Horudhac
Hagaajinta kaabayaasha xafiisyada iyo geynta goobo cusub ayaa caqabad weyn ku ah shirkadaha nooc kasta iyo xajmi kasta. Doorashada ugu fiican ee mashruuc cusub waa in la kireeyo kheyraadka daruuraha iyo iibsashada shatiyada loo isticmaali karo bixiyaha ama gudaha guriga. Hal xal ee dhacdadan ayaa ah , kaas oo kuu ogolaanaya inaad abuurto madal wadashaqeyn iyo isgaarsiineed shirkadeed labadaba jawi daruureed iyo kaabayaashiisa.

Xalku waxa uu u qaabaysan yahay xafiisyo cabbir kasta leh, wuxuuna leeyahay laba xaaladood oo ugu muhiimsan oo la dejinayo: habayn hal server ah oo loogu talagalay ilaa 3000 oo sanduuq boostada ah iyo shuruudaha dulqaadka cilladaha oo hooseeya, halka habayn badan oo server ah ay taageerto hawlgal la isku halleyn karo oo jawaab celin ah tobanaan ama boqolaal kun oo sanduuq boostada ah. Dhammaan kiisaska, isticmaalayaashu waxay galaan iimaylka, dukumeentiyada, iyo farriimaha iyagoo adeegsanaya hal is-dhexgal shabakadeed oo ka imanaya desktop kasta, looma baahna in la rakibo ama la habeeyo software dheeraad ah, ama iyada oo loo marayo barnaamijyada moobaylka ee iOS iyo AndroidWaxaad isticmaali kartaa macaamiisha Outlook iyo Thunderbird ee la yaqaan.
Si loo geeyo mashruuca, saaxiibka Zextras - Waxaan doortay Yandex.Cloud sababtoo ah qaabdhismeedkeedu wuxuu la mid yahay AWS waxayna taageertaa kaydinta ku habboon S3, taas oo yareyn doonta kharashka kaydinta tiro badan oo email ah, fariimo, iyo dukumentiyo iyo kordhinta dulqaadka qaladka xalka.
Deegaanka Yandex.Cloud, aaladaha maaraynta mashiinka farsamada ee aasaasiga ah ayaa loo isticmaalaa in lagu rakibo hal server. iyo awoodaha maaraynta shabakada farsamada Ku rakibida server-ka badan, marka lagu daro qalabka la cayimay, waxaa lagama maarmaan ah in la isticmaalo tignoolajiyada , haddii loo baahdo (iyadoo ku xiran miisaanka nidaamka) - sidoo kale , iyo isku dheeli tirka shabakada .
Kaydinta walaxda ku habboon S3 Waxaa loo isticmaali karaa labada ikhtiyaar ee rakibidda iyo sidoo kale waxaa lagu xiri karaa nidaamyada la geeyey goobta si kharash-ku-ool ah iyo cillad-dulqaadka kaydinta xogta server-ka Yandex.Cloud.
Si loo rakibo hal-server, iyadoo kuxiran tirada isticmaaleyaasha iyo / ama sanduuqyada boostada, kuwan soo socda ayaa loo baahan yahay: server-ka aasaasiga ah: 4-12 vCPU, 8-64 GB vRAM (qiyamka vCPU iyo vRAM ee gaarka ah waxay kuxiran yihiin tirada sanduuqyada boostada iyo culeyska dhabta ah), ugu yaraan 80 GB ee booska diskka ee nidaamka hawlgalka iyo codsiyada, iyo sidoo kale kaydinta boosaska dheeriga ah ee diskka. tirada iyo celceliska cabbirka sanduuqyada boostada oo si firfircoon isu beddeli kara inta lagu jiro nidaamka hawlgalka; loogu talagalay dukumiintiyada kaaliyaha ah: 2-4 vCPU, 2-16 GB vRAM, 16 GB booska diskka (qiyamka kheyraadka gaarka ah iyo tirada adeegayaashu waxay ku xiran yihiin culeyska dhabta ah); server-ka TURN/STUN ayaa sidoo kale loo baahan karaa (baahida loo qabo server gooni ah iyo kheyraadkeedu waxay ku xiran tahay culeyska dhabta ah). Ku rakibida server-yada badan, tirada iyo ujeedada mashiinnada farsamada doorka ku saleysan iyo agabka loo qoondeeyay iyaga ayaa si gaar ah loo go'aamiyaa iyadoo ku xiran shuruudaha isticmaalaha.
Ujeedada maqaalka
Maqaalkani waxa uu sharaxayaa sida loo geeyo alaabta Zextras Suite gudaha Yandex.Cloud iyada oo la adeegsanayo server-ka boostada ee Zimbra, iyada oo la adeegsanayo rakibaadda hal-server. Rakibaadda soo baxday waxaa loo isticmaali karaa jawi wax soo saar (isticmaalayaasha khibradda leh waxay habeyn karaan goobaha lagama maarmaanka ah waxayna ku dari karaan ilaha).
Nidaamka Zextras Suite/Zimbra waxaa ka mid ah:
- Zimbra - iimaylka shirkadda oo awood u leh inay wadaagaan sanduuqyada boostada, jadwalka taariikhda, iyo liisaska xiriirka (buugaagta ciwaanka).
- Zextras Docs - xafiis ku dhex dhisan oo ku salaysan LibreOffice online si loo abuuro loogana wada shaqeeyo dukumeentiyada, xaashiyaha, iyo bandhigyada.
- Zextras Drive - Kaydinta faylalka gaarka ah ee kuu oggolaanaya inaad wax ka beddesho, kaydiso, oo aad la wadaagto faylasha iyo faylalka isticmaaleyaasha kale.
- Kooxda Zextras β Rasuul taageero u ah shirarka maqalka iyo muuqaalka ah. Kooxda Aasaasiga ah, oo u ogolaata kaliya isgaarsiin hal-hal ah, iyo Kooxda Pro, oo taageerta shirarka isticmaalaha badan, kanaalada, wadaaga shaashadda, wadaaga faylka, iyo astaamo kale, ayaa diyaar ah.
- Zextras Mobile - Taageerada aaladaha mobilada iyada oo loo sii marayo Exchange ActiveSync si loogu wada shaqeeyo emaylka aaladaha mobilada ee leh awooda MDM (Maaraynta Aaladaha Mobilka). Kuu ogolaanayaa inaad u isticmaasho Microsoft Outlook macmiil email ahaan.
- Zextras Admin - hirgelinta maamulka nidaamka kiraystayaasha badan oo ay weheliyaan ergada maamulayaasha si ay u maareeyaan kooxaha macaamiisha iyo fasallada adeegga.
- Kaabta Zextras -buuxa xogta gurmad iyo soo kabashada in waqtiga dhabta ah
- Zextras Powerstore - Kaydinta kala sarraysa ee walxaha nidaamka boostada oo taageero u ah fasallada habaynta xogta, oo awood u leh in lagu kaydiyo xogta gudaha ama kaydinta daruuraha ee qaab dhismeedka S3, oo ay ku jiraan Kaydinta Shayga Yandex.
Marka rakibiddu dhammaato, isticmaaluhu wuxuu helayaa nidaam ku socda deegaanka Yandex.Cloud.
Shuruudaha iyo xayiraadaha
- Meelaynta booska Disk ee sanduuqyada boostada, tusmooyinka, iyo noocyada kale ee xogta lama sifayn, sida Zextras Powerstore ay taageerto noocyo kaydin oo kala duwan. Nooca kaydinta iyo cabbirka waxay ku xiran tahay hawlaha iyo cabbirrada nidaamka. Haddii loo baahdo, tan waxaa la samayn karaa mar dambe inta lagu guda jiro habka loogu beddelo rakibaadda la tilmaamay wax soo saarka.
- Si loo fududeeyo rakibaadda, kuma talineyno in la isticmaalo maamule-maareeyo server-ka DNS si loo xalliyo magacyada domain ee gudaha (aan dadweynaha ahayn). Taa baddalkeeda, waxaan isticmaalnaa server-ka caadiga ah ee Yandex.Cloud DNS. Deegaanka wax soo saarka, waxaan kugula talineynaa inaad isticmaasho server-ka DNS, kaas oo laga yaabo inuu horeyba ugu jiray kaabayaasha shirkaddaada.
- Waxaa loo malaynayaa inaad isticmaalayso koontada Yandex.Cloud oo leh goobaha caadiga ah (gaar ahaan, markaad gasho adeegga "Console," kaliya hagaha (oo lagu magacaabo "default" ee liiska "daruuraha la heli karo") ayaa jira). Isticmaalayaasha aqoonta u leh Yandex.Cloud waxay, go'aankooda, u samayn karaan hage gaar ah sariirta tijaabada ama isticmaali karaan mid jira.
- Isticmaaluhu waa inuu lahaadaa aag guud oo DNS ah kaas oo ay tahay inuu galo maamul.
- Isticmaaluhu waa inuu galo tusaha ku jira Yandex.Cloud Console oo leh ugu yaraan doorka "tifaftiraha" ("Milkiilaha Cloud" wuxuu leeyahay dhammaan xuquuqaha lagama maarmaanka ah si caadi ah; waxaa jira hagayaal loogu oggolaado gelitaanka daruuraha isticmaalayaasha kale: , , )
- Maqaalkani ma daboolayo rakibaadda isticmaalaha X.509 shahaadooyinka loo isticmaalo si loo sugo isgaadhsiinta shabakada iyada oo loo marayo hababka TLS. Marka la rakibo, shahaadooyin is-saxiix ayaa la isticmaali doonaa, taasoo u oggolaanaysa daalacashada inay galaan nidaamka rakiban. Shahaadooyinkani waxay caadi ahaan muujiyaan ogeysiis ah in seerfarku ka maqan yahay shahaado la xaqiijin karo, laakiin oggolow in la sii wado. Ilaa la rakibo shahaadooyinka la xaqiijin karo macmiilka (ay saxeexeen maamulka shahaadaynta dadweynaha iyo/ama shirkada), codsiyada mobaylada waxa laga yaabaa inaanay la shaqayn nidaamka rakiban. Sidaa darteed, ku rakibida shahaadooyinkan deegaanka wax soo saarka waa lagama maarmaan waana in la sameeyaa ka dib marka la dhammeeyo imtixaanka si waafaqsan siyaasadaha amniga shirkadaha.
Sharaxaada habka rakibida nidaamka Zextras/Zimbra ee nooca "hal-server"
1. Diyaarin horudhac ah
Kahor intaadan bilaabin rakibidda, waa inaad hubisaa:
a) Ku samaynta isbeddelada aagga DNS ee dadweynaha (abuurista rikoodhka server-ka Zimbra iyo rikoodhka MX ee bogga boostada ee la taageeray).
b) Dejinta kaabayaasha shabakad dalwaddii Yandex.Cloud.
Si kastaba ha noqotee, ka dib marka isbeddel lagu sameeyo aagga DNS, waxay qaadataa wakhti wakhti ah in isbeddelladani ay faafiyaan, laakiin, dhinaca kale, suurtagal maaha in la sameeyo A-rikoob iyada oo aan la garanayn cinwaanka IP-ga ee la xidhiidha.
Sidaa darteed, ficillada waxaa loo sameeyaa sida soo socota:
1. Ku hay ciwaanka IP-ga guud ee Yandex.Cloud
1.1 Gudaha Yandex.Cloud Console (haddii loo baahdo, dooro tusaha ku jira "daruuraha la heli karo"), u gudub qaybta Cloud Private Private Cloud, ciwaannada IP-hoosaadka, ka dibna dhagsii badhanka "Cinwaanka Kaydinta", dooro aagga la heli karo (ama aqbal qiimaha la soo jeediyay; aaggan helitaanku waa in loo adeegsadaa dhammaan ficillada dheeraadka ah ee gudaha Yandex.Cloud), haddii awoodda ay u dooran karto aagga Yandex.Cloud sanduuqa furmo, haddii la rabo, waad awoodaa, laakiin looma baahna, dooro ikhtiyaarka " ilaalinta DDoS", oo guji badhanka "Reserve" (eeg sidoo kale ).

Kadib xidhitaanka wada hadalka, ciwaanka IP-ga ee habaysan ee loo qoondeeyey waxa laga heli karaa liiska cinwaanada IP-ga, kaas oo la koobiyn karo lana isticmaali karo tallaabada xigta.

1.2 Aagga "horumarka" ee DNS, u samee diiwaanka server-ka Zimbra oo tilmaamaya ciwaanka IP-ga ee hore loo qoondeeyay, diiwaanka server-ka TURN oo tilmaamaya isla cinwaanka IP-ga, iyo diiwaanka MX ee iimaylka la taageeray. Tusaalahayaga, kuwani waxay noqonayaan mail.testmail.svzcloud.ru (Seerarka Zimbra), turn.testmail.svzcloud.ru (Sarkaalka TURN), iyo testmail.svzcloud.ru (ee iimaylka), siday u kala horreeyaan.
1.3 Gudaha Yandex.Cloud, oo ku taal aagga la heli karo ee la doortay ee shabakada hoose ee loo isticmaali doono in la geeyo mashiinnada farsamada, u suurtageli NAT internetka.
Si tan loo sameeyo, qaybta Cloud Private Virtual Private, ee qaybta shabakadaha Cloud, dooro shabakada daruuriga ah ee ku habboon (sida caadiga ah, kaliya shabakadda caadiga ah ayaa halkaas laga heli karaa), dooro aagga helitaanka ku habboon ee ku dhex yaal, iyo dejinteeda, dooro ikhtiyaarka "U oggolow NAT internetka."

Xaaladdu way iska beddeli doontaa liiska shabakadaha hoose:

Faahfaahin dheeraad ah, eeg dukumentiyada: ΠΈ .
2. Abuuritaanka mashiinnada casriga ah
2.1. Abuuritaanka mashiinka farsamada ee Zimbra
Qabashada falalka:
2.1.1 Gudaha Yandex.Cloud Console, aad qaybta Compute Cloud, qayb hoosaadka Mishiinada Virtual, oo dhagsii badhanka Abuur VM (si aad u hesho macluumaad dheeraad ah oo ku saabsan abuurista VM, eeg ).

2.1.2 Halkaas waxaad u baahan tahay inaad ku qeexdo:
- Magaca β sabab laβaan (si waafaqsan qaabka ay taageerto Yandex.Cloud)
- Aagga la heli karo β waa in uu u dhigmaa tii hore loogu doortay shabakadda farsamada.
- "Sawirrada Dadweynaha" dooro Ubuntu 18.04 lts
- Ku rakib disk bootable ah oo ah ugu yaraan 80GB saxannada. HDD ayaa ku filan ujeedooyinka tijaabada (iyo sidoo kale isticmaalka wax soo saarka, waase haddii xogta qaar loo wareejiyo SSD drives). Saxanno dheeri ah ayaa lagu dari karaa ka dib marka VM la sameeyo, haddii loo baahdo.
Ku jira "khayraadka xisaabinta":
- vCPU: ugu yaraan 4.
- Wadaagga vCPU ee la dammaanad qaaday: ugu yaraan 50% marka la fulinayo tillaabooyinka lagu sharraxay maqaalkan; tan waa la dhimi karaa haddii loo baahdo ka dib marka la rakibo.
- RAM: 8GB ayaa lagula talinayaa.
- Subnet: Dooro subnet-ka kaas oo NAT-ga intarneedka loo sahlay inta lagu guda jiro wajigii diyaarinta kahor.
- Cinwaanka dadwaynaha: Liiska ka dooro ciwaanka IP-ga ee hore loo isticmaalay si loo abuuro diiwaanka A ee DNS.
- Isticmaale: go'aankaaga, laakiin ka duwan isticmaalaha xididka iyo akoonnada nidaamka Linux.
- Waa lagama maarmaan in la dejiyo furaha SSH ee dadweynaha.
β
Sidoo kale fiiri 1 appAbuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh.
2.1.3 Marka habayntu dhammaato, dhagsii "Create VM".
2.2. Abuuritaanka mishiinka farsamada ee Zextras Docs
Qabashada falalka:
2.2.1 Gudaha Yandex.Cloud Console, aad qaybta Compute Cloud, qayb hoosaadka Mishiinada Virtual, oo dhagsii badhanka Abuur VM (si aad u hesho macluumaad dheeraad ah oo ku saabsan abuurista VM, eeg ).

2.2.2 Halkaas waxaad u baahan tahay inaad ku qeexdo:
- Magaca β sabab laβaan (si waafaqsan qaabka ay taageerto Yandex.Cloud)
- Aagga la heli karo β waa in uu u dhigmaa tii hore loogu doortay shabakadda farsamada.
- "Sawirrada Dadweynaha" dooro Ubuntu 18.04 lts
- Ku rakib disk bootable ah oo ah ugu yaraan 80GB saxannada. HDD ayaa ku filan ujeedooyinka tijaabada (iyo sidoo kale isticmaalka wax soo saarka, waase haddii xogta qaar loo wareejiyo SSD drives). Saxanno dheeri ah ayaa lagu dari karaa ka dib marka VM la sameeyo, haddii loo baahdo.
Ku jira "khayraadka xisaabinta":
- vCPU: ugu yaraan 2.
- Wadaagga vCPU ee la dammaanad qaaday: ugu yaraan 50% marka la fulinayo tillaabooyinka lagu sharraxay maqaalkan; tan waa la dhimi karaa haddii loo baahdo ka dib marka la rakibo.
- RAM: aan ka yarayn 2GB.
- Subnet: Dooro subnet-ka kaas oo NAT-ga intarneedka loo sahlay inta lagu guda jiro wajigii diyaarinta kahor.
- Cinwaanka dadweynaha: ma jiro ciwaan (mashiinkani uma baahna gelitaanka internetka, kaliya gelitaanka ka baxsan mashiinkan ee internetka, kaas oo ay bixiso "NAT ilaa Internetka" ikhtiyaarka subnet-ka ee la isticmaalo).
- Isticmaale: go'aankaaga, laakiin ka duwan isticmaalaha xididka iyo akoonnada nidaamka Linux.
- Waa lagama maarmaan in la dejiyo furaha SSH ee dadweynaha. Waxaad isticmaali kartaa mid la mid ah kan server-ka Zimbra, ama waxaad abuuri kartaa lamaane fure oo gaar ah, maadaama furaha gaarka ah ee server-ka Zextras Docs uu u baahan doono in lagu dhejiyo saxanka serverka Zimbra.
Sidoo kale eeg Lifaaqa 1. Abuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh.
2.2.3 Marka habayntu dhammaato, dhagsii "Create VM".
2.3 Mashiinnada farsamada gacanta ee la sameeyay ayaa laga heli doonaa liiska mashiinka farsamada, kuwaas oo soo bandhigaya, waxyaabo kale, xaaladooda iyo ciwaannada IP-ga ee la isticmaalo, labadaba dadweynaha iyo gudahaba. Macluumaadka ciwaanka IP-ga ayaa loo baahan doonaa talaabooyinka rakibida xiga.

3. Diyaarinta server-ka Zimbra si loo rakibo
3.1 Ku rakibida wararka
Waxaad u baahan tahay inaad gasho server-ka Zimbra ciwaanka IP-ga ee dadweynaha adoo isticmaalaya macmiilka ssh ee aad door bidayso, adoo isticmaalaya furaha ssh ee gaarka ah iyo magaca isticmaale ee lagu cayimay marka la abuurayo mashiinka farsamada.
Kadib markaad gasho, socodsii amarrada soo socda:
sudo apt update
sudo apt upgrade
(Markaad wado amarka ugu dambeeya, ka jawaab "y" su'aasha ah inaad hubto inaad rabto inaad rakibto liiska la soo jeediyay ee cusbooneysiinta)
Kadib rakibidda cusbooneysiinta, waxaad awoodi kartaa (laakiin looma baahna) inaad socodsiiso amarka:
sudo apt autoremove
Oo dhamaadka tallaabada, fulinta amarka
sudo shutdown βr now
3.2 Rakibaadda dheeraadka ah ee codsiyada
Waxaad u baahan tahay inaad ku rakibto macmiilka NTP si aad ula xidhiidho wakhtiga nidaamka iyo codsiga shaashadda adoo isticmaalaya amarka soo socda:
sudo apt install ntp screen
(Markaad wado amarka ugu dambeeya, ka jawaab "y" su'aasha ah inaad hubto rakibidda liiska xirmooyinka la bixiyay)
Waxa kale oo aad ku rakibi kartaa yutiilitida dheeraadka ah ee ku haboon maamulka. Tusaale ahaan, Taliyaha Midnight waxa lagu rakibi karaa iyadoo la isticmaalayo amarka:
sudo apt install mc
3.3. Beddelka qaabeynta nidaamka
3.3.1 Faylka ku jira /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg beddel qiimaha halbeegga maamula_iwm_martigeliyayaasha c run on been ah.
Fiiro gaar ah: Si aad u tafatirto faylkan, waa inaad ku socodsiisaa tifaftiraha xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfgΒ»
3.3.2 Wax ka beddel / iwm sida soo socota, bedelida ciwaanka ku jira xariiqda qeexaysa FQDN ee martida loo yahay 127.0.0.1 oo leh cinwaanka IP-ga gudaha ee server-kan, iyo magaca ka soo jeeda magaca si buuxda u qalma ee aagga gudaha ee magaca dadweynaha ee server-ka hore ee lagu sheegay A-rikoobka aagga DNS, iyo beddelidda magaca gaaban ee martida loo yahay (haddii ay ka duwan tahay DNS-ga gaaban).
Tusaale ahaan, xaaladdeenna faylka martida loo yahay wuxuu u ekaa sidan:

Tafatirka kadib waxay u ekayd sidan:

Fiiro gaar ah: Si aad u tafatirto faylkan, waa inaad ku socodsiisaa tifaftiraha xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/hosts"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/hostsΒ»
3.4 Deji erayga sirta ah ee isticmaalaha
Tani waa lagama maarmaan sababtoo ah firewall-ka ayaa la habeyn doonaa mar dambe. Haddi ay arintu soo baxdo, isticmaaluhuna uu haysto erayga sirta ah, waxa ay geli karaan mishiinka farsamada gacanta iyaga oo isticmaalaya konsole-ka taxanaha ah ee Yandex.Cloud konsole oo ay joojiyaan dab-damiska iyo/ama saxaan khaladka. Marka la abuurayo mashiinka farsamada gacanta, isticmaaluhu ma haysto erayga sirta ah, markaa gelitaanka ayaa suurtogal ah oo keliya SSH iyada oo la adeegsanayo xaqiijin ku salaysan furaha.
Si aad u dejiso furaha sirta ah, waxaad u baahan tahay inaad socodsiiso amarka:
sudo passwd <ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>
Tusaale ahaan, xaaladdeena waxay noqon doontaa amarka "sudo passwd user".
4. Ku rakibida Zimbra iyo Zextras Suite
4.1. Soo dejinta Zimbra iyo Zextras Suite qaybinta
4.1.1 Soo dejinta Zimbra qaybinta
Qabashada falalka:
1) Aad URL-ka adiga oo isticmaalaya browser-kaaga oo buuxi foomka. Waxaad heli doontaa iimayl wata xiriiriyaha soo dejinta ee Zimbra ee nidaamyada hawlgalka ee kala duwan.
2) Xullo nooca hadda ee qaybinta ee madal-hawleedka Ubuntu 18.04 LTS oo nuqul ka samee xiriirka
3) Soo deji qaybinta Zimbra serferka Zimbra oo fur. Si tan loo sameeyo, ku socodsii amarada soo socda fadhiga SSH ee server-ka Zimbra:
cd ~
mkdir zimbra
cd zimbra
wget <url, ΡΠΊΠΎΠΏΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ Π½Π° ΠΏΡΠ΅Π΄ΡΠ΄ΡΡΠ΅ΠΌ ΡΠ°Π³Π΅>
tar βzxf <ΠΈΠΌΡ ΡΠΊΠ°ΡΠ°Π½Π½ΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°>
(tusaale ahaan waa "tar βzxf zcs-9.0.0_OSE_UBUNTU18_ugu dambeeyay-zextras.tgz")
4.1.2 Soo dejinta Zextras Suite qaybinta
Qabashada falalka:
1) Aad URL-ka adiga oo isticmaalaya browser-kaaga
2) Buuxi foomka adiga oo gelaya xogta loo baahan yahay oo guji "Download NOW" badhanka.

3) Bogga soo dejinta ayaa furmi doona.

Waxaa jira laba URL oo na xiiseeya: mid wuxuu ku yaal xagga sare ee bogga Zextras Suite laftiisa, kaas oo aan hadda u baahan doono, kan kalena wuxuu ku yaal xagga hoose ee barta Docs Server-ka Ubuntu 18.04 LTS, kaas oo loo baahan doono hadhow si loogu rakibo Zextras Docs VM-ka Dukumentiyada.
4) Soo deji qaybinta Zextras Suite seerfarka Zimbra oo fur. Si tan loo sameeyo, ku socodsii amarada soo socda fadhiga SSH ee server-ka Zimbra:
cd ~
mkdir zimbra
cd zimbra
(Haddii tusaha hadda uusan isbeddelin ilaa tallaabadii hore, uma baahnid inaad socodsiiso amarada kore)
wget http://download.zextras.com/zextras_suite-latest.tgz
tar βzxf zextras_suite-latest.tgz
4.2. Ku rakibida Zimbra
Noocyada waxqabadka
1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.1 (waxaad ku arki kartaa adigoo isticmaalaya amarka ls halka ku jira ~/zimbra directory).
Tusaalahayaga waxay noqon doontaa:
cd ~/zimbra/zcs-9.0.0_OSE_UBUNTU18_latest-zextras/zimbra-installer
2) Ku socodsii rakibaadda Zimbra amarka
sudo ./install.sh
3) Ka jawaabista su'aalaha rakibaha
Waxaad uga jawaabi kartaa su'aalaha rakibaha "y" (oo u dhiganta "haa"), "n" (oo u dhiganta "maya"), ama ka tag talooyinka rakibaha oo aan isbeddelin (waxay ku siinaysaa xulashooyin adigoo ku soo bandhigaya xargaha labajibbaaran, tusaale ahaan, "[Y]" ama "[N]".
Ma ku raacsan tahay shuruudaha heshiiska shatiga software? - haa.
Ma isticmaashaa kaydka baakadda Zimbra? - sida caadiga ah (haa).
"Ku rakib zimbra-ldap?","Ku rakib zimbra-logger?","Ku rakib zimbra-mta?"- sida caadiga ah (haa).
Ku rakib zimbra-dnscache? - maya (nidaamka hawlgalku waxa uu leeyahay server-ka DNS caching u gaar ah oo karti u leh si caadi ah, marka xirmadan ayaa ka hor iman doonta iyada oo ay ugu wacan tahay dekedaha la isticmaalo).
Ku rakib zimbra-snmp? - Ikhtiyaar ahaan, waxaad ka tagi kartaa ikhtiyaarka caadiga ah (haa) oo aadan rakibin xirmadan. Tusaalahayaga, waxaan ka tagnay ikhtiyaarka caadiga ah.
"Ku rakib dukaanka zimbra?","Ku rakib zimbra-apache?","Ku rakib zimbra- higaada?","Ku rakib zimbra-memcached?","Ku rakib zimbra-proxy?"- sida caadiga ah (haa).
Ku rakib zimbra-snmp? - maya (xirmada run ahaantii lama taageero waxaana si shaqaynaya u bedelay Zextras Drive).
Ku rakib zimbra-imapd? - sida caadiga ah (maya).
Ku rakib zimbra-chat? - maya (si shaqaynaya waxaa bedelay Kooxda Zextras)
Taas ka dib rakibaha ayaa ku weydiin doona in la sii wado rakibidda?

Waxaan ku jawaabeynaa "haa" haddii aan sii wadi karno, haddii kale waxaan ku jawaabnaa "maya" oo waxaan helnaa fursad aan ku beddelno jawaabaha su'aalaha hore loo weydiiyay.
Ka dib marka la ogolaado in la sii wado, rakibaha ayaa rakibi doona xirmooyinka.
4.) Ka jawaabista su'aalaha qaabeeyaha aasaasiga ah
4.1) Maadaama tusaalaheenu uu ka duwan yahay server-ka boostada magaca DNS (Magaca rikoorka) iyo magaca mail ee taageeraya (Magaca rikoorka MX), qaabeeyaha wuxuu soo bandhigayaa digniin wuxuuna nagu dhiirigeliyaa inaan galno magaca boostada ee la taageeray. Waanu aqbalnay degdega oo geli magaca diiwaanka MX. Tusaalahayaga, waxay u egtahay sidan:

Fiiro gaar ah: Waxaad cayimi kartaa boostada la taageerayo ee ka duwan magaca server-ka xitaa haddii uu jiro rikoor MX oo isku magac ah magaca serverka.
4.2) Habeeyaha ayaa soo bandhigaya liiska ugu muhiimsan.

Waxaan u baahanahay inaan dejino erayga sirta ah ee maamulaha Zimbra ( shayga menu 6 ee tusaalaheena), taas oo la'aanteed aysan suurtagal ahayn in la sii wado rakibaadda, oo aan beddelno goobta zimbra-proxy ( shayga 8 ee tusaalahayada; haddii loo baahdo, goobtan waa la beddeli karaa ka dib marka la rakibo).
4.3) Beddelida dejinta zimbra-store
Geli lambarka shayga menu ee isla markiiba qaabeeyaha oo taabo Gelida. Tani waxay ku geyn doontaa liiska qaabeynta kaydinta:

Dakhliga isku xidhka, geli lambarka shayga furaha Admin Password-ka (tusaale ahaan 4), taabo Gelida, isku xidhaha ayaa kuu sheegi doona erayga sirta ah ee si aan kala sooc lahayn loo soo saaray. Waad aqbali kartaa (xusuusnow) ama waad geli kartaa kaaga. Si kastaba ha noqotee, taabo Gelida dhamaadka, ka dib "Admin Password" ikhtiyaarka ayaa laga nadiifin doonaa soo-gelinta isticmaalaha:

Waxaan ku laabaneynaa liiska hore (waxaan ku raacsannahay soo jeedinta isku xiraha).
4.4) Beddelida goobaha zimbra-proxy
Si la mid ah tillaabadii hore, menu-ka ugu weyn, dooro shayga nambarka "zimbra-proxy" oo geli isla markiiba qaabeeyaha.

Menu-ka qaabeynta wakiil ee furmo, dooro nambarka shayga βHabka server-ka Proxyβ oo geli isla markiiba qaabeeyaha.

Isku-habeeyuhu waxa uu ku weydiin doonaa inaad doorato mid ka mid ah hababka. Geli "redirect" isla markiiba oo taabo Gelida.
Taas ka dib, waxaan ku laabaneynaa liiska ugu muhiimsan (waxaan ku raacsannahay soo jeedinta iskudubaridka).
4.5) Ku shaqaynta qaabaynta
Si aad u socodsiiso qaabaynta, geli "a" xaga isku xidhka isla markiiba. Kadib waxay ku waydiin doontaa in lagu kaydiyo qaabaynta la geliyey faylka (kaas oo loo isticmaali karo dib u rakibid). Waad aqbali kartaa dalabka caadiga ah. Haddii aad go'aansato inaad kaydiso qaabaynta, waxay ku waydiin doontaa faylka aad ku kaydinayso (waxaad aqbali kartaa dalabka caadiga ah ama waxaad geli kartaa magaca faylka gaarka ah).

Marxaladdan, waxaad weli diidi kartaa inaad sii waddo oo aad isbeddel ku sameyso qaabeynta adiga oo aqbala jawaabta caadiga ah ee su'aasha "Nidaamka waa la beddeli doonaa - sii wad?"
Si aad u bilowdo rakibidda, waa in aad ka jawaabto "Haa" su'aashan, ka dib markii ay configurator ku dabaqi doonaa goobaha hore loo galay in muddo ah.
4.6) Dhamaystirka rakibaadda Zimbra
Kahor intaadan dhamaystirin rakibaadda, rakibayuhu wuxuu ku weydiin doonaa inaad rabto inaad u sheegto Zimbra wax ku saabsan rakibaadda. Waad aqbali kartaa degdega ah ama waad diidi kartaa ogeysiiska adiga oo dooranaya "Maya."
Taas ka dib, rakibayuhu wuxuu sii wadi doonaa inuu sameeyo hawlgalladii ugu dambeeyay in muddo ah wuxuuna soo bandhigi doonaa ogeysiin ku saabsan dhammaystirka qaabeynta nidaamka, taasoo kugu kicinaysa inaad riixdo fure kasta si aad uga baxdo rakibaha.

4.3. Ku rakibida Zextras Suite
Macluumaad dheeraad ah oo ku saabsan rakibidda Zextras Suite, eeg: .
Qabashada falalka:
1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.2 (waxaad ku arki kartaa adigoo isticmaalaya amarka ls halka ku jira ~/zimbra directory).
Tusaalahayaga waxay noqon doontaa:
cd ~/zimbra/zextras_suite
2) Ku socodsii rakibaadda Zextras Suite amarka
sudo ./install.sh all
3) Ka jawaabista su'aalaha rakibaha
Rakibiyaha wuxuu u shaqeeyaa si la mid ah rakibaha Zimbra, marka laga reebo wax isku dubariyaal ah. Waxaad uga jawaabi kartaa su'aalaha rakibaha "y" (oo u dhiganta "haa"), "n" (oo u dhiganta "maya"), ama u dhaafi kartaa soo-jeedinta rakibaha sida ay tahay (waxay ku siinaysaa ikhtiyaaro ku jira xargaha labajibbaaran, sida "[Y]" ama "[N]").
Si aad u bilowdo habka rakibidda, waa inaad "haa" kaga jawaabto su'aalaha soo socda si isku xigta:
Ma ku raacsan tahay shuruudaha heshiiska shatiga software?
Ma jeceshahay in Zextras Suite uu si toos ah u soo dejiyo, u rakibo oo u cusboonaysiiyo maktabadda ZAL?
Markaas ka dib ogeysiis ayaa soo bixi doona oo ku weydiin doona inaad riixdo Geli si aad u sii waddo:

Ka dib markaad riixdo Gelida, habka rakibida ayaa bilaabmi doona, mararka qaarkood waxaa hakad gala su'aalo, kuwaas oo, si kastaba ha ahaatee, waxaan kaga jawaabeynaa annagoo ogolaanayna soo jeedinta caadiga ah ("haa"), kuwaas oo:
Zextras Suite Core hadda waa la rakibi doonaa. Sii wad?
Ma jeceshahay inaad joojiso Codsiga Shabakadda Zimbra (sanduuqa boostada)?
Zextras Suite Zimlet hadda waa la rakibi doonaa. Sii wad?
Kahor intaan rakibidda kama dambaysta ahi bilaabmin, ogeysiis ayaa soo bixi doona oo ku saabsan habaynta shaandhada DOS oo kugu dhiirigelinaysa inaad riixdo Geli si aad u sii waddo. Kadib markaad riixdo Gelida, rakibaadda kama dambaysta ah waxay bilaabmaysaa. Ogeysiinta kama dambaysta ah ayaa soo bixi doonta dhamaadka, iyo rakibayuhu wuu bixi doonaa.

4.4. Hagaajinta bilowga ah iyo qeexida xuduudaha qaabeynta LDAP
1) Dhammaan tallaabooyinka xiga waxaa loo fuliyaa isticmaale zimbra ahaan. Si tan loo sameeyo, socodsii amarka
sudo su - zimbra
2) Beddel dejinta shaandhada DOS amarka
zmprov mcf zimbraHttpDosFilterMaxRequestsPerSec 150
3) Si aad u rakibto Zextras Docs, waxaad u baahan doontaa macluumaad ku saabsan qaar ka mid ah xuduudaha qaabeynta Zimbra. Si tan loo sameeyo, waxaad socodsiin kartaa amarka soo socda:
zmlocalconfig βs | grep ldap
Tusaalahayaga, macluumaadka soo socda ayaa la soo bandhigi doonaa:

Si aad u isticmaasho dheeraad ah waxaad u baahan doontaa ldap_url, zimbra_ldap_password (iyo zimbra_ldap_userdn, in kasta oo rakibaha Zextras Docs uu caadiyan sameeyo qiyaaso sax ah oo ku saabsan magaca isticmaalaha LDAP).
4) Ka bax adigoo isticmaalaya zimbra adiga oo maamulaya amarka
ka bax
5. Diyaarinta server-ka Docs si loo rakibo
5.1. U soo raritaanka furaha SSH ee gaarka ah seerfarka Zimbra iyo gelitaanka serfarka Docs-ka
Waxaad u baahan tahay inaad dhigto furaha gaarka ah ee lamaanaha furaha SSH seerfarka Zimbra. Furaha dadweynaha waxaa loo adeegsaday tallaabada 2.2.2 ee faqradda 2.2 markii la abuurayay mashiinka farsamada gacanta ee Docs. Waxaad ku dhejin kartaa server-ka adigoo isticmaalaya SSH (tusaale, sftp) ama waxaad ku dhejin kartaa sanduuqa (haddii awoodda macmiilka SSH iyo jawiga runtime ay u oggolaadaan).
Waxaan u qaadaneynaa in furaha gaarka ah la geliyo faylka ~/.ssh/docs.key iyo isticmaaluhu uu u galo server-ka Zimbra waa milkiilaha (haddii soo dejinta/abuurista faylkan lagu sameeyay isticmaalehan, wuxuu si toos ah u noqday milkiilaha).
Waxaad u baahan tahay inaad socodsiiso amarka hal mar:
chmod 600 ~/.ssh/docs.key
Mustaqbalka, si aad u gasho server-ka Docs, waa inaad fulisaa tallaabooyinka taxanaha ah:
1) Soo gal server-ka Zimbra
2) Fulinta amarka
ssh -i ~/.ssh/docs.key user@<Π²Π½ΡΡΡΠ΅Π½Π½ΠΈΠΉ ip-Π°Π΄ΡΠ΅Ρ ΡΠ΅ΡΠ²Π΅ΡΠ° Docs>
Halka qiimaha <ciwaanka IP-ga gudaha ee server-ka Docs> laga heli karo "Yandex.Cloud Console", tusaale ahaan, sida ku cad cutubka 2.3.
5.2. Ku rakibida wararka
Ka dib markaad gasho server-ka Docs, socodsii amarrada la midka ah kan server-ka Zimbra:
sudo apt update
sudo apt upgrade
(Markaad wado amarka ugu dambeeya, ka jawaab "y" su'aasha ah inaad hubto inaad rabto inaad rakibto liiska la soo jeediyay ee cusbooneysiinta)
Kadib rakibidda cusbooneysiinta, waxaad awoodi kartaa (laakiin looma baahna) inaad socodsiiso amarka:
sudo apt autoremove
Oo dhamaadka tallaabada, fulinta amarka
sudo shutdown βr now
5.3. Rakibaadda dheeraadka ah ee codsiyada
Waxaad u baahan tahay inaad ku rakibto macmiilka NTP si aad ula xidhiidho wakhtiga nidaamka iyo codsiga shaashadda, oo la mid ah isla falkii server-ka Zimbra, adoo isticmaalaya amarka soo socda:
sudo apt install ntp screen
(Markaad wado amarka ugu dambeeya, ka jawaab "y" su'aasha ah inaad hubto rakibidda liiska xirmooyinka la bixiyay)
Waxa kale oo aad ku rakibi kartaa yutiilitida dheeraadka ah ee ku haboon maamulka. Tusaale ahaan, Taliyaha Midnight waxa lagu rakibi karaa iyadoo la isticmaalayo amarka:
sudo apt install mc
5.4. Beddelka qaabeynta nidaamka
5.4.1. Faylka /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg, sida server-ka Zimbra, beddel qiimaha maareeyaha_etc_hosts cabbirka run iyo been.
Fiiro gaar ah: Si aad u tafatirto faylkan, waa inaad ku socodsiisaa tifaftiraha xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfg"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/cloud/cloud.cfg.d/95-yandex-cloud.cfgΒ»
5.4.2. Tafatir /etc/hosts si loogu daro server-ka Zimbra FQDN ee dadweynaha, laakiin leh ciwaanka IP gudaha ee Yandex.Cloud u qoondeeyay. Haddii aad leedahay maamule uu maamulo DNS server-ka gudaha oo ay adeegsadaan mashiinnada farsamada (tusaale ahaan, jawi wax soo saar) oo waxay xallin kartaa adeegga dadweynaha ee Zimbra FQDN ee cinwaanka IP-ga gudaha marka laga helo codsiga shabakadda gudaha (codsiyada internetka, FQDN server-ka Zimbra waa inuu ku xalliyaa ciwaanka IP-ga ee dadweynaha, iyo server-ka TURN waa in uu had iyo jeer xalliyo ciwaanka IP-ga dadweynaha ee aan loo baahnayn), marka lagu daro.
Tusaale ahaan, xaaladdeenna faylka martida loo yahay wuxuu u ekaa sidan:

Tafatirka kadib waxay u ekayd sidan:

Fiiro gaar ah: Si aad u tafatirto faylkan, waa inaad ku socodsiisaa tifaftiraha xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/hosts"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/hostsΒ»
6. Ku rakibida Docsyada Zextras
6.1. Soo gal server-ka Docs
Habka gelitaanka server-ka Docs-ka waxaa lagu qeexay qaybta 5.1.
6.2. Soo dejinta Zextras Docs qaybinta
Qabashada falalka:
1) Bogga laga soo dejiyay qaybinta Zextras Suite ee qaybta 4.1.2. Soo dejinta qaybinta Zextras Suite (tallaabada 3), koobi URL-ka si aad u ururiso Dukumentiyada Ubuntu 18.04 LTS (haddii aan hore loo koobiyeynin).
2) Soo deji qaybinta Zextras Suite seerfarka Zimbra oo fur. Si tan loo sameeyo, ku socodsii amarada soo socda fadhiga SSH ee server-ka Zimbra:
cd ~
mkdir zimbra
cd zimbra
wget <URL ΡΠΎ ΡΡΡΠ°Π½ΠΈΡΡ ΡΠΊΠ°ΡΠΈΠ²Π°Π½ΠΈΡ>
(xaaladkeena, amarka "wget" waa la fuliyay Β»)
tar βzxf <ΠΈΠΌΡ ΡΠΊΠ°ΡΠ°Π½Π½ΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°>
(xaaladdeenna, amarka "tar -zxf zeextras-docs-" waa la fuliyaaubuntu18.tgzΒ»)
6.3. Ku rakibida Docsyada Zextras
Wixii macluumaad dheeraad ah ee ku saabsan rakibidda iyo habaynta Zextras Docs, arag: .
Qabashada falalka:
1) Tag tusaha meesha faylalka laga furay tallaabada 4.1.1 (waxaad ku arki kartaa adigoo isticmaalaya amarka ls halka ku jira ~/zimbra directory).
Tusaalahayaga waxay noqon doontaa:
cd ~/zimbra/zextras-docs-installer
2) Ku socodsii rakibaadda Zextras Docs amarka
sudo ./install.sh
3) Ka jawaabista su'aalaha rakibaha
Waxaad kaga jawaabi kartaa su'aalaha rakibaha "y" (oo u dhiganta "haa"), "n" (oo u dhiganta "maya"), ama ka tag talooyinka rakibaha oo aan isbeddelin (waxay ku siinaysaa xulashooyin adigoo ku soo bandhigaya xargaha labajibbaaran, tusaale ahaan, "[Y]" ama "[N]").
Nidaamka waa la beddeli doonaa, ma jeclaan lahayd inaad sii waddo? - Waxaan aqbalnaa ikhtiyaarka caadiga ah ("haa").
Taas ka dib, rakibidda ku-tiirsanaanta ayaa bilaaban doonta: rakibayuhu wuxuu soo bandhigi doonaa baakadaha uu rabo inuu rakibo oo weydiiyo xaqiijin. Xaaladaha oo dhan, aqbal talooyinka caadiga ah.
Tusaale ahaan, wuxuu ku weydiin karaa, "Python2.7 lama helin. Ma jeclaan lahayd inaad ku rakibto?","Python-ldap lama helin. Ma jeclaan lahayd inaad ku rakibto?" iwm.
Ka dib marka la rakibo dhammaan xirmooyinka lagama maarmaanka ah, rakibayuhu wuxuu codsanayaa ogolaanshaha si loo rakibo Docs Zextras:
Ma jeclaan lahayd inaad ku rakibto Zextras DOCS? - Waxaan aqbalnaa ikhtiyaarka caadiga ah ("haa").
Taas ka dib, waxay qaadanaysaa wakhti in lagu rakibo baakadaha, dhab ahaantii Zextras Docs, oo u gudub su'aalaha qaabeeyaha.
4) Ka jawaabista su'aalaha isku xidhaha
Isku-habeeyuhu wuxuu codsadaa cabirrada qaabeynta markeeda, iyo jawaabta, qiyamka lagu helay tallaabada 3 ee qaybta 4.4. Hagaajinta bilowga ah ee habaynta iyo qeexida cabirrada qaabeynta LDAP waa la geliyey.
Tusaalahayaga, dejintu waxay u egtahay sidan:

5) Dhameystirka rakibidda Docsyada Zextras
Ka dib marka uu ka jawaabo su'aalaha isku xidhaha, rakibayuhu waxa uu dhamaystirayaa qaabaynta Docs-ka deegaanka oo waxa uu diiwaan galinayaa adeega lagu rakibay serfarka aasaasiga ah ee Zimbra oo hore loo rakibay.
Ku rakibida hal-server, tani badanaa waa ku filan tahay, laakiin xaaladaha qaarkood (haddii dukumiintiyadu aysan ka furmi doonin Dukumentiyada ku jira macmiilka shabakadda ee tab Drive), waxaa laga yaabaa inay lagama maarmaan noqoto in la sameeyo ficil waajib ku ah rakibaadda server-ka badan - tusaale ahaan, server-ka weyn ee Zimbra, waxaad u baahan doontaa inaad fuliso amarrada hoos yimaada isticmaalaha Zimbra. /opt/zimbra/libexec/zmproxyconfgen ΠΈ zmproxyctl dib u bilow.
7. Qaabaynta hore ee Zimbra iyo Zextras Suite (marka laga reebo kooxda)
7.1. Gelitaanka ugu horeeya ee konsole maamulka
Gal biraawsarkaaga addoo isticmaalaya URL: https:// :7071
Haddii aad rabto, waxaad gali kartaa macmiilka shabakada adoo isticmaalaya URL: https://
Marka la soo galo, daalacayaashu waxay soo bandhigaan digniin ku saabsan xiriir aan ammaan ahayn sababtoo ah awood la'aanta si loo xaqiijiyo shahaadada. Waa inaad ogolaato inaad u sii gudubto goobta inkastoo digniintan. Tani waa sababta oo ah, ka dib markii la rakibo, shahaadada X.509 ee iskiis u saxiixday ayaa loo isticmaalaa isku xirka TLS, taas oo hadhow (oo waa in lagu beddelo isticmaalka waxtarka leh) lagu beddelo shahaado ganacsi ama shahaado kale oo ay aqoonsan yihiin daalacashadaada.
Foomka xaqiijinta, ku geli magaca isticmaalaha qaabka admin@<imaylkaga aad taageerto> iyo erayga sirta ah ee maamulaha Zimbra ee la cayimay inta lagu guda jiro rakibaadda serverka Zimbra ee talaabada 4.3 ee faqradda 4.2.
Tusaalahayaga waxay u egtahay sidan:
Console maamulaha:

Macmiilka shabakadda:

Xusuusin 1. Haddii aadan cayimin iimaylka la taageerayo marka aad gelayso konsole maamulaha ama macmiilka shabakadda, isticmaalayaashu waxay xaqiijin doonaan iyagoo isticmaalaya bogga iimaylka la sameeyay intii lagu jiray rakibidda serverka Zimbra. Ka dib markii la rakibo, kani waa iimaylka kaliya ee la taageeray ee server-ka, laakiin emails dheeraad ah ayaa lagu dari karaa inta lagu jiro nidaamka hawlgalka, taas oo kiiska si cad u qeexaya domainka magaca isticmaalaha ayaa noqon doona mid muhiim ah.
Xusuusin 2. Markaad gasho macmiilka shabakada, biraawsarkaaga waxa laga yaabaa inuu ku weydiiyo ogolaansho si uu u muujiyo ogeysiisyada degelka. Waa in aad ogolaato in aad ogaysiisyada ka hesho mareegtan
Xusuusin 3. Ka dib markaad gasho console-ka maamulaha, waxa laga yaabaa in lagugu ogeysiiyo fariimaha maamulaha Farriimahani waxay caadi ahaan u adeegaan xasuusin ahaan si loo habeeyo kaabta Zextras iyo/ama si loo iibsado shatiga Zextras ka hor intaan shatiga tijaabada ahi dhicin. Ficiladan waa la samayn karaa hadhow, markaa waxaad iska indhatiri kartaa farriimaha hadda firfircoon iyo/ama ku calaamadi sida loo akhriyay liiska Zextras: Ogeysiiska Zextras.

Xusuusin 4. Waxaa si gaar ah muhiim u ah in la ogaado in kormeeraha heerka server-ka, heerka adeegga Docs loo soo bandhigay sida "aan la heli karin" inkasta oo dukumeentiyada macmiilka shabakadu ay si sax ah u shaqeynayaan:

Tani waa sifada nooca tijaabada ah waxaana lagu hagaajin karaa oo kaliya iibsashada shatiga iyo la xiriirida taageerada.
7.2. Gelinaya qaybaha Zextras Suite
Gudaha Zextras: Menu Core, waxaad u baahan tahay inaad gujiso badhanka "Expand" dhammaan zimlets ee aad doonayso inaad isticmaasho.

Marka la dirayo zimlets, sanduuqa wada-hadalka ayaa u muuqda natiijada hawlgalka sida soo socota:

Tusaalahayaga, dhammaan Zextras Suite zimlets waa la geeyay, ka dib Zextras: Foomka Core wuxuu u ekaan doonaa sidan:

7.3. Beddelida dejinta gelitaanka
7.3.1. Beddelida goobaha caalamiga ah
Gudaha Dejinta: Menu Settings Global, Menu-hoosaadka Server Proxy, beddel cabbirrada soo socda:
Qaabka wakiilnimada shabakada: redirect
Awood u yeel maamulaha Console wakiilka: calaamadee sanduuqa.
Kadib, qaybta midig ee sare ee foomka, guji "Save".
Tusaalahayaga, isbeddellada ka dib, foomku wuxuu u eg yahay sidan:

7.3.2. Beddelidda habaynta server-ka Zimbra ee ugu weyn
Gudaha Settings: Servers: <name of the primary Zimbra server> menu, Proxy server submenu, bedesho xuduudaha soo socda:
Qaabka wakiilnimada shabakada: Guji badhanka "Reset to default" (qiimaha laftiisu isma beddeli doono, sidii hore loo dejiyay inta lagu jiro rakibidda). U yeel server-ka wakiila ee ku jira console-ka maamulka: Hubi in sanduuqa hubinta la doortay (qiimaha caadiga ah waa in lagu dabaqo; haddii kale, waxaad riixi kartaa badhanka "Reset to default" iyo/ama u dejiso gacanta). Kadib, dhagsii "Save" ee ku yaala geeska kore ee midig ee foomka.
Tusaalahayaga, isbeddellada ka dib, foomku wuxuu u eg yahay sidan:

Fiiro gaar ah: (Dib u bilaabmi waa loo baahan karaa haddi gelida dekedani shaqayn waydo)
7.4. Gel cusub oo soo gal maamulka konsole
Soo gal konsolka maamulka ee browserkaaga addoo isticmaalaya URL: https:// :9071
Mustaqbalka, isticmaal URL-kan si aad u gasho.
Fiiro gaar ah: Ku rakibida hal-server, isbeddelka lagu sameeyay tallaabadii hore ayaa badanaa ku filan, laakiin xaaladaha qaarkood (haddii bogga server-ka aan la soo bandhigin markaad gelayso URL-ka la cayimay), waxaa laga yaabaa inaad u baahato inaad sameyso ficil waajib ku ah rakibidda server-ka badan - tusaale ahaan, server-ka weyn ee Zimbra, waxaad u baahan doontaa inaad fuliso amarada sida isticmaalaha Zimbra /opt/zimbra/libexec/zmproxyconfgen ΠΈ zmproxyctl dib u bilow.
7.5. Tafatirka habka caadiga ah ee COS
In the Setup: Class of Service menu, dooro COS magaca "default".
Menu-hoosaadka "Features", ka saar shaqada "Portfolio", dabadeed dhagsii "Keydi" qaybta sare ee midig ee foomka.
Tusaalahayaga, qaabeynta ka dib, foomku wuxuu u eg yahay sidan:

Waxa kale oo lagu talinayaa in aad calaamadiso sanduuqa "Enable file and folder sharing" ee ku jira liiska Drive-ka, ka dibna riix "Save" ee qaybta midig ee sare ee foomka.
Tusaalahayaga, qaabeynta ka dib, foomku wuxuu u eg yahay sidan:

Deegaanka tijaabada, waxaad awood u siin kartaa astaamaha Kooxda Pro ee isla fasalka adeegga adiga oo calaamadeynaya sanduuqa calaamadaynta magaca isku midka ah ee ku jira liiska kooxda. Foomka dejinta ayaa markaa u ekaan doona sidan:

Iyada oo astaamaha Kooxda Pro ay naafo yihiin, isticmaalayaashu waxay heli doonaan oo keliya astaamaha aasaasiga ah ee Kooxda.
Fadlan la soco in kooxda Zextras Pro ay si madaxbanaan u siisay shati ka madaxbanaan Zextras Suite, taasoo u ogolaanaysa in lagu iibsado tiro ka yar sanduuqyada boostada marka loo eego Zextras Suite lafteeda. Astaamaha aasaasiga ah ee kooxda ayaa lagu daray shatiga Zextras Suite. Sidaa darteed, marka lagu isticmaalo jawi wax soo saar, waxaa laga yaabaa inay lagama maarmaan noqoto in la abuuro adeeg gaar ah oo loogu talagalay isticmaalayaasha Kooxda Pro, kaas oo ku jiri doona sifooyinka khuseeya.
7.6. Dejinta Firewall
Loo baahan yahay server-ka ugu weyn ee Zimbra:
a) Oggolow in laga soo galo internetka ssh, http/https, imap/imaps, pop3/pop3s, smtp (dekedda weyn iyo dekedo dheeraad ah oo loo isticmaalo macaamiisha iimaylka) iyo maamulka dekedaha consoles'ka.
b) Oggolow dhammaan isku xidhka shabakada gudaha (kaas oo NAT iyo intarneedka loo sahlay tallaabada 1.3 ee shayga 1).
Looma baahna in la habeeyo dab-damiska server-ka Zextras Docs, maadaama aan laga heli karin internetka.
Si tan loo sameeyo, waxaad u baahan tahay inaad sameyso tallaabooyinkan taxanaha ah:
1) Soo gal console-ka qoraalka ee seerfarka weyn ee Zimbra. Markaad ka soo gasho SSH, socodsii amarka "shaashadda" si aad uga hortagto joojinta fulinta amarka haddii isku xirka server-ka uu si ku-meel-gaar ah u lumo isbeddelada goobaha dab-damiska.
2) Orod amarrada
sudo ufw allow 22,25,80,110,143,443,465,587,993,995,9071/tcp
sudo ufw allow from <Π°Π΄ΡΠ΅Ρ_Π²Π°ΡΠ΅ΠΉ_ΡΠ΅ΡΠΈ>/<Π΄Π»ΠΈΠ½Π° CIDR ΠΌΠ°ΡΠΊΠΈ>
sudo ufw enable
Tusaalahayaga waxay u egtahay sidan:

7.7. Hubinta gelitaanka macmiilka shabakadda iyo console-ka maamulka
Si aad u hubiso shaqada dab-darka, waxaad gali kartaa URL-kan soo socda biraawsarkaaga.
Console maamulka: https:// :9071
Macmiilka shabakadda: http:// (si toos ah u jiheynta https:// ayaa dhici doonta) )
Isla mar ahaantaana, adoo isticmaalaya URL kale https:// :7071 Konsole maamuluhu waa inaanu furmin.
Macmiilka shabakadda ee tusaalaheennu wuxuu u eg yahay sidan:

Fiiro gaar ah: Marka aad gasho macmiilka shabakada, browserkaagu waxa laga yaabaa inuu ku weydiiyo ogolaansho si uu u muujiyo ogeysiisyada shabakada. Waa in aad ogolaato in aad ogaysiisyada ka hesho mareegtan
8. Bixinta shirarka maqalka iyo muuqaalka ee Kooxda Zextras
8.1. Macluumaad guud
Tallaabooyinka soo socda looma baahna haddii dhammaan macaamiisha kooxda Zextras ay la xiriiraan midba midka kale iyada oo aan la isticmaalin NAT (inta la isdhexgalka server-ka Zimbra laftiisa waxaa lagu fulin karaa NAT, ie, maqnaanshaha NAT ee u dhexeeya macaamiisha waa muhiim), ama haddii kaliya loo isticmaalo fariin qoraal ah.
Si loo hubiyo isdhexgalka macmiilka iyada oo loo marayo shir maqal iyo muuqaal ah:
a) Waa inaad rakibtaa ama isticmaashaa server-ka TURN ee jira.
b) Maadaama server-ka TURN sida caadiga ah uu sidoo kale leeyahay shaqeynta server-ka STUN, waxaa lagu talinayaa in loo isticmaalo ujeedadaas sidoo kale (serverrada STUN ee dadweynaha waxaa loo isticmaali karaa beddelka, laakiin shaqeynta STUN oo keliya badanaa kuma filna).
Deegaanka wax soo saarka, sababtoo ah culeyska sarreeya ee suurtogalka ah, waxaa lagula talinayaa in lagu dhejiyo server-ka TURN mashiin gaar ah. Tijaabinta iyo/ama culeyska fudud, server-ka TURN waxa lala meel dhigi karaa serferka weyn ee Zimbra.
Tusaalahayagu wuxuu daboolayaa ku rakibida server-ka TURN serverka weyn ee Zimbra. Ku rakibida TURN server gaar ah waxay la mid tahay, iyadoo ay ku kala duwan yihiin in tillaabooyinka la xidhiidha rakibidda iyo habaynta software-ka TURN ay ku shaqeeyaan server-ka TURN, halka tillaabooyinka habaynta server-ka Zimbra si uu u isticmaalo server-kan lagu sameeyo server-ka weyn ee Zimbra.
8.2. Ku rakibida server-ka TURN
Marka hore, gal SSH si aad u gasho server-ka ugu weyn ee Zimbra oo socodsii amarka
sudo apt install resiprocate-turn-server
8.3. Dejinta server-ka TURN
Fiiro gaar ah: Si aad u saxdo dhammaan faylasha qaabeynta soo socda, waa inaad ku socodsiisaa tifaftiraha xuquuqaha isticmaalaha xididka, tusaale ahaan, "sudo vi /etc/reTurn/reTurnServer.config"ama, haddii xirmada mc la rakibo, waxaad isticmaali kartaa amarka"sudo mcedit /etc/reTurn/reTurnServer.configΒ»
Abuuritaanka isticmaale ee la fududeeyay
Si loo fududeeyo abuurista iyo ciribtirka isku xirka tijaabada ee server-ka TURN, waxaanu joojin doonaa isticmaalka ereyada sirta ah ee la xaday ee kaydka isticmaalaha serverka TURN. Deegaanka wax soo saarka, waxaa lagu talinayaa in la isticmaalo furaha sirta ah ee la xaday; Xaaladdan oo kale, hashes erayga sirta ah waa in la sameeyaa iyadoo la raacayo tilmaamaha ku jira faylka /etc/reTurn/reTurnServer.config iyo /etc/reTurn/users.txt.
Qabashada falalka:
1) Tafatir faylka /etc/reTurn/reTurnServer.config
Ka beddel qiimaha "UserDatabaseHashedPasswords" halbeegga "runta" una beddel "been".
2) Tafatir faylka /etc/reTurn/users.txt
Sheeg magaca isticmaalaha, erayga sirta ah, boqortooyada (macnaha la'aan, aan la isticmaalin marka la samaynayo isku xirka Zimbra) oo dhig heerka akoontada "Awood la Oggolaaday".
Tusaalahayaga, feylku markii hore wuxuu u ekaa sidan:

Tafatirka kadib waxay u ekayd sidan:

3) Codsiga qaabeynta
Fulinta amarka
sudo systemctl restart resiprocate-turn-server
8.4. U habaynta dab-damiska server-ka TURN
Marxaladdan, xeerar dheeraad ah oo dab-damis ah ayaa la aasaasay si loo hubiyo in server-ka TURN uu si habboon u shaqeeyo. Gelitaanka waa in loo oggolaadaa dekedda koowaad ee adeeguhu ku aqbalo codsiyada, iyo sidoo kale baaxadda firfircoon ee dekedaha uu adeegsaduhu u isticmaalo si uu u abaabulo qulqulka warbaahinta.
Dekadaha waxaa lagu qeexay faylka /etc/reTurn/reTurnServer.config, xaaladdeenna kuwan waa:

ΠΈ

Si aad u dejiso xeerarka firewall, waxaad u baahan tahay inaad socodsiiso amarada soo socda
sudo ufw allow 3478,49152:65535/udp
sudo ufw allow 3478,49152:65535/tcp
8.5. Habaynta Zimbra si loo Isticmaalo Server-ka rog
Qaabeynta, FQDN ee server-ka TURN ee lagu abuuray tallaabada 1.2 ee cutubka 1 ayaa la isticmaalaa, waana in lagu xalliyaa server-yada DNS isla cinwaanka IP-ga ee dadweynaha labadaba codsiyada internetka iyo codsiyada cinwaannada gudaha.
Arag goobaha isku xidhka ee hadda "zxsuite team iceServer get" ee lagu fuliyay zimbra isticmaale.
Macluumaad dheeraad ah oo ku saabsan dejinta server-ka TURN, arag qaybta "Dabbajinta Kooxda Zextras si ay u isticmaalaan server-ka TURN" gudaha .
Si tan loo habeeyo, waxaad u baahan tahay inaad ku socodsiiso amarada soo socda server-ka Zimbra:
sudo su - zimbra
zxsuite team iceServer add stun:<FQDN Π²Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ° TURN>:3478?transport=udp
zxsuite team iceServer add turn:<FQDN Π²Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ° TURN>:3478?transport=udp credential <ΠΏΠ°ΡΠΎΠ»Ρ> username <ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>
zxsuite team iceServer add stun:<FQDN Π²Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ° TURN>:3478?transport=tcp
zxsuite team iceServer add turn:<FQDN Π²Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ° TURN>:3478?transport=tcp credential <ΠΏΠ°ΡΠΎΠ»Ρ> username <ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>
zxsuite team iceServer add stun:<FQDN Π²Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ° TURN>:3478
logout
Qiimaha magaca isticmaalaha iyo erayga sirta ah ee lagu qeexay talaabada 2 ee faqradda 8.3 waxa loo istcimaalayaa sida <username> iyo <password>, siday u kala horreeyaan.
Tusaalahayaga waxay u egtahay sidan:

9. Oggolaanshaha boostada inay soo marto borotokoolka SMTP
Iyadoo la raacayo Yandex.Cloud had iyo jeer waxay xannibtaa taraafikada ka baxa dekedda TCP 25 ee internetka iyo Yandex Compute Cloud mashiinnada farsamada marka laga galo ciwaanka IP-ga ee dadweynaha. Tani kama hor istaagi doonto inaad tijaabiso soo dhawaynta boostada laga soo diray server-ka kale ee boostada laguu diro bartaada boostada ee ay taageerto, laakiin waxay kaa ilaalin doontaa inaad dirto boostada meel ka baxsan serfarka Zimbra.
Dukumeentigu wuxuu sheegayaa in Yandex.Cloud uu furi karo dekedda TCP 25 marka la codsado taageero, haddii aad u hoggaansanto , waxayna xaq u leedahay inay mar kale xannibto dekedda haddii xeerarka lagu xadgudbo. Si loo furo dekedda, fadlan la xidhiidh taageerada Yandex.Cloud.
Codsiga
Abuuritaanka furayaasha SSH ee openssh iyo putty iyo ka beddelashada furayaasha putty una beddelo qaabka openssh
1. Soo saarida lamaanaha muhiimka ah ee SSH
Π Windows Isticmaalka Putty: Orod amarka puttygen.exe oo guji badhanka "Abuur".
Π Linux: fulinta amarka
ssh-keygen
2. U beddelashada furayaasha PuTTY una beddelo qaabka OpenSSH
Π Windows:
Qabashada falalka:
- Ku socodsii barnaamijka puttygen.exe.
- Ku shub furaha gaarka ah qaab pk adiga oo isticmaalaya shayga menu File β Soo qaado furaha gaarka ah.
- Geli koodka (password) haddii loo baahdo furahan.
- Qaabka furaha dadweynaha ee OpenSSH waxa lagu soo bandhigay puttygen oo ay ku qoran tahay "Furaha dadweynaha ee ku dhejinta furaha furayaasha furaha furan ee OpenSSH"
- Si aad furaha gaarka ah ugu dhoofiso qaabka OpenSSH, dooro Beddelka β Ka Dhoofinta Furaha SSH ee liiska weyn.
- Ku keydi furaha gaarka ah fayl cusub
Π Linux
1. Ku rakib xirmada qalabka Putty:
Π² Ubuntu:
sudo apt-get install putty-tools
Π² Debian-qaybin la mid ah:
apt-get install putty-tools
qaybinta ku salaysan RPM oo ku salaysan yum (CentOS iyo kuwa kale):
yum install putty
2. Si aad u bedesho furaha gaarka ah, socodsii amarka:
puttygen <key.ppk> -O private-openssh -o <key_openssh>
3. Si loo abuuro fure dadweyne (haddii loo baahdo):
puttygen <key.ppk> -O public-openssh -o <key_openssh.pub>
natiijada
Ka dib markii la rakibo si waafaqsan talooyinka, isticmaaluhu wuxuu helayaa server-ka Zimbra oo lagu habeeyay kaabayaasha Yandex.Cloud oo leh kordhinta Zextras ee isgaarsiinta shirkadaha iyo iskaashiga dukumentiga. Dejinta waxaa lagu habeeyey xaddidaadyo gaar ah oo loogu talagalay jawi tijaabo ah, laakiin way fududahay in la beddelo rakibaadda qaabka wax soo saarka oo lagu daro ikhtiyaarrada isticmaalka kaydinta shayga Yandex.Cloud iyo sifooyin kale. Su'aalaha ku saabsan keenista iyo isticmaalka xalka, fadlan la xiriir lamaanaha Zextras. ama wakiilo .
Dhammaan su'aalaha la xiriira Zextras Suite, waxaad kala xiriiri kartaa wakiilka Zextras Ekaterina Triandafilidi iimaylka katerina@zextras.com
Source: www.habr.com
