elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
iredmail-doc/en_US/iredmail-easy/8-migrate.to.iredmail.easy.md

10 KiB
Raw Blame History

iRedMail Easy: Migrate from iRedMail to iRedMail Easy platform

[TOC]

!!! attention

iRedMail Team can help migrate your iRedMail server, feel free to
[Contact Us](https://www.iredmail.org/contact.html).

Summary

iRedMail Easy platform offers deployment, one-click upgrade support and technical support for your iRedMail servers, it's very easy to keep your server up to date with the ease to use web UI, and get issues solved by iRedMail Team quickly.

For more details about iRedMail Easy platform, please check our website.

Requirements

  • A working iRedMail server which was deployed with or upgraded to the latest iRedMail release.
  • Your iRedMail server must be running one of supported Linux/OpenBSD distribution releases:
    • Ubuntu 18.04 LTS, 20.04 LTS
    • Debian 9, 10
    • CentOS 7, 8
    • OpenBSD 6.7

Unfortunately, FreeBSD is not supported by iRedMail Easy platform.

Backup first

Please backup all important data before preparing the migration, including but not limtied to:

  • All SQL/LDAP databases.

    iRedMail Easy will use existing SQL/LDAP databases, no data corruption is expected.

  • All config files under /etc directory.

    After moved to iRedMail Easy, you should place all your custom settings in files under /opt/iredmail/custom/<software>/.

MySQL backend: Remove MySQL (not MariaDB) packages

!!! attention

* This is not necessary if you're running MariaDB backend.
* If you're replacing MySQL by MariaDB on Ubuntu 18.04, please disable
  `apparmor` service before removing MySQL packages. Check
  [this tutorial](https://mariadb.com/kb/en/the-community-mariadb-troubles-only-running-after-reboot-times-out-when-try/) for known issue and solutions. Also related bug report in
  [Ubuntu LaunchPad](https://bugs.launchpad.net/ubuntu/+source/mariadb-10.1/+bug/1806263).

iRedMail Easy installs MariaDB instead of MySQL, if you're running MySQL backend, you need to:

  • Backup all databases
  • Remove mysql packages
  • Restore backup SQL files after iRedMail Easy installation

Create required files used by iRedMail Easy

iRedMail Easy doesn't store any SQL/LDAP passwords on its deployment servers, instead it reads from files under /root/.iredmail/kv/ on your server to get the passwords.

Please create these files under /root/.iredmail/kv/ with correct passwords manually, each file should contain only one line, passwords must be in plain text, not the hashed one.

!!! attention

You can find all info in the `iRedMail.tips` file under iRedMail
installation directory, for example, `/root/iRedMail-0.9.9/iRedMail.tips`.
If you don't have this file anymore, you can still find them in other
config files.
Backend File Name Comment Value could be found in file
LDAP, MySQL sql_user_root MySQL root password. /root/.my.cnf
PostgreSQL sql_user_postgres (Linux)
sql_user__postgresql (OpenBSD)		 PostgreSQL root password. /var/lib/pgsql/.pgpass (CentOS), or /var/lib/postgresql/.pgpass (Debian/Ubuntu), /var/postgresql/.pgpass (OpenBSD)
LDAP ldap_root_password Password of LDAP root dn (cn=Manager,dc=xx,dc=xx)
LDAP ldap_vmail_password Password of LDAP dn cn=vmail,dc=xx,dc=xx /etc/postfix/ldap/*.cf
LDAP ldap_vmailadmin_password Password of LDAP dn cn=vmailadmin,dc=xx,dc=xx /opt/www/iredadmin/settings.py
MySQL, PostgreSQL sql_user_vmail Password of SQL user vmail /etc/postfix/mysql/*.cf or /etc/postfix/pgsql/*.cf
MySQL, PostgreSQL sql_user_vmailadmin Password of SQL user vmailadmin /opt/www/iredadmin/settings.py
ALL sql_user_amavisd Password of SQL user amavisd /etc/amavisd/amavisd.conf (Linux/OpenBSD)
/etc/amavis/conf.d/50-user (Debian/Ubuntu)
ALL sql_user_sa_bayes Password of SQL user sa_bayes. If you didn't integrate SpamAssassin with SQL database, it's ok to not create this file. /etc/mail/spamassassin/local.cf
ALL sql_user_iredadmin Password of SQL user iredadmin /opt/www/iredadmin/settings.py
ALL sql_user_iredapd Password of SQL user iredapd /opt/iredapd/settings.py
ALL sql_user_roundcube Password of SQL user roundcube /root/.my.cnf-roundcube or /opt/www/roundcubemail/config/config.inc.php
ALL sql_user_sogo Password of SQL user sogo. If you didn't install SOGo, it's ok to not create this file. /etc/sogo/sogo.conf
ALL sql_user_netdata Password of SQL user netdata. If you didn't install netdata, it's ok to not create this file. /root/.my.cnf-netdata or /opt/netdata/etc/netdata/my.cnf
ALL sql_user_fail2ban Password of SQL user fail2ban. If you didn't integrate Fail2ban with SQL server, it's ok to not create this file. /root/.my.cnf-fail2ban (OpenLDAP or MariaDB backends), or /var/lib/pgsql/.pgpass (CentOS), or /var/lib/postgresql/.pgpass (Debian/Ubuntu), /var/postgresql/.pgpass (OpenBSD)
ALL iredapd_srs_secret The secret string used to sign SRS. It's ok if not present. /opt/iredapd/settings.py, parameter srs_secrets =.
ALL sogo_sieve_master_password The Dovecot master user used by SOGo. It's ok if not present. /etc/sogo/sieve.cred.
ALL roundcube_des_key The DES key used by Roundcube to encrypt the session. /opt/www/roundcubemail/config/config.inc.php, parameter $config['des_key'] =.
ALL mlmmjadmin_api_token API token for authentication. /opt/mlmmjadmin/settings.py, parameter api_auth_tokens =.
ALL first_domain_admin_password Password of the mail user postmaster@<your-domain.com>. your-domain.com is the first mail domain name you (are going to) set in mail server profile page on iRedMail Easy platform, you can find it in mail server profile page, under tab Settings.

Copy files to new locations

iRedMail Easy stores SSL cert/key files under /opt/iredmail/ssl/, you need to either copy or (symbol) link existing ssl cert/key to this directory with correct files names,

  • /opt/iredmail/ssl/key.pem: private key
  • /opt/iredmail/ssl/cert.pem: certificate
  • /opt/iredmail/ssl/combined.pem: full chain

Split custom settings

iRedMail Easy maintains the core config files, and each time you perform full deployment or upgrade, these core config files will be re-generated, all your custom config files will be lost. So it's very important to not touch these core config files and just store your custom settings in pre-defined files under /opt/iredmail/custom/<software>/.

Postfix

  • Files under /etc/postfix/:

    • aliases
    • body_checks.pcre
    • command_filter.pcre
    • header_checks.pcre
    • helo_access.pcre
    • postscreen_access.cidr
    • postscreen_dnsbl_reply.texthash
    • rdns_access.pcre
    • sender_access.pcre
    • smtp_tls_policy
    • transport

    Please copy your custom settings from above files to the files with same names under /opt/iredmail/custom/postfix/. For example:

    • From /etc/postfix/aliases to /opt/iredmail/custom/postfix/aliases.
    • From /etc/postfix/body_checks.pcre to /opt/iredmail/custom/postfix/body_checks.pcre.
    • From /etc/postfix/command_filter.pcre to /opt/iredmail/custom/postfix/command_filter.pcre.

    You need to create directory /opt/iredmail/custom/postfix/ and the files if they don't exist, iRedMail Easy will set correct owner/group and permission for them while deployment.

    If you're lasy and don't want to check files one by one, it's ok to simply copy these files from /etc/postfix/ to /opt/iredmail/custom/postfix/ directly, and (optionally) remove non-custom settings later.

  • /etc/postfix/main.cf and /etc/postfix/master.cf

    Postfix doesn't support include directive to load extra config files, so if you have custom settings in these 2 files, you have to create shell script file /opt/iredmail/custom/postfix/custom.sh to update them with postconf command during iRedMail Easy deployment or upgrade. For more details, please check our Best Practice tutorial.

Amavisd

  • Copy DKIM keys from /var/lib/dkim/ to /opt/iredmail/custom/amavisd/dkim/.

  • Move all your dkim_key(...) parameters from Amavisd config file (/etc/amavisd/amavisd.conf (RHEL/CentOS), or /etc/amavis/conf.d/50-user (Debian/Ubuntu), /etc/amavisd.conf (OpenBSD), /usr/local/etc/amavisd.conf (FreeBSD)) to /opt/iredmail/custom/amavisd/amavisd.conf.

    !!! attention

      Please make sure no duplicat keys, otherwise Amavisd can not start.

SpamAssassin

Split custom settings from /etc/mail/spamassassin/local.cf to /opt/iredmail/custom/spamassassin/custom.cf.

If you have whitelisted IP addresses/networks listed in Postfix config file /etc/postfix/main.cf, parameter mynetworks =, you may want to whitelist them to avoid spam/virus scanning in /opt/iredmail/custom/spamassassin/custom.cf too. For example:

trusted_networks 192.168.0.1 172.16.0.0/8

Roundcube Webmail

  • Copy custom settings from /opt/www/roundcubemail/config/config.inc.php to /opt/iredmail/custom/roundcube/config/custom.inc.php.
  • Copy third-party plugins from /opt/www/roundcubemail/plugins/ to /opt/iredmail/custom/roundcube/plugins/. iRedMail Easy will create symbol link for them automatically.
  • Copy third-party or custom skins from /opt/www/roundcubemail/skins/ to /opt/iredmail/custom/roundcube/skins/. iRedMail Easy will create symbol link for them automatically.

iRedAPD

Copy custom settings from /opt/iredapd/settings.py to /opt/iredmail/custom/iredapd/settings.py.

If you have whitelisted IP addresses/networks listed in Postfix config file /etc/postfix/main.cf, parameter mynetworks =, you may want to whitelist them to avoid greylisting or other access control in /opt/iredmail/custom/iredapd/settings.py too. For example:

MYNEWTORKS = ['192.168.0.1', '172.16.0.0/8']

iRedAdmin(-Pro)

Copy custom settings from /opt/www/iredadmin/settings.py to /opt/iredmail/custom/iredadmin/settings.py.

Run the full deployment with iRedMail Easy platform

Please follow our tutorial Getting start with iRedMail Easy to sign up, and add your mail server info, then perform the full deployment.

Post-deployment tasks

Remove duplicate cron jobs

iRedMail Easy will add required cron jobs for root and sogo users, but it can not detect and remove old duplicate jobs, so you have to check cron jobs manually and remove duplicate old ones and keep the ones added by iRedMail Easy.