├── .gitignore ├── slash-zimbra └── software-install-responses ├── configs ├── init-zimbra-single ├── init-zimbra ├── init-mailbox ├── config-zimbra ├── config-mailbox ├── config-zimbra-single └── init-common ├── docker-compose-single.yml ├── DOT-env ├── docker-compose-multi.yml ├── Dockerfile-base └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | .env 2 | bind-data/webmin 3 | bind-data/bind/etc/named.conf.local 4 | bind-data/bind/lib/zimbra.test.hosts 5 | genesis 6 | -------------------------------------------------------------------------------- /slash-zimbra/software-install-responses: -------------------------------------------------------------------------------- 1 | Y 2 | Y 3 | Y 4 | Y 5 | Y 6 | N 7 | Y 8 | Y 9 | Y 10 | Y 11 | Y 12 | Y 13 | N 14 | N 15 | Y 16 | Y 17 | 18 | -------------------------------------------------------------------------------- /configs/init-zimbra-single: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | source /zimbra/init-common 3 | 4 | # NOTE: Currently genesis tests assume that the zmhostname == zimbra_default_domain 5 | # A fix for this is in progress 6 | zimbra_fqdn=${ZIMBRA_HOST_NAME} 7 | update_host_entry ${zimbra_fqdn} 8 | update_tzdata_config 9 | update_zmsetup_config_file 10 | 11 | # Configure Zimbra 12 | /opt/zimbra/libexec/zmsetup.pl -c /zimbra/config 13 | echo "Enable admin access via proxy. Required for SOAP Harness tests " 14 | sudo -i -u zimbra /opt/zimbra/libexec/zmproxyconfig -e -w -C -H ${ZIMBRA_HOST_NAME} 15 | echo "Disable max imap/pop3 max error limits. Required for Genesis" 16 | sudo -i -u zimbra zmlocalconfig -e imap_max_consecutive_error=0 pop3_max_consecutive_error=0 17 | post_zmsetup_configuration 18 | configure_staf 19 | echo "SETUP COMPLETE" 20 | /bin/sleep infinity 21 | 22 | -------------------------------------------------------------------------------- /docker-compose-single.yml: -------------------------------------------------------------------------------- 1 | version: "3.3" 2 | 3 | services: 4 | zimbra: 5 | image: zimbra/zcs-foss-base:latest 6 | configs: 7 | - source: init_common 8 | target: /zimbra/init-common 9 | mode: 0777 10 | - source: init_zimbra 11 | target: /zimbra/init 12 | mode: 0777 13 | - source: config_zimbra 14 | target: /zimbra/config.in 15 | mode: 0666 16 | env_file: .env 17 | entrypoint: 18 | - /zimbra/init 19 | # entrypoint: 20 | # - /bin/sleep 21 | # - infinity 22 | hostname: ${ZIMBRA_HOST_NAME} 23 | networks: 24 | - default 25 | ports: 26 | - "7071:7071" 27 | - "8143:143" 28 | - "8443:443" 29 | - "8993:993" 30 | 31 | configs: 32 | init_common: 33 | file: ./configs/init-common 34 | init_zimbra: 35 | file: ./configs/init-zimbra-single 36 | config_zimbra: 37 | file: ./configs/config-zimbra-single 38 | 39 | networks: 40 | default: 41 | driver: overlay 42 | -------------------------------------------------------------------------------- /DOT-env: -------------------------------------------------------------------------------- 1 | # NOTE: No quotes around the following: 2 | # Timezone settings for tzdata. 3 | # NOTE: Make sure these are compatible with the TIME_ZONE_ID shown below. 4 | # Genesis tests rquire PDT 5 | TZDATA_AREA=US 6 | TZDATA_ZONE=Pacific 7 | # The following are used to do template substitution in the 8 | # slash-zimbra/zimbra-config file prior to feeding it to 9 | # zmsetup.pl. The first two are also used to configure bind. 10 | ZIMBRA_DEFAULT_DOMAIN=zimbra.zcs-foss.test 11 | # NOTE: This should be the FQDN. Yes it is silly because 12 | # we _should_ be able to to construct it, given the 13 | # previous value; however, the current limitation of 14 | # the Genesis test suite is that the zmhostname 15 | # _matches_ the default domain name... 16 | # NOTE: Accordingly, there is no `hostname` entry in the `docker-compose.yml` file 17 | # for the `zimbra` service. 18 | ZIMBRA_HOST_NAME=zimbra.zcs-foss.test 19 | MAILBOX_HOST_NAME=mailbox 20 | # NOTE: Escape the forward slash so that we do not break the sed command 21 | TIME_ZONE_ID=America\/Los_Angeles 22 | ADMIN_PW=test123 23 | LDAP_ADMIN_PW=zimbra 24 | LDAP_AMAVIS_PW=zimbra 25 | LDAP_POSTFIX_PW=zimbra 26 | LDAP_REPLICATION_PW=zimbra 27 | LDAP_ROOT_PW=zimbra 28 | LDAP_BES_PW=zimbra 29 | LDAP_NGINX_PW=zimbra 30 | 31 | -------------------------------------------------------------------------------- /configs/init-zimbra: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | source /zimbra/init-common 3 | 4 | # Removed packages that we do not need 5 | apt-get remove -y --autoremove zimbra-store zimbra-apache zimbra-spell 6 | # These do not get removed automatically 7 | rm -rf /opt/zimbra/jetty* 8 | rm -rf /opt/zimbra/mailboxd 9 | # Interestingly removing the above packages results in /opt/zimbra/log being 10 | # deleted, so we re-create it here and give it appropriate permissions. 11 | mkdir -p /opt/zimbra/log 12 | chown zimbra:zimbra /opt/zimbra/log 13 | 14 | # NOTE: Currently genesis tests assume that the zmhostname == zimbra_default_domain 15 | # A fix for this is in progress 16 | zimbra_fqdn=${ZIMBRA_HOST_NAME} 17 | update_host_entry ${zimbra_fqdn} 18 | mailbox_ip=$(wait_for_service mailbox) 19 | mailbox_fqdn="${MAILBOX_HOST_NAME}.${ZIMBRA_DEFAULT_DOMAIN}" 20 | add_host_entry ${mailbox_fqdn} ${mailbox_ip} 21 | update_tzdata_config 22 | update_zmsetup_config_file 23 | 24 | # Configure Zimbra 25 | /opt/zimbra/libexec/zmsetup.pl -c /zimbra/config 26 | echo "Enable admin access via proxy. Required for SOAP Harness tests " 27 | sudo -i -u zimbra /opt/zimbra/libexec/zmproxyconfig -e -w -C -H ${ZIMBRA_HOST_NAME} 28 | post_zmsetup_configuration 29 | configure_staf 30 | echo "SETUP COMPLETE" 31 | /bin/sleep infinity 32 | 33 | -------------------------------------------------------------------------------- /docker-compose-multi.yml: -------------------------------------------------------------------------------- 1 | version: "3.3" 2 | 3 | services: 4 | zimbra: 5 | image: zimbra/zcs-foss-base:latest 6 | configs: 7 | - source: init_common 8 | target: /zimbra/init-common 9 | mode: 0777 10 | - source: init_zimbra 11 | target: /zimbra/init 12 | mode: 0777 13 | - source: config_zimbra 14 | target: /zimbra/config.in 15 | mode: 0666 16 | env_file: .env 17 | entrypoint: 18 | - /zimbra/init 19 | # entrypoint: 20 | # - /bin/sleep 21 | # - infinity 22 | hostname: ${ZIMBRA_HOST_NAME} 23 | networks: 24 | - default 25 | ports: 26 | - "7071:7071" 27 | - "8143:143" 28 | - "8443:443" 29 | - "8993:993" 30 | 31 | mailbox: 32 | image: zimbra/zcs-foss-base:latest 33 | configs: 34 | - source: init_common 35 | target: /zimbra/init-common 36 | mode: 0777 37 | - source: init_mailbox 38 | target: /zimbra/init 39 | mode: 0777 40 | - source: config_mailbox 41 | target: /zimbra/config.in 42 | mode: 0666 43 | env_file: .env 44 | entrypoint: 45 | - /zimbra/init 46 | # entrypoint: 47 | # - /bin/sleep 48 | # - infinity 49 | hostname: ${MAILBOX_HOST_NAME} 50 | networks: 51 | - default 52 | 53 | configs: 54 | init_common: 55 | file: ./configs/init-common 56 | init_mailbox: 57 | file: ./configs/init-mailbox 58 | config_mailbox: 59 | file: ./configs/config-mailbox 60 | init_zimbra: 61 | file: ./configs/init-zimbra 62 | config_zimbra: 63 | file: ./configs/config-zimbra 64 | 65 | 66 | networks: 67 | default: 68 | driver: overlay 69 | -------------------------------------------------------------------------------- /configs/init-mailbox: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | source /zimbra/init-common 3 | 4 | # Removed packages that we do not need 5 | apt-get update 6 | apt-get remove -y --autoremove zimbra-ldap zimbra-mta zimbra-memcached zimbra-proxy zimbra-imapd 7 | # These get left behind and have to be manually deleted. 8 | rm -rf /opt/zimbra/data/amavisd 9 | rm -rf /opt/zimbra/data/postfix 10 | 11 | # These should be removed as well, but doing so removes pretty much *everything* 12 | # else (including zimbra-store and zimbra-core), so our packaging for these 13 | # is seriously messed-up! 14 | # apt-get remove -y zimbra-postfix zimbra-postfix-logwatch 15 | # So, as a workaround, we manually delete this file, which is what 16 | # zmcontrol uses as a flag when it determines whether to try and 17 | # start/stop the mta. 18 | rm -rf /opt/zimbra/common/sbin/postfix 19 | 20 | mailbox_fqdn="${MAILBOX_HOST_NAME}.${ZIMBRA_DEFAULT_DOMAIN}" 21 | update_host_entry ${mailbox_fqdn} 22 | # NOTE: Currently genesis tests assume that the zmhostname == zimbra_default_domain 23 | # A fix for this is in progress 24 | zimbra_fqdn=${ZIMBRA_HOST_NAME} 25 | zimbra_ip=$(wait_for_service zimbra) 26 | add_host_entry ${zimbra_fqdn} ${zimbra_ip} 27 | update_tzdata_config 28 | update_zmsetup_config_file 29 | 30 | # Wait for zimbra service to complete initialization before we process. 31 | # Currently we are doing this by waiting until STAF is running, as that is 32 | # the last setup step performed by the zimbra service setup 33 | wait_for_staf ${zimbra_fqdn} 34 | 35 | # Configure Zimbra 36 | /opt/zimbra/libexec/zmsetup.pl -c /zimbra/config 37 | echo "Disable max imap/pop3 max error limits. Required for Genesis" 38 | sudo -i -u zimbra zmlocalconfig -e imap_max_consecutive_error=0 pop3_max_consecutive_error=0 39 | post_zmsetup_configuration 40 | configure_staf 41 | echo "SETUP COMPLETE" 42 | /bin/sleep infinity 43 | 44 | -------------------------------------------------------------------------------- /configs/config-zimbra: -------------------------------------------------------------------------------- 1 | AVDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 2 | AVUSER="admin@ZIMBRA_DEFAULT_DOMAIN" 3 | CREATEADMIN="admin@ZIMBRA_DEFAULT_DOMAIN" 4 | CREATEADMINPASS="ADMIN_PW" 5 | CREATEDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 6 | DOADDUPSTREAMIMAP="no" 7 | DOCREATEADMIN="no" 8 | DOCREATEDOMAIN="yes" 9 | EXPANDMENU="no" 10 | HOSTNAME="ZIMBRA_HOST_NAME" 11 | HTTPPORT="8080" 12 | HTTPPROXY="TRUE" 13 | HTTPPROXYPORT="80" 14 | HTTPSPORT="8443" 15 | HTTPSPROXYPORT="443" 16 | IMAPPORT="7143" 17 | IMAPPROXYPORT="143" 18 | IMAPSSLPORT="7993" 19 | IMAPSSLPROXYPORT="993" 20 | INSTALL_WEBAPPS="zimlet" 21 | JAVAHOME="/opt/zimbra/common/lib/jvm/java" 22 | LDAPADMINPASS="LDAP_ADMIN_PW" 23 | LDAPADMINPASSSET="set" 24 | LDAPAMAVISPASS="LDAP_AMAVIS_PW" 25 | LDAPAMAVISPASSSET="set" 26 | LDAPBESSEARCHSET="set" 27 | LDAPHOST="ZIMBRA_HOST_NAME" 28 | LDAPNGINXPASSSET="set" 29 | LDAPPORT="389" 30 | LDAPPOSTPASS="LDAP_POSTFIX_PW" 31 | LDAPPOSTPASSSET="set" 32 | LDAPREPLICATIONTYPE="master" 33 | LDAPREPPASS="LDAP_REPLICATION_PW" 34 | LDAPREPPASSSET="set" 35 | LDAPROOTPASS="LDAP_ROOT_PW" 36 | LDAPROOTPASSSET="set" 37 | LDAPSERVERID="2" 38 | MAILBOXDMEMORY="1484" 39 | MAILPROXY="TRUE" 40 | MODE="https" 41 | MYSQLMEMORYPERCENT="30" 42 | POPPORT="7110" 43 | POPPROXYPORT="110" 44 | POPSSLPORT="7995" 45 | POPSSLPROXYPORT="995" 46 | PROXYMODE="https" 47 | REMOVE="no" 48 | RUNARCHIVING="no" 49 | RUNAV="yes" 50 | RUNCBPOLICYD="no" 51 | RUNDKIM="yes" 52 | RUNSA="yes" 53 | RUNVMHA="no" 54 | SMTPDEST="admin@ZIMBRA_DEFAULT_DOMAIN" 55 | SMTPHOST="ZIMBRA_HOST_NAME" 56 | SMTPNOTIFY="yes" 57 | SMTPSOURCE="admin@ZIMBRA_DEFAULT_DOMAIN" 58 | SNMPNOTIFY="yes" 59 | SNMPTRAPHOST="ZIMBRA_HOST_NAME" 60 | SPELLURL="" 61 | STARTSERVERS="yes" 62 | SYSTEMMEMORY="5.8" 63 | UPGRADE="yes" 64 | USEEPHEMERALSTORE="no" 65 | USESPELL="no" 66 | ZIMBRA_REQ_SECURITY="yes" 67 | imapd_keystore="/opt/zimbra/conf/imapd.keystore" 68 | imapd_keystore_password="SRp9FEK5Z" 69 | ldap_bes_searcher_password="LDAP_BES_PW" 70 | ldap_dit_base_dn_config="cn=zimbra" 71 | ldap_nginx_password="LDAP_NGINX_PW" 72 | mailboxd_directory="/opt/zimbra/mailboxd" 73 | mailboxd_keystore="/opt/zimbra/conf/keystore" 74 | mailboxd_keystore_password="SRp9FEK5Z" 75 | mailboxd_truststore="/opt/zimbra/common/lib/jvm/java/jre/lib/security/cacerts" 76 | mailboxd_truststore_password="changeit" 77 | postfix_mail_owner="postfix" 78 | postfix_setgid_group="postdrop" 79 | ssl_default_digest="sha256" 80 | zimbraIPMode="ipv4" 81 | zimbraMtaMyNetworks="127.0.0.0/8 HOST_CIDR/24" 82 | zimbraPrefTimeZoneId="TIME_ZONE_ID" 83 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 84 | zimbra_require_interprocess_security="1" 85 | INSTALL_PACKAGES="zimbra-core zimbra-ldap zimbra-mta zimbra-snmp zimbra-memcached zimbra-proxy zimbra-imapd " 86 | -------------------------------------------------------------------------------- /configs/config-mailbox: -------------------------------------------------------------------------------- 1 | ADMINPASSSET="set" 2 | AVDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 3 | AVUSER="admin@ZIMBRA_DEFAULT_DOMAIN" 4 | CREATEADMIN="admin@ZIMBRA_DEFAULT_DOMAIN" 5 | CREATEADMINPASS="ADMIN_PW" 6 | CREATEDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 7 | DOCREATEADMIN="yes" 8 | DOCREATEDOMAIN="no" 9 | DOTRAINSA="yes" 10 | ENABLEGALSYNCACCOUNTS="no" 11 | EXPANDMENU="no" 12 | HOSTNAME="MAILBOX_HOST_NAME.ZIMBRA_DEFAULT_DOMAIN" 13 | HTTPPORT="8080" 14 | HTTPPROXYPORT="80" 15 | HTTPSPORT="8443" 16 | HTTPSPROXYPORT="443" 17 | IMAPPORT="7143" 18 | IMAPPROXYPORT="143" 19 | IMAPSSLPORT="7993" 20 | IMAPSSLPROXYPORT="993" 21 | INSTALL_WEBAPPS="service zimlet zimbra zimbraAdmin" 22 | JAVAHOME="/opt/zimbra/common/lib/jvm/java" 23 | LDAPADMINPASS="LDAP_ADMIN_PW" 24 | LDAPADMINPASSSET="set" 25 | LDAPDEFAULTSLOADED="1" 26 | LDAPHOST="ZIMBRA_HOST_NAME" 27 | LDAPPORT="389" 28 | MAILBOXDMEMORY="1484" 29 | MODE="https" 30 | MYSQLMEMORYPERCENT="30" 31 | POPPORT="7110" 32 | POPPROXYPORT="110" 33 | POPSSLPORT="7995" 34 | POPSSLPROXYPORT="995" 35 | PROXYMODE="https" 36 | REMOVE="no" 37 | RUNVMHA="no" 38 | SERVICEWEBAPP="yes" 39 | SMTPDEST="admin@ZIMBRA_DEFAULT_DOMAIN" 40 | SMTPHOST="ZIMBRA_HOST_NAME" 41 | SMTPNOTIFY="yes" 42 | SMTPSOURCE="admin@ZIMBRA_DEFAULT_DOMAIN" 43 | SNMPNOTIFY="yes" 44 | SNMPTRAPHOST="MAILBOX_HOST_NAME.ZIMBRA_DEFAULT_DOMAIN" 45 | SPELLURL="http://MAILBOX_HOST_NAME.ZIMBRA_DEFAULT_DOMAIN:7780/aspell.php" 46 | STARTSERVERS="yes" 47 | SYSTEMMEMORY="5.8" 48 | TRAINSAHAM="ham-training@ZIMBRA_DEFAULT_DOMAIN" 49 | TRAINSASPAM="spam-training@ZIMBRA_DEFAULT_DOMAIN" 50 | UIWEBAPPS="yes" 51 | UPGRADE="yes" 52 | USEEPHEMERALSTORE="no" 53 | USEKBSHORTCUTS="TRUE" 54 | USESPELL="yes" 55 | VERSIONUPDATECHECKS="FALSE" 56 | VIRUSQUARANTINE="virus-quarantine@ZIMBRA_DEFAULT_DOMAIN" 57 | ZIMBRA_REQ_SECURITY="yes" 58 | ldap_dit_base_dn_config="cn=zimbra" 59 | mailboxd_directory="/opt/zimbra/mailboxd" 60 | mailboxd_keystore="/opt/zimbra/mailboxd/etc/keystore" 61 | mailboxd_keystore_password="2DKb7ZGu" 62 | mailboxd_server="jetty" 63 | mailboxd_truststore="/opt/zimbra/common/lib/jvm/java/jre/lib/security/cacerts" 64 | mailboxd_truststore_password="changeit" 65 | ssl_default_digest="sha256" 66 | zimbraDefaultDomainName="ZIMBRA_DEFAULT_DOMAIN" 67 | zimbraFeatureBriefcasesEnabled="Enabled" 68 | zimbraFeatureTasksEnabled="Enabled" 69 | zimbraIPMode="ipv4" 70 | zimbraMailProxy="TRUE" 71 | zimbraPrefTimeZoneId="TIME_ZONE_ID" 72 | zimbraReverseProxyLookupTarget="TRUE" 73 | zimbraVersionCheckInterval="1d" 74 | zimbraVersionCheckNotificationEmail="admin@ZIMBRA_DEFAULT_DOMAIN" 75 | zimbraVersionCheckNotificationEmailFrom="admin@ZIMBRA_DEFAULT_DOMAIN" 76 | zimbraVersionCheckSendNotifications="FALSE" 77 | zimbraVersionCheckServer="" 78 | zimbraWebProxy="TRUE" 79 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 80 | zimbra_require_interprocess_security="1" 81 | INSTALL_PACKAGES="zimbra-core zimbra-snmp zimbra-store zimbra-apache zimbra-spell " 82 | -------------------------------------------------------------------------------- /configs/config-zimbra-single: -------------------------------------------------------------------------------- 1 | ADMINPASSSET="set" 2 | AVDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 3 | AVUSER="admin@ZIMBRA_DEFAULT_DOMAIN" 4 | CREATEADMIN="admin@ZIMBRA_DEFAULT_DOMAIN" 5 | CREATEADMINPASS="ADMIN_PW" 6 | CREATEDOMAIN="ZIMBRA_DEFAULT_DOMAIN" 7 | DOADDUPSTREAMIMAP="no" 8 | DOCREATEADMIN="yes" 9 | DOCREATEDOMAIN="yes" 10 | DOTRAINSA="yes" 11 | EXPANDMENU="no" 12 | HOSTNAME="ZIMBRA_HOST_NAME" 13 | HTTPPORT="8080" 14 | HTTPPROXY="TRUE" 15 | HTTPPROXYPORT="80" 16 | HTTPSPORT="8443" 17 | HTTPSPROXYPORT="443" 18 | IMAPPORT="7143" 19 | IMAPPROXYPORT="143" 20 | IMAPSSLPORT="7993" 21 | IMAPSSLPROXYPORT="993" 22 | INSTALL_WEBAPPS="service zimlet zimbra zimbraAdmin" 23 | JAVAHOME="/opt/zimbra/common/lib/jvm/java" 24 | LDAPADMINPASS="LDAP_ADMIN_PW" 25 | LDAPADMINPASSSET="set" 26 | LDAPAMAVISPASS="LDAP_AMAVIS_PW" 27 | LDAPAMAVISPASSSET="set" 28 | LDAPBESSEARCHSET="set" 29 | LDAPHOST="ZIMBRA_HOST_NAME" 30 | LDAPNGINXPASSSET="set" 31 | LDAPPORT="389" 32 | LDAPPOSTPASS="LDAP_POSTFIX_PW" 33 | LDAPPOSTPASSSET="set" 34 | LDAPREPLICATIONTYPE="master" 35 | LDAPREPPASS="LDAP_REPLICATION_PW" 36 | LDAPREPPASSSET="set" 37 | LDAPROOTPASS="LDAP_ROOT_PW" 38 | LDAPROOTPASSSET="set" 39 | LDAPSERVERID="2" 40 | MAILBOXDMEMORY="1484" 41 | MAILPROXY="TRUE" 42 | MODE="https" 43 | MYSQLMEMORYPERCENT="30" 44 | POPPORT="7110" 45 | POPPROXYPORT="110" 46 | POPSSLPORT="7995" 47 | POPSSLPROXYPORT="995" 48 | PROXYMODE="https" 49 | REMOVE="no" 50 | RUNARCHIVING="no" 51 | RUNAV="yes" 52 | RUNCBPOLICYD="no" 53 | RUNDKIM="yes" 54 | RUNSA="yes" 55 | RUNVMHA="no" 56 | SERVICEWEBAPP="yes" 57 | SMTPDEST="admin@ZIMBRA_DEFAULT_DOMAIN" 58 | SMTPHOST="ZIMBRA_HOST_NAME" 59 | SMTPNOTIFY="yes" 60 | SMTPSOURCE="admin@ZIMBRA_DEFAULT_DOMAIN" 61 | SNMPNOTIFY="yes" 62 | SNMPTRAPHOST="ZIMBRA_HOST_NAME" 63 | SPELLURL="http://ZIMBRA_HOST_NAME:7780/aspell.php" 64 | STARTSERVERS="yes" 65 | SYSTEMMEMORY="5.8" 66 | TRAINSAHAM="ham-training@ZIMBRA_DEFAULT_DOMAIN" 67 | TRAINSASPAM="spam-training@ZIMBRA_DEFAULT_DOMAIN" 68 | UIWEBAPPS="yes" 69 | UPGRADE="yes" 70 | USEEPHEMERALSTORE="no" 71 | USESPELL="yes" 72 | VERSIONUPDATECHECKS="FALSE" 73 | VIRUSQUARANTINE="virus-quarantine@ZIMBRA_DEFAULT_DOMAIN" 74 | ZIMBRA_REQ_SECURITY="yes" 75 | imapd_keystore="/opt/zimbra/conf/imapd.keystore" 76 | imapd_keystore_password="DE10K4IG" 77 | ldap_bes_searcher_password="LDAP_BES_PW" 78 | ldap_dit_base_dn_config="cn=zimbra" 79 | ldap_nginx_password="LDAP_NGINX_PW" 80 | mailboxd_directory="/opt/zimbra/mailboxd" 81 | mailboxd_keystore="/opt/zimbra/mailboxd/etc/keystore" 82 | mailboxd_keystore_password="DE10K4IG" 83 | mailboxd_server="jetty" 84 | mailboxd_truststore="/opt/zimbra/common/lib/jvm/java/jre/lib/security/cacerts" 85 | mailboxd_truststore_password="changeit" 86 | postfix_mail_owner="postfix" 87 | postfix_setgid_group="postdrop" 88 | ssl_default_digest="sha256" 89 | zimbraFeatureBriefcasesEnabled="Enabled" 90 | zimbraFeatureTasksEnabled="Enabled" 91 | zimbraIPMode="ipv4" 92 | zimbraMailProxy="TRUE" 93 | zimbraMtaMyNetworks="127.0.0.0/8 HOST_CIDR/24" 94 | zimbraPrefTimeZoneId="TIME_ZONE_ID" 95 | zimbraReverseProxyLookupTarget="TRUE" 96 | zimbraVersionCheckNotificationEmail="admin@ZIMBRA_DEFAULT_DOMAIN" 97 | zimbraVersionCheckNotificationEmailFrom="admin@ZIMBRA_DEFAULT_DOMAIN" 98 | zimbraVersionCheckSendNotifications="FALSE" 99 | zimbraWebProxy="TRUE" 100 | zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra" 101 | zimbra_require_interprocess_security="1" 102 | INSTALL_PACKAGES="zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-memcached zimbra-proxy zimbra-imapd " 103 | -------------------------------------------------------------------------------- /Dockerfile-base: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | 3 | # Install Basic Packages 4 | # Set tzdata info to UTC (Etc/UTC) for image. 5 | # Runtime will reconfigure to match what is in environment 6 | RUN apt-get update && \ 7 | apt-get install -y \ 8 | curl \ 9 | dnsutils \ 10 | gettext \ 11 | linux-tools-common \ 12 | openssh-server \ 13 | netbase \ 14 | netcat \ 15 | net-tools \ 16 | openjdk-8-jdk \ 17 | rsyslog \ 18 | software-properties-common \ 19 | vim \ 20 | wget && \ 21 | apt-get install -y man psutils psmisc ruby-dev gcc && \ 22 | echo "tzdata tzdata/Areas select Etc" > /tmp/tzdata.txt && \ 23 | echo "tzdata tzdata/Zones/Etc select UTC" >> /tmp/tzdata.txt && \ 24 | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true && \ 25 | debconf-set-selections /tmp/tzdata.txt && \ 26 | apt-get install -y tzdata && \ 27 | apt-get clean 28 | 29 | # ************************************************************************ 30 | # The following is required for Genesis tests to be run. 31 | # NOTE: Work is in progress to allow for remote test execution 32 | # 1. Disable setting that prevents users from writing to current terminal device 33 | # 2. Symlink in /bin/env (some genesis tests expect it to be there) 34 | # 3. Pre-create the zimbra user with known uid/gid so that IF a user wants to mount a host 35 | # 4. directory into the container, the permissions will be correct. 36 | # ************************************************************************ 37 | RUN sed -i.bak 's/^mesg/# mesg/' /root/.profile && \ 38 | ln -s /usr/bin/env /bin/env && \ 39 | groupadd -r -g 1000 zimbra && \ 40 | useradd -r -g zimbra -u 1000 -b /opt -s /bin/bash zimbra 41 | 42 | # ************************************************************************ 43 | # Download and do a package-only install of Zimbra 44 | # Trick build into skipping resolvconf as docker overrides for DNS 45 | # This is currently required by our installer script. Hopefully be 46 | # fixed soon. The `zimbra-os-requirements` packages depends 47 | # on the `resolvconf` package, and configuration of that is what 48 | # was breaking install.sh 49 | # ************************************************************************ 50 | RUN curl -s -k -o /tmp/zcs.tgz 'https://files.zimbra.com.s3.amazonaws.com/downloads/8.8.3_GA/zcs-8.8.3_GA_1872.UBUNTU16_64.20170905143325.tgz' && \ 51 | mkdir -p /tmp/release && \ 52 | tar xzvf /tmp/zcs.tgz -C /tmp/release --strip-components=1 && \ 53 | rm /tmp/zcs.tgz && \ 54 | echo "resolvconf resolvconf/linkify-resolvconf boolean false" | debconf-set-selections 55 | 56 | # ************************************************************************ 57 | # Install STAF to /usr/local/staf 58 | # 59 | # Add the STAF libraries to the END of the list of places where libraries are searched 60 | # Some of the libraries included with STAF are wonky and will bork normal commands 61 | # if they are loaded first. 62 | # ************************************************************************ 63 | RUN curl -L -o /tmp/staf-setup.bin 'http://downloads.sourceforge.net/project/staf/staf/V3.4.26/STAF3426-setup-linux-amd64-NoJVM.bin' && \ 64 | chmod +x /tmp/staf-setup.bin && \ 65 | /tmp/staf-setup.bin -i silent \ 66 | -DACCEPT_LICENSE=1 \ 67 | -DCHOSEN_INSTALL_SET=Custom \ 68 | -DCHOSEN_INSTALL_FEATURE_LIST=STAF,ExtSvcs,Langs,Codepage && \ 69 | rm /tmp/staf-setup.bin && \ 70 | echo /usr/local/staf/lib > /etc/ld.so.conf.d/zzz-staf.conf && \ 71 | ldconfig 72 | 73 | COPY slash-zimbra/software-install-responses /tmp/software-install-responses 74 | WORKDIR /tmp/release 75 | RUN sed -i.bak 's/checkRequired/# checkRequired/' install.sh && \ 76 | ./install.sh -s -x --skip-upgrade-check < /tmp/software-install-responses && \ 77 | apt-get clean && \ 78 | rm -rf /tmp/release 79 | 80 | EXPOSE 22 25 80 110 143 443 465 587 993 995 6500 6550 7071 8443 81 | -------------------------------------------------------------------------------- /configs/init-common: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Perform template substitution in /zimbra/zimbra-config then configure the system 3 | # Expects the following environment variables to be set: 4 | # HOSTNAME (from specification in the docker-compose file; e.g., 'zimbra-1') 5 | # ZIMBRA_DEFAULT_DOMAIN 6 | # ZIMBRA_HOST_NAME 7 | # MAILBOX_HOST_NAME 8 | # TIME_ZONE_ID 9 | # ADMIN_PW 10 | # LDAP_ADMIN_PW 11 | # LDAP_AMAVIS_PW 12 | # LDAP_POSTFIX_PW 13 | # LDAP_REPLICATION_PW 14 | # LDAP_ROOT_PW 15 | # LDAP_BES_PW 16 | # LDAP_NGINX_PW 17 | # Also reconfigures tzdata. Expects these environment variables for that: 18 | # TZDATA_AREA 19 | # TZDATA_ZONE 20 | # 21 | 22 | SLEEP_SECS=10 23 | SLEEP_LONG_SECS=60 24 | 25 | # Add an entry for the specified host_ip and host_fqdn to /etc/hosts, if necessary 26 | # Arguments: 27 | # - host_fqdn 28 | # - host_ip 29 | # Side effects: 30 | # - Updates /etc/hosts 31 | # Returns: 32 | # - n/a 33 | function add_host_entry { 34 | host_fqdn=$1 35 | host_ip=$2 36 | 37 | grep -q "${host_ip}.*${host_fqdn}" /etc/hosts 38 | if [ $? != 0 ]; then 39 | echo "Adding mapping for ${host_fqdn} to ${host_ip} in /etc/hosts" 40 | echo -e "${host_ip}\t${host_fqdn}" >> /etc/hosts 41 | else 42 | echo "An entry for ${host_fqdn} is already present in /etc/hosts" 43 | fi 44 | } 45 | 46 | function configure_staf { 47 | # Startup and configure STAF 48 | export PATH=/usr/local/staf/bin:$PATH 49 | # shellcheck disable=SC2016 50 | echo 'PATH=/usr/local/staf/bin:$PATH' >> /root/.bashrc 51 | echo "starting STAF. output to /opt/zimbra/log/staf.log." 52 | # NOTE: will see this error if you are watching the logs: 53 | # STAFProcess::processMonitorThread: Error opening /dev/tty, errno: 6 54 | # That is OK. See: http://staf.sourceforge.net/current2x/STAFFAQ.htm#d0e332 55 | /usr/local/staf/startSTAFProc.sh >/opt/zimbra/log/staf.log 2>&1 & 56 | sleep ${SLEEP_SECS} 57 | echo "adding STAF services" 58 | STAF local service add service LOG LIBRARY STAFLog 59 | echo "setting STAF trust level to 5" 60 | STAF local TRUST SET MACHINE '*' LEVEL 5 61 | } 62 | 63 | # Lookup the desired service by service name 64 | # Parameters: 65 | # - service name; e.g., "zimbra" 66 | # Returns: 67 | # - The IP address of the service if it is available or an empty string 68 | function lookup_service { 69 | service_name=$1 70 | service_resp=$(getent hosts ${service_name} | awk '{print $1}') 71 | echo "${service_resp}" 72 | } 73 | 74 | function post_zmsetup_configuration { 75 | echo "Starting ssh service. This is required by the SOAP-Harness tests" 76 | service ssh start 77 | echo "Allow unauthenticated PINGs. This is required by the SOAP-Harness tests" 78 | sudo -i -u zimbra zmlocalconfig -e allow_unauthed_ping=true 79 | echo "Enable local mail delivery" 80 | sudo -i -u zimbra zmprov mcf zimbraMtaLmtpHostLookup native 81 | echo "Running zmupdateauthkeys. This is required by the SOAP-Harness tests" 82 | sudo -i -u zimbra zmupdateauthkeys 83 | echo "Restarting zimbra" 84 | sudo -i -u zimbra zmcontrol restart 85 | } 86 | 87 | # Updates /etc/hosts, if necessary, by adding an additional hosthame mapping 88 | # Arguments: 89 | # - host_fqdn 90 | # Side effects: 91 | # - Updates /etc/hosts if necessary 92 | # Returns: 93 | # - n/a 94 | # Depends on: 95 | # - HOSTNAME environment variable 96 | function update_host_entry { 97 | host_fqdn=$1 98 | HOST_ADDRESS=$(grep "${HOSTNAME}" /etc/hosts | awk '{print $1}') 99 | grep -q "${HOST_ADDRESS}.*${host_fqdn}" /etc/hosts 100 | if [ $? != 0 ]; then 101 | echo "Adding mapping for ${host_fqdn} to ${HOST_ADDRESS} in /etc/hosts" 102 | sed -e "s/${HOSTNAME}/${host_fqdn} ${HOSTNAME}/" < /etc/hosts > /tmp/hosts 103 | cp /tmp/hosts /etc/hosts 104 | else 105 | echo "An entry for ${host_fqdn} is already present in /etc/hosts" 106 | fi 107 | } 108 | 109 | function update_zmsetup_config_file { 110 | HOST_CIDR=$(echo $HOST_ADDRESS | sed -e 's/[[:digit:]]*$/0/') 111 | cat /zimbra/config.in | sed \ 112 | -e "s/ZIMBRA_HOST_NAME/${ZIMBRA_HOST_NAME}/" \ 113 | -e "s/MAILBOX_HOST_NAME/${MAILBOX_HOST_NAME}/" \ 114 | -e "s/ZIMBRA_DEFAULT_DOMAIN/${ZIMBRA_DEFAULT_DOMAIN}/" \ 115 | -e "s/TIME_ZONE_ID/${TIME_ZONE_ID}/" \ 116 | -e "s/LDAP_ADMIN_PW/${LDAP_ADMIN_PW}/" \ 117 | -e "s/ADMIN_PW/${ADMIN_PW}/" \ 118 | -e "s/LDAP_AMAVIS_PW/${LDAP_AMAVIS_PW}/" \ 119 | -e "s/LDAP_POSTFIX_PW/${LDAP_POSTFIX_PW}/" \ 120 | -e "s/LDAP_REPLICATION_PW/${LDAP_REPLICATION_PW}/" \ 121 | -e "s/LDAP_ROOT_PW/${LDAP_ROOT_PW}/" \ 122 | -e "s/LDAP_BES_PW/${LDAP_BES_PW}/" \ 123 | -e "s/LDAP_NGINX_PW/${LDAP_NGINX_PW}/" \ 124 | -e "s/HOST_ADDRESS/${HOST_ADDRESS}/" \ 125 | -e "s/HOST_CIDR/${HOST_CIDR}/" \ 126 | > /zimbra/config 127 | } 128 | 129 | function update_tzdata_config { 130 | echo "Updating tzdata configuration" 131 | rm -f /etc/timezone /etc/localtime 132 | echo "tzdata tzdata/Areas select ${TZDATA_AREA}" > /tmp/tzdata.txt 133 | echo "tzdata tzdata/Zones/${TZDATA_AREA} select ${TZDATA_ZONE}" >> /tmp/tzdata.txt 134 | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true && \ 135 | debconf-set-selections /tmp/tzdata.txt && \ 136 | sudo dpkg-reconfigure -f noninteractive tzdata 137 | } 138 | 139 | # Sleep until the service address resolves 140 | # Arguments: 141 | # - service_name 142 | # Returns: 143 | # - IP address of the service 144 | function wait_for_service { 145 | service_name=$1 146 | service_ip=$(lookup_service ${service_name}) 147 | while [ "${service_ip}x" = "x" ]; do 148 | (>&2 echo "Waiting for ${service_name} container to start") 149 | sleep ${SLEEP_SECS} 150 | service_ip=$(lookup_service ${service_name}) 151 | done 152 | echo ${service_ip} 153 | } 154 | 155 | # Wait until STAF services are running 156 | # Arguments: 157 | # - host_fqdn 158 | function wait_for_staf { 159 | host_fqdn=$1 160 | echo "OK" | nc -q 1 ${host_fqdn} 6500 2>/dev/null 161 | while [ $? -ne 0 ]; do 162 | echo "Waiting for ${host_fqdn} services to come up. Sleeping for ${SLEEP_LONG_SECS} seconds..." 163 | sleep ${SLEEP_LONG_SECS} 164 | echo "OK" | nc -q 1 ${host_fqdn} 6500 2>/dev/null 165 | done 166 | } 167 | 168 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Introduction 2 | 3 | * Deploy a single or multi-node Zimbra installation into a Docker swarm. 4 | * Currently running version 8.8.3. 5 | 6 | ### Single Node Zimbra Services 7 | 8 | - `zimbra`. This service runs the following: 9 | - `zimbra-apache` 10 | - `zimbra-imapd` 11 | - `zimbra-ldap` 12 | - `zimbra-logger` 13 | - `zimbra-memcached` 14 | - `zimbra-mta` 15 | - `zimbra-proxy` 16 | - `zimbra-snmp` 17 | - `zimbra-spell` 18 | - `zimbra-store` 19 | - `STAF` 20 | 21 | ### Multi Node Zimbra Services 22 | 23 | - `zimbra`. This service runs the following: 24 | - `zimbra-imapd` 25 | - `zimbra-ldap` 26 | - `zimbra-logger` 27 | - `zimbra-memcached` 28 | - `zimbra-mta` 29 | - `zimbra-proxy` 30 | - `zimbra-snmp` 31 | - `STAF` 32 | - `mailbox` 33 | - `zimbra-apache` 34 | - `zimbra-logger` 35 | - `zimbra-snmp` 36 | - `zimbra-spell` 37 | - `zimbra-store` 38 | - `STAF` 39 | 40 | ## Setup 41 | 42 | * Clone a copy of this repo. Then, from inside your local clone of the repo: 43 | * Copy the file `DOT-env` to `.env`. Update `.env` as desired. 44 | * Make sure you have an available Docker swarm (with your shell configured appropriately as necessary). 45 | 46 | ## Deploy the Stack 47 | 48 | ### Single Node 49 | 50 | docker stack deploy --compose-file docker-compose-single.yml 51 | 52 | ### Multi Node 53 | 54 | docker stack deploy --compose-file docker-compose-multi.yml 55 | 56 | ## Undeploy the Stack 57 | 58 | Just run the command `docker stack rm `. For example: 59 | 60 | docker stack rm zcs 61 | 62 | ## Setting-up a local single-node docker swarm 63 | 64 | These instructions assume you are using _Docker for Mac_. 65 | 66 | ### Create the swarm 67 | 68 | docker swarm init 69 | 70 | ## Setting-up a local multi-node docker swarm 71 | 72 | These instructions assume that you have _Virtualbox_ installed. _NOTE:_ They will work just fine whether you are using _Docker for Mac_ or some other Docker installation. 73 | 74 | ## Create local VMs to run the swarm on 75 | 76 | $ docker-machine create --driver virtualbox vm1 77 | $ docker-machine create --driver virtualbox vm2 78 | $ docker-machine create --driver virtualbox vm3 79 | 80 | _NOTE:_ The above `docker-machine create` command will create machines with default settings. These may be a bit underpowered. The following command shows some options you can use: 81 | 82 | $ docker-machine create --virtualbox-disk-size 32000 \ 83 | --virtualbox-memory 6144 \ 84 | --virtualbox-cpu-count 4 \ 85 | --driver virtualbox 86 | 87 | See [this page](https://docs.docker.com/machine/drivers/virtualbox/#usage) for an explanation of the options. 88 | 89 | 90 | ## Initialize the swarm 91 | 92 | $ docker-machine ls 93 | NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS 94 | vm1 - virtualbox Running tcp://192.168.99.100:2376 v17.09.0-ce 95 | vm2 - virtualbox Running tcp://192.168.99.101:2376 v17.09.0-ce 96 | vm3 - virtualbox Running tcp://192.168.99.102:2376 v17.09.0-ce 97 | 98 | ### Manager runs on vm1 99 | 100 | $ docker-machine ssh vm1 "docker swarm init --advertise-addr 192.168.99.100" 101 | Swarm initialized: current node (f59l3muq14vmkjg4m1yy7sycy) is now a manager. 102 | 103 | To add a worker to this swarm, run the following command: 104 | 105 | docker swarm join --token SWMTKN-1-3rgvuj0tkieslsrahy02tl1yp8yaq30w6d62knak9p8d4t4rdc-3kijt9tomeu41xq762j10mq96 192.168.99.100:2377 106 | 107 | To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions. 108 | 109 | 110 | ### vm2 & vm3 are workers 111 | 112 | $ docker-machine ssh vm2 "docker swarm join --token SWMTKN-1-3rgvuj0tkieslsrahy02tl1yp8yaq30w6d62knak9p8d4t4rdc-3kijt9tomeu41xq762j10mq96 192.168.99.100:2377" 113 | 114 | This node joined a swarm as a worker. 115 | 116 | $ docker-machine ssh vm3 "docker swarm join --token SWMTKN-1-3rgvuj0tkieslsrahy02tl1yp8yaq30w6d62knak9p8d4t4rdc-3kijt9tomeu41xq762j10mq96 192.168.99.100:2377" 117 | 118 | This node joined a swarm as a worker. 119 | 120 | ## Configure the shell to "talk" to the manager node 121 | 122 | $ eval $(docker-machine env vm1) 123 | 124 | Results: 125 | 126 | $ env | grep DOCKER 127 | DOCKER_HOST=tcp://192.168.99.100:2376 128 | DOCKER_MACHINE_NAME=vm1 129 | DOCKER_TLS_VERIFY=1 130 | DOCKER_CERT_PATH=/Users/gordy/.docker/machine/machines/vm1 131 | 132 | $ docker-machine ls 133 | NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS 134 | vm1 * virtualbox Running tcp://192.168.99.100:2376 v17.09.0-ce 135 | vm2 - virtualbox Running tcp://192.168.99.101:2376 v17.09.0-ce 136 | vm3 - virtualbox Running tcp://192.168.99.102:2376 v17.09.0-ce 137 | 138 | 139 | ## Deploy the stack 140 | 141 | $ docker stack deploy -c docker-compose.swarm.yml zcs 142 | Creating network zcs_default 143 | Creating service zcs_zimbra 144 | 145 | ## Observe the zcs_zimbra service logs 146 | 147 | $ docker service logs -f zcs_zimbra 148 | 149 | ## Connect to the zcs_zimbra service 150 | 151 | Determine where it is running 152 | 153 | $ docker service ps zcs_zimbra 154 | ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS 155 | qcj4t3yo8j3a zcs_zimbra.1 zimbra/zcs-foss:latest vm2 Running Preparing 2 minutes ago 156 | 157 | 158 | ## Connect to the machine that is running zcs_zimbra 159 | 160 | $ docker-machine ssh vm2 161 | 162 | ## Find the container running the zcs_zimbra service 163 | 164 | $ docker ps --filter "name=zcs_zimbra" 165 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 166 | a1d8fb65a91f zimbra/zcs-foss:latest "/zimbra/init" 31 minutes ago Up 31 minutes 22/tcp, 25/tcp, 80/tcp, 110/tcp, 143/tcp, 443/tcp, 465/tcp, 587/tcp, 993/tcp, 995/tcp, 7071/tcp, 8443/tcp zcs_zimbra.1.qcj4t3yo8j3aju92efwz7hmfg 167 | 168 | Or, more compactly (because you just need the container ID): 169 | 170 | $ docker ps -q --filter "name=zcs_zimbra" 171 | a1d8fb65a91f 172 | 173 | Then you can connet to the container like normal. 174 | 175 | $ docker exec -it a1d8fb65a91f bash 176 | 177 | 178 | ## Cleaning Up 179 | 180 | ### Remove the stack 181 | 182 | $ docker stack rm zcs 183 | 184 | Removing service zcs_zimbra 185 | Removing network zcs_default 186 | 187 | ### Tear Down the Swarm 188 | 189 | Tell each machine to leave the swarm. Note that you have to _force_ the manager to leave. 190 | 191 | $ docker-machine ssh vm3 "docker swarm leave" 192 | Node left the swarm. 193 | 194 | $ docker-machine ssh vm2 "docker swarm leave" 195 | Node left the swarm. 196 | 197 | $ docker-machine ssh vm1 "docker swarm leave --force" 198 | Node left the swarm. 199 | 200 | Stop the machines. 201 | 202 | $ for m in {1..3}; do docker-machine stop vm${m}; done 203 | Stopping "vm1"... 204 | Machine "vm1" was stopped. 205 | Stopping "vm2"... 206 | Machine "vm2" was stopped. 207 | Stopping "vm3"... 208 | Machine "vm3" was stopped. 209 | 210 | Remove the machines. 211 | 212 | $ for m in {1..3}; do docker-machine rm -y vm${m}; done 213 | About to remove vm1 214 | WARNING: This action will delete both local reference and remote instance. 215 | Successfully removed vm1 216 | About to remove vm2 217 | WARNING: This action will delete both local reference and remote instance. 218 | Successfully removed vm2 219 | About to remove vm3 220 | WARNING: This action will delete both local reference and remote instance. 221 | Successfully removed vm3 222 | --------------------------------------------------------------------------------