OX6:Open-Xchange Installation Guide for SLES11 622
Open-Xchange Server 6 on SuSE Linux Enterprise Server 11
{{#ifeq:|6| This article will guide you through the installation of the Open-Xchange server, it describes the basic configuration and software requirements. As it is intended as a quick walk-through it assumes an existing installation of the operating system and requires average system administration skills. More, this guide will show you how to setup a basic installation with none of the typically used distributed environment settings. The objective of this guide is:
- To setup a single server installation
- To setup a database for a single database service, no replication
- To setup a single Open-Xchange instance, no cluster
- To provide a basic configuration setup, no mailserver configuration
}} {{#ifeq:|edp| This article will guide you through the installation of the Open-Xchange server, it describes the basic configuration and software requirements. As it is intended as a quick walk-through it assumes an existing installation of the operating system and requires average system administration skills. More, this guide will show you how to setup a basic installation with none of the typically used distributed environment settings. The objective of this guide is:
- To setup a single server installation
- To setup a database for a single database service, no replication
- To setup a single Open-Xchange instance, no cluster
- To provide a basic configuration setup, no mailserver configuration
}} {{#ifeq:|appsuite| This article will guide you through the installation of OX App Suite, it describes the basic configuration and software requirements. As it is intended as a quick walk-through it assumes an existing installation of the operating system and requires average system administration skills. More, this guide will show you how to setup a basic installation with none of the typically used distributed environment settings. The objective of this guide is:
- To setup a single server installation
- To setup a database for a single database service, no replication
- To setup a single Open-Xchange instance, no cluster
- To provide a basic configuration setup, no mailserver configuration
}}
Requirements
- Plain installed SuSE Linux Enterprise Server 11 with latest updates
- Valid access to the Novell onlineupdate service
- A configured internet connection
Updating repositories and install packages
The following command starts the download and installation process of all required package for Open-Xchange deployment:
Template:OXPackageInstallation 622
A warning will be shown because the Open-Xchange packages are not yet signed by a cryptographic key. To accept and continue the installation, press Y.
Open-Xchange configuration
To avoid confusion right at the start notice that Open-Xchange uses multiple administration levels and requires different credentials at some stages at the installation and server management. Note that the passwords chosen at this guide are weak and should be replaced by stronger passwords.
- The MySQL database user
- Username: openexchange
- Password used at this guide: db_password
- Responsibility: Execute all kinds of database operations
- The Open-Xchange Admin Master
- Username: oxadminmaster
- Password used at this guide: admin_master_password
- Responsibility: Manage contexts, manage all kinds of low level server configuration
- The Context Admin
- Username: oxadmin
- Password used at this guide: admin_password
- Responsibility: Manage users/groups/resources inside a context
As stated above we assume the MySQL service has been installed previously, and it is running and available.
A good idea is to add the Open-Xchange binaries to PATH:
$ echo PATH=$PATH:/opt/open-xchange/sbin/ >> ~/.bashrc && . ~/.bashrc
Now we have to initialize the Open-Xchange configdb database. This can all be done by executing the initconfigdb script.
$ /opt/open-xchange/sbin/initconfigdb --configdb-pass=db_password -a --mysql-root-passwd=root_password
Use the --mysql-root-passwd option to supply the MySQL root password as configured during database installation.
Add the -i option if you want to remove an already existing open-xchange configdb.
Note: The -a parameter adds an openexchange account to MySQL. This account will be used for database connections from the OX App Suite middleware and requires some privileges. You can also create that account manually during database installation / configuration, in which case you can (should) skip the -a parameter here.
Before starting any service, all basic configuration files need to be set up correctly. The --configdb-pass option indicates the password of the openexchange database user previously created, the --master-pass options specifies the password of the Open-Xchange adminmaster user that will be created when executing the oxinstaller script.
Important: You should have your Open-Xchange license code at hand. If you do not plan to license Open-Xchange, you can use the option --no-license instead. Please also check OXReportClient documentation for more information about configuring a supported and maintained Open-Xchange server.
Important: For MAX_MEMORY_FOR_JAVAVM a rule of thumb for simple installations is half available system memory. The value must be in MB. For example "1024" for 1GB .
$ /opt/open-xchange/sbin/oxinstaller --add-license=YOUR-OX-LICENSE-CODE \
--servername=oxserver --configdb-pass=db_password \
--master-pass=admin_master_password {{#ifeq: {{{connector}}} | http |--network-listener-host|--ajp-bind-port}}=localhost --servermemory MAX_MEMORY_FOR_JAVAVM
Note: In a clustered setup, {{#ifeq: {{{connector}}} | http |--network-listener-host|--ajp-bind-port}} must be set to *
Now is a good time to configure the way OX will authenticate to your mail server. Edit the file /opt/open-xchange/etc/mail.properties and change the com.openexchange.mail.loginSource to use. This is very important for servers that require your full email address to log in with.
# adjust com.openexchange.mail.loginSource $ vim /opt/open-xchange/etc/mail.properties
After initializing the configuration, start the Open-Xchange service by executing:
$ rcopen-xchange start
Next we have to register the local server at the Open-Xchange configdb database:
$ /opt/open-xchange/sbin/registerserver -n oxserver -A oxadminmaster -P admin_master_password
Now we have to create a local directory that should be used as Open-Xchange filestore. This directory will contain all Infostore content and files attached to groupware objects. To maintain access by the Open-Xchange Groupware service, it is required to grant permissions to the open-xchange system user.
$ mkdir /var/opt/filestore $ chown open-xchange:open-xchange /var/opt/filestore
Now register the directory as a filestore at the Open-Xchange server:
$ /opt/open-xchange/sbin/registerfilestore -A oxadminmaster -P admin_master_password \ -t file:/var/opt/filestore -s 1000000
Note: You might want to adapt the value provided with -s, the "The maximum size of the filestore in MB", see registerfilestore --help.
Note 2: If you are setting up OX App Suite, you need a shared filestore accross your OX servers even though you do not plan to have the OX Files feature enabled for your customers.
Finally register the groupware database, this is a separated database where all groupware specific data is stored:
$ /opt/open-xchange/sbin/registerdatabase -A oxadminmaster -P admin_master_password \ -n oxdatabase -p db_password -m true
{{#if:| Note 3: Take into account that a global database is needed in order to store data across context boundaries. Please see this documentation on how to register it. |}}
Configure services
Now as the Open-Xchange Server has been set up and the database is running, we have to configure the Apache webserver and the mod_proxy_{{#if:||ajp}} module to access the groupware frontend.
$ a2enmod proxy && a2enmod proxy_{{#if:|{{{connector}}}|ajp}} && a2enmod expires && a2enmod deflate && a2enmod headers && a2enmod rewrite && a2enmod proxy_balancer {{#if:| && a2enmod {{{extramods}}}|}}
Configure the mod_proxy_{{#if:|{{{connector}}}|ajp}} module by creating a new Apache configuration file.
$ vim {{#if:|{{{connectorConf}}}|/etc/apache2/conf.d/proxy_ajp.conf}}
{{#if:{{{release}}}|{{#ifeq:|6.22|
<Location /webservices>
# Please note that the servlet path to the soap API has changed:
# restrict access to the soap provisioning API
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
# you might add more ip addresses / networks here
# Allow from 192.168 10 172.16
</Location>
# the old path is kept for compatibility reasons|}}|}}
<Location /servlet/axis2/services>
# restrict access to the soap provisioning API
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
# you might add more ip addresses / networks here
# Allow from 192.168 10 172.16
</Location>
<IfModule mod_proxy_{{#if:|{{{connector}}}|ajp}}.c>
ProxyRequests Off
{{#ifeq: {{{connector}}} | http | # When enabled, this option will pass the Host: line from the incoming request to the proxied host.
ProxyPreserveHost On | }}
<Proxy balancer://oxcluster>
Order deny,allow
Allow from all
# multiple server setups need to have the hostname inserted instead localhost
BalancerMember {{#if:|{{{connector}}}|ajp}}://localhost:8009 timeout=100 smax=0 ttl=60 retry=60 loadfactor=50 route=OX1
# Enable and maybe add additional hosts running OX here
# BalancerMember {{#if:|{{{connector}}}|ajp}}://oxhost2:8009 timeout=100 smax=0 ttl=60 retry=60 loadfactor=50 route=OX2
ProxySet stickysession=JSESSIONID|jsessionid scolonpathdelim=On
{{#ifeq: {{{connector}}} | http |
SetEnv proxy-initial-not-pooled
SetEnv proxy-sendchunked
| }}
</Proxy>
{{#ifeq: {{{connector}}} | http | # Define another Proxy Container with different timeout for the sync clients. Microsoft recommends a minimum value of 15 minutes.
# Setting the value lower than the one defined as com.openexchange.usm.eas.ping.max_heartbeat in eas.properties will lead to connection
# timeouts for clients. See http://support.microsoft.com/?kbid=905013 for additional information.
#
# NOTE for Apache versions < 2.4:
# When using a single node system or using BalancerMembers that are assigned to other balancers please add a second hostname for that
# BalancerMember's IP so Apache can treat it as additional BalancerMember with a different timeout.
#
# Example from /etc/hosts: 127.0.0.1 localhost localhost_sync
#
# Alternatively select one or more hosts of your cluster to be restricted to handle only eas/usm requests
<Proxy balancer://{{{easProxyName}}}>
Order deny,allow
Allow from all
# multiple server setups need to have the hostname inserted instead localhost
BalancerMember http://localhost_sync:8009 timeout=1900 smax=0 ttl=60 retry=60 loadfactor=50 route=APP1
# Enable and maybe add additional hosts running OX here
# BalancerMember http://oxhost2:8009 timeout=1900 smax=0 ttl=60 retry=60 loadfactor=50 route=APP2
ProxySet stickysession=JSESSIONID|jsessionid scolonpathdelim=On
SetEnv proxy-initial-not-pooled
SetEnv proxy-sendchunked
</Proxy> | }}
# OX frontend
<Proxy /ajax>
ProxyPass balancer://oxcluster/ajax
</Proxy>
<Proxy /servlet>
ProxyPass balancer://oxcluster/servlet
</Proxy>
<Proxy /infostore>
ProxyPass balancer://oxcluster/infostore
</Proxy>
<Proxy /publications>
ProxyPass balancer://oxcluster/publications
</Proxy>
# USM
<Proxy /usm-json>
ProxyPass balancer://oxcluster/usm-json
</Proxy>
# SOAP
<Proxy /webservices>
ProxyPass balancer://oxcluster/webservices
</Proxy>
{{#ifeq: {{{connector}}} | http |
<Proxy /realtime>
ProxyPass balancer://oxcluster/realtime
</Proxy>
| }}
# OXtender{{#ifeq: {{{connector}}} | http | /EAS specific proxy container with higher timeout | }}
<Proxy /Microsoft-Server-ActiveSync>
ProxyPass balancer://{{#if:|{{{easProxyName}}}|oxcluster}}/Microsoft-Server-ActiveSync
</Proxy>
</IfModule>
Modify the default website settings to display the Open-Xchange GUI
$ vim /etc/apache2/vhosts.d/ox.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /srv/www/htdocs/
<Directory /srv/www/htdocs/>
AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ /ox6/
Options +FollowSymLinks +SymLinksIfOwnerMatch
</Directory>
# deflate
AddOutputFilterByType DEFLATE text/html text/plain text/javascript application/javascript text/css text/xml application/xml text/x-js application/x-javascript
# pre-compressed files
AddType text/javascript .jsz
AddType text/css .cssz
AddType text/xml .xmlz
AddType text/plain .po
AddEncoding gzip .jsz .cssz .xmlz
SetEnvIf Request_URI "\.(jsz|cssz|xmlz)$" no-gzip
ExpiresActive On
<Location /ox6>
# Expires (via ExpiresByType to override global settings)
ExpiresByType image/gif "access plus 6 months"
ExpiresByType image/png "access plus 6 months"
ExpiresByType image/jpg "access plus 6 months"
ExpiresByType image/jpeg "access plus 6 months"
ExpiresByType text/css "access plus 6 months"
ExpiresByType text/html "access plus 6 months"
ExpiresByType text/xml "access plus 6 months"
ExpiresByType text/javascript "access plus 6 months"
ExpiresByType text/x-js "access plus 6 months"
ExpiresByType application/x-javascript "access plus 6 months"
ExpiresDefault "access plus 6 months"
Header append Cache-Control "private"
Header unset Last-Modified
Header unset Vary
# Strip version
RewriteEngine On
RewriteRule v=\w+/(.+) $1 [L]
# Turn off ETag
Header unset ETag
FileETag None
</Location>
<Location /ox6/ox.html>
ExpiresByType text/html "now"
ExpiresDefault "now"
Header unset Last-Modified
Header set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
# Turn off ETag
Header unset ETag
FileETag None
</Location>
<Location /ox6/index.html>
ExpiresByType text/html "now"
ExpiresDefault "now"
Header unset Last-Modified
Header set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
# Turn off ETag
Header unset ETag
FileETag None
</Location>
</VirtualHost>
After the configuration is done, restart the Apache webserver
$ rcapache2 restart
Finally restart the Open-Xchange service
$ rcopen-xchange restart
Adding services to runlevels
The new services are now installed and configured, but to make them start up on a server boot, they need to be added to some runlevels:
$ insserv mysql $ insserv apache2 $ insserv open-xchange-groupware $ insserv open-xchange-admin
Template:ContextUserAndLogs 622
Installing Open-Xchange Update packages
Please read UpdatingOXPackages on how to get access to the latest Open-Xchange packages.