Hi, I’m going to tell you ALL command that I did.
It's a clean new server VPS never used !
OS: Almalinux 8.64
Python : 3.9.19
MaruaDB: 10.11.7
Openemm runtime: 23.10.000.150
For my domain : subdomain points to my server . My main domain doesn’t point because It points to another wordpress server for website. So only subdomain points to this.
Why these versions ? because it works ! and version on doc installation doesn’t works well lot of error and one is too old etc..
Code: Select all
# yum update
yum upgrade
yum install gcc make
yum install xorg-x11-fonts-75dpi fontconfig freetype libX11 libXext libXrender urw-fonts
WARNING if you copy paste from PDF to your shell ! if the code is more than one line long on the pdf, copy and past on word doc and check that there are no spaces or line breaks in the code
Nothing was installed so nothing to do for me ok .
Now install Python, for this I use RHEL option 2:
Code: Select all
yum install wget gcc gcc-c++ bzip2-devel
yum install gdbm-devel libgcrypt-devel libffi-devel libxml2-develncurses-devel
yum install openssl-devel readline-devel sqlite-devel zlib-devel xz xz-devel
All works well for the moment.
Now next RHEL option 2 again
Code: Select all
cd /root
mkdir python
cd /python
wget https://www.python.org/ftp/python/3.9.19/Python-3.9.19.tar.xz
mkdir /home/openemm/opt/Python-3.9.19
mkdir: cannot create directory ‘/home/openemm/opt/Python-3.9.19’: No such file or directory
So I create folders
Code: Select all
mkdir -p /home/openemm/opt/Python-3.9.19
rm -f /home/openemm/opt/python3
ln -s Python-3.9.19 /home/openemm/opt/python3
tar -xaf Python-3.9.19.tar.xz
-bash: tar: command not found
I install tar package
again:
Code: Select all
tar -xaf Python-3.9.19.tar.xz
cd Python-3.9.19
./configure --prefix=/home/openemm/opt/Python-3.9.19
At the end : “If you want a release build with all stable optimizations active (PGO, etc),
please run ./configure --enable-optimizations” I didn’t do it
Successfully installed pip-23.0.1 setuptools-58.1.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead:
https://pip.pypa.io/warnings/venv
Some warning but no important
Code: Select all
export PATH="/home/openemm/opt/python3/bin:$PATH"
which python3
The last command should result in output
/home/openemm/opt/python3/bin/python3
Good for me !
Deployment of additional Python 3 modules
Code: Select all
python3 -m pip install --upgrade pip
python3 -m pip install py3dns
python3 -m pip install 'paramiko>=3.2.0'
python3 -m pip install pyspf
python3 -m pip install dnspython
python3 -m pip install dkimpy
python3 -m pip install cryptography
python3 -m pip install requests
python3 -m pip install httpie
python3 -m pip install setproctitle
python3 -m pip install inotify
python3 -m pip install aiodns
python3 -m pip install aiohttp
python3 -m pip install aiohttp-xmlrpc
python3 -m pip install aiosmtplib
python3 -m pip install msgpack
python3 -m pip install websockets
python3 -m pip install asyncinotify
python3 -m pip install asyncssh
warning at the end of all command, normal. all seems good
Now install MariaDB 10.11.7
uninstall old version but for me nothing was installed so ok
Code: Select all
systemctl stop mysql
yum remove mysql*
"For OpenEMM you need the server and the client component of MariaDB. At first, install
required packages which may be missing with"
Code: Select all
yum install boost libaio ncurses-compat-libs wget
Done
Now download RPM file to :
https://archive.mariadb.org/mariadb-10. ... md64/rpms/
For 10.11.7
Code: Select all
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-client-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-common-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-gssapi-server-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-server-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-shared-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-compat-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/MariaDB-devel-10.11.7-1.el8.x86_64.rpm
wget https://archive.mariadb.org/mariadb-10.11.7/yum/almalinux8-amd64/rpms/galera-4-26.4.16-1.el8.x86_64.rpm
yum install MariaDB-* galera-4-26.4.16-1.el8.x86_64.rpm
all seems good. Complete
Edit the master configuration file my.cnf in directory /etc:
My file was “empty” only [client server]
add
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
log-error=/var/log/mariadb/mariadb.log
innodb_stats_persistent=0
!includedir /etc/my.cnf.d
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
sql-mode = "STRICT_ALL_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
save and restart
Code: Select all
systemctl enable mariadb
systemctl start mariadb
then
Done
MariaDB config
Code: Select all
mysql -u root
ALTER USER 'root'@'localhost' IDENTIFIED by '<password>';
For exit : CTRL+D
Server preparation :
Code: Select all
groupadd openemm
useradd -m -g openemm -d /home/openemm -s /bin/bash openemm
useradd: warning: the home directory already exists. Not copying any file from skel directory into it.
You can’t use this user for install firewall or otherwise because :
openemm is not in the sudoers file. This incident will be reported.
So exit and
Add this line :
openemm ALL=(ALL) ALL
but for install all firewall command do with root more easy (and even with this line ... not work correctly so u will see )
FIREWALL
If your zone is "public" (if not, use the zone name you got with the a fore mentioned statement):
Code: Select all
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=25/tcp --permanent
firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toport=8080 –permanent
firewall-cmd --reload
If you want to use the HTTPS protocol instead of HTTP (which we strongly recommend for
production environments), you need a forwarding from port 443 to 8443:
Code: Select all
firewall-cmd --zone=public --add-forward-port=port=443:proto=tcp:toport=8443 --permanent
POSTIFX
Mine was clean but if you need it uninstall old
Code: Select all
systemctl stop sendmail
yum remove sendmail
yum install postfix sendmail-milter procmail
Switch the default SMTP server to Postfix with
Code: Select all
alternatives --set mta /usr/sbin/sendmail.postfix
and create a symlink so that OpenEMM can find the Postfix mail log file:
Code: Select all
ln -s /var/log/mail /var/log/maillog
For me :
ln: failed to create symbolic link '/var/log/maillog': File exists
Well.
After installation of Postfix, you have to change its configuration to unleash all features. To
do this, change to the Postfix main configuration directory:
Add some configuration parameters to Postfix' main configuration file main.cf:
Use nano main.cf ( or vi or what you usually use)
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
message_size_limit = 0
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtp_tls_mandatory_ciphers = $smtp_tls_ciphers
hash_queue_depth = 2
enable_long_queue_ids = yes
relay_domains = hash:/home/openemm/var/run/relay.domains
transport_maps = hash:/home/openemm/var/run/transport.maps
smtpd_milters = unix:/home/openemm/var/run/bav.sock
If you want to be able to receive autoresponder, bounce and feedback mails encrypted (still main.cf)
with the TLS protocol, add
smtpd_use_tls = yes
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_eecdh_grade = strong
smtpd_tls_cert_file = <path_to_CERT_file>
smtpd_tls_key_file = <path_to_KEY_file>
smtpd_tls_CAfile = <path_to_CERT_chain>
smtpd_tls_CApath = <path_to_CERT_directory>
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = high
Take care to replace the four placeholders with the real directory paths to
the specified files to make sure that Postfix is able to receive TLS encrypted mails.
Certificate mail.crt may be a self-signed certificate
Finally, the configuration parameters for service "mailloop" are defined in configuration file
master.cf. Add these two lines
mailloop unix - n n - - pipe
flags=RX user=openemm argv=/usr/bin/procmail /home/openemm/lib/bav.rc
Please do not omit the two space characters before keyword "flags" to indicate the parser that the line is continued!
Code: Select all
systemctl restart postfix
chkconfig --level 35 postfix on
mine : Note: Forwarding request to 'systemctl enable postfix.service'.
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.
Make a reboot system
Change in file
rsyslog.conf in directory /etc lines
module(load="imjournal" # provides access to the systemd journal
StateFile="imjournal.state") # File to store the position in the journal
to the following one-liner:
module(load="imjournal" StateFile="imjournal.state" ratelimit.interval="10" ratelimit.burst="20000")
OpenEMM requires read access to the mail log file at /var/log/maillog and logrotate has to be aware of this fact, too. Open file syslog in directory /etc/logrotate.d and add the following line after the line sharedscripts:
create 0644
and run
to set the permissions of the current maillog.
Download the OpenEMM runtime tarball (file name: openemm-runtime-<release>.tar.gz) to /home/openemm to create the deployment and runtime environment for OpenEMM. Change to user openemm, unpack the tarball and start it with
Code: Select all
su - openemm
tar -xvzpf openemm-runtime-<release>.tar.gz
OMT.sh
Doesn’t work cause openemm hasn’t superadmin or I don’t know .. so I did it with root in good folder but …
I tried
Code: Select all
OMT.sh
./OMT.sh
-bash: ./OMT.sh: No such file or directory
/home/openemm/OMT.sh
-bash: ./OMT.sh: No such file or directory
Iam in root USER. I have to do :
THEN:
Code: Select all
sudo /home/openemm/bin/OMT.sh
Checking python installation ...
Python version found: 3.9.19 (/home/openemm/opt/python3/bin/python3)
Checking Zip installation ...
Zip version 3.0 found
Starting python ...
System value for maximum parallel files open (= ulimit) is 1024. Must be at least 16384.
Change it now (N/y, Blank => Cancel):
> Y
Changing /etc/security/limits.conf
Changing /etc/systemd/user.conf
Changing /etc/systemd/system.conf
To let this changes take effect the system needs to be rebooted
I reboot, still in root user
Code: Select all
sudo /home/openemm/bin/OMT.sh
Root mode: On
Hostname: mail.xenesy.com
Free diskspace: 96.4 % (of 111.85 GiB)
OpenEMM Runtime Version: 23.10.000.150
OpenEMM Version: Unknown
System-Url: Unknown
Created initial setenv.sh file '/home/openemm/bin/setenv.sh'
Invalid database vendor in dbcfg:
Database Connection cannot be established. (Maybe database user or database connection parameters for OpenEMM were not configured)
Basic webapplication configuration for JAVA is missing or invalid. Please configure.
Current menu: Configure basic environment (Java, Tomcat, Tomcat-Native, Wkhtml, Proxy)
Current webapp basic configuration:
JAVA_HOME: None
CATALINA_HOME: None
Tomcat-Native: None
WKHTMLTOPDF: /usr/local/bin/wkhtmltopdf
WKHTMLTOIMAGE: /usr/local/bin/wkhtmltoimage
PROXY: None
Please choose entry to change (Blank => Back):
>
Well now I did exactly like the video :
https://www.youtube.com/watch?v=cRfDPBaBQ4o&t=293s
except for the TLS configuration, it's awful, I can't get a certificate, let's encrypt, via certbot, openssl, nothing works, maybe I'm not good at it ... but it's terrible, I'm open to help even if someone wants to check.
Time to restart ... EROOR ( check image I take a quick screenshot cause .. very quick ...)
So Leave OMT and
go again still root user, restart OMT and ... It WORKS but when I checked in the browser ... what I put on the configuration ' Sub.domain.com' no works :
I have to put : sub.domain.com/logon.action and I see panel connection
I didn't check anything else I logged in via the panel changed the password ...
I haven't yet looked at how to configure emails, if I could use several IPs (I hope it's not in the shell modifications ...) in any case if someone can debug me, link redirection and ssl ... Thanks