How to setup Zarafa-Server on Debian?
Goal
This howto provide an easy step by step way to setup zarafa-server running on debian with a pcengines apu board.
Inspired by bootly.
Install
Base tools
apt-get install ca-certificates git uptimed telnet unison postfix logwatch mailutils
Zarafa
Install instructions (according to zcp_administrator_manual) to install zarafa on your apu:
cd ~
mkdir src
Download latest zcp-x.x.x.xxx-debian-x.x-x86_64-opensource.tar.gz from:
wget https://download.zarafa.com/community/final
tar xfz zcp-x.x.x.xxx-debian-x.x-x86_64-opensource.tar.gz
cd cp-x.x.x.xxx-debian-x.x-x86_64-opensource
dpkg -i *.deb
apt-get install -f
apt-get install apache2-mpm-prefork libapache2-mod-php5 php5-xcache
a2enmod headers expires deflate
apt-get install mysql-server
WebApp
cd /tmp
Download WebApp (whole directory with a lot of *.deb files) from here and scp it to apu.
tar xf debian-8.0.tar
cd debian-8.0
dpkg -i *.deb
apt-get -f install -f
service apache2 reload
Plugins
Password
Installation with git clone method did not work. I used instead this way and opened a bug #15 report:
cd /tmp
wget [passwd-1.2.zip](https://github.com/silentsakky/zarafa-webapp-passwd/raw/master/builds/passwd-1.2.zip)
cd /usr/share/zarafa-webapp/plugins
unzip /tmp/passwd-1.2.zip
cd passwd
mv config.php /etc/zarafa/webapp/config-passwd.php
ln -s /etc/zarafa/webapp/config-passwd.php config.php
vi /etc/zarafa/webapp/config-passwd.php
define('PLUGIN_PASSWD_USER_DEFAULT_ENABLE', true);
Z-Push
Install z-push packagefrom repository according to this instructions:
cat /etc/apt/sources.list.d/z-push.list
deb http://repo.z-hub.io/z-push:/pre-final/Debian_8.0/ /
wget -qO - http://repo.z-hub.io/z-push:/pre-final/Debian_8.0/Release.key | apt-key add -
apt-get install z-push-kopano
cat << EOF >/etc/apache2/sites-available/z-push.conf
Alias /Microsoft-Server-ActiveSync /usr/share/z-push/index.php
<Directory /usr/share/z-push>
php_flag magic_quotes_gpc off
php_flag register_globals off
php_flag magic_quotes_runtime off
php_flag short_open_tag on
</Directory>
EOF
chgrp www-data /var/log/z-push
chmod g+w /var/log/z-push
chgrp www-data /var/lib/z-push
chmod g+w /var/lib/z-push
a2ensite z-push
service apache2 reload
Important note, if you use TLS (SNI) certificates: Common Problems with Hostname Verification
Workaround as example:
cd /etc/apache2/sites-enabled
mv z-push.conf 1_z-push.conf
Configure
Postfix
Configure Postfix as a Satellite System according to this steps.
Zarafa
Configuring a zarafa mysql user according to Configuring the Zarafa Server.
dpkg-reconfigure locales
[*] de_CH.UTF-8 UTF-8
vi /etc/default/zarafa
ZARAFA_USERSCRIPT_LOCALE="de_CH.UTF-8 UTF-8"
Important note: For first time installations, the attachment storage method should be selected before starting the server for the first time as it is not easy to switch the attachment storage method later on.
vi /etc/zarafa/server.cfg
server_bind = 127.0.0.1
attachment_storage = database
# Size in bytes of the 'cell' cache (should be set as high as you can
# afford to set it)
cache_cell_size = 1024M
mysql_user = zarafa
mysql_password = secret
vi /etc/zarafa/gateway.cfg
pop3_enable = no
imap_enable = no
vi /etc/zarafa/dagent.cfg
server_bind = 127.0.0.1
vi /etc/zarafa/presence.cfg
server_bind = 127.0.0.1
Restart all /etc/init-d/zarafa-* services.
zarafa-ical
vi /etc/zarafa/ical.cfg
server_bind =
server_timezone = Europe/Zurich
# wether normal connections can be made to the ical server
ical_enable = no
# wether ssl connections can be made to the ical server
icals_enable = yes
ssl_private_key_file = /etc/letsencrypt/live/doamin.tld/privkey.pem
ssl_certificate_file = /etc/letsencrypt/live/doamin.tld/fullchain.pem
MySQL
mysql
mysql> GRANT ALL PRIVILEGES ON zarafa.* TO 'zarafa'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALTER, CREATE, CREATE ROUTINE, DELETE, DROP, INDEX, INSERT, LOCK TABLES, \
SELECT, UPDATE ON zarafa.* TO 'zarafa'@'localhost' IDENTIFIED BY 'password';
vi /etc/mysql/my.cnf
; around 50% of total RAM size
innodb_buffer_pool_size = 2048M
; 25% of the innodb_buffer_pool_size
innodb_log_file_size = 512M
innodb_log_buffer_size = 32M
innodb_file_per_table
max_allowed_packet = 16M
table_cache = 1000
Apache TLS/SSL
- Apache config according to this instructions.
- Letsencrypt according to this instructions
Enable services at boot time
systemctl enable zarafa-server
systemctl enable zarafa-dagent
systemctl enable zarafa-gateway
systemctl enable zarafa-ical
systemctl enable zarafa-monitor
systemctl enable zarafa-presence
systemctl enable zarafa-search
systemctl enable zarafa-spooler
Z-Push
Synchronize additional folders to all mobiles
With this feature, special folders can be synchronized to all mobiles (german explanation Z-Push Public Folders).
-
This is useful for e.g. global company contacts.
-
all Z-Push users must have full writing permissions (secretary rights) so the configured folders can be synchronized to the mobile.
On Zarafa systems use backend/zarafa/listfolders.php
script to get a list
of available folder (and folderid) for user1:
cd /usr/share/z-push/backend/kopano
zarafa-admin -u admin -a y
./listfolders.php -l user1 -u admin -p secret -h http://127.0.0.1:236/zarafa
Available folders in store 'user1':
--------------------------------------------------
Folder name: Shared Appointments
Folder ID: a0000000000000000000000000000000000000000000
Type: SYNC_FOLDER_TYPE_USER_APPOINTMENT
Edit /usr/share/z-push/config.php
and follow this instructions:
vi /usr/share/z-push/config.php
array(
'store' => "Shared Appointments",
'folderid' => "a0000000000000000000000000000000000000000000",
'name' => "Alice Kalendar",
'type' => SYNC_FOLDER_TYPE_USER_APPOINTMENT,
),
Testing
Usage
Create user
zarafa-admin -c user1 -p xyz1234 -e user@domain.tld -f "first last"
zarafa-admin --create-store user1
Backup / Restore
Iporting ICAL ics files into Zarafa
curl -u 'user:pass' -T calendar.ics https://localhost:8443/ical/user
Appendix
Reinstall, backup and restore mysql
To restore a full database dump including mysql grant tables, use the following steps:
systemctl stop zarafa-server
systemctl stop mysql
rm -rf /var/lib/mysql/*
mysql_install_db
mysqld_safe --skip-grant-tables &
tail /var/log/mysql/*.log
cd /var/backup/mysql
cat mysql-all-databases.sql | mysql ; echo $?
killall mysqld
tail /var/log/mysql/*.log
service mysql start
Check this.
Try to use php5-fpm for performance optimization on apu
Problem: Zarafa’s webapp with 4 overlayed calendars need a lot of cpu power in a short term. In a weekly calendar view, changing between weeks takes up to 4 seconds.
This was a try to use php5-fpm with a threaded apache:
apache2ctl -V |grep -A 2 'MPM:'
Server MPM: worker
threaded: yes
forked: yes (variable process count)
apt-get install php5-fpm
a2enconf php5-cgi
a2enmod fcgid proxy_fcgi
vi /etc/php5/fpm/pool.d/www.conf
;listen = /var/run/php5-fpm.sock
listen = 127.0.0.1:9000'
service php5-fpm restart
vi /etc/apache2/sites-enabled/zarafa-webapp.conf
ProxyPassMatch ^/webapp/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/usr/share/zarafa-webapp/$1
DirectoryIndex /index.php index.php
<Directory /usr/share/zarafa-webapp/>
#DirectoryIndex index.php
service apache2 restart
Summary: Technical possible, but needs too much manual maintenance.