Procedures (Zimbra): Difference between revisions

From vwiki
Jump to navigation Jump to search
(Initial creation - content from Zimbra page)
 
m (→‎Backup: Bit of a tidy up)
Line 1: Line 1:
== Backup ==
== Backup ==
=== Basic Manual Mackup ===
=== Basic Manual Mackup ===
Useful just before you perform an upgrade or some other potentially disastrous change (be aware that if your server is still accessible to users or can receive incoming email from the internet, any interim changes will be lost if you roll back)
# SU to Zimbra admin
# SU to Zimbra admin
#* <code> su - zimbra </code>
#* <code> su - zimbra </code>
Line 6: Line 7:
#* <code> zmcontrol stop </code>
#* <code> zmcontrol stop </code>
# Exit Zimbra user and create copy of directory
# Exit Zimbra user and create copy of directory
#* EG <code> cp -rp /opt/zimbra /home/simons/zimbra_backup_100301 </code>
#* EG <code> cp -rp /opt/zimbra /home/simons/zimbra_backup_20100301 </code>
# Once completed, go back to zimbra user and start
# Once completed, go back to zimbra user and start
#* <code> su - zimbra </code>
#* <code> su - zimbra </code>
Line 13: Line 14:
=== Full Scripted Backup ===
=== Full Scripted Backup ===
* For more info see - http://www.zimbra.com/forums/administrators/15275-solved-yet-another-backup-script-community-version.html
* For more info see - http://www.zimbra.com/forums/administrators/15275-solved-yet-another-backup-script-community-version.html
* Script is downloadable from - http://www.osoffice.de/downloads/viewcategory-7.html
** Script is downloadable from - http://www.osoffice.de/downloads/viewcategory-7.html
** Or see my modified version at [[Zimbra FOSS Full Backup]]
 
This method performs a full (offline) backup of your whole Zimbra installation, an user data only online backup can also be achieved, see [[Zimbra FOSS User Backup]]


# Check the size of the <code> /opt/zimbra </code> dir, this will be replicated to a sync directory, from which the actual backup is taken, and check available free space
# Check the size of the <code> /opt/zimbra </code> dir, this will be replicated to a sync directory, from which the actual backup is taken, and check available free space

Revision as of 09:50, 4 April 2012

Backup

Basic Manual Mackup

Useful just before you perform an upgrade or some other potentially disastrous change (be aware that if your server is still accessible to users or can receive incoming email from the internet, any interim changes will be lost if you roll back)

  1. SU to Zimbra admin
    • su - zimbra
  2. Stop Zimbra services
    • zmcontrol stop
  3. Exit Zimbra user and create copy of directory
    • EG cp -rp /opt/zimbra /home/simons/zimbra_backup_20100301
  4. Once completed, go back to zimbra user and start
    • su - zimbra
    • zmcontrol start

Full Scripted Backup

This method performs a full (offline) backup of your whole Zimbra installation, an user data only online backup can also be achieved, see Zimbra FOSS User Backup

  1. Check the size of the /opt/zimbra dir, this will be replicated to a sync directory, from which the actual backup is taken, and check available free space
    • du -hs /opt/zimbra
    • df -h
  2. Un-gzip and upload the config file to somewhere convenient
  3. Edit required config params at start of script
  4. Run the script to install (as root), allow creation of required folders and install of required utils
    • ./zmbak_v.0.8.sh --INSTALL
  5. Perform a first full run to check everything works alight and to create the first full backup
    • ./zmbak_v.0.8.sh -f

To restore, see http://www.zimbra.com/forums/administrators/15275-solved-yet-another-backup-script-community-version-24.html

I've modified the above script, to suit my own purposes. I've added an FTP option so that completed backup's are copied off to a remote FTP server (the copy isn't encrypted so should only be used within a private/secure network - Zimbra FOSS Full Backup

Software Updates

Upgrade

Use the same package to upgrade the software as used for a brand new install (there is no separate upgrade package). The important part of any upgrade IS NOT how to get your system upgraded, it IS how you're going to recover if it all goes horribly wrong.

  1. Isolate the server from the internet (so new mails can't received following the pre-upgrade backup)
  2. Stop the mail server running
    • su - zimbra
    • zmcontrol stop
  3. Backup the server 1st
    • If hosted on an ESX, probably most easily achieved by starting a snapshot (remember to delete the snapshot after a few days if no probs are encountered)
    • Also copy off any existing local backup (so that a new full backup can be started following the upgrade)
  4. Copy the install to the server
    • EG pscp zcs-6.0.6_GA_2324.UBUNTU8.20100406144520.tgz simons@mail:zcs-6.0.6_GA_2324.UBUNTU8.20100406144520.tgz
  5. Uncompress the package
    • tar -xzf zcs-6.0.6_GA_2324.UBUNTU8.20100406144520.tgz
  6. Start the upgrade using the install script
    • ./install.sh
  7. The script should detect an existing installation and upgrade it, do not install additional components, but do confirm the upgrade.
  8. Once completed, test thoroughly
  9. Perform a full local backup
  10. Reconnect to network

Patch

Sometimes patch packages are supplied for minor upgrades between specific versions. Take the same backup precautions as for a normal upgrade. The actual application of the patch varies slightly from an upgrade...

  1. Copy the patch package to the server
    • EG pscp zcs-patch-6.0.6_GA_2332.tgz simons@mail:zcs-patch-6.0.6_GA_2332.tgz
  2. Uncompress the package
    • tar -xzf zcs-patch-6.0.6_GA_2332.tgz
  3. Start the patch upgrade using the install script
    • ./installPatch.sh
  4. Restart the software to apply changes
    • su - zimbra
    • zmcontrol stop
    • zmcontrol start

Certificates

Install Commercial Certificate

  1. Create a Certificate Signing Request (CSR) - can be done via the GUI admin console, but doesn't always work properly
    1. Logged into the server as root...
    2. Generate CSR, EG /opt/zimbra/bin/zmcertmgr createcsr comm -new -keysize 2048 -subject "/C=GB/L=London/O=SandfordIT Limited/CN=mail.sandfordit.com"
      • /C - Country
      • /ST - Region / county (optional)
      • /L - City
      • /O - Organisation / company name
      • /OU - Department (optional)
      • /CN - Server FQDN
  2. Display and copy CSR key
    • more /opt/zimbra/ssl/zimbra/commercial/commercial.csr
  3. Upload CSR to certificate authority
  4. Install received keys via GUI and restart server

Migrate Commercial Certificate To New Server

This is essentially an updated version of the old procedure that can be found here - http://wiki.zimbra.com/wiki/Transfer_SSL_certificates_between_servers for ZCS v7.

  1. On your old server make a copy of the SSL folder
    • EG cp -r /opt/zimbra/ssl /home/user/sslbk
  2. Delete any back folders from within your copy so that only a zimbra folder exists
    • EG rm -rf /home/user/sslbk/zimbra.*
  3. Compress the folder into a file
    • EG tar cvzf sslbk.tgz /sslbk/
  4. Copy the file to your new server
    • EG pscp user@oldmail.domain.com:/home/user/sslbk.tgz c:\temp\sslbk.tgz
    • EG pscp c:\temp\sslbk.tgz user@newmail.domain.com:/home/user/
  5. Backup the SSL folder
    • mv /opt/zimbra/ssl/ /opt/zimbra/ssl_old
  6. Uncompress file copied from old server
    • tar -xvf /home/user/sslbk.tgz
  7. Copy the folder into place and rename
    • cp -r sslbk/ /opt/zimbra/ssl
    • mv /opt/zimbra/sslbk/ /opt/zimbra/ssl
  8. Deploy the certificate
    • EG /opt/zimbra/bin/zmcertmgr deploycrt comm /home/user/sslbk/zimbra/commercial/commercial.crt /home/user/sslbk/zimbra/commercial/commercial_ca.crt
  9. Restart Zimbra
    • su - zimbra
    • zmcontrol restart
  10. If services don't start properly, force java to accept your certificate
    • EG /opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /sslbk/zimbra/commercial/commercial.crt

Change Server Hostname

This is based on the article found here - http://wiki.zimbra.com/wiki/ZmSetServerName. I've used this procedure for Zimbra v7 FOSS installations on Ubuntu 8 32-bit and 10 64-bit (LTS).

This procedure requires downtime, and because zimbra services need to be up to complete the change, if you can stop new mail being received by the server (by disabling through a firewall for example) do so. If you have to fall back to your backup, any mail received during the backup will be lost.

  1. Ensure that new DNS records are already set-up and working.
    • EG dig domain.com mx
  2. Create a backup of your entire installation (if running as a VMware VM, take a snapshot as well)
    1. Stop Zimbra (as zimbra user)
      • zmcontrol stop
    2. Create copy (as root)
      • mkdir /backup/opt
      • mkdir /backup/opt/zimbra
      • cp -r /opt/zimbra/ /backup/opt/zimbra/
    3. Start Zimbra (as zimbra user)
      • zmcontrol start
  3. Perform rename to Zimbra installation
    • EG /opt/zimbra/libexec/zmsetservername -n mailsvr.domain.com
  4. Perform rename to operating system
    1. Update the following files
      • /etc/hosts
      • /etc/hostname
    2. Set the hostname (not FQDN)
      • hostname <servername>
  5. Reboot the server
    • shutdown -r now

Once your server is back up, run through the following to check everything is in working order...

  1. zmcontrol status
  2. zmprov gacf | grep oldhostname
  3. zmprov gs `zmhostname` | grep oldhostname
  4. zmlocalconfig | grep oldhostname
  5. Plus I'd tail the /var/log/zombra.log while sending and receiving a few test emails to make sure everything is running sweetly.

Any probs, refer to the Zimbra doc at the start of this for things to investigate.

Install Zimlet

Zimlets only work when accessing via the web client, they are not usable from the full-fat Zimbra client.

  1. Copy the Zimlet to the server
    • EG pscp com_zimbra_tasksreminder.zip simons@mail:com_zimbra_tasksreminder.zip
  2. Move the file to the /opt/zimbra/zimlets directory
  3. Deploy the Zimlet
    • EG zmzimletctl deploy com_zimbra_tasksreminder.zip

Signature Length Increase

The maximum length of an email signature is limited to 10240 by default, to increase...

  1. Update appropriate CoS/user pref...
    1. In server admin console
    2. Either update the
      1. User
        • Addresses > Accounts > <user>
      2. Or CoS
        • Configuration > Class of Service > <CoS>
    3. Go to Preferences > Mail Options > Composing mail
    4. Change Maximum length of mail signature value (eg 20480)
  2. Update Zimbra Desktop
    1. Delete, then re-add the account and allow to resync fully

Message Sizes

To see the current max IMAP request size...

  • zmlocalconfig | grep -i imap_max_request_size

To increase the size, to say 20MB...

  • zmlocalconfig -e imap_max_request_size=20480

Its also worth being aware of the following settings, which are altered through the admin console...

  • In Global Settings | General Information...
    • Maximum size of an uploaded file for Briefcase, Email messages, Calendar appointments and Tasks (KB)
      • zimbraFileUploadMaxSize
  • In Global Settings | MTA...
    • Maximum message size (KB)
      • zimbraMtaMaxMessageSize

And there's also an additional setting, zimbraMailContentMaxSize, which also appears to affect the maximum size of attachments. To see what you're set to currently use...

  • zmprov getConfig zimbraMailContentMaxSize

and so update to say 20 MB, use...

  • zmprov modifyConfig zimbraMailContentMaxSize 20480000