9 KiB
Install iRedMail on FreeBSD inside Jail (with ezjail)
[TOC]
Summary
- This tutorial describes how to create a FreeBSD Jail with ezjail, then install the latest iRedMail in Jail.
- We use hostname
mx.example.com
and IP address172.16.122.244
for our Jail server.
Notes:
- This tutorial was tested with FreeBSD 9 and the latest ports tree, but it should work on FreeBSD 8 and 10 too.
- All backends available in iRedMail (OpenLDAP, MySQL/MariaDB, PostgreSQL) were tested, work like a charm. :)
System Requirements
IMPORTANT WARNING: iRedMail is designed to be deployed on a FRESH server system, which means your server does NOT have mail related components installed, e.g. MySQL, OpenLDAP, Postfix, Dovecot, Amavisd, etc. iRedMail will install and configure them for you automatically. Otherwise it may override your existing files/configurations althought it will backup files before modifing, and it may be not working as expected.
- The latest stable release of iRedMail. You can download it here: http://www.iredmail.org/download.html
- Port
sysutils/ezjail
for FreeBSD.
Preparations
Set a proper hostname and IP address for Jail server
We use hostname mx.example.com
and internal IP address 172.16.122.244
for
example. We created an alias IP address on network interface em0
, so we have
below setting in /etc/rc.conf
for this IP address like below:
# Part of file: /etc/rc.conf
ifconfig_em0_alias0="inet 172.16.122.244 netmask 255.255.255.0"
# Settings for our Jail: mx.example.com.
jail_mx_example_com_hostname="mx.example.com"
jail_mx_example_com_ip="172.16.122.244"
# Required by PostgreSQL, otherwise initializing database will fail.
jail_mx_example_com_parameters='allow.sysvipc=1'
Install sysutils/ezjail and add required settings
- Install ezjail with ports tree:
# cd /usr/ports/sysutils/ezjail/
# make install clean
- Enable Jail by adding below setting in
/etc/rc.conf
:
# Part of file: /etc/rc.conf
# Start ezjail while system start up
ezjail_enable="YES"
- [OPTIONAL] Allow to use
ping
command inside Jail by adding below line in/etc/sysctl.conf
:
# Part of file: /etc/sysctl.conf
security.jail.allow_raw_sockets=1
- Rebooting system is required after changing
/etc/rc.conf
.
# reboot
Create Jail
- After server reboot, create the base jail that all jails we created later will use:
# ezjail-admin install -p
- Create Jail for domain name
mx.example.com
, bound to internal IP address172.16.122.244
. All files are placed under/jails/mx.example.com
:
# ezjail-admin create -r /jails/mx.example.com mx.example.com 172.16.122.244
- Set hostname of Jail in
/jails/mx.example.com/etc/rc.conf
:
# File: /jails/mx.example.com/etc/rc.conf
hostname="mx.example.com"
-
[OPTIONAL] Share /usr/ports/distfiles/ with Jail by adding below line in
/etc/fstab.mx_example_com
:- NOTE: Jail will set ports tree directory to
/var/ports
instead of/usr/ports
in/jails/mx.example.com/etc/make.conf
, you can either use this default setting or change it to/usr/ports
.
- NOTE: Jail will set ports tree directory to
# Part of file: /etc/fstab.mx_example.com
/usr/ports/distfiles /jails/mx.example.com/basejail/usr/ports/distfiles nullfs rw 0 0
- Start Jail.
# /usr/local/etc/rc.d/ezjail restart
- List all Jails:
# ezjail-admin list
STA JID IP Hostname Root Directory
--- ---- ---------------- --------------------------------- ------------------------
DS 1 172.16.122.244 mx.example.com /jails/mx.example.com
Install iRedMail
We can now enter this Jail with below command:
# ezjail-admin console mx.example.com
- In Jail, update
/etc/resolv.conf
with valid DNS server address(es). For example:
# File: /etc/resolv.conf
nameserver 172.16.122.2
- In Jail, install binary package
bash-static
, it's required by iRedMail.
# pkg_add -r bash-static
Start iRedMail installer
For Chinese users: Our domain name "iredmail.org" is blocked in China mainland since Jun 04, 2011, please replace all 'iredmail.org' by its IP address "106.187.51.47" (without quotes) in /root/iRedMail-x.y.z/pkgs/get_all.sh BEFORE executing "iRedMail.sh". This is a Linode VPS hosted in Tokyo, Japan.
It's now ready to start iRedMail installer inside Jail, it will ask you several simple questions, that's all steps to setup a full-featured mail server.
# bash # <- start bash shell, REQUIRED
# cd /root/iRedMail/
# LOCAL_ADDRESS='172.16.122.244' bash iRedMail.sh
Screenshots of installation:
- Welcome and thanks for your use
- Specify location to store all mailboxes. Default is
/var/vmail/
.
- Choose backend used to store mail accounts. You can manage mail accounts with iRedAdmin, our web-based iRedMail admin panel.
IMPORTANT NOTE: There's no big difference between available backends, so it's strongly recommended to choose the one you're familiar with for easier management and maintenance after installation.
- If you choose to store mail accounts in OpenLDAP, iRedMail installer will ask you two questions about OpenLDAP.
LDAP suffix.
Password of LDAP root dn.
- Set password of MySQL or PostgreSQL admin user.
NOTE: MySQL is used to store data of other applications (e.g. Roundcube webmail, Cluebringer, Amavisd-new) if you choose OpenLDAP or MySQL as backend.
- Add your first mail domain name
- Set password of admin account of your first mail domain.
Note: This account is an admin account and a mail user. That means you can login to webmail and admin panel (iRedAdmin) with this account, login username is full email address.
- Choose optional components
After answered above questions, iRedMail installer will ask your confirm to
start installation. It will install and configure required packages
automatically. Type y
or Y
and press Enter
to start.
Configuration completed.
*************************************************************************
**************************** WARNING ***********************************
*************************************************************************
* *
* Please do remember to *REMOVE* configuration file after installation *
* completed successfully. *
* *
* * /root/iRedMail-x.y.z/config
* *
*************************************************************************
<<< iRedMail >>> Continue? [Y|n] # <- Type 'Y' or 'y' here, and press 'Enter' to continue
Important things you MUST know after installation
-
Read file
/root/iRedMail-x.y.z/iRedMail.tips
first, it contains:- URLs, usernames and passwords of web-based applications
- Location of mail serve related software configuration files
- Some other important and sensitive information
-
It's highly recommended to purchase a SSL cert to avoid annonying warning message in web browser or mail clients when accessing mailbox via HTTPS/IMAPS/POP3/SMTPS. Or, you can use free SSL cert offerred by StartSSL.com.
Access webmail and other web applications
After installation successfully completed, you can access web-based programs
if you choose to install them. Replace your_server
below by your real server
hostname or IP address.
- Roundcube webmail: https://your_server/mail/
- Web admin panel (iRedAdmin): httpS://your_server/iredadmin/
- phpLDAPadmin (available if you choose LDAP backend): httpS://your_server/phpldapadmin/
- Awstats: httpS://your_server/awstats/awstats.pl?config=web (or ?config=smtp)
Get technical support
Please post all issues, feedbacks, feature requests, suggestions in our online support forum, it's more responsible than you expected.
Notes about binary packages provided by iRedMail project
Most binary packages in iRedMail yum repository comes from below repositories,
packages with -ired
flag were packed by iRedMail project.