Difference between revisions of "Manual Installation"

From Scalix Wiki
Jump to: navigation, search
(Integrating the Web Applications into Tomcat)
(Required 3rd Party Software)
Line 99: Line 99:
 
The following third party software is required to run a Scalix server:
 
The following third party software is required to run a Scalix server:
  
* '''Sun Java'''<br>Scalix requires a Sun Java JRE or JDK version 1.5.0_04 or higher patch revision. On RPM-based systems, an appropriate RPM is available from [http://java.sun.com/j2se/1.5.0/download.jsp Sun]. Sun currently does not provide .deb packages. Decent instructions on how to generate a .deb package from Sun's download can be found [http://www.us.debian.org/doc/manuals/debian-java-faq/ch11.html#s11.2 here]. It seems that the instructions provided for testing apply to Sarge stable; the control files mentioned were there. Note that if you use a JRE some of the commands will not be needed or look slightly different.
+
==== Sun Java ====
 +
Scalix requires a Sun Java JRE or JDK version 1.5.0_04 or higher patch revision. On RPM-based systems, an appropriate RPM is available from [http://java.sun.com/j2se/1.5.0/download.jsp Sun]. Sun currently does not provide .deb packages. Decent instructions on how to generate a .deb package from Sun's download can be found [http://www.us.debian.org/doc/manuals/debian-java-faq/ch11.html#s11.2 here]. It seems that the instructions provided for testing apply to Sarge stable; the control files mentioned were there. Note that if you use a JRE some of the commands will not be needed or look slightly different.
  
 
:* SUSE Note : You can just install the ''java-1_5_0-sun'' package, if you have the SUSE java package repository enabled in YaST2 or the smart package manager.
 
:* SUSE Note : You can just install the ''java-1_5_0-sun'' package, if you have the SUSE java package repository enabled in YaST2 or the smart package manager.
Line 115: Line 116:
 
  -test with: java -version
 
  -test with: java -version
  
* '''Apache Tomcat'''<br>Scalix 10 requires an Apache Tomcat Application server of version 5.0.28 while Scalix 11 requires an Apache Tomcat Application server of version 5.5.17. This is available from the [http://tomcat.apache.org/download-55.cgi Apache Tomcat project]. For installation, you should just untar this under /opt (as /opt/jakarta-tomcat-5.0.28 or /opt/apache-tomcat-5.5.17). You should then create a symbolic link called /opt/scalix-tomcat. You will then need to make some modifications to the system as detailed below.<br>''Note:'' Scalix plans to provide customized Tomcat packages in both rpm and deb formats in the near future.
+
==== Apache Tomcat ====
 +
Scalix 10 requires an Apache Tomcat Application server of version 5.0.28 while Scalix 11 requires an Apache Tomcat Application server of version 5.5.17. This is available from the [http://tomcat.apache.org/download-55.cgi Apache Tomcat project]. For installation, you should just untar this under /opt (as /opt/jakarta-tomcat-5.0.28 or /opt/apache-tomcat-5.5.17). You should then create a symbolic link called /opt/scalix-tomcat. You will then need to make some modifications to the system as detailed below.<br>''Note:'' Scalix plans to provide customized Tomcat packages in both rpm and deb formats in the near future.
  
 
:* Because we're using Java 1.5, you will need to remove one of the library files that ship with Tomcat 5.0 (but not with 5.5): <pre>rm /opt/scalix-tomcat/common/endorsed/xml-apis.jar</pre>
 
:* Because we're using Java 1.5, you will need to remove one of the library files that ship with Tomcat 5.0 (but not with 5.5): <pre>rm /opt/scalix-tomcat/common/endorsed/xml-apis.jar</pre>
Line 312: Line 314:
 
  exit 0
 
  exit 0
  
* '''Postgres''' (Scalix 11 only)<br>Scalix 11 requires a Postgres database.
+
==== Postgres Database ====
 +
(Scalix 11 only) Scalix 11 requires a Postgres database.
  
 
:* Download the following RPM to your system: [http://www.scalix.com/ceraw/download/scalix11preview/server/scalix-postgres-11.0.0.375-1.noarch.rpm].  
 
:* Download the following RPM to your system: [http://www.scalix.com/ceraw/download/scalix11preview/server/scalix-postgres-11.0.0.375-1.noarch.rpm].  

Revision as of 06:39, 15 September 2006

Contents

Important Note

Please note that these manual installation instructions only apply to Scalix CE Raw, not to any other Scalix edition. Installation of any Scalix edition other than CE Raw is only supported through the Scalix Installer. If you manually install any Scalix edition other than CE Raw, this may invalidate your ability to receive Scalix support for that software. Thank you for your understanding and compliance.

System Prerequisites

Available Hardware Platforms

Scalix Community Edition Raw software is currently available as an i386 build only. It will run on i386 and x86_64 Intel and AMD platforms.

Minimum System Requirements

  • Pentium 4 or better CPU
  • 512 MB RAM
  • 1 GB of free diskspace after OS Installation
  • Network Interface

Linux Distributions

  • Fedora Core 4
  • OpenSuSE Linux 10.0
  • Debian Sarge i386 (stable)
  • Debian SID i386 (unstable)
  • Ubuntu 5.10 Breezy Badger
  • Ubuntu 6.06 Dapper Drake

System Preparation

The following items may be helpful in preparing your system for Scalix Installation:

Network Configuration

  • Make sure you have at least one properly configured network interface.
  • It is best to use a static IP address; running a Scalix server on a machine using DHCP is not recommended.
  • Correct hostname resolution/DNS setup is vital. It is also best to use DNS in a Scalix/mail environment. File-based hostname resolution can be used (/etc/hosts). However, the following should always be true:
    • Your system should have a fully-qualified hostname, i.e. scalixraw.company.com or myraw.home.local
    • The "hostname" command should return the short hostname, while the "hostname --fqdn" command should return the fully-qualified hostname
    • Both the hostname and the fully-qualified hostname should resolve to the system's IP address (not the loopback 127.0.0.1 IP address).
      Note: RedHat and Fedora default installations setup /etc/hosts incorrectly. This must be changed manually after installation.
    • The special name "localhost" should resolve to 127.0.0.1
    • The IP address of the system should reverse-resolve to the fully-qualified hostname (not the short hostname or localhost)

Disk/File System Configuration

  • Scalix Software is installed in /opt. You need 200 MB in this directory
  • Scalix Data is kept in /var/opt/scalix. You need a minimum of 200 MB plus the size of any mailboxes. It is best to make /var/opt/scalix a separate file system
  • It is recommended that you put /var/opt/scalix on an LVM logical volume for online backup (this needs Snapshot functionality) and size management
  • Most Scalix systems are installed using an ext3 file system on Linux; however, most local file systems (XFS, Reiser) should work as well
  • For performance reasons (small, synchronous I/O operations), it is not recommended that you run Scalix off an NFS file system

Disabling Conflicting Services

Scalix comes with its own POP3, IMAP, LDAP and SMTP services. These might conflict with components already installed on the system.

  • To check for processes listening on the POP3 and IMAP ports, use the
    lsof -i :110  or  netstat -anp|grep 110
    and
    lsof -i :143  or  netstat -anp|grep 143 
    commands. If you see any process/service running, shut it down and disable it from starting with system startup
  • To check for processes listening on the standard LDAP port, use the
    lsof -i :389  or  netstat -anp|grep 389
    command. If you see any process/service running, use an alternate port number for Scalix LDAP. Please see below for details.
  • To check for processes listening on the standard SMTP port, use the
    lsof -i :25  or netstat -anp|grep 25
    command. With Sendmail installed (required), it is normal that Sendmail listens on 127.0.0.1:25. However, it should not listen on your external IP address. If you see any process/service listening on the external IP address, reconfigure your MTA. If your current MTA is not Sendmail, retry after removing your current MTA and replacing it with Sendmail.

Software Selection

The following additional packages that come with the OS distribution are usually needed after base installation (all references to Debian package names are from the Sarge stable release; Ubuntu package search was based on the 5.10 Breezy Badger release and verified on 6.06 Dapper Drake).

Note: On Ubuntu, you will have to uncomment the universe repository configuration in /etc/apt/sources.list and run the
apt-get update
command.
  • Apache Webserver 2.x
    • on Debian, SUSE and Ubuntu, this is the apache2 package
      • optionally for mod_jk, this is the libapache2-mod-jk2 package on Debian, SUSE, and Ubuntu
    • on RedHat, this is the httpd package
  • Gnu AWK
    • on Debian, RedHat, SUSE and Ubuntu, this is the gawk package
  • Kerberos (MIT Kerberos 5)
    • on Debian and Ubuntu, these are the krb5-config, krb5-doc, krb5-user, libkadm55 and libkrb53 packages
    • on SUSE, these are the krb5, krb5-apps-clients, krb5-apps-servers, krb5-client, krb5-server, and pam_krb5 packages
    • on RedHat, these are the krb5-libs and krb5-workstation packages
  • libglib2
    • on Debian and Ubuntu, this is the libglib2.0-0 package
    • on SUSE, this is the glib2 package
    • on RedHat, this is the glib2 package
  • libstdc++
    • on Debian and Ubuntu, this is the libstdc++2.10-glibc2.2 package
    • on Ubuntu the gcc-3.3-base and libstdc++5 packages are also required
    • on SUSE(10.0), these are the libstdc++ and compat packages
    • on RedHat, this is the compat-libstdc++-296 package
  • libxml2
    • on Debian, RedHat and Ubuntu, these are the libxml2, sgml-base and xml-core packages
    • on SUSE, these are the libxml2, sgmltool, and xml-commons packages
  • Postgres (for Scalix 11 and above only)
    • on Debian, this is the postgresql package (for Postgres 7.4)
    • on Ubuntu, this is the postgresql-8.1 package
  • SASL2 and modules for plain, crammd5 and gssapi (for MIT Kerberos)
    • on Debian and Ubuntu, these are the libsasl2-modules and libsasl2-gssapi-mit packages
    • on SUSE, these are the cyrus-sasl-plain, cyrus-sasl-digestmd5, cyrus-sasl, cyrus-sasl-saslauthd, cyrus-sasl-gssapi, and cyrus-sasl-crammd5 packages
    • on RedHat, these are the cyrus-sasl, cyrus-sasl-md5, cyrus-sasl-plain and cyrus-sasl-gssapi packages
  • Sendmail (possibly replacing default-install Postfix or Exim)
    • on Debian, SUSE, and RedHat, this is the sendmail package
  • text-based web browser
    • on Debian, RedHat and Ubuntu, this is the elinks package
    • on SUSE, the default is w3m, but you can use links if you like

Required 3rd Party Software

The following third party software is required to run a Scalix server:

Sun Java

Scalix requires a Sun Java JRE or JDK version 1.5.0_04 or higher patch revision. On RPM-based systems, an appropriate RPM is available from Sun. Sun currently does not provide .deb packages. Decent instructions on how to generate a .deb package from Sun's download can be found here. It seems that the instructions provided for testing apply to Sarge stable; the control files mentioned were there. Note that if you use a JRE some of the commands will not be needed or look slightly different.

  • SUSE Note : You can just install the java-1_5_0-sun package, if you have the SUSE java package repository enabled in YaST2 or the smart package manager.
  • Ubuntu 6.06 Dapper Drake Note: A Sun JRE is available as sun-java5-jre in the multiverse repository.
  • Debian/Ubuntu Note : if you aren't worried about having a .deb package you can save a lot of confusion with the following steps:
-Download the latest J2RE 1.5 from Java.com
-Run the installer: chmod +x jre-1_5_x_xx-linux-i586.bin && ./jre-1_5_x_xx-linux-i586.bin
-This creates a jre1.5.x_xx directory, move it to /usr/local/lib/ and, for ease of upgrade, 
 make a link: ln -s /usr/local/lib/jre1.5.x_xx /usr/local/lib/jre
-Setup the "alternatives" and bin links:  
   update-alternatives --install /usr/bin/javac javac /usr/local/lib/jre/bin/javac 120 
   update-alternatives --install /usr/bin/java java /usr/local/lib/jre/bin/java 120
-test with: java -version

Apache Tomcat

Scalix 10 requires an Apache Tomcat Application server of version 5.0.28 while Scalix 11 requires an Apache Tomcat Application server of version 5.5.17. This is available from the Apache Tomcat project. For installation, you should just untar this under /opt (as /opt/jakarta-tomcat-5.0.28 or /opt/apache-tomcat-5.5.17). You should then create a symbolic link called /opt/scalix-tomcat. You will then need to make some modifications to the system as detailed below.
Note: Scalix plans to provide customized Tomcat packages in both rpm and deb formats in the near future.

  • Because we're using Java 1.5, you will need to remove one of the library files that ship with Tomcat 5.0 (but not with 5.5):
    rm /opt/scalix-tomcat/common/endorsed/xml-apis.jar
  • Add the following lines to the beginning of your /opt/scalix-tomcat/bin/setclasspath.sh file:
    PATH=$PATH:/opt/scalix/bin
    JAVA_HOME=/usr/local/lib/jre              # Make this /usr/local/lib/jdk when using a JDK
    JAVA_OPTS="-server -Xms128m -Xmx128m"     # Make this 1/2 your RAM or 512 whichever is less
    export JAVA_HOME JAVA_OPTS
    • When using Tomcat 5.0 and a JRE as opposed to a JDK, change the line reading
      if [ ! -x "$JAVA_HOME"/bin/java -o ! -x "$JAVA_HOME"/bin/jdb -o ! -x "$JAVA_HOME"/bin/javac ]; then
      to
      if [ ! -x "$JAVA_HOME"/bin/java ]; then


  • Integrating Tomcat into system startup (Debian)
  • Integrate scalix-tomcat into your system startup. Create a /etc/init.d/scalix-tomcat script as per below, then execute:
chmod 755 /etc/init.d/scalix-tomcat
update-rc.d scalix-tomcat defaults 22
command.
#!/bin/sh

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Scalix Tomcat"
NAME=scalix-tomcat
CATALINA_HOME=/opt/scalix-tomcat; export CATALINA_HOME
DAEMON=/opt/scalix-tomcat/bin/startup.sh

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

#
#       Function that starts the daemon/service.
#
d_start() {
        $CATALINA_HOME/bin/startup.sh
} 

#
#       Function that stops the daemon/service.
#
d_stop() {
       $CATALINA_HOME/bin/shutdown.sh
}

case "$1" in
  start)
        echo -n "Starting $DESC: $NAME"
        d_start
        echo "."
        ;;
  stop)
        echo -n "Stopping $DESC: $NAME"
        d_stop
        echo "."
        ;;
  restart|force-reload)
        #
        #       If the "reload" option is implemented, move the "force-reload"
        #       option to the "reload" entry above. If not, "force-reload" is
        #       just the same as "restart".
        #
        echo -n "Restarting $DESC: $NAME"
        d_stop
        sleep 1
        d_start
        echo "."
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|force-reload}" >&2
        exit 1
        ;;
esac

exit 0
  • Integrating Tomcat into system startup (RedHat/SuSE)

Integrate scalix-tomcat into your system startup. Create a /etc/init.d/scalix-tomcat script as per below, then execute the following commands to make the script executable and integrate it into automatic system startup:

chmod 755 /etc/init.d/scalix-tomcat
chkconfig --add scalix-tomcat
#!/bin/sh
#
# chkconfig: 345 91 10
#
# description: \
# This is the init script for starting up the Jakarta Tomcat server.
#
# To install this script on a RedHat or SuSE Linux system, follow these steps:
#
#   (1) log in as root
#   (2) copy this script to /etc/init.d
#   (3) enter "chmod 755 /etc/init.d/scalix-tomcat"
#   (4) edit the script using vi or your favorite editor and ensure that
#       CATALINA_HOME points to the location of your Tomcat 4 or 5 (or later)
#       directory
#   (5) enter "chkconfig --add scalix-tomcat"
#
#       Tomcat will now be configured to start as a system service when the
#       machine boots.
#
#   (6) enter "/etc/init.d/scalix-tomcat start" to manually start Tomcat and
#       "/etc/init.d/scalix-tomcat stop" to manually stop Tomcat.
#


###### !! PLEASE CHANGE THE FOLLOWING 3 LINES TO MATCH YOUR ENVIRONMENT !! ######
CATALINA_HOME="/opt/scalix-tomcat"
###### !! YOU SHOULD NOT NEED TO CHANGE ANYTHING BELOW HERE !! ######

export CATALINA_HOME

# you do not need to change anything below here

# detect the distribution:
if [ -f /etc/redhat-release -o -f /etc/fedora-release ] ; then
    DISTRIBUTION="redhat"
elif [ -f /etc/SuSE-release ] ; then
    DISTRIBUTION="suse"
else
    echo "Error: unsupported distribution" >&2
    exit 1
fi

# Source function library.
[ "$DISTRIBUTION" = "redhat" ] && . /etc/init.d/functions
[ "$DISTRIBUTION" = "suse" ] && . /etc/rc.status


# test if network is up (redhat-only):
if [ "$DISTRIBUTION" = "redhat" ] ; then
    # Get config.
    . /etc/sysconfig/network

    # Check that networking is up.
    [ "${NETWORKING}" = "no" ] && exit 0
fi

startup=$CATALINA_HOME/bin/startup.sh
shutdown=$CATALINA_HOME/bin/shutdown.sh

# Where the Scalix server admin commands live (for Scalix server installed locally)
PATH=$PATH:/opt/scalix/bin; export PATH

# Functions

if [ "$DISTRIBUTION" = "redhat" ] ; then

start() {
        action $"Starting Tomcat service: "  $startup
        RETVAL=$?
}

stop() {
        action $"Stopping Tomcat service: " $shutdown
        RETVAL=$?
}

elif [ "$DISTRIBUTION" = "suse" ] ; then

start() {
        echo -n "Starting Tomcat service"
        $startup
        rc_status -v
}

stop() {
        echo -n "Stoppping Tomcat service"
        $shutdown
        rc_status -v
}

fi

restart() {
    stop
    start
}


[ "$DISTRIBUTION" = "suse" ] && rc_reset

# See how we were called.
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  restart)
        restart
        ;;
  *)
        echo $"Usage: $0 {start|stop|restart}"
        exit 1
esac

[ "$DISTRIBUTION" = "suse" ] && rc_exit
exit 0

Postgres Database

(Scalix 11 only) Scalix 11 requires a Postgres database.

  • Download the following RPM to your system: [1].
  • Scalix will make a .deb version of the package available in the future. For the time being, convert the .rpm into a .deb using alien and install it:
apt-get install alien # if you don't have the alien tool installed yet
alien scalix-postgres-11.0.0.375-1.noarch.rpm
dpkg -i scalix-postgres_11.0.0.375-2_all.deb
  • save the following patch to a file and execute it as follows (debian only):
 cd /
 patch -Np1 </path/to/scalix-postgres.debian.patch
 diff -Naur /opt/scalix-postgres/binold/sxpsql-init /opt/scalix-postgres/bin/sxpsql-init
--- /opt/scalix-postgres/binold/sxpsql-init     2006-09-11 15:10:13.000000000 +0000
+++ /opt/scalix-postgres/bin/sxpsql-init        2006-09-11 15:45:50.000000000 +0000
@@ -18,7 +18,8 @@
 fi
 
 # initialize the database:
-su -c "initdb -D $PSQL_DIR" postgres || exit $?
+chown -R postgres:postgres /var/opt/scalix-postgres
+su -c "/usr/lib/postgresql/bin/initdb -D $PSQL_DIR" postgres || exit $?
 
 # then start it:
 /etc/init.d/scalix-postgres start || exit $?
@@ -28,7 +29,7 @@
 sleep 3

 # create the database:
-su -c "createdb -p $PSQL_PORT scalix" postgres || exit $?
+su -c "/usr/lib/postgresql/bin/createdb -p $PSQL_PORT scalix" postgres || exit $?
 
 # create "scalix" user:
 if grep -q '^\(7\.\|8\.0\)' "$PSQL_DIR/PG_VERSION" ; then
@@ -39,4 +40,4 @@
     create_flag="--superuser --no-createdb --no-createrole"
 fi
 
-su -c "createuser -p $PSQL_PORT $create_flag scalix" postgres || exit $?
+su -c "/usr/lib/postgresql/bin/createuser -p $PSQL_PORT $create_flag scalix" postgres || exit $?
diff -Naur /opt/scalix-postgres/binold/sxpsql-setpwd /opt/scalix-postgres/bin/sxpsql-setpwd
--- /opt/scalix-postgres/binold/sxpsql-setpwd   2006-09-11 15:10:13.000000000 +0000
+++ /opt/scalix-postgres/bin/sxpsql-setpwd      2006-09-11 15:13:57.000000000 +0000
@@ -6,5 +6,5 @@
 # Usage: sxpsql-setpwd <password>
 #
 
-su -c "echo alter user scalix password \'$1\' | psql -p 5733 scalix" postgres \
+su -c "echo alter user scalix password \'$1\' | /usr/lib/postgresql/bin/psql -p 5733 scalix" postgres \
     || exit $?
diff -Naur /opt/scalix-postgres/binold/sxpsql-whitelist /opt/scalix-postgres/bin/sxpsql-whitelist
--- /opt/scalix-postgres/binold/sxpsql-whitelist        2006-09-11 15:10:13.000000000 +0000
+++ /opt/scalix-postgres/bin/sxpsql-whitelist   2006-09-11 15:50:25.000000000 +0000
@@ -47,8 +47,7 @@
     rm -f $outf
 
     # restart postgres if it's running:
-    /etc/init.d/scalix-postgres status >/dev/null && \
-            /etc/init.d/scalix-postgres restart
+    /etc/init.d/scalix-postgres restart
 }
 
 if [ $# = 0 ] ; then
  • Also, replace /etc/init.d/scalix-postgres with the following code (debian only):
#!/bin/sh 

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Scalix Postgres"
NAME=scalix-postgres

PGENGINE=/usr/lib/postgresql/bin
PGPORT=5733
PGDATA=/var/opt/scalix-postgres/data
PGLOG=/var/opt/scalix-postgres/pgstartup.log
PIDFILE=$PGDATA/postmaster.pid

export PGDATA
export PGPORT

script_result=0 

#
#       Function that starts the daemon/service.
#
d_start() {
    PSQL_START="Starting ${NAME} service: "

    # Make sure startup-time log file is valid
    if [ ! -e "$PGLOG" -a ! -h "$PGLOG" ]
    then
        touch "$PGLOG" || exit 1
        chown postgres:postgres "$PGLOG"
        chmod go-rwx "$PGLOG"
    fi

    if grep -q '^8\.' "$PGDATA/PG_VERSION" ; then
        extra_flags=""
    else
        extra_flags="-i"
    fi

    echo -n "$PSQL_START"
    su - postgres -c "$PGENGINE/postmaster $extra_flags -p '$PGPORT' -D '$PGDATA' ${PGOPTS} &" >> "$PGLOG" 2>&1 < /dev/null
    sleep 2
    pid=`pidof -s "$PGENGINE/postmaster"`
    if [ $pid ] && [ -f "$PIDFILE" ]
    then
        echo "OK"
    else
        echo "FAILED"
        script_result=1
    fi
} 

#
#       Function that stops the daemon/service.
#
d_stop() {
        echo -n $"Stopping ${NAME} service: "
        su - postgres -c "$PGENGINE/pg_ctl stop -D '$PGDATA' -s -m fast" > /dev/null 2>&1 < /dev/null
        ret=$? 
        if [ $ret -eq 0 ]
        then
            echo "OK"
        else
            echo "FAILED"
        fi
}

case "$1" in
  start)
        d_start
        echo "."
        ;;
  stop)
        d_stop
        echo "."
        ;;
  restart|force-reload)
        #
        #       If the "reload" option is implemented, move the "force-reload"
        #       option to the "reload" entry above. If not, "force-reload" is
        #       just the same as "restart".
        #
        d_stop
        sleep 1
        d_start
        echo "."
        ;;
  *)
        echo "Usage: $0 {start|stop|restart}" >&2
        exit 1
        ;;
esac 

exit 0
  • and activate it (debian only):
chmod 755 /etc/init.d/scalix-postgres
update-rc.d scalix-postgres defaults 22
  • Then execute the database creation scripts (all platforms)
cd /opt/scalix-postgres/bin
./sxpsql-init
./sxpsql-setpwd mypassword    # This is a database password you select
./sxpsql-whitelist 127.0.0.1

Creating a Scalix Group and User (optional)

Installation of the Scalix server package will automatically create a Unix group called "scalix" and a Unix user with the same name. The user id for this user will be automatically chosen and most files associated with Scalix data will be owned by this user. If you want to have control over the user id, you can create the user manually before installing the Scalix server package.

If you create the group and/or user manually, make sure the following applies:

  • The group must be called "scalix"
  • The user must be called "scalix"
  • The user must have a home directory of /var/opt/scalix
  • There should not be any files (profile files, etc.) copied to the user's home directory
  • The user should have it's primary group set to "scalix"
  • It is recommended to use /bin/true as the login shell for the "scalix" user so that the user cannot login to the system interactively. In addition, the password for the user should be locked.
  • If your OS offers the concept of a "server" or "service" user, the Scalix user should be created as one.

Setting up your user's environment

It is recommended to add the /opt/scalix/bin and /opt/scalix/diag directories to your admin user's (initially root!) PATH. It is also recommended to add /opt/scalix/share/man to your MANPATH to be able to access the reference man pages that come with Scalix server.


Downloading and Installing the Scalix Raw Packages

The Scalix Raw packages can be downloaded here for Scalix 10 or here for Scalix 11. You will need packages for the following modules appropriate for your platform:

  • scalix-server-*: the actual Scalix Server software
  • scalix-swa-*: the Scalix Web Access webclient; this can be installed on the same machine as the Scalix server or on a separate webserver
  • scalix-sac-*: the Scalix Management Services; if you want to use the Scalix Management Console, this must be installed on the Scalix server machine
  • scalix-res-*: the Scalix Remote Execution Service; this is the management agent used by Scalix Management Services. This is required on all systems that are managed by a Scalix Admin Server. As Scalix CE Raw is limited to single server configurations, this must be installed on the single Scalix server machine.
  • libical: this is a Scalix adaption/compile based on an OpenSource implementation of a RFC-compliant ical library available from the Free Association project. The projects homepage is on SourceForge. Scalix provides source and binary packages in .rpm and .deb format on the Scalix CE Raw download site.
  • scalix-mobile-*: (Scalix 11 only): the Scalix Web Access Mobile webclient; this can be installed on the same machine as the Scalix server or on a separate server
  • scalix-platform-*: (Scalix 11 only): the Scalix Messaging Services API platform; this can be installed on the same machine as the Scalix server or on a separate server, though the former is typical. It uses the Postgres database and is being used by both SWA and SWA Mobile.
  • scalix-sis-*: (Scalix 11 only): the Scalix Search and Indexing Services - based on Apache Lucene, this provides full-text and attachment indexing for Scalix data

Copy all the .rpm or .deb files to a temporary directory location on your server. Then, install the packages using the standard OS tools.

Note that for Scalix 11, some of the components are only available as .rpm files. For debian and other .deb-based systems, download the respective rpm and convert it to a .deb using the alien tool, e.g.

apt-get install alien # make sure alien is installed
alien scalix-mobile*.rpm # do so for all the components that you do not have a .deb package for.

Make sure you use the rpm's for your Linux distribution!

  • For rpm-based systems, use
    rpm -ivh *.rpm
  • For deb-based systems, use
    dpkg -i *.deb

In case of any missing dependencies or other errors, these should be resolved and the Scalix package installation retried before continuing.

Creating and Configuring the Initial Scalix Server Instance

The following assumes you have added /opt/scalix/bin to your PATH. If not, you must use absolute pathnames for all commands.

Initialize the Scalix Message Store

To initialize the Scalix message store, use the
ommakeom
command. This creates an empty message store in /var/opt/scalix and also adds config file templates for all components into this directory tree. The process takes 3-15 minutes, depending on the speed of your system. Please check the screen output for any errors or problems during the process. A log of the message store creation is located in /var/opt/scalix/sys/install/log. In case of error, correct the problem and restart message store creation by using the
ompatchom
command.

Set Generation Rules for Display Name, Login Name and Internet Address

Before creating any new user, set the default rules for generating the display name (shown in 'From' email headers and address book display), the login name (used to log in to Scalix clients) and the Internet address.

The following is a list of user attributes you can use in those rules:
G represents the given name in mixed/original casing
S represents the surname in mixed/original casing
I represents the middle initial(s) in mixed/original casing
C represents the common name/display name in mixed/original casing (this cannot be used in the display name generation)
g, s, i and c represent the first character of the given name/surname/initials/common name in lower case
f and l represent the full given name/last name in lowercase

    • To set up generation rules for the display name, use the
      sxconfig --set -t general.usrl_cn_rule='<rule>'
      command, e.g.
      sxconfig --set -t general.usrl_cn_rule='S, G'
      to set the display name generation rule to Last, First.

    • To set up generation rules for the login name, use the
      sxconfig --set -t general.usrl_authid_rule='<rule>'
      command, e.g.
      sxconfig --set -t general.usrl_authid_rule='gs@'
      to set the login name generation rule to use the initials of the user in lowercase. If you omit the @ character from this rule, the fully-qualified domain name of the server appends to the login name. This is useful in multi-server environments (which are not supported for Scalix CE Raw). Please see the
      man omaddu
      for details.

    • To set up generation rules for the Internet address, use the
      sxconfig --set -t orniasys.name_part_<n>='<rule>' -t orniasys.domain_part_<n>='<domain>'
      command, e.g.
      sxconfig --set -t orniasys.name_part_1='"C" <G.S>' -t orniasys.domain_part_1='mycompany.com'
      to set the Internet address generation rule to generate addresses in the form "Last, First" <First.Last@mycompany.com> (provided that the display name generation rule is Last, First, as C maps to the display name). Please see
      man omiam
      for details.

      Note: You can set up to five Internet address-generation rules for the system by specifying different values from 1 to 5 for <n>.

Creating the Default Mailnode

The mailnode is a organizational unit grouping users. This becomes important in multi-server setups supported for Scalix Enterprise Edition. For single-server systems, creating a single, default mailnode is usually sufficient. It is best to use the organization name (without any 8-bit or special characters) as the mailnode name. To create the initial mailnode and make it the default, use the
omaddmn -m <mailnode>
command, e.g.
omaddmn -m mycompany
.

Setting up a Non-Default LDAP Port Number

If the system already has some LDAP service using the standard LDAP TCP port (389), change to another port number now. Edit the /var/opt/scalix/sys/slapd.conf and change the port number to a different value. Scalix recommends using port 3890. The line to be changed should look like this:
portNum          3890

Starting the Server Daemons

Before creating the first set of users, start the server daemons. To do this, use the
omrc -n
command. The -n option prevents mail delivery and user signon services from starting because these are not usable at this time.

Creating the Default Admin User

To create a default admin account, use the
omaddu -n <fullname>/<mailnode> --class <class> -c admin -p <password> <loginname>
command, e.g.
omaddu -n sxadmin/mycompany --class limited -c admin -p secret sxadmin
Note 
Don't forget to quote if the name contains spaces, eg:
omaddu -n "Admin User/mynode" --class limited -c admin -p secret sxadmin

where

  1. sxadmin is the full name of the admin user as displayed in the address book
  2. mycompany is the default mailnode created in the previous step
  3. limited is either full or limited. When creating the admin user as a full user, this will use one of the 25 free premium mailboxes available in Scalix CE raw. However, if created as a limited user, the user won't be able to use Outlook to log in or access public folder information through SWA.
  4. -c admin sets full admin capabilities for the user
  5. secret is the users initial password
  6. sxadmin is the users login name

Configuring the Admin User

Set up the Admin user as "Postmaster" to receive system error messages:
omconfenu -n "sxadmin/mycompany"
. This user is excluded from system-wide inbox quota checking:
omlimit -u "sxadmin/mycompany" -o -i 0 -m 0

Creating the LDAP Query User

To allow the Scalix Admin Server and Admin Console to access user information through Scalix LDAP, create a system user as follows:

omaddu -n sxqueryadmin/<mailnode> --class limited -c admin -p <passwd> sxqueryadmin@<fqdn>

This user's password can be anything, but the username (sxqueryadmin) and the user's login name must match the values provided where <fqdn> is the FQDN of your server as returned by the hostname --fqdn command. The user can always be created as a limited user because the only server he is allowed to log in to is LDAP, which does not require a premium user account.

Creating the Standard Scalix Admin Groups

Next, create the standard Scalix Admin groups for the Scalix Admin server. The names of these groups are fixed, so you must create them as follows:

omaddpdl -l ScalixUserAdmins/mycompany
omaddpdl -l ScalixUserAttributesAdmins/mycompany
omaddpdl -l ScalixGroupAdmins/mycompany
omaddpdl -l ScalixAdmins/mycompany

NOTE: Depending on your Generation Rules, these commands may complain with "omaddpdl : [OM 18043] The Internet Address is already assigned" but it seems to work anyway.

Adding Standard Tweak Settings

We recommend adding the following tweak settings to /var/opt/scalix/sys/general.cfg . For details on these settings, please refer to the Scalix Administration Guide.

#
# The CDA service (used for "type down" in some clients) is more
# efficient if it can check the directory change log before attempting
# to update the access tables that it uses.   One slow machines, it may
# also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check
# interval from five minutes to an hour.
#
CDA_USE_CHANGE_LOG=TRUE
# CDA_CHECKTIME=60
#
# These tweaks limit the number and rate of IMAP connections to the
# server. The IMAP_CONNECTION_LIMIT simply restricts the total number of
# connections to the server. Note that many IMAP clients have several
# connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts
# the rate at which clients can connect to the server, in this case, at
# most 10 connections per second. If clients try to connect faster
# than that, the IMAP server simply slows down the rate at which it will
# accept new connections.
#
IMAP_CONNECTION_LIMIT=500
IMAP_CONNRATE_LIMIT=10
#
# The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection
# will wait for a command before terminating the connection. The default
# setting, and the minimum required setting, is 30 minutes. Some
# clients "refresh" their connection once every thirty minutes
# exactly -- but if they are a little bit late, the server drops their
# connection. Setting a timeout of 31 minutes avoids this problem.
#
IMAP_IDLE_TIMEOUT=31
#
# This tweak arranges for Local Delivery to automatically create a
# message store for users created without one.
# Users added with the bulk-add mechanism used by the
# wizard do not have a message store. So setting this tweak allows
# them to receive mail before they are initially signed on.
#
LD_CREATE_MESSAGE_STORE=TRUE
#
# These three tweaks allow users to sign on using an alias. Only
# system-defined aliases are permitted and it the alias name is ignored
# for the purposes of message creation and so on.
# 
# Note that changing these settings normally requires restarting Scalix.
#
UAL_SIGNON_ALIAS=YES
UAL_SIGNON_ALIAS_CONFIG=SYS
UAL_USE_SIGNON_ALIAS=FALSE

Starting Scalix Services

As a final step, start all services now using the following command:
omon -s all

Configuring Scalix Web Applications

You will need to follow a few simple steps to integrate Scalix web applications into your Tomcat application server.

Integrating the Web Applications into Tomcat

If you set up Scalix and Tomcat as recommended above, you only need to setup the config files for the web applications.

For Scalix 10 and Tomcat 5.0 this is done in the following way:

cp /opt/scalix/web/scalix-res.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-admin.xml  /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-caa.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-swa.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-webcal.xml /opt/scalix-tomcat/conf/Catalina/localhost

For Scalix 11, make sure the following symbolic links exist:

/opt/scalix-tomcat/conf/Catalina/localhost/api.xml     --> /opt/scalix/web/api.xml
/opt/scalix-tomcat/conf/Catalina/localhost/caa.xml     --> /opt/scalix/web/scalix-caa.xml
/opt/scalix-tomcat/conf/Catalina/localhost/m.xml       --> /opt/scalix/web/m.xml
/opt/scalix-tomcat/conf/Catalina/localhost/res.xml     --> /opt/scalix/web/scalix-res.xml
/opt/scalix-tomcat/conf/Catalina/localhost/sac.xml     --> /opt/scalix/web/scalix-sac.xml
/opt/scalix-tomcat/conf/Catalina/localhost/sis.xml     --> /opt/scalix/web/sis.xml
/opt/scalix-tomcat/conf/Catalina/localhost/webmail.xml --> /opt/scalix/web/scalix-swa.xml

Configuring Scalix Web Access

Now, you must set up a number of parameters in /etc/opt/scalix/webmail/swa.properties:

swa.email.domain=mycompany.com                                    # Add your main domain here
swa.email.imapServer=scalix.mycompany.com                         # FQDN of your Scalix server
swa.email.smtpServer=scalix.mycompany.com                         # FQDN of your Scalix server
swa.settings.rulesWizardURL=http://scalix.mycompany.com/Scalix/rw # FQDN of your Scalix server
swa.ldap.1.server=scalix.mycompany.com                            # FQDN of your Scalix server
swa.ldap.1.port=389                                               # The port number of your 
                                                                  # Scalix LDAP server; if you 
                                                                  # have changed this from the
                                                                  # default during server install,
                                                                  # this needs to be reflected
swa.ldap.2.server=scalix.mycompany.com                            # FQDN of your Scalix server
swa.ldap.2.port=389                                               # The port number of your 
                                                                  # Scalix LDAP server; if you 
                                                                  # have changed this from the
                                                                  # default during server install,
                                                                  # this needs to be reflected

For Scalix 11, two additional parameters should be set:

swa.platform.url=http://scalix.mycompany.com:8080/api             # Points to Platform Host
swa.platform.enabled=true                                         # use the platform

Configuring Scalix Ubermanager Admin Server

Next, you must set up a number of parameters in /etc/opt/scalix/caa/scalix.res/config/ubermanager.properties :

ubermanager.query.server=scalix.mycompany.com                # FQDN of your Scalix server
ubermanager.kerberos.mode=false                              # N/A for single server
ubermanager.kerberos.principalName=                          # "   "   "      "
ubermanager.kerberos.kdc=                                    # "   "   "      "
ubermanager.kerberos.realm=                                  # "   "   "      "
ubermanager.console.externalAuth=false                       # default value
ubermanager.console.allowExternalAuthChoice=false            # default value
ubermanager.console.maxListSize=100                          # default value
ubermanager.console.localDomains=mycompany.com               # Your email domain(s)
ubermanager.console.authDomains=                             # default value
ubermanager.console.modifyExternalSyncedAuthId=false                 # default value
ubermanager.query.server.port=389                            # Scalix LDAP port number
ubermanager.configured=true                                  # to indicate file has been touched

Also, create a file called /etc/opt/scalix/caa/scalix.res/config/psdata and put in the sxqueryadmin password. Make sure the file is only readable by root:

cd /etc/opt/scalix/caa/scalix.res/config
echo "<sxqueryadmin-password>" >psdata
chown root:root psdata
chmod 400 psdata

Configuring Scalix RES Admin Agent

You will need to adjust a few parameters in /etc/opt/scalix/res/config/res.properties :

res.kerberos.mode=                                           # Leave empty for single server
res.kerberos.kdc=                                            # "     "     "   "      "     
res.kerberos.realm=                                          # "     "     "   "      "     
res.kerberos.allowedclients=ubermanager/scalix.mycompany.com # FQDN of your Scalix server
res.ubermanager.host=scalix.mycompany.com                    # FQDN of your Scalix server
res.tomcat.tcp.port=8080                                     # http port number of Tomcat
res.configured=true                                          # to indicate file has been touched

Configuring Scalix Messaging Services API Platform (Scalix 11 only)

You will need to adjust a few parameters in /etc/opt/scalix/platform/platform.properties :

imap.host=scalix.mycompany.com                                # FQDN of your Scalix server
smtp.host=scalix.mycompany.com                                # FQDN of your Scalix server
ldap.port=389                                                 # Scalix LDAP port
hibernate.connection.url = jdbc:postgresql://localhost/scalix # DB server or localhost
hibernate.connection.password = <Postgres-password>           # as assigned on DB creation

Configuring Scalix Web Access Mobile (Scalix 11 only)

You will need to adjust a few parameters in /etc/opt/scalix/mobile/mobile.properties:

platform.url=http://scalix.mycompany.com:8080/api             # URL to MS platform

Configuring Scalix Search and Indexing Services (Scalix 11 only)

You will need to adjust a few parameters in /etc/opt/scalix/sis/sis.properties:

index.language=English                        # Default language for indexing, 
                                              # analysis, stemming search
index.client.whitelist=scalix.mycompany.com   # FQDN of your Scalix server
search.client.whitelist=scalix.mycompany.com  # FQDN of your Scalix server


platform.url=http://scalix.mycompany.com:8080/api             # URL to MS platform

Restarting Tomcat

After making all these changes, restart Tomcat with the following command:
/etc/init.d/scalix-tomcat restart

Integrating the Web-based Scalix Rules Wizard into Apache

You will just need to link the Apache config file into your Apache config directory:

  • For debian and SUSE, execute
    ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/apache2/conf.d
    and restart apache using
    /etc/init.d/apache2 restart
  • For Redhat, execute
    ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/httpd/conf.d
    and restart apache using
    /etc/init.d/httpd restart

Testing Your Newly-Installed System

Installation is now complete. Before starting with the new system, run these tests:

  • Reboot your server. All services (Scalix Server, Tomcat and Apache) should come up on their own.
  • Check the output of omstat -a and omstat -s commands. Item Structure Server may display as stopped. All other daemons and services should be up and running.
  • Try to access Scalix Admin Console from a browser using the http://scalix.mycompany.com:8080/sac URL. Log in using your sxadmin login name and password. Create a new user.
  • Try to access Scalix Web Access from a browser using the http://scalix.mycompany.com:8080/webmail URL. Log in using your newly-created user. Try address book lookups. Send an email message to yourself. Try to access the Web-based Scalix Rules Wizard from your Extras menu.
  • Download and install the Outlook connector. Setup a premium user. Install the Outlook connector on a Windows PC. Set up an Outlook profile and access your Scalix mailbox from Outlook.

If all these work, your Scalix server is in good shape and you're ready to take it to the next level.

What's next?

  • Read the docs. Check out the Administration Guide and Administration Console Guide. If you need more information, manpages contain a lot of valuable data. Start with
    man scalix-server
  • Integrate Apache with Tomcat using mod_jk for better performance and security. This is described in the Apache Technote.
  • Use mod_deflate with Apache to reduce the amount of data transmitted over the wire for SWA. This will further improve performance. This is also described in the Apache Technote.
  • Setup Tomcat to run as a non-root user for more security. This is described in the Tomcat Technote.
  • Setup your sendmail with correct Smarthost and routing information for outbound Internet email.
  • Setup fetchmail if your email is hosted with a provider
  • Setup stunnel if you require secure SSL communication for POP, IMAP, LDAP or SMTP
  • Setup Spam Assassin for better Spam protection
  • Setup ClamAV for good open-source virus protection
  • Integrate with an external LDAP directory such as OpenLDAP, eDirectory or Active Directory
  • Setup Online Backup using LVM Snapshots

Further Information