Sep 9

AWS Strategy – iRedMail Server

Tags:

CREATE INSTANCES FOR IREDMAIL:
Create AWS account – some instances are free for one year
AWS – create EFS to store all emails
NOTE: make it private with no public IP address
AWS – create EC2 using RH7 (see supported distributions)
NOTE: make it public, but note both public & private addresses
NOTE: the free instance is too small for daily operations.  Use it only for test purposes.
AWS – create RDS using either Arura or MySQL instances
NOTE: make it private with no public IP address

PREPARE SERVER FOR INSTALLATION:
RH7 – Change the hostname
$ hostnamectl set-hostname aws1.url.com
RH7 – initial update of server
$ sudo yum -y update
RH7 – change hostname
$ sudo hostnamectl set-hostname name.url.com
NOTE: You can do the following yum install steps all at once:
$ sudo yum install mysql vim screen wget bzip2
RH7 – install mysql (client) package
$ sudo yum install mysql
RH7 – (OPTIONAL) intall vim text editor
$ sudo yum install vim
RH7 – (OPTIONAL) install screen to ensure connection
$ sudo yum install screen
RH7 – install wget package to download files
$ sudo yum install wget
RH7 – install bzip2 package to unzip install files
$ sudo yum install bzip2
RH7 – download rpm file for perl(switch) dependency (found here)
NOTE: copy/paste the url of the download or upload to server from your desktop
$ wget ftp://download_site/perl-Switch-version.el7.noarch.rpm
RH7 – install perl(switch) rpm
$ rpm -ivh perl-Switch-version.nonarch.rpm

ATTACH YOUR EFS STORAGE FOR EMAILS (OPTIONAL):
Create mount directory for your EFS instance
$ sudo mkdir /mnt/email
Install NFS utilities for mounting your attached file system
$ sudo yum install nfs-utils
Mount your EFS instance to your EC2 instance
$ sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 EFS-endpoint:/ efs-mount-point
Edit /etc/fstab file to mount on every boot
SYNTAX – $ EFS-endpoint:/ efs-mount-point nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev 0 0
EXAMPLE – $ fs-12345a.efs.us-east-3.amazonaws.com:/ /mnt/email nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev 0 0

INSTALL IREDMAIL TO SERVER:
iRedMail – download latest iRedMail version of .bz2 file (http://www.iredmail.org/download.html)
iRedMail – use wget to download file
$ wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-version.tar.bz2 (replace “version” with number)
iRedMail – unpack the download
$ tar xjf iredmail.latest.tar.bz2
iRedMail – change to iRedMail directory
$ cd iRedMail-version
STRATEGY – you can install iRedMail’s database to your current server, or to a remote location
iRedMail Local – install
$ sudo bash iRedMail.sh
iRedMail Remote – install
$ sudo USE_EXISTING_MYSQL=’YES’ MYSQL_SERVER_ADDRESS=’sql-server-ip’ MYSQL_SERVER_PORT=’3306′ MYSQL_ROOT_USER=’admin_iredmail’ MYSQL_ROOT_PASSWD=’admin_password’ MYSQL_GRANT_HOST=’email-server-ip’ bash iRedMail.sh
NOTE: YOU CAN USE ANY ADMIN ACCOUNT AND PASSWORD

NOTE: Here are the databases that are installed by default:
MySQL [(none)]> show databases;
+————————+
| Database |
+————————+
| information_schema |
| amavisd |
| innodb |
| iredadmin |
| iredapd |
| mysql |
| performance_schema |
| roundcubemail |
| sogo |
| sys |
| vmail |
|
+————————+
12 rows in set (0.01 sec)

NOTE: The end message of the install:
********************************************************************
* URLs of installed web applications:
*
* – Roundcube webmail: httpS://aws6.url.com/mail/
* – SOGo groupware: httpS://aws6.url.com/SOGo/
*
* – Web admin panel (iRedAdmin): httpS://aws6.url.com/iredadmin/
*
* You can login to above links with below credential:
*
* – Username: postmaster@url.com
* – Password: admin_password
*
*
********************************************************************
* Congratulations, mail server setup completed successfully. Please
* read below file for more information:
*
* – /home/ec2-user/temp/iRedMail-0.9.7/iRedMail.tips
*
* And it’s sent to your mail account postmaster@url.com.
*
********************* WARNING **************************************
*
* Please reboot your system to enable all mail services.
*
********************************************************************

ISSUES:
DATABASE – using a remote RDB (SQL) instance is an issue. Access is restricted for some reason with the default user. The errors are as follows:
[ INFO ] Configure MariaDB database server.
ERROR 1045 (28000) at line 6 in file: ‘/home/ec2-user/temp/iRedMail-0.9.7/runtime/remote_grant_permission.sql’: Access denied for user ‘wpeiredadmin’@’%’ (using password: YES)
ERROR 1419 (HY000) at line 398 in file: ‘/home/ec2-user/temp/iRedMail-0.9.7/runtime/iredmail.sql’: You do not have the SUPER privilege and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable)
[ INFO ] Setup daily cron job to backup SQL databases with /mnt/email/var/vmail/backup/backup_mysql.sh

MOUNT EFS – It’s easy to forget to install tools that allow all of the magic to happen on a server.  If nfs-utils is not installed, you will receive the following.  It doesn’t necessarily look like an error and it doesn’t tell you that nfs-tools is not installed… so this is good to see:
——————
mount: wrong fs type, bad option, bad superblock on 172.31.77.85:/,
missing codepage or helper program, or other error
(for several filesystems (e.g. nfs, cifs) you might
need a /sbin/mount.<type> helper program)
In some cases useful info is found in syslog – try
dmesg | tail or so.
——————