Open Xchange

Posted Mon, 01/24/2011 - 23:51 by jlquesada

Open-Xchange Server 6 on Ubuntu 10.04

This article will guide you through the installation of the Open-Xchange Server, it describes the basic configuration and software requirements. As is intended as a quick walk-through it assumes a existing installation of the operating system and requires average system administration skills. More, this guide will show you how to setup a basic installation with none of the typically used distributed environment settings. The target of this guide is:

* To setup a single server installation
* To setup a single Open-Xchange instance, no cluster
* To setup a database for a single database service, no replication

Requirements

* Plain installed Ubuntu 10.04 with latest updates
* A configured internet connection

Add Open-Xchange Repository

Open-Xchange maintains public available software repositories for different platforms, such as Ubuntu. This repository should be added to the Ubuntu installation to enable simple installation and updates.

Start a console and modify the Ubuntu repository information file to add the Open-Xchange software repository at then end of the file:

$ sudo vim /etc/apt/sources.list

deb http://software.open-xchange.com/OX6/unsupported/6.18/Ubuntu10.04/ /

in addition, you'll also need Sun Java and thus you should add/activate the Ubuntu partner repository:

deb http://archive.canonical.com/ubuntu lucid partner

Updating repositories and install packages

Reload the package index. This will download the package descriptions available at the software repositories:

$ sudo aptitude update

The following command starts the download and installation process of all required package for Open-Xchange deployment:
Using Meta packages

Starting with the 6.16 release, we introduced meta packages which depend on the various Open-Xchange packages. The following Meta packages are available:
Name Description
open-xchange-meta-admin all provisioning packages
open-xchange-meta-gui all gui packages
open-xchange-meta-messaging the complete messaging packages like unified inbox, twitter, facebook, etc.
open-xchange-meta-mobility OXtender for business mobility
open-xchange-meta-pubsub all publish/subscribe related packages
open-xchange-meta-server the server backend packages
open-xchange-meta-databaseonly (starting with 6.18) all packages needed when open-xchange is only managed via database and not e.g. LDAP
open-xchange-meta-singleserver most of the above

If you want to install everything on a single server, just run

$ sudo aptitude install mysql-server open-xchange-meta-singleserver \
open-xchange-authentication-database open-xchange-spamhandler-default

Note: You have to choose between one of the available spamhandler and authentication packages depending on your requirements. Starting with 6.18: If you plan to just manage your open-xchange installation via database and not e.g. using LDAP and OXLDAPSync, you might also want to install the package open-xchange-meta-databaseonly.

Of course you can still install the single packages as usual to be able to select a specific set of functionality that you'd like to have:

$ sudo aptitude install mysql-server \
open-xchange open-xchange-authentication-database \
open-xchange-admin-client open-xchange-admin-lib \
open-xchange-admin-plugin-hosting open-xchange-admin-plugin-hosting-client \
open-xchange-admin-plugin-hosting-lib open-xchange-configjump-generic \
open-xchange-admin-doc open-xchange-contactcollector \
open-xchange-conversion open-xchange-conversion-engine \
open-xchange-conversion-servlet open-xchange-crypto \
open-xchange-data-conversion-ical4j open-xchange-dataretention \
open-xchange-genconf open-xchange-genconf-mysql \
open-xchange-imap open-xchange-mailfilter \
open-xchange-management open-xchange-monitoring \
open-xchange-passwordchange-database open-xchange-passwordchange-servlet \
open-xchange-pop3 open-xchange-publish open-xchange-publish-basic \
open-xchange-publish-infostore-online open-xchange-publish-json \
open-xchange-publish-microformats open-xchange-push-udp \
open-xchange-resource-managerequest open-xchange-server \
open-xchange-settings-extensions open-xchange-smtp \
open-xchange-spamhandler-default open-xchange-sql open-xchange-subscribe \
open-xchange-xerces-sun open-xchange-subscribe-json \
open-xchange-subscribe-microformats open-xchange-subscribe-crawler \
open-xchange-templating open-xchange-threadpool open-xchange-unifiedinbox \
open-xchange-admin-plugin-hosting-doc open-xchange-charset \
open-xchange-control open-xchange-easylogin \
open-xchange-group-managerequest open-xchange-i18n open-xchange-jcharset \
open-xchange-sessiond open-xchange-calendar-printing \
open-xchange-user-json open-xchange-gui-wizard-plugin \
open-xchange-report-client \
open-xchange-configjump-generic-gui \
open-xchange-gui open-xchange-gui-wizard-plugin-gui \
open-xchange-online-help-de \
open-xchange-online-help-en open-xchange-online-help-fr

A warning will be shown because the Open-Xchange packages are not yet signed by a cryptographic key. To accept and continue the installation, press Y.
Open-Xchange configuration

To avoid confusion right at the start notice that Open-Xchange uses multiple administration levels and requires different credentials at some stages at the installation and server management. Note that the passwords chosen at this guide are weak and should be replaced by stronger passwords.

* The MySQL database user
o Username: openexchange
o Password used at this guide: db_password
o Responsibility: Execute all kinds of database operations
* The Open-Xchange Admin Master
o Username: oxadminmaster
o Password used at this guide: admin_master_password
o Responsibility: Manage contexts, manage all kinds of low level server configuration
* The Context Admin
o Username: oxadmin
o Password used at this guide: admin_password
o Responsibility: Manage users/groups/resources inside a context

In order to setup the Open-Xchange Server it is mandatory to have the database running:

$ /etc/init.d/mysql start

Note: in case of a distributed setup, it is recommended to start mysql with --skip-name-resolve or to add all hosts to the hosts file of the database server so that slow DNS responses do not slow down the creation of new database connections.

a good idea is to add the Open-Xchange binaries to PATH:

$ echo PATH=$PATH:/opt/open-xchange/sbin/ >> ~/.bashrc && . ~/.bashrc

Now we have to initialize the Open-Xchange configdb database. This can all be done by executing the initconfigdb script.

$ /opt/open-xchange/sbin/initconfigdb --configdb-pass=db_password -a

Add the -i option if you want to remove an already existing open-xchange configdb.

Note: The -a parameter adds an administrative account to mysql, this administrative account is required for the creation of the oxdatabase database, you may find problems following the instructions of this tutorial if you either set a mysql root password or do not create this administrative account, if you have manually setup this administrative account, grant the permissions for database creation or you may find a problem in the context creation.

Before starting any service, all basic configuration files need to be set up correctly. The --configdb-pass option indicates the password of the openexchange database user previously created, the --master-pass options specifies the password of the Open-Xchange adminmaster user that will be created when executing the oxinstaller script.

Important: Beginning with 6.12 Public PTF, there's a new mandatory option for the oxinstaller. The license code must be specified to run it like below. If you do not plan to license Open-Xchange, you can use the option --no-license instead. Please also check OXReportClient documentation for more information about configuring a supported and maintained Open-Xchange server.

$ /opt/open-xchange/sbin/oxinstaller --add-license=YOUR-OX-LICENSE-CODE \
--servername=oxserver --configdb-pass=db_password \
--master-pass=admin_master_password --ajp-bind-port=localhost

Note: In a clustered setup, --ajp-bind-port must be set to *

After initializing the configuration, start the Open-Xchange Administration service by executing:

$ sudo /etc/init.d/open-xchange-admin start

Next we have to register the local server at the Open-Xchange configdb database:

$ /opt/open-xchange/sbin/registerserver -n oxserver -A oxadminmaster -P admin_master_password

Now we have to create a local directory that should be used as Open-Xchange filestore. This directory will contain all Infostore content and files attached to groupware objects. To maintain access by the Open-Xchange Groupware service, it is required to grant permissions to the open-xchange system user.

$ mkdir /var/opt/filestore
$ chown open-xchange:open-xchange /var/opt/filestore

Now register the directory as a filestore at the Open-Xchange server:

$ /opt/open-xchange/sbin/registerfilestore -A oxadminmaster -P admin_master_password \
-t file:/var/opt/filestore

Finally register the groupware database, this is a separated database where all groupware specific data is stored:

$ /opt/open-xchange/sbin/registerdatabase -A oxadminmaster -P admin_master_password \
-n oxdatabase -p db_password -m true

Configure services

Now as the Open-Xchange Server has been set up and the database is running, we have to configure the Apache webserver and the mod_proxy_ajp module to access the groupware frontend. To gain better GUI performance, the usage of mod_expires and mod_deflate is strongly recommended. Those modules will limit the amount of client requests and compress the delivered content.

$ sudo a2enmod proxy
$ sudo a2enmod proxy_ajp
$ sudo a2enmod expires
$ sudo a2enmod deflate
$ sudo a2enmod headers
$ sudo a2enmod rewrite

To enable the modules, run:

$ sudo /etc/init.d/apache2 force-reload

Configure the mod_proxy_ajp module by creating a new Apache configuration file.

$ vim /etc/apache2/conf.d/proxy_ajp.conf

Order deny,allow
allow from all

ProxyPass /axis2 ajp://127.0.0.1:8009/axis2 smax=0 ttl=60 retry=5
ProxyPass /ajax ajp://127.0.0.1:8009/ajax smax=0 ttl=60 retry=5
ProxyPass /servlet ajp://127.0.0.1:8009/servlet smax=0 ttl=60 retry=5
ProxyPass /infostore ajp://127.0.0.1:8009/infostore smax=0 ttl=60 retry=5
ProxyPass /publications ajp://127.0.0.1:8009/publications smax=0 ttl=60 retry=5
# next line is required for OXtender for Business Mobility only
ProxyPass /Microsoft-Server-ActiveSync ajp://127.0.0.1:8009/Microsoft-Server-ActiveSync smax=0 ttl=60 retry=5

Modify the default website settings to display the Open-Xchange GUI

For versions of Open-Xchange starting with 6.18:

$ vim /etc/apache2/sites-available/default

ServerAdmin webmaster@localhost

DocumentRoot /var/www/

AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ /ox6/
Options +FollowSymLinks +SymLinksIfOwnerMatch

# deflate
AddOutputFilterByType DEFLATE text/html text/plain text/javascript application/javascript text/css text/xml application/xml text/x-js application/x-javascript

# pre-compressed files
AddType text/javascript .jsz
AddType text/css .cssz
AddType text/xml .xmlz

AddEncoding gzip .jsz .cssz .xmlz
SetEnvIf Request_URI "\.(jsz|cssz|xmlz)$" no-gzip

ExpiresActive On

# Expires (via ExpiresByType to override global settings)
ExpiresByType image/gif "access plus 6 months"
ExpiresByType image/png "access plus 6 months"
ExpiresByType image/jpg "access plus 6 months"
ExpiresByType image/jpeg "access plus 6 months"
ExpiresByType text/css "access plus 6 months"
ExpiresByType text/html "access plus 6 months"
ExpiresByType text/xml "access plus 6 months"
ExpiresByType text/javascript "access plus 6 months"
ExpiresByType text/x-js "access plus 6 months"
ExpiresByType application/x-javascript "access plus 6 months"
ExpiresDefault "access plus 6 months"
Header append Cache-Control "private"
Header unset Last-Modified
Header unset Vary
# Strip version
RewriteEngine On
RewriteRule v=\w+/(.+) $1 [L]
# Turn off ETag
Header unset ETag
FileETag None

ExpiresByType text/html "now"
ExpiresDefault "now"
Header unset Last-Modified
Header set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
# Turn off ETag
Header unset ETag
FileETag None

For versions of Open-Xchange prior to 6.18:

$ vim /etc/apache2/sites-available/default

ServerAdmin webmaster@localhost

DocumentRoot /var/www/

AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ /ox6/

ExpiresActive On
ExpiresByType image/gif "access plus 23 hours"
ExpiresByType image/png "access plus 23 hours"
ExpiresByType image/jpg "access plus 23 hours"
ExpiresByType image/jpeg "access plus 23 hours"
ExpiresByType text/javascript "access plus 23 hours"
ExpiresByType text/css "access plus 23 hours"
ExpiresByType text/html "access plus 23 hours"
ExpiresByType application/x-javascript "access plus 23 hours"

Header append Cache-Control "public"

DeflateFilterNote ratio
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/x-js application/x-javascript application/javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
Header append Vary User-Agent env=!dont-vary

After the configuration is done, restart the Apache webserver

$ sudo /etc/init.d/apache2 restart

Finally start the Open-Xchange Groupware service

$ sudo /etc/init.d/open-xchange-groupware start

Creating contexts and users

Now as the whole setup is complete and you already should get a login screen when accessing the server with a webbrowser, we have to setup a context and a default user as the last step of this tutorial.

The mapping defaultcontext will allow you to set this context as the default one of the entire system so that users which will be created within this context can login into Open-Xchange Server without specifying their domain at the login screen. Only one context can be specified as defaultcontext. The oxadmin user that will be created by this command is the default admin of the created context. This account will gather additional functions that are also described in the administration manual. The context id parameter must to be unique and numeric, otherwise the server will complain when you try to create a context. New contexts must be created by the oxadminmaster user, user accounts inside a context are created with the credentials of the contexts oxadmin account. The access-combination-name property defines the set of available modules and functions for users of the context.

$ /opt/open-xchange/sbin/createcontext -A oxadminmaster -P admin_master_password -c 1 \
-u oxadmin -d "Context Admin" -g Admin -s User -p admin_password -L defaultcontext \
-e oxadmin@example.com -q 1024 --access-combination-name=all

Create a user for testing purposes:

$ /opt/open-xchange/sbin/createuser -c 1 -A oxadmin -P admin_password -u testuser \
-d "Test User" -g Test -s User -p secret -e testuser@example.com \
--imaplogin testuser --imapserver 127.0.0.1 --smtpserver 127.0.0.1

Now connect to the server with a webbrowser and login using the credentials testuser / secret.
Log files and issue tracking
Default logging mechanism

Whenever unexpected or erroneous behavior takes place, it will be logged depending on the configured loglevel. All logfiles are stored at the operating systems default location. Events triggered by the Open-Xchange Groupware services are logged to a rotating file open-xchange.log, events triggered by the Open-Xchange Administration service are logged to open-xchange-admin.log. Those files are the very first place to monitor.

$ tail -f -n200 /var/log/open-xchange/open-xchange.log.0
$ tail -f -n200 /var/log/open-xchange/open-xchange-admin.log.0

Alternative logging mechanism using Syslog

Apart from the default file logging mechanism, Open-Xchange supports logging via syslog in using Apache log4j which is a standard framework for application message and error logging. Using log4j makes it possible to directly log to a local or remote syslog daemon or other services. Log4j is highly customizable, please see the Apache log4j [1] project websites for more information. Note, the default logging locations at /var/log/open-xchange will not be used anymore when installing the log4j bundles, please make sure to check out the configuration guide.
HTTP: HyperText Transfer ProtocolJSON: JavaScript Object Notation
Retrieved from "http://oxpedia.org/wiki/index.php?title=Open-Xchange_Installation_Guide_for_Ubuntu_10.04"

jlquesada's blog
Login to post comments

Search

Birthdays

News

Open Xchange

A Partnership of