1 |
nightmorph 07/07/16 02:31:39 |
2 |
|
3 |
Modified: virt-mail-howto.xml |
4 |
Log: |
5 |
the long awaited update for apache2, bug 106301. thanks to swift and phreak for the patches. |
6 |
|
7 |
Revision Changes Path |
8 |
1.55 xml/htdocs/doc/en/virt-mail-howto.xml |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml?rev=1.55&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml?rev=1.55&content-type=text/plain |
12 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml?r1=1.54&r2=1.55 |
13 |
|
14 |
Index: virt-mail-howto.xml |
15 |
=================================================================== |
16 |
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v |
17 |
retrieving revision 1.54 |
18 |
retrieving revision 1.55 |
19 |
diff -u -r1.54 -r1.55 |
20 |
--- virt-mail-howto.xml 2 Mar 2007 07:24:46 -0000 1.54 |
21 |
+++ virt-mail-howto.xml 16 Jul 2007 02:31:38 -0000 1.55 |
22 |
@@ -1,5 +1,5 @@ |
23 |
<?xml version='1.0' encoding='UTF-8'?> |
24 |
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.54 2007/03/02 07:24:46 nightmorph Exp $ --> |
25 |
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.55 2007/07/16 02:31:38 nightmorph Exp $ --> |
26 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
27 |
|
28 |
<guide link="/doc/en/virt-mail-howto.xml"> |
29 |
@@ -17,14 +17,17 @@ |
30 |
<author title="Editor"> |
31 |
<mail link="seather@×××××××××.net">Scygro</mail> |
32 |
</author> |
33 |
+<author title="Editor"> |
34 |
+ <mail link="swift@g.o">Sven Vermeulen</mail> |
35 |
+</author> |
36 |
|
37 |
<abstract> |
38 |
This document details how to create a virtual mailhosting system based upon |
39 |
postfix, mysql, courier-imap, and cyrus-sasl. |
40 |
</abstract> |
41 |
|
42 |
-<version>1.2</version> |
43 |
-<date>2006-09-04</date> |
44 |
+<version>1.3</version> |
45 |
+<date>2007-07-15</date> |
46 |
|
47 |
<!-- |
48 |
Contents |
49 |
@@ -101,21 +104,6 @@ |
50 |
</p> |
51 |
|
52 |
<impo> |
53 |
-This howto was written for postfix-2.0.x. If you are using postfix < 2 some |
54 |
-of the variables in this document will be different. It is recommended that you |
55 |
-upgrade. Some other packages included in this howto are version sensitive as |
56 |
-well. You are advised to read the documentation included with packages if you |
57 |
-run into issues with this. |
58 |
-</impo> |
59 |
- |
60 |
-<impo> |
61 |
-This document uses apache-1.3.x. Apache-2 has been marked stable in portage. |
62 |
-However there are still a number of issues with php integration. Until php |
63 |
-support in apache-2.0.x is marked stable, this guide will continue to use the |
64 |
-1.3.x version. |
65 |
-</impo> |
66 |
- |
67 |
-<impo> |
68 |
You need a domain name to run a public mail server, or at least an MX record |
69 |
for a domain. Ideally you would have control of at least two domains to take |
70 |
advantage of your new virtual domain functionality. |
71 |
@@ -248,10 +236,15 @@ |
72 |
|
73 |
<p> |
74 |
Start up your favorite mail client and verify that all connections you've |
75 |
-started work for receiving and sending mail. Now that the basics work, we're |
76 |
-going to do a whole bunch of stuff at once to get the rest of the system |
77 |
-running. Again, please verify that what we've installed already works before |
78 |
-progressing. |
79 |
+started work for receiving and sending mail. Of course, you won't be able to log |
80 |
+on to any of the services because authentication hasn't been configured yet, but |
81 |
+it is wise to check if the connections themselves work or not. |
82 |
+</p> |
83 |
+ |
84 |
+<p> |
85 |
+Now that the basics work, we're going to do a whole bunch of stuff at once to |
86 |
+get the rest of the system running. Again, please verify that what we've |
87 |
+installed already works before progressing. |
88 |
</p> |
89 |
|
90 |
</body> |
91 |
@@ -318,20 +311,8 @@ |
92 |
<comment>(If the variables are not already present, just add them in a sensible place.)</comment> |
93 |
|
94 |
# <i>cd misc</i> |
95 |
-# <i>nano -w CA.pl</i> |
96 |
-<comment>(We need to add -nodes to the # create a certificate and |
97 |
-#create a certificate request code in order to let our new ssl |
98 |
-certs be loaded without a password. Otherwise when you |
99 |
-reboot your ssl certs will not be available.)</comment> |
100 |
- |
101 |
-# create a certificate |
102 |
-system ("$REQ -new -nodes -x509 -keyout newreq.pem -out newreq.pem $DAYS"); |
103 |
- |
104 |
-# create a certificate request |
105 |
-system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); |
106 |
- |
107 |
+# <i>./CA.pl -newreq-nodes</i> |
108 |
# <i>./CA.pl -newca</i> |
109 |
-# <i>./CA.pl -newreq</i> |
110 |
# <i>./CA.pl -sign</i> |
111 |
# <i>cp newcert.pem /etc/postfix</i> |
112 |
# <i>cp newreq.pem /etc/postfix</i> |
113 |
@@ -541,21 +522,22 @@ |
114 |
</p> |
115 |
|
116 |
<pre caption="Setting up apache and phpmyadmin"> |
117 |
-# <i>emerge apache mod_php phpmyadmin</i> |
118 |
+# <i>emerge apache phpmyadmin</i> |
119 |
</pre> |
120 |
|
121 |
<p> |
122 |
-There are plenty of guides out there about how to set up apache with php. Like |
123 |
-this one: <uri>http://www.linuxguruz.com/z.php?id=31</uri>. There are also |
124 |
-numerous posts on <uri>http://forums.gentoo.org</uri> detailing how to solve |
125 |
-problems with the installation (search for 'apache php'). So, that said, I'm |
126 |
-not going to cover it here. Set up the apache and php installs, then continue |
127 |
-with this howto. Now, a word for the wise: .htaccess the directory that you put |
128 |
-phpmyadmin in. If you do not do this, search engine spiders will come along and |
129 |
-index the page which in turn will mean that anyone will be able to find your |
130 |
-phpmyadmin page via google and in turn be able to come change your database |
131 |
-however they want which is <e>BAD!</e> There are many howtos on this |
132 |
-including: <uri>http://www.csoft.net/docs/micro/htaccess.html.en</uri>. |
133 |
+There are plenty of guides out there about how to set up apache with php, |
134 |
+including guides provided by the <uri link="/proj/en/php/">Gentoo PHP |
135 |
+Project</uri>. There are also numerous posts on |
136 |
+<uri>http://forums.gentoo.org</uri> detailing how to solve problems with the |
137 |
+installation. So, that said, we're not going to cover it here. Set up the |
138 |
+apache and php installs, then continue with this howto. Now, a word for the |
139 |
+wise: .htaccess the directory that you put phpmyadmin in. If you do not do this, |
140 |
+search engine spiders will come along and index the page which in turn will mean |
141 |
+that anyone will be able to find your phpmyadmin page via google and in turn be |
142 |
+able to come change your database however they want which is <e>BAD!</e> There |
143 |
+are many howtos on this including: |
144 |
+<uri>http://www.csoft.net/docs/micro/htaccess.html.en</uri>. |
145 |
</p> |
146 |
|
147 |
<p> |
148 |
@@ -569,33 +551,48 @@ |
149 |
</ul> |
150 |
|
151 |
<pre caption="Install Apache SSL certificates"> |
152 |
-# <i>cp /etc/ssl/misc/new.cert.cert /etc/apache/conf/ssl/</i> |
153 |
-# <i>cp /etc/ssl/misc/new.cert.key /etc/apache/conf/ssl/</i> |
154 |
-# <i>nano -w /etc/apache/conf/vhosts/ssl.default-vhost.conf</i> |
155 |
+# <i>cp /etc/ssl/misc/new.cert.cert /etc/apache2/ssl/</i> |
156 |
+# <i>cp /etc/ssl/misc/new.cert.key /etc/apache2/ssl/</i> |
157 |
+# <i>cd /etc/apache2/vhosts.d</i> |
158 |
+<comment>(Check if you have an ssl-vhost template already. |
159 |
+ Copy that one instead of the default_vhost if that is the case)</comment> |
160 |
+# <i>cp 00_default_vhost.conf ssl-vhost.conf</i> |
161 |
+# <i>nano -w ssl-vhost.conf</i> |
162 |
|
163 |
<comment>(Change the following parameters)</comment> |
164 |
+NameVirtualHost host.domain.name:443 |
165 |
|
166 |
-ServerName host.domain.name |
167 |
-ServerAdmin your@×××××.address |
168 |
-SSLCertificateFile /etc/apache/conf/ssl/new.cert.cert |
169 |
-SSLCertificateKeyFile /etc/apache/conf/ssl/new.cert.key |
170 |
+<VirtualHost host.domain.name:443> |
171 |
+ ServerName host.domain.name |
172 |
+ ServerAdmin your@×××××.address |
173 |
+ |
174 |
+ DocumentRoot "/var/www/localhost/htdocs/phpmyadmin"; |
175 |
+ <Directory "/var/www/localhost/htdocs/phpmyadmin"> |
176 |
+ ... |
177 |
+ </Directory> |
178 |
+ |
179 |
+ SSLCertificateFile /etc/apache2/ssl/new.cert.cert |
180 |
+ SSLCertificateKeyFile /etc/apache2/ssl/new.cert.key |
181 |
+ SSLEngine on |
182 |
+ ... |
183 |
+</VirtualHost> |
184 |
|
185 |
-# <i>/etc/init.d/apache restart</i> |
186 |
-</pre> |
187 |
+# <i>nano -w /etc/conf.d/apache2</i> |
188 |
+<comment>(Add -D SSL -D PHP5 to the APACHE2_OPTS)</comment> |
189 |
|
190 |
-<note> |
191 |
-If you have an existing apache install, you'll likely have to perform a full |
192 |
-server reboot to install your new certificates. Check your logs to verify |
193 |
-apache restarted successfully. |
194 |
-</note> |
195 |
+# <i>/etc/init.d/apache2 restart</i> |
196 |
+</pre> |
197 |
|
198 |
<p> |
199 |
Next, configure phpMyAdmin. |
200 |
</p> |
201 |
|
202 |
<pre caption="Configuring phpMyAdmin"> |
203 |
-# <i>nano -w /var/www/localhost/htdocs/phpmyadmin/config.inc.php</i> |
204 |
+# <i>cd /var/www/localhost/htdocs/phpmyadmin</i> |
205 |
+# <i>cp config.sample.inc.php config.inc.php</i> |
206 |
+# <i>nano -w config.inc.php</i> |
207 |
<comment>(Change the following parameters.)</comment> |
208 |
+$cfg['blowfish_secret'] = 'someverysecretpassphraze'; |
209 |
|
210 |
$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname |
211 |
$cfg['Servers'][$i]['controluser'] = 'mailsql'; // MySQL control user settings |
212 |
@@ -634,18 +631,13 @@ |
213 |
</p> |
214 |
|
215 |
<pre caption="Adding the vmail user"> |
216 |
-# <i>adduser -d /home/vmail -s /bin/false vmail</i> |
217 |
-# <i>uid=`cat /etc/passwd | grep vmail | cut -f 3 -d :`</i> |
218 |
-# <i>groupadd -g $uid vmail</i> |
219 |
-# <i>mkdir /home/vmail</i> |
220 |
-# <i>chown vmail: /home/vmail</i> |
221 |
+# <i>adduser -d /home/vmail -s /bin/false -m vmail</i> |
222 |
</pre> |
223 |
|
224 |
<p> |
225 |
-So now when you're setting up vmail accounts, use the vmail uid, gid, and |
226 |
-homedir. When you're setting up local accounts, use that user's uid, gid, and |
227 |
-homedir. We've been meaning to create a php admin page for this setup but |
228 |
-haven't gotten around to it yet, as phpmyadmin generally works fine for us. |
229 |
+So now you've set up the vmail account. You can create multiple accounts if you |
230 |
+want (to keep some structure in your set of virtual mail accounts). The user id, |
231 |
+group id and home dirs are referenced in the MySQL tables. |
232 |
</p> |
233 |
|
234 |
</body> |
235 |
@@ -735,7 +727,7 @@ |
236 |
|
237 |
<pre caption="/etc/postfix/mysql-virtual-gid.cf (optional)"> |
238 |
# <i>nano -w /etc/postfix/mysql-virtual-gid.cf</i> |
239 |
-#myql-virtual-gid.cf |
240 |
+# mysql-virtual-gid.cf |
241 |
|
242 |
user = mailsql |
243 |
password = $password |
244 |
@@ -794,6 +786,7 @@ |
245 |
|
246 |
<pre caption="/etc/postfix/main.cf"> |
247 |
# <i>nano -w /etc/postfix/main.cf</i> |
248 |
+<comment>(Ensure that there are no other alias_maps definitions)</comment> |
249 |
alias_maps = mysql:/etc/postfix/mysql-aliases.cf |
250 |
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf |
251 |
|
252 |
@@ -801,14 +794,16 @@ |
253 |
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname |
254 |
|
255 |
virtual_transport = virtual |
256 |
-virtual_mailbox_domains = |
257 |
- virt-bar.com, |
258 |
- $other-virtual-domain.com |
259 |
+<comment>(The domains listed by the mydestination should not be listed in |
260 |
+ the virtual_mailbox_domains parameter)</comment> |
261 |
+virtual_mailbox_domains = virt-bar.com, $other-virtual-domain.com |
262 |
|
263 |
virtual_minimum_uid = 1000 |
264 |
+<comment>(Substitute $vmail-gid with the GID of the vmail group)</comment> |
265 |
virtual_gid_maps = static:$vmail-gid |
266 |
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf |
267 |
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf |
268 |
+<comment>(Substitute $vmail-uid with the UID of the vmail user)</comment> |
269 |
virtual_uid_maps = static:$vmail-uid |
270 |
virtual_mailbox_base = / |
271 |
#virtual_mailbox_limit = |
272 |
@@ -888,26 +883,19 @@ |
273 |
here. |
274 |
</p> |
275 |
|
276 |
-<p> |
277 |
-One further note, current versions of mailman install to |
278 |
-<path>/usr/local/mailman</path>. If you're like me and wish to change the |
279 |
-default install location, it can be overridden in the ebuild file by changing |
280 |
-the INSTALLDIR variable. |
281 |
-</p> |
282 |
- |
283 |
<pre caption="Install mailman"> |
284 |
# <i>emerge mailman</i> |
285 |
</pre> |
286 |
|
287 |
<pre caption="Setting defaults: Mailman/Defaults.py"> |
288 |
-# <i> nano -w /var/mailman/Mailman/Defaults.py</i> |
289 |
+# <i> nano -w /usr/local/mailman/Mailman/Defaults.py</i> |
290 |
<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment> |
291 |
DEFAULT_EMAIL_HOST = 'domain.com' |
292 |
DEFAULT_URL_HOST = 'www.domain.com' |
293 |
</pre> |
294 |
|
295 |
<pre caption="mailman config: mm_cfg.py"> |
296 |
-# <i>nano -w /var/mailman/Mailman/mm_cfg.py</i> |
297 |
+# <i>nano -w /usr/local/mailman/Mailman/mm_cfg.py</i> |
298 |
MTA = "Postfix" |
299 |
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virt-domain.com', 'virt.domain2.com'] |
300 |
add_virtualhost('www.virt.domain.com', 'virt.domain.com') |
301 |
@@ -920,13 +908,13 @@ |
302 |
|
303 |
# <i>su mailman</i> |
304 |
# <i>cd ~</i> |
305 |
-# <i>bin/newlist test</i> |
306 |
+# <i>./bin/newlist test</i> |
307 |
Enter the email of the person running the list: <i>your@×××××.address</i> |
308 |
Initial test password: |
309 |
Hit enter to continue with test owner notification... |
310 |
<comment>(Virtual domain lists may be specified with |
311 |
list@××××××.com style list names.)</comment> |
312 |
-# <i>bin/genaliases</i> |
313 |
+# <i>./bin/genaliases</i> |
314 |
<comment>(Now that your aliases have been generated, |
315 |
verify that they were added successfully.)</comment> |
316 |
|
317 |
@@ -945,6 +933,13 @@ |
318 |
test-unsubscribe: "|/var/mailman/mail/mailman unsubscribe test" |
319 |
# STANZA END: test |
320 |
|
321 |
+<comment>(Create the required mailman list)</comment> |
322 |
+# <i>./bin/newlist mailman</i> |
323 |
+# <i>./bin/genaliases</i> |
324 |
+ |
325 |
+<comment>(Return to the root user)</comment> |
326 |
+# <i>exit</i> |
327 |
+ |
328 |
# <i>/etc/init.d/mailman start</i> |
329 |
# <i>rc-update add mailman default</i> |
330 |
<comment>(To start mailman at once and on every reboot.)</comment> |
331 |
@@ -957,11 +952,11 @@ |
332 |
<comment>(Read README.POSTFIX.gz for details on this.)</comment> |
333 |
|
334 |
alias_maps = |
335 |
- hash:/var/mailman/data/aliases, |
336 |
+ hash:/usr/local/mailman/data/aliases, |
337 |
mysql:/etc/postfix/mysql-aliases.cf |
338 |
|
339 |
virtual_alias_maps = |
340 |
- hash:/var/mailman/data/virtual-mailman, |
341 |
+ hash:/usr/local/mailman/data/virtual-mailman, |
342 |
mysql:/etc/postfix/mysql-virtual.cf |
343 |
<comment>(This adds mailman alias file support to postfix |
344 |
You may of course use the mysql tables for this, |
345 |
@@ -1092,8 +1087,8 @@ |
346 |
</p> |
347 |
|
348 |
<pre caption="Some services can dump their current config"> |
349 |
-# <i>apachectl fullstatus</i> (needs lynx installed) |
350 |
-# <i>apachectl configtest</i> (checks config sanity) |
351 |
+# <i>apache2ctl fullstatus</i> (needs lynx installed) |
352 |
+# <i>apache2ctl configtest</i> (checks config sanity) |
353 |
# <i>postconf -n</i> (will tell you exactly what param's postfix is using) |
354 |
# <i>/etc/init.d/$service restart</i> |
355 |
</pre> |
356 |
@@ -1117,7 +1112,7 @@ |
357 |
# <i>kill -USR1 `ps -C metalog -o pid=`</i>(to turn off metalog buffering) |
358 |
# <i>nano -w /var/log/mail/current</i> |
359 |
# <i>cat /var/log/mysql/mysql.log</i> |
360 |
-# <i>tail /var/log/apache/error_log</i> |
361 |
+# <i>tail /var/log/apache2/error_log</i> |
362 |
</pre> |
363 |
|
364 |
<p> |
365 |
|
366 |
|
367 |
|
368 |
-- |
369 |
gentoo-doc-cvs@g.o mailing list |