Ubuntu Lucid
From Scalix Wiki
Revision as of 20:59, 20 February 2011 by Kippno (Talk | contribs) (Created page with '== Install Script for Ubuntu 10.04 lucid lynx == Please download the empty fake packages from http://www.snorre.com/scalix_ubuntu_fake_10.04.tgz. Edit script variable FAKE_DIR t...')
Install Script for Ubuntu 10.04 lucid lynx
Please download the empty fake packages from http://www.snorre.com/scalix_ubuntu_fake_10.04.tgz. Edit script variable FAKE_DIR to match the location of the fake packages. The packages are created with equivs.
#!/bin/bash
# (c) 2011 Snorre Prod. I.N.C.
# quick and dirty install Scalix 11.x on Ubuntu 10.04
#### definitions ###
LOG=/tmp/scalix_inst.log
SEP="---------------------------------------------------------------------------------"
SRC=/root/install/scalix-debian-11.4.6-GA
DEB_DIR=$SRC/software/scalix_server
FAKE_DIR=$SRC/software/fakes
PREREQ_SOFTWARE="gawk apache2 krb5-user krb5-doc postgresql postgresql-client libsasl2-modules-gssapi-mit sendmail elinks libstdc++5 heirloom-mailx sun-java6-bin"
#### definitions ###
function variables_and_nw () {
# get varibles
read -p "Mail domain: " MAILDOMAIN
read -p "Scalix mailnode name: " MAILNODE
stty -echo
read -p "Scalix admin user (sxadmin) password: " SXADMIN_PWD; echo
read -p "LDAP Query Admin User (sxqueryadmin) password: " SXQUERYADMIN_PWD; echo
read -p "Postgres DB password: " POSTGRES_PWD; echo
stty echo
# get network parameters
IP=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`
FQDN=`hostname -f`
}
function prereq_scalix () {
# Change Repos
cp /etc/apt/sources.list /etc/apt/sources.list.scalix.bak
sed -i -e '/partner/s/^# //' /etc/apt/sources.list
sed -i -e '/backports/s/^# //' /etc/apt/sources.list
aptitude update
# Get prereq. software
echo "prereq. aptitude $SEP" >> $LOG
aptitude -y -R install $PREREQ_SOFTWARE 2>&1 | tee -a $LOG
cd $SRC
wget http://security.ubuntu.com/ubuntu/pool/universe/o/openssl097/libssl0.9.7_0.9.7g-5ubuntu1.1_i386.deb
echo "prereq. dpkg $SEP" >> $LOG
dpkg -i libssl0.9.7_0.9.7g-5ubuntu1.1_i386.deb 2>&1 | tee -a $LOG
cd $FAKE_DIR
dpkg -i *.deb 2>&1 | tee -a $LOG
# bash as default
echo
echo "Please set dash to be NOT the default shell (/bin/sh) at the next screen"
echo -n "Press any key to continue: "
read
dpkg-reconfigure dash
# LDAP Libs
cd /usr/lib/ && ln -s libldap_r-2.4.so.2 libldap_r.so.2 && ln -s liblber-2.4.so.2.5.4 liblber.so.2
# User
adduser --system --home /var/opt/scalix --no-create-home --shell /bin/true --disabled-password --group scalix
# Path
echo 'PATH=$PATH:/opt/scalix/bin:/opt/scalix/diag' > /etc/profile.d/scalix.sh
export PATH=$PATH:/opt/scalix/bin:/opt/scalix/diag
# drop postgresql db
pg_dropcluster --stop 8.4 main
}
function scalix_sw_1 () {
cd $DEB_DIR
echo "Scalix Main SW $SEP" >> $LOG
dpkg -i scalix-libical*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-chardet*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-server*.deb 2>&1 | tee -a $LOG
}
function get_instance () {
SCALIX_DATADIR=`omcheckgc -d`
SCALIX_INSTANCEDIR=`dirname $SCALIX_DATADIR`
SCALIX_INSTANCE_NAME=`omcheckgc -s`
}
function scalix_tweak () {
get_instance # --> SCALIX_DATADIR, SCALIX_INSTANCEDIR, SCALIX_INSTANCE_NAME
cat << EOF >>$SCALIX_DATADIR/sys/general.cfg
#
# These three tweaks allow users to sign on using an alias. Only
# system-defined aliases are permitted and it the alias name is ignored
# for the purposes of message creation and so on.
#
# Note that changing these settings normally requires restarting Scalix.
#
UAL_SIGNON_ALIAS=YES
UAL_SIGNON_ALIAS_CONFIG=SYS
UAL_USE_SIGNON_ALIAS=FALSE
#
# The CDA service (used for "type down" in some clients) is more
# efficient if it can check the directory change log before attempting
# to update the access tables that it uses. One slow machines, it may
# also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check
# interval from five minutes to an hour.
#
CDA_USE_CHANGE_LOG=TRUE
# CDA_CHECKTIME=60
#
# These tweaks limit the number and rate of IMAP connections to the
# server. The IMAP_CONNECTION_LIMIT simply restricts the total number of
# connections to the server. Note that many IMAP clients have several
# connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts
# the rate at which clients can connect to the server, in this case, at
# most 10 connections per second. If clients try to connect faster
# than that, the IMAP server simply slows down the rate at which it will
# accept new connections.
#
IMAP_CONNECTION_LIMIT=500
IMAP_CONNRATE_LIMIT=10
#
# The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection
# will wait for a command before terminating the connection. The default
# setting, and the minimum required setting, is 30 minutes. Some
# clients "refresh" their connection once every thirty minutes
# exactly -- but if they are a little bit late, the server drops their
# connection. Setting a timeout of 31 minutes avoids this problem.
#
IMAP_IDLE_TIMEOUT=31
#
# This tweak arranges for Local Delivery to automatically create a
# message store for users created without one.
# Users added with the bulk-add mechanism used by the
# wizard do not have a message store. So setting this tweak allows
# them to receive mail before they are initially signed on.
#
LD_CREATE_MESSAGE_STORE=TRUE
EOF
}
function scalix_settings () {
# message store
echo "MSG Store $SEP" >> $LOG
ommakeom 2>&1 | tee -a $LOG
echo
echo "Please read /var/opt/scalix/s5/s/sys/install/log !!"
echo "If anny error exists: solve error - then run 'ompatchom'"
echo -n "Press any key to continue: "
read
# rules
sxconfig --set -t general.usrl_cn_rule='G S'
sxconfig --set -t general.usrl_authid_rule='G.S'
sxconfig --set -t orniasys.name_part_1='"C" <G.S>'
sxconfig --set -t orniasys.domain_part_1="$MAILDOMAIN"
# mailnode
echo "Mailnode $SEP" >> $LOG
omaddmn -m $MAILNODE 2>&1 | tee -a $LOG
# start daemons
echo "Start daemons $SEP" >> $LOG
omrc -n 2>&1 | tee -a $LOG
# users
omaddu -n sxadmin/$MAILNODE --class limited -c admin -p $SXADMIN_PWD sxadmin
omconfenu -n "sxadmin/$MAILNODE"
omlimit -u "sxadmin/$MAILNODE" -o -i 0 -m 0
omaddu -n sxqueryadmin/$MAILNODE --class limited -c admin -p $SXQUERYADMIN_PWD sxqueryadmin@$FQDN
omaddpdl -l ScalixUserAdmins/$MAILNODE
omaddpdl -l ScalixUserAttributesAdmins/$MAILNODE
omaddpdl -l ScalixGroupAdmins/$MAILNODE
omaddpdl -l ScalixAdmins/$MAILNODE
# tweaks
scalix_tweak
# start services
echo "Start services $SEP" >> $LOG
omon -s all 2>&1 | tee -a $LOG
}
function scalix_sw_2 () {
cd $DEB_DIR
echo "Scalix Tomcat SW $SEP" >> $LOG
dpkg -i scalix-tomcat*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-mobile*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-platform*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-postgres*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-res*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-sac*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-sis*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-swa*.deb 2>&1 | tee -a $LOG
dpkg -i scalix-tomcat-connector*.deb 2>&1 | tee -a $LOG
}
function opts_tomcat () {
# setting JAVA mem to 50% of MEM
ALL_MEM=`free -mto | grep Mem: | awk '{ print $2 }'`
MEM=$((ALL_MEM/2))
cp /etc/opt/scalix-tomcat/scalix-tomcat.conf /etc/opt/scalix-tomcat/scalix-tomcat.conf.bak
sed -i -e "/JAVA_OPTS/s/-Xms[0-9]*m/-Xms${MEM}m/" /etc/opt/scalix-tomcat/scalix-tomcat.conf
sed -i -e "/JAVA_OPTS/s/-Xmx[0-9]*m/-Xmx${MEM}m/" /etc/opt/scalix-tomcat/scalix-tomcat.conf
# set tomcat stop timeout to 60s
cp /opt/scalix-tomcat/bin/sxtomcat-shutdown /opt/scalix-tomcat/bin/sxtomcat-shutdown.bak
sed -i -e "/STOP_TIMEOUT/s/=[0-9]*/=60/" /opt/scalix-tomcat/bin/sxtomcat-shutdown
}
function setup_postgres () {
echo "Setup postgres $SEP" >> $LOG
/opt/scalix-postgres/bin/sxpsql-init 2>&1 | tee -a $LOG
/opt/scalix-postgres/bin/sxpsql-setpwd $POSTGRES_PWD 2>&1 | tee -a $LOG
/opt/scalix-postgres/bin/sxpsql-whitelist $IP 2>&1 | tee -a $LOG
}
function opts_tomcat_apps () {
get_instance # --> SCALIX_DATADIR, SCALIX_INSTANCEDIR, SCALIX_INSTANCE_NAME
# Scalix Web Access (Webmail) - /var/opt/scalix/%instance%/webmail/swa.properties
FILE=$SCALIX_INSTANCEDIR/webmail/swa.properties
cp $FILE $FILE.bak
# port at swa.platform.url could also be 80 or empty when using apache
sed -i -e "s/swa\.email\.domain=.*/swa.email.domain=$MAILDOMAIN/" \
-e "s/swa\.email\.imapServer=.*/swa.email.imapServer=$FQDN/" \
-e "s/swa\.email\.smtpServer=.*/swa.email.smtpServer=$FQDN/" \
-e "s/swa\.platform\.url=.*/swa.platform.url=http:\/\/$FQDN:8080\/api/" \
-e "s/swa\.platform\.enabled=.*/swa.platform.enabled=true/" \
$FILE
# Scalix Ubermanager Admin Server
FILE=$SCALIX_INSTANCEDIR/caa/scalix.res/config/ubermanager.properties
cp $FILE $FILE.bak
sed -i -e "s/ubermanager\.query\.server=.*/ubermanager.query.server=$FQDN/" \
-e "s/ubermanager\.kerberos\.mode=.*/ubermanager.kerberos.mode=false/" \
-e "s/ubermanager\.kerberos\.principalName=.*/ubermanager.kerberos.principalName=/" \
-e "s/ubermanager\.kerberos\.realm=.*/ubermanager.kerberos.realm=/" \
-e "s/ubermanager\.kerberos\.kdc=.*/ubermanager.kerberos.kdc=/" \
-e "s/ubermanager\.console\.externalAuth=.*/ubermanager.console.externalAuth=false/" \
-e "s/ubermanager\.console\.allowExternalAuthChoice=.*/ubermanager.console.allowExternalAuthChoice=false/" \
-e "s/ubermanager\.console\.maxListSize=.*/ubermanager.console.maxListSize=100/" \
-e "s/ubermanager\.console\.localDomains=.*/ubermanager.console.localDomains=$MAILDOMAIN/" \
-e "s/ubermanager\.console\.authDomains=.*/ubermanager.console.authDomains=/" \
-e "s/ubermanager\.configured=.*/ubermanager.configured=true/" \
$FILE
# Country & Language could be set with
# -e "s/ubermanager\.console\.defaultCountry=.*/ubermanager.console.defaultCountry=AT/" \
# -e "s/ubermanager\.console\.defaultLanguage=.*/ubermanager.console.defaultLanguage=GERMAN/" \
# PWD for SYQUERYADMIN
FILE=$SCALIX_INSTANCEDIR/caa/scalix.res/config/psdata
echo "$SXQUERYADMIN_PWD" > $FILE
chmod 600 $FILE
# Scalix RES Admin Agent
FILE=$SCALIX_INSTANCEDIR/res/config/res.properties
cp $FILE $FILE.bak
# res.tomcat.tcp.port could also be empty (default=???) or 80 if using apache
sed -i -e "s/res\.kerberos\.mode=.*/res.kerberos.mode=false/" \
-e "s/res\.kerberos\.realm=.*/res.kerberos.realm=/" \
-e "s/res\.kerberos\.kdc=.*/res.kerberos.kdc=/" \
-e "s/res\.kerberos\.allowedclients=.*/res.kerberos.allowedclients=ubermanager\/$FQDN/" \
-e "s/res\.ubermanager\.host=.*/res.ubermanager.host=$FQDN/" \
-e "s/res\.tomcat\.tcp\.port=.*/res.tomcat.tcp.port=8080/" \
-e "s/res\.configured=.*/res.configured=true/" \
$FILE
# Scalix Messaging Services API Platform
FILE=$SCALIX_INSTANCEDIR/platform/platform.properties
cp $FILE $FILE.bak
sed -i -e "s/imap\.host=.*/imap.host=$FQDN/" \
-e "s/smtp\.host=.*/smtp.host=$FQDN/" \
-e "s/ldap\.port=.*/ldap.port=389/" \
-e "s/hibernate\.connection\.url =.*/hibernate.connection.url = jdbc:postgresql:\/\/$FQDN:5733\/scalix/" \
-e "s/hibernate\.connection\.password =.*/hibernate.connection.password = $POSTGRES_PWD/" \
$FILE
# Scalix Web Access Mobile
FILE=$SCALIX_INSTANCEDIR/mobile/mobile.properties
cp $FILE $FILE.bak
# port could also be 80 or empty when using apache
sed -i -e "s/platform\.url=.*/platform.url=http:\/\/$FQDN:8080\/api/" \
$FILE
# Scalix Search and Indexing Services
FILE=$SCALIX_INSTANCEDIR/sis/sis.properties
cp $FILE $FILE.bak
sed -i -e "s/index\.language=.*/index.language=English/" \
-e "s/index\.client\.whitelist=.*/index.client.whitelist=$IP/" \
-e "s/search\.client\.whitelist=.*/search.client.whitelist=$IP/" \
-e "s/indexadmin\.client\.whitelist=.*/indexadmin.client.whitelist=$IP/" \
$FILE
}
function apache_integration () {
get_instance # --> SCALIX_DATADIR, SCALIX_INSTANCEDIR, SCALIX_INSTANCE_NAME
# Integrate Scalix Web Clients into Apache
ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/apache2/conf.d
# Bugfix VHOST Error of Tomcat Integration
FILE=/etc/opt/scalix-tomcat/connector/ajp/instance-$SCALIX_INSTANCE_NAME.conf
cp $FILE $FILE.bak
sed -i -e "/VirtualHost/d" $FILE
# Allow Proxy to FQDN for http and ajp reverse proxy
echo "<ProxyMatch $FQDN>" >> $FILE
echo " Order deny,allow" >> $FILE
echo "</ProxyMatch>" >> $FILE
}
function main () {
echo "a log of the most critical steps can be found at $LOG"
echo
# First the software
variables_and_nw
prereq_scalix
scalix_sw_1
scalix_settings
scalix_sw_2
# Second the settings & bugfixing
opts_tomcat
setup_postgres
opts_tomcat_apps
apache_integration
}
main
