UPDATE - install doc + SSL issue redirection...

[Swixmix]

UPDATE 13/04/2024

Check message BELOW please it's a big update about issue and installation

THANK YOU



Hi everyone,

UPDATE 6h29

I'm running AlmaLinux 8.9

I read the installation pdf, I followed it, Python is installed, Mariadb is installed, they are connected (normally) postfix installed I modified the files (I didn't put the TLS but it's a detail)

there has been an evolution that has downloaded some packages via OMT.SH. However, my database is still not communicating (at least that's what OMT.sh tells me when I connect to it), but the information is all correct.
What's more, when I configure the url it always says unknown: system url.
I don't know what to do ... I feel I'm almost there, but I'm really tired (6:29 a.m. I haven't slept yet).
If anyone wants to help me ... check ... I'll continue my research ....

Thanks


Photo

https://ibb.co/kBQ643n
https://ibb.co/Qrsc484
https://ibb.co/VTVSjgf
https://ibb.co/HzSf0Rq

[Swixmix]

SO, no news seems my sleeping ...
I'm blocked ...

Open to help

[Swixmix]

this is my big problem I think :

Code: Select all

Hostname: mail.xenesy.com
Free diskspace: 94.6 % (of 111.85 GiB)
OpenEMM License: OpenEMM (ID: 0)
OpenEMM Runtime Version: 23.10.000.150
OpenEMM Version: 23.10.000.170
System-Url: Unknown

[color=#FF0000]Database Connection cannot be established. (Maybe database user or database connection parameters for OpenEMM were not configured)[/color]
Basic webapplication configuration for WKHTML (wkhtmltopdf) is missing or invalid. Please configure.

Current menu: Configure basic environment (Java, Tomcat, Tomcat-Native, Wkhtml, Proxy)

Current webapp basic configuration:
 JAVA_HOME:     /usr/lib/jvm/java
 CATALINA_HOME: /home/openemm/opt/tomcat
 Tomcat-Native: None
 WKHTMLTOPDF:   None
 WKHTMLTOIMAGE: None
 PROXY:         None

Please choose entry to change (Blank => Back):

Bye the way ... this is my file:

Code: Select all

Current menu: Change configuration of database connection

Database configuration for openemm:
 dbms = mariadb
 host = localhost
 jdbc-connect = jdbc:mariadb://localhost/openemm?zeroDateTimeBehavior=convertToNull&useUnicode=true&characterEncoding=UTF-8
 jdbc-driver = org.mariadb.jdbc.Driver
 name = openemm
 password = B81jk30z+*
 secure = false
 user = openemm

Please choose entry name to change (Blank => Back):
 >

and when I try to dowload and install OpenEMM by "INstall or update package ..." it says after dowloading :

Code: Select all

System-Url: Unknown

Update package file 'openemm-code-23.10.000.170.tar.gz' deployed with errors.
For logs see '/home/openemm/release/log/update_2024-04-09_10-32-24.log'

[color=#FF0000]Error while executing full database script[/color]

Current menu: Main

When I try to create new database on OMT.sh "database and user do not exist and cannot be created. Please create a database and user yourself."

So I don't find any clue ...

[maschoff]

Which operating system and DBMS do you use?

[Swixmix]

well In the next message I will add ALL my installation since the begining (try to make something good). It works but ... some issue sometimes.

wait few hours before it please. Thanks to all and maybe you could take it share with others (and even improve it cause I'm not network administrator or else.

and of course If we have a solution for my SSL issue ( end of the newt message) welcom to help me

[Swixmix]

Hi, I’m going to tell you ALL command that I did.

It's a clean new server VPS never used !

OS: Almalinux 8.64
Python : 3.9.19
MaruaDB: 10.11.7
Openemm runtime: 23.10.000.150
For my domain : subdomain points to my server . My main domain doesn’t point because It points to another wordpress server for website. So only subdomain points to this.

Why these versions ? because it works ! and version on doc installation doesn’t works well lot of error and one is too old etc..

Code: Select all

# yum update
yum upgrade
yum install gcc make
yum install xorg-x11-fonts-75dpi fontconfig freetype libX11 libXext libXrender urw-fonts

WARNING if you copy paste from PDF to your shell ! if the code is more than one line long on the pdf, copy and past on word doc and check that there are no spaces or line breaks in the code

Code: Select all

yum remove java-1.8.0-openjdk

Nothing was installed so nothing to do for me ok .


Now install Python, for this I use RHEL option 2:

Code: Select all

yum install wget gcc gcc-c++ bzip2-devel
yum install gdbm-devel libgcrypt-devel libffi-devel libxml2-develncurses-devel
yum install openssl-devel readline-devel sqlite-devel zlib-devel xz xz-devel

All works well for the moment.
Now next RHEL option 2 again

Code: Select all

cd /root
mkdir python
cd /python
wget https://www.python.org/ftp/python/3.9.19/Python-3.9.19.tar.xz
mkdir /home/openemm/opt/Python-3.9.19

mkdir: cannot create directory ‘/home/openemm/opt/Python-3.9.19’: No such file or directory
So I create folders

Code: Select all

mkdir -p /home/openemm/opt/Python-3.9.19
rm -f /home/openemm/opt/python3
ln -s Python-3.9.19 /home/openemm/opt/python3
tar -xaf Python-3.9.19.tar.xz
 

-bash: tar: command not found

I install tar package

Code: Select all

sudo yum install tar

again:

Code: Select all

tar -xaf Python-3.9.19.tar.xz
cd Python-3.9.19
./configure --prefix=/home/openemm/opt/Python-3.9.19

At the end : “If you want a release build with all stable optimizations active (PGO, etc),
please run ./configure --enable-optimizations” I didn’t do it

Code: Select all

make 
make test
make install

Successfully installed pip-23.0.1 setuptools-58.1.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv

Some warning but no important

Code: Select all

export PATH="/home/openemm/opt/python3/bin:$PATH"
which python3

The last command should result in output
/home/openemm/opt/python3/bin/python3

Good for me !

Deployment of additional Python 3 modules

Code: Select all

python3 -m pip install --upgrade pip
python3 -m pip install py3dns
python3 -m pip install 'paramiko>=3.2.0'
python3 -m pip install pyspf
python3 -m pip install dnspython
python3 -m pip install dkimpy
python3 -m pip install cryptography
python3 -m pip install requests
python3 -m pip install httpie
python3 -m pip install setproctitle
python3 -m pip install inotify
python3 -m pip install aiodns
python3 -m pip install aiohttp
python3 -m pip install aiohttp-xmlrpc
python3 -m pip install aiosmtplib
python3 -m pip install msgpack
python3 -m pip install websockets
python3 -m pip install asyncinotify
python3 -m pip install asyncssh

warning at the end of all command, normal. all seems good

Now install MariaDB 10.11.7

uninstall old version but for me nothing was installed so ok

Code: Select all

systemctl stop mysql
yum remove mysql*

"For OpenEMM you need the server and the client component of MariaDB. At first, install
required packages which may be missing with"

Code: Select all

yum install boost libaio ncurses-compat-libs wget

Done

Now download RPM file to :
https://archive.mariadb.org/mariadb-10. ... md64/rpms/
For 10.11.7

Code: Select all

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-client-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-common-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-gssapi-server-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-server-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-shared-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-compat-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-devel-10.11.7-1.el8.x86_64.rpm

wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/galera-4-26.4.16-1.el8.x86_64.rpm


yum install MariaDB-* galera-4-26.4.16-1.el8.x86_64.rpm

all seems good. Complete

Edit the master configuration file my.cnf in directory /etc:

Code: Select all

nano /etc/my.cnf

My file was “empty” only [client server]

add

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
log-error=/var/log/mariadb/mariadb.log
innodb_stats_persistent=0
!includedir /etc/my.cnf.d
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
sql-mode = "STRICT_ALL_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"


save and restart

Code: Select all

systemctl enable mariadb
systemctl start mariadb

then

Code: Select all

python3 -m pip install mariadb

Done


MariaDB config

Code: Select all

mysql -u root
ALTER USER 'root'@'localhost' IDENTIFIED by '<password>';

For exit : CTRL+D

Server preparation :

Code: Select all

groupadd openemm
useradd -m -g openemm -d /home/openemm -s /bin/bash openemm

useradd: warning: the home directory already exists. Not copying any file from skel directory into it.

Code: Select all

passwd openemm
su – openemm

You can’t use this user for install firewall or otherwise because :
openemm is not in the sudoers file. This incident will be reported.

So exit and

Code: Select all

Visudo

Add this line :
openemm ALL=(ALL) ALL

but for install all firewall command do with root more easy (and even with this line ... not work correctly so u will see )

FIREWALL

Code: Select all

firewall-cmd --get-active-zones

If your zone is "public" (if not, use the zone name you got with the a fore mentioned statement):

Code: Select all

firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=25/tcp --permanent
firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toport=8080 –permanent
firewall-cmd --reload

If you want to use the HTTPS protocol instead of HTTP (which we strongly recommend for
production environments), you need a forwarding from port 443 to 8443:

Code: Select all

firewall-cmd --zone=public --add-forward-port=port=443:proto=tcp:toport=8443 --permanent

POSTIFX

Mine was clean but if you need it uninstall old

Code: Select all

systemctl stop sendmail
yum remove sendmail
yum install postfix sendmail-milter procmail

Switch the default SMTP server to Postfix with

Code: Select all

alternatives --set mta /usr/sbin/sendmail.postfix

and create a symlink so that OpenEMM can find the Postfix mail log file:

Code: Select all

ln -s /var/log/mail /var/log/maillog

For me :
ln: failed to create symbolic link '/var/log/maillog': File exists

Well.


After installation of Postfix, you have to change its configuration to unleash all features. To
do this, change to the Postfix main configuration directory:

Code: Select all

cd /etc/postfix

Add some configuration parameters to Postfix' main configuration file main.cf:
Use nano main.cf ( or vi or what you usually use)

inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
message_size_limit = 0
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtp_tls_mandatory_ciphers = $smtp_tls_ciphers
hash_queue_depth = 2
enable_long_queue_ids = yes
relay_domains = hash:/home/openemm/var/run/relay.domains
transport_maps = hash:/home/openemm/var/run/transport.maps
smtpd_milters = unix:/home/openemm/var/run/bav.sock



If you want to be able to receive autoresponder, bounce and feedback mails encrypted (still main.cf)
with the TLS protocol, add


smtpd_use_tls = yes
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_eecdh_grade = strong
smtpd_tls_cert_file = <path_to_CERT_file>
smtpd_tls_key_file = <path_to_KEY_file>
smtpd_tls_CAfile = <path_to_CERT_chain>
smtpd_tls_CApath = <path_to_CERT_directory>
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = high


Take care to replace the four placeholders with the real directory paths to
the specified files to make sure that Postfix is able to receive TLS encrypted mails.
Certificate mail.crt may be a self-signed certificate


Finally, the configuration parameters for service "mailloop" are defined in configuration file master.cf. Add these two lines

mailloop unix - n n - - pipe
flags=RX user=openemm argv=/usr/bin/procmail /home/openemm/lib/bav.rc

Please do not omit the two space characters before keyword "flags" to indicate the parser that the line is continued!

Code: Select all

systemctl restart postfix
chkconfig --level 35 postfix on

mine : Note: Forwarding request to 'systemctl enable postfix.service'.
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.

Make a reboot system

Change in file rsyslog.conf in directory /etc lines

Code: Select all

nano /etc/rsyslog.conf

module(load="imjournal" # provides access to the systemd journal
StateFile="imjournal.state") # File to store the position in the journal

to the following one-liner:

module(load="imjournal" StateFile="imjournal.state" ratelimit.interval="10" ratelimit.burst="20000")

Code: Select all

systemctl restart rsyslog

OpenEMM requires read access to the mail log file at /var/log/maillog and logrotate has to be aware of this fact, too. Open file syslog in directory /etc/logrotate.d and add the following line after the line sharedscripts:

create 0644

and run

Code: Select all

chmod 644 /var/log/maillog

to set the permissions of the current maillog.


Download the OpenEMM runtime tarball (file name: openemm-runtime-<release>.tar.gz) to /home/openemm to create the deployment and runtime environment for OpenEMM. Change to user openemm, unpack the tarball and start it with

Code: Select all

su - openemm
tar -xvzpf openemm-runtime-<release>.tar.gz
OMT.sh

Doesn’t work cause openemm hasn’t superadmin or I don’t know .. so I did it with root in good folder but …

I tried

Code: Select all

OMT.sh
./OMT.sh
-bash: ./OMT.sh: No such file or directory

/home/openemm/OMT.sh 
-bash: ./OMT.sh: No such file or directory

Iam in root USER. I have to do :

Code: Select all

Sudo /home/openemm/bin/OMT.sh

THEN:

Code: Select all

sudo /home/openemm/bin/OMT.sh
Checking python installation ...
Python version found: 3.9.19 (/home/openemm/opt/python3/bin/python3)
Checking Zip installation ...
Zip version 3.0 found
Starting python ...
System value for maximum parallel files open (= ulimit) is 1024. Must be at least 16384.
Change it now (N/y, Blank => Cancel):
 > Y
Changing /etc/security/limits.conf
Changing /etc/systemd/user.conf
Changing /etc/systemd/system.conf
To let this changes take effect the system needs to be rebooted

I reboot, still in root user

Code: Select all

sudo /home/openemm/bin/OMT.sh 

Root mode: On
Hostname: mail.xenesy.com
Free diskspace: 96.4 % (of 111.85 GiB)
OpenEMM Runtime Version: 23.10.000.150
OpenEMM Version: Unknown
System-Url: Unknown

Created initial setenv.sh file '/home/openemm/bin/setenv.sh'

Invalid database vendor in dbcfg:
Database Connection cannot be established. (Maybe database user or database connection parameters for OpenEMM were not configured)
Basic webapplication configuration for JAVA is missing or invalid. Please configure.

Current menu: Configure basic environment (Java, Tomcat, Tomcat-Native, Wkhtml, Proxy)

Current webapp basic configuration:
 JAVA_HOME:     None
 CATALINA_HOME: None
 Tomcat-Native: None
 WKHTMLTOPDF:   /usr/local/bin/wkhtmltopdf
 WKHTMLTOIMAGE: /usr/local/bin/wkhtmltoimage
 PROXY:         None

Please choose entry to change (Blank => Back):
 >

Well now I did exactly like the video :

https://www.youtube.com/watch?v=cRfDPBaBQ4o&t=293s

except for the TLS configuration, it's awful, I can't get a certificate, let's encrypt, via certbot, openssl, nothing works, maybe I'm not good at it ... but it's terrible, I'm open to help even if someone wants to check.

Time to restart ... EROOR ( check image I take a quick screenshot cause .. very quick ...)


So Leave OMT and

Code: Select all

sudo chmod -R 777 /home/openemm

go again still root user, restart OMT and ... It WORKS but when I checked in the browser ... what I put on the configuration ' Sub.domain.com' no works :


I have to put : sub.domain.com/logon.action and I see panel connection

I didn't check anything else I logged in via the panel changed the password ...
I haven't yet looked at how to configure emails, if I could use several IPs (I hope it's not in the shell modifications ...) in any case if someone can debug me, link redirection and ssl ... Thanks

[JuergenB]

Hi,

just install python and pip...

Code: Select all

dnf -y install gcc gcc-c++ libgcrypt-devel libxml2-devel
dnf -y install python39 python39-devel python39-pip python39-requests
 
python3 -m pip install --upgrade pip3
python3 -m pip install --upgrade setuptools 

i think NGINX and Maria DB 10.11 is not supported ...

Try MariaDB 10.6.17 and tomcat

Code: Select all

su - root -c  'curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash mariadb_repo_setup --mariadb-server-version=10.6.17'
su - root -c  'chmod +x mariadb_repo_setup'
su - root -c  'dnf -y install MariaDB-server MariaDB-client MariaDB-backup MariaDB-shared MariaDB-devel'
su - root -c  'dnf -y install mariadb-connector-c mariadb-connector-c-devel'

the installation has often not been tested on a newly installed system.
Almalinux usually never ...

AND if you use tomcat ...

you can´t install with every runtime version.
Some have bugs, some have errors in catalina server.xml
openemm-runtime-23.10.000.150 doesn´t set some folder rights properly ...

check or set your folders ... if you use tomcat

Code: Select all

sudo chown -R openemm:root /home/openemm/opt/apache-tomcat-10.1.15
sudo chown -h openemm:root /home/openemm/opt/tomcat
sudo chown -h root:root /home/openemm/opt/tomcat-native
sudo chown -R openemm:openemm /home/openemm/logs

If you upgrade from to 24.04.000.030 you need to reset the tomcat log folder rights.
the installer does´t keep the required settings.

Code: Select all

sudo chown -R openemm:openemm /home/openemm/tomcat/logs

but a upgrade to 24.04.seems to work ...

[Swixmix]

thank you for this information ( I don't intend to upgrade to the latest version 24) and I don't have nginx, let's just say that I've given up because I'm having trouble understanding it. I've been trying to configure it for a week now, postfix too for sending mail but I'm getting redirects ... well I'm at my wits end .
For openemm I can log on the site (even if there is no ... logic in the link subdomain that I assigned .. because it connects on another subdomain finally ...) and it seems functional although I could not send email or test ...

Sincerely, if anyone wants to look ... with great pleasure. for my part ... I'm a little tired ^^