Page MenuHomeDevCentral
Create Task
Maniphest T1475

Provision a mail server
Open, Needs TriagePublic
Actions

Description

Plan

Provision a server on hyper-001 hypervisor with the mail server. Could be combined with the DNS server (see T1218).

A similar installation than in T405 is welcome, at working and stable. That would mean a Postfix one.

A qmail installation is frowned upon as the software isn't really maintained anymore (writing that I noticed qmailtoaster last release is well maintained with last CentOS 7 release end September 2018).

Naming

We received the following propositions from P27:

  • Ganscerel (shangri-l)
  • Oort
  • Apsile (Ehair) (already taken by a Jenkins PHP node)
  • Hervil (Ehair)

Current state of mail

With T405, mail services were provisioned as a LXC container.

This lxc container is currently available on Dwellers for reference.

Some edited configuration files are already in rOPS in the mailserver/ role:

  • certificates: a script to copy Let's Encrypt files in the LXC container, probably not really interesting, but contains at least the postfix configuration expected paths
  • dkim: DKIM scripts and config set is valuable and works fine (probably a cleanup of the symlinks is welcome)
  • systemd-unit: a unit to add to iptables the rules to forward mail ports, then run container, useful mainly to know useful ports: 25 110 143 465 587

Other configuration files can be extracted from the lxc container directory, /var/lib/lxc/mailserver/rootfs on Dwellers.

Revisions and Commits

rOPS Nasqueron Operations
Needs ReviewD3242 Install postfix
D3213rOPS5b39f9eb1c1d Install Hervil server configuration

Related Objects
Search...

Event Timeline

dereckson created this task.Oct 30 2018, 18:23
dereckson updated the task description. (Show Details)Oct 30 2018, 18:54
dereckson removed a project: Operations sprints (The Dreadnought will produce new officers).
dereckson mentioned this in T405: Test Flockport mail server.Oct 30 2018, 18:56
dereckson added a parent task: T4: Setup fauve services.
dereckson mentioned this in T1476: Host @wolfplex.be mail.Oct 30 2018, 19:00
dereckson added a subtask: T1476: Host @wolfplex.be mail.
dereckson removed a subtask: T1476: Host @wolfplex.be mail.
dereckson added a parent task: T1476: Host @wolfplex.be mail.
dereckson removed a parent task: T1215: Provision a new hypervisor.Oct 30 2018, 19:03
dereckson added a subtask: T1215: Provision a new hypervisor.
dereckson updated the task description. (Show Details)Oct 30 2018, 19:12
dereckson closed subtask T1215: Provision a new hypervisor as Resolved.Jun 29 2023, 16:34
DorianWinty updated the task description. (Show Details)Jun 29 2023, 17:19
DorianWinty added a project: Restricted Project.
DorianWinty added a subscriber: DorianWinty.
DorianWinty moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Jun 29 2023, 17:43
dereckson assigned this task to DorianWinty.Jun 29 2023, 18:02
dereckson added a comment.Jun 29 2023, 18:21

DNS configuration

hervil.nasqueron.org. 86400 IN A 178.32.70.108

Network configuration

For public second card:

IP public: 178.32.70.108
MAC address: 00:50:56:0c:37:9b

DorianWinty added a comment.Jun 29 2023, 18:44

Internal IP :
172.27.27.3/28

DorianWinty added a revision: D3213: Install Hervil server configuration.Jun 29 2023, 21:43
DorianWinty added a commit: rOPS5b39f9eb1c1d: Install Hervil server configuration.Jun 29 2023, 22:30
dereckson closed subtask T1911: Order a new /30 IP block as Resolved.Jul 2 2023, 19:09
dereckson added a comment.EditedJul 2 2023, 19:32

[ 2023 plan from T405 for T1475. ]

Phase I

Per https://pad.wolfplex.be/p/mail:

  1. Install Postfix as part of mailserver role
  2. Deploy webserver-core role (to add to top.sls) to get nginx
  3. Install PHP too
    1. To be moved from webserver-alkane into webserver-core? (if mailserver or webserver-alkane in roles)
  4. Create a PostgreSQL database in db-A MariaDB database for ViMbAdmin in db-B
  5. Install ViMbAdmin to allow to manage virtual domains and mailboxe
  6. Install IMAP and POP capability (Dovecot or Cyrus IMAP)
  7. Install webmails locally if needed, on Docker PaaS if not
    1. Roundcube, the 2010s contender
    2. Squirrelmail, the legacy one with still a lot of fans
    3. Rainloop, the 2020s new one -> it uses IMAP to get mail instead of reading local mailboxes => can be installed on docker-002
  8. Determine where data is stored so we know what to backup

PostgreSQL is supported by ViMbAdmin, Postfix and Dovecot

Reference: https://github.com/opensolutions/ViMbAdmin/wiki/Install-Database-PostgreSQL

dereckson added a project: Mail.Jul 2 2023, 19:33
dereckson moved this task from Backlog - On hold pending T1475 to Working on on the Mail board.
dereckson mentioned this in T1196: Automate the mailserver lxc container through Salt.Jul 2 2023, 19:38
DorianWinty added a revision: D3242: Install postfix.Jul 24 2023, 20:48
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator