si uu u muujiyo ogeysiisyada goobta. Waa inaad ogolaato inaad ogaysiisyada ka hesho goobtan.

Xusuusin 3. Kadib markaad gasho console-ka maamulaha, waxa laga yaabaa in lagu ogeysiiyo inay jiraan farriimo ku socda maamulaha, inta badana ku xasuusinaya inaad dejiso Zextras Backup iyo/ama inaad iibsato shatiga Zextras ka hor inta aanu shatiga tijaabada ahi dhicin. Ficiladan waa la samayn karaa mar dambe, sidaas darteed farriimaha jira wakhtiga gelitaanka waa la iska indho tiri karaa iyo/ama lagu calaamadayn karaa sida loo akhriyay liiska Zextras: Alert Zextras.

Xusuusin 4. Waxaa si gaar ah muhiim u ah in la ogaado in heerka server-ka lagula socdo heerka adeegga Docs-ka loo soo bandhigay sida "aan la heli karin" xitaa haddii Docs-ka macmiilka webka uu si sax ah u shaqeeyo:

Tani waa sifada nooca tijaabada ah waxaana la hagaajin karaa oo kaliya ka dib iibsashada shatiga iyo la xiriirida taageerada.

7.2. Dejinta qaybaha Zextras Suite

Gudaha Zextras: Menu Core, waa inaad gujisaa badhanka "Deploy" ee dhammaan zimlets ee aad doonayso inaad isticmaasho.

Marka la dirayo jiilaalka, wada hadal ayaa u muuqda natiijada hawlgalka sida soo socota:

Tusaalahayaga, dhammaan jiilaalka Zextras Suite waa la geeyay, ka dib Zextras: Foomka Core wuxuu qaadan doonaa foomkan:

7.3. Beddelida dejinta gelitaanka

7.3.1. Beddelka Goobaha Caalamiga ah

Menu Settings: Global settings, submenu server Proxy, beddel cabbirrada soo socda:

Qaabka wakiilnimada shabakada: redirect
Awood u yeel console-ka wakiil wakiileedka maamulka: calaamadee sanduuqa.
Kadibna ku dhufo "Save" qaybta midig ee sare ee foomka.

Tusaalahayaga, ka dib isbeddellada la sameeyay, foomku wuxuu u eg yahay sidan:

7.3.2. Isbeddellada ku yimaadda goobaha ugu muhiimsan ee server-ka Zimbra

Gudaha Menu Settings: Servers: <name of the main Zimbra server>, submenu Proxy server, bedeli xuduudaha soo socda:

Qaabka wakiilnimada shabakadda: dhagsii badhanka "Dib ugu celi qiimaha caadiga ah" (qiimaha laftiisu isma beddeli doono, maadaama mar hore la dejiyay inta lagu jiro rakibidda). U yeel maamulaha konsole proxy server: hubi in sanduuqa jeeggu la saxay (qiimaha caadiga ah waa in lagu dabaqo, haddii kale, waxaad riixi kartaa badhanka "Dib ugu celi qiimaha caadiga ah" iyo/ama u dejiso gacanta). Kadibna ku dhufo "Save" qaybta midig ee sare ee foomka.

Tusaalahayaga, ka dib isbeddellada la sameeyay, foomku wuxuu u eg yahay sidan:

Fiiro gaar ah: (dib u bilaabid ayaa loo baahan karaa haddi gelida dekedani shaqayn waydo)

7.4. Soo gal admin console cusub

Soo gal konsolka maamulka ee browserkaaga addoo isticmaalaya URL: https:// :9071
Mustaqbalka, isticmaal URL-kan si aad u gasho

Fiiro gaar ah: rakibaadda hal-server, sida caadiga ah, isbeddelada lagu sameeyay tallaabadii hore ayaa ku filan, laakiin xaaladaha qaarkood (haddii bogga server-ka aan la soo bandhigin markaad gelayso URL-ka la cayimay), waxaad u baahan kartaa inaad sameyso ficil loo baahan yahay. Rakibaadda server-ka badan - tusaale ahaan, amarrada server-ka Zimbra ee ugu weyn waxay u baahan doonaan in loo fuliyo isticmaale Zimbra /opt/zimbra/libexec/zmproxyconfgen и zmproxyctl dib u bilow.

7.5. Tafatirka caadiga ah ee COS

Gudaha Settings: Menu Class Service, dooro COS oo leh magaca "default".

Menu-hoosaadka “Fursadaha”, ka saar shaqada “Portfolio”, ka dibna ku dhufo “Save” ee qaybta midig ee sare ee foomka.

Tusaalahayaga, qaabeynta ka dib, foomku wuxuu u eg yahay sidan:

Waxa kale oo lagu talinayaa in aad hubiso goobta "Enable sharing of files and folders" ee ku jira liiska-hoosaadka Drive, ka dibna riix "Save" ee qaybta sare ee midig ee foomka.

Tusaalahayaga, qaabeynta ka dib, foomku wuxuu u eg yahay sidan:

Deegaanka tijaabada ah, isla fasalka adeegga, waxaad awood u siin kartaa hawlaha Kooxda Pro adiga oo daaraya sanduuqa hubinta ee magaca isku midka ah ee ku jira menu-hoosaadka Kooxda, ka dib qaabeynta qaabeynta ayaa qaadan doonta foomkan:

Marka astaamaha Kooxda Pro la joojiyo, isticmaalayaashu waxay heli doonaan oo keliya astaamaha aasaasiga ah ee Kooxda.
Fadlan la soco in kooxda Zextras Pro ay si madaxbanaan u siisay shati ka madaxbanaan Zextras Suite, kaas oo kuu ogolaanaya inaad ku iibsato sanduuqyo waraaqo ka yar marka loo eego Zextras Suite laftiisa; Astaamaha aasaasiga ah ee kooxda ayaa lagu daray shatiga Zextras Suite. Sidaa darteed, haddii lagu isticmaalo jawi wax soo saar, waxaad u baahan kartaa inaad abuurto adeeg gaar ah oo loogu talagalay isticmaaleyaasha Kooxda Pro oo ay ku jiraan astaamaha ku habboon.

7.6. Dejinta Firewall

Loo baahan yahay server-ka ugu weyn ee Zimbra:

a) Oggolow in laga soo galo internetka ssh, http/https, imap/imaps, pop3/pop3s, smtp dekedaha (dekedda weyn iyo dekedaha dheeraadka ah ee loo isticmaalo macaamiisha boostada) iyo dekedda console-ka maamulka.

b) Oggolow dhammaan isku xidhka shabakada gudaha (kaas oo NAT ee interneedka loo dajiyay talaabada 1.3 ee talaabada 1).

Looma baahna in la habeeyo dab-damiska server-ka Zextras Docs, sababtoo ah Lagama heli karo internetka.

Si tan loo sameeyo, waa inaad fulisaa tallaabooyinkan taxanaha ah:

1) Gal console-ka qoraalka ee seerfarka weyn ee Zimbra. Markaad ka soo gasho SSH, waa inaad socodsiisaa amarka "shaashadda" si aad uga fogaato joojinta fulinta amarka haddii xiriirka server-ka uu si ku-meel-gaar ah u lumo isbeddellada goobaha dab-damiska.

2) Orod amarrada

sudo ufw allow 22,25,80,110,143,443,465,587,993,995,9071/tcp
sudo ufw allow from <адрес_вашей_сети>/<длина CIDR маски>
sudo ufw enable

Tusaalahayaga waxay u egtahay sidan:

7.7. Hubinta gelitaanka macmiilka shabakadda iyo console-ka maamulaha

Si aad ula socoto shaqada dab-damiska, waxaad aadi kartaa URL-kan soo socda ee biraawsarkaaga

Console maamulaha: https:// :9071
Macmiilka shabakadda: http:// (waxaa jiri doona si toos ah u jiheynta https:// )
Isla mar ahaantaana, adoo isticmaalaya URL kale https:// :7071 Koonsolka maamulka waa inuusan furmin.

Macmiilka shabakadda ee tusaalaheena ayaa u eg sidan:

Ogow. Markaad gasho macmiilka shabakada, barowsarkaaga ayaa laga yaabaa inuu ku weydiiyo ogolaansho si uu u muujiyo ogeysiisyada goobta. Waa inaad ogolaato inaad ogaysiisyada ka hesho goobtan.

8. Xaqiijinta hawlgalka shirarka maqalka iyo muuqaalka ee Kooxda Zextras

8.1. Macluumaad guud

Ficilada hoos lagu sharraxay looma baahna haddii dhammaan macaamiisha Kooxda Zextras ay is dhexgalaan iyaga oo aan isticmaalin NAT (kiiskan, isdhexgalka server-ka Zimbra laftiisa waxaa lagu fulin karaa iyadoo la adeegsanayo NAT, ie. waa muhiim in aysan jirin NAT u dhexeeya macaamiisha). ama haddii qoraalka kaliya la isticmaalo Messenger.

Si loo hubiyo isdhexgalka macmiilka iyada oo loo marayo shir maqal iyo muuqaal ah:

a) Waa inaad rakibtaa ama isticmaashaa server-ka TURN ee jira.

b) Sababtoo ah server-ka TURN sida caadiga ah sidoo kale wuxuu leeyahay shaqeynta server-ka STUN, waxaa lagu talinayaa in loo isticmaalo awooddan sidoo kale (sida beddelka, waxaad isticmaali kartaa adeegayaasha STUN ee dadweynaha, laakiin shaqeynta STUN kaligaa badanaa kuma filna).

Deegaanka wax soo saarka, culeyska suurtagalka ah ee sarreeya awgeed, waxaa lagula talinayaa in loo wareejiyo server-ka TURN mashiin gooni ah. Imtixaanka iyo/ama culeyska fudud, server-ka TURN waxaa lagu dari karaa serferka weyn ee Zimbra.

Tusaalahayagu wuxuu eegayaa ku rakibida server-ka TURN serverka ugu weyn ee Zimbra. Ku rakibida TURN server gaar ah waa la mid, marka laga reebo in tillaabooyinka la xidhiidha rakibidda iyo habaynta software-ka TURN lagu sameeyo server-ka TURN, iyo tillaabooyinka lagu habeeyo server-ka Zimbra si uu u isticmaalo server-ka waxaa lagu sameeyaa Seerarka weyn ee Zimbra.

8.2. Ku rakibida server-ka TURN

Adigoo hore uga soo galay SSH server-ka weyn ee Zimbra, socodsii amarka

sudo apt install resiprocate-turn-server

8.3. Dejinta server-ka TURN

Ogow. Si aad u bedesho dhammaan faylasha qaabeynta soo socda, tafatiraha waa in lagu socodsiiyaa xuquuqda isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/reTurn/reTurnServer.config"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/reTurn/reTurnServer.config»

Abuuritaanka isticmaale ee la fududeeyay

Si loo fududeeyo abuurista iyo ciribtirka isku xirka tijaabada ee server-ka TURN, waxaanu joojin doonaa isticmaalka furaha sirta ah ee la xaday ee kaydka isticmaalaha TURN. Deegaanka wax soo saarka, waxaa lagu talinayaa in la isticmaalo furaha sirta ah ee la xaday; Xaaladdan oo kale, jiilka hashes sirta ah iyaga waa in loo sameeyaa si waafaqsan tilmaamaha ku jira /etc/reTurn/reTurnServer.config iyo /etc/reTurn/users.txt files.

Qabashada falalka:

1) Tafatir faylka /etc/reTurn/reTurnServer.config

Ka beddel qiimaha "UserDatabaseHashedPasswords" halbeegga "runta" una beddel "been".

2) Tafatir faylka /etc/reTurn/users.txt

U deji magaca isticmaale, erayga sirta ah, boqortooyada (macnaha la'aan, aan la isticmaalin marka la samaynayo xiriirinta Zimbra) oo u deji heerka akoontiga "Awood loo siiyey".

Tusaalahayaga, faylka markii hore wuxuu u ekaa:

Tafatirka kadib waxay u ekayd:

3) Codsiga qaabeynta

Orod amarka

sudo systemctl restart resiprocate-turn-server

8.4. Dejinta dab-damiska server-ka TURN

Marxaladdan, xeerar dheeraad ah oo dab-damis ah oo lagama maarmaanka u ah hawlgalka server-ka TURN ayaa la rakibay. Waa inaad u ogolaataa gelitaanka dekeda aasaasiga ah ee seerfarku ku aqbalo codsiyada, iyo baaxadda firfircoon ee dekedaha uu adeegsaduhu isticmaalo si uu u habeeyo qulqulka warbaahinta.

Dekadaha waxaa lagu qeexay faylka /etc/reTurn/reTurnServer.config, xaaladdeenu waa:

и

Si aad u rakibto sharciyada firewall, waxaad u baahan tahay inaad socodsiiso amarada

sudo ufw allow 3478,49152:65535/udp
sudo ufw allow 3478,49152:65535/tcp

8.5. Isku-dubbarididda isticmaalka TURN serverka gudaha Zimbra

Si loo habeeyo, FQDN ee server-ka ayaa la isticmaalaa, server-ka TURN, oo lagu sameeyay tallaabada 1.2 ee cutubka 1, oo ay tahay in lagu xalliyo server-yada DNS oo leh isla cinwaanka IP-ga dadweynaha labadaba codsiyada internetka iyo codsiyada ciwaannada gudaha.

Arag isku xidhka wakhtigan xaadirka ah ee isku xidhka "kooxda iceServer heli" ee ka hoos socota isticmaalaha zimbra

Macluumaad dheeraad ah oo ku saabsan dejinta isticmaalka server-ka TURN, arag qaybta "Ku rakibida Kooxda Zextras si ay u isticmaalaan server-ka TURN" gudaha dukumentiyo.

Si loo habeeyo, waxaad u baahan tahay inaad ku socodsiiso amarada soo socda server-ka Zimbra:

sudo su - zimbra
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478?transport=udp
zxsuite team iceServer add turn:<FQDN вашего сервера TURN>:3478?transport=udp credential <пароль> username <имя пользователя>
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478?transport=tcp
zxsuite team iceServer add turn:<FQDN вашего сервера TURN>:3478?transport=tcp credential <пароль> username <имя пользователя>
zxsuite team iceServer add stun:<FQDN вашего сервера TURN>:3478
logout

Qiimaha magaca isticmaalaha iyo erayga sirta ah, siday u kala horreeyaan, ee lagu qeexay tallaabada 2 ee faqradda 8.3 waxa loo isticmaalaa sida <username> iyo <password>.

Tusaalahayaga waxay u egtahay sidan:

9. Oggolaanshaha boostada inay soo marto borotokoolka SMTP

Iyadoo la raacayo dukumeenti, Yandex.Cloud, taraafikada ka baxaya dekedda TCP 25 ee internetka iyo Yandex Compute Cloud mashiinnada farsamada ayaa had iyo jeer xanniba marka laga galo cinwaanka IP-ga dadweynaha. Tani kama hor istaagi doonto inaad hubiso aqbalaadda boostada laga soo diray server kale ee boostada loo diro domainka la aqbalay, laakiin waxay kaa hor istaagi doontaa inaad dirto boostada meel ka baxsan server-ka Zimbra.

Dukumeentigu wuxuu sheegayaa in Yandex.Cloud uu furi karo dekedda TCP 25 codsi taageero ah haddii aad u hoggaansanto Tilmaamaha Isticmaalka La Aqbali karo, waxayna xaq u leedahay inay mar kale xannibto dekedda haddii ay dhacdo xadgudub ku ah shuruucda. Si aad u furto dekedda, waxaad u baahan tahay inaad la xiriirto taageerada Yandex.Cloud.

Codsiga

Abuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh

1. Abuuritaanka lamaanaha muhiimka ah ee SSH

Daaqadaha adigoo isticmaalaya putty: ku socodsii amarka puttygen.exe oo dhagsii badhanka "Abuur".

On Linux: run amar

ssh-keygen

2. U beddelashada furayaasha putty una beddelo qaabka openssh

Daaqadaha:

Qabashada falalka:

1. Ku socodsii barnaamijka puttygen.exe.
2. Ku shub furaha gaarka ah qaabka pk, isticmaal shayga menu File → Soo qaado furaha gaarka ah.
3. Geli erayga sirta ah haddii loo baahdo furahaan.
4. Furaha dadweynaha ee qaabka OpenSSH waxa lagu muujiyay puttygen oo ay ku qoran tahay "Furaha dadweynaha ee ku dhejinta furaha fayl-keysyada ee OpenSSH"
5. Si aad furaha gaarka ah ugu dhoofiso qaabka OpenSSH, dooro Beddelka → Dhoofinta Furaha SSH ee liiska ugu muhiimsan
6. Ku keydi furaha gaarka ah fayl cusub

Linux

1. Ku rakib xirmada qalabka Putty:

gudaha Ubuntu:

sudo apt-get install putty-tools

ku saabsan qaybinta Debian u eg:

apt-get install putty-tools

qaybinta ku salaysan RPM ee ku salaysan yum (CentOS, iwm.):

yum install putty

2. Si aad u bedesho furaha gaarka ah, socodsii amarka:

puttygen <key.ppk> -O private-openssh -o <key_openssh>

3. Si loo abuuro fure dadweyne (haddii loo baahdo):

puttygen <key.ppk> -O public-openssh -o <key_openssh.pub>

natiijada

Ka dib markii la rakibo si waafaqsan talooyinka, isticmaaluhu wuxuu helayaa server-ka Zimbra oo lagu habeeyay kaabayaasha Yandex.Cloud oo leh kordhinta Zextras ee isgaarsiinta shirkadaha iyo la shaqeynta dukumentiyada. Goobaha waxaa lagu sameeyay xaddidaadyo gaar ah oo loogu talagalay jawi tijaabo ah, laakiin ma adka in la beddelo rakibaadda qaabka wax soo saarka oo lagu daro ikhtiyaarrada isticmaalka kaydinta shayga Yandex.Cloud iyo kuwa kale. Su'aalaha ku saabsan keenista iyo isticmaalka xalka, fadlan la xiriir lamaanahaaga Zextras - SVZ ama wakiilo Yandex.Cloud.

Dhammaan su'aalaha la xiriira Zextras Suite, waxaad kula xiriiri kartaa wakiilka Zextras Ekaterina Triandafilidi e-mail [emailka waa la ilaaliyay]

Source: www.habr.com