Membuat Server Repository Lokal Zimbra OSE 8.8.15 di Centos 7
Membuat Server Repository Lokal Zimbra OSE 8.8.15 di Centos 7, digunakan sebagai alternative apabila tidak bisa mengakses repository zimbra. Biasanya di karenakan ip public server terblok oleh server repository zimbra. Bisa saja solusinya dengan mengganti IP Public yang lain atau melalui proxy. Tapi itu apabila tersedia. Server repository lokal zimbra lebih baik di install pada site terpisah dari lokasi server zimbra. seperti VPS, Cloud Server dll. Berikut cara mendeteksi, apabila server yang akan di-install zimbra di blok ip public nya oleh server repository zimbra.
Cek Akses Repository Zimbra
Masukkan perintah berikut untuk melakukan pengecekkan
curl https://repo.zimbra.com/rpm/87/rhel7/repodata/repomd.xml
Apabila muncul seperti berikut berarti server bisa mengambil package ke repository zimbra, tidak perlu membuat server repository sendiri.
<?xml version="1.0" encoding="UTF-8"?> <repomd xmlns="http://linux.duke.edu/metadata/repo" xmlns:rpm="http://linux.duke.edu/metadata/rpm"> <revision>1569581769</revision> <data type="filelists"> <checksum type="sha256">f6961c373a2208dbb00b1e59c4a45c57c61af85d20407dde0b6be68a263688bf</checksum> <open-checksum type="sha256">377702acb86891cb54417567c43b011261fc214ccbe981078028c976314799ab</open-checksum> <location href="repodata/f6961c373a2208dbb00b1e59c4a45c57c61af85d20407dde0b6be68a263688bf-filelists.xml.gz"/> <timestamp>1569581771</timestamp> <size>235492</size> <open-size>2845170</open-size> </data> <data type="primary"> <checksum type="sha256">c79d8cf513fa5c6d6655947fd1f4dfc3ca014a4700a744e23977f799d8b89d76</checksum> <open-checksum type="sha256">6081459cde550e94c879c427b19f360e37337bfa8374932d8f6065b75762d20e</open-checksum> <location href="repodata/c79d8cf513fa5c6d6655947fd1f4dfc3ca014a4700a744e23977f799d8b89d76-primary.xml.gz"/> <timestamp>1569581771</timestamp> <size>97562</size> <open-size>799984</open-size> </data> <data type="primary_db"> <checksum type="sha256">e7e5c6f24ff37305ec7db121c066c91b2c84b42e45c3bf3a001a93360830efef</checksum> <open-checksum type="sha256">f2cfee4b417170fb324dde6a71a02eb3806a9da14d9ad7aadeeb328066035f11</open-checksum> <location href="repodata/e7e5c6f24ff37305ec7db121c066c91b2c84b42e45c3bf3a001a93360830efef-primary.sqlite.bz2"/> <timestamp>1569581772</timestamp> <database_version>10</database_version> <size>140021</size> <open-size>773120</open-size> </data> <data type="other_db"> <checksum type="sha256">d27a6ae860716f397b20e7cc2a1dc629a4e994ed8c4af47b2f55896c362357d1</checksum> <open-checksum type="sha256">2f84276ba5a8851871b475f7e7a592d7b6b1a6db9d32f855216878a5dc95887f</open-checksum> <location href="repodata/d27a6ae860716f397b20e7cc2a1dc629a4e994ed8c4af47b2f55896c362357d1-other.sqlite.bz2"/> <timestamp>1569581771</timestamp> <database_version>10</database_version> <size>40223</size> <open-size>154624</open-size> </data> <data type="other"> <checksum type="sha256">c858284a272fc99633c2157a1e455cb3fc4344603fae7f3b25f3e9f7220e126e</checksum> <open-checksum type="sha256">c1bccf5eaa6490c389459a028e0bb86d5d3fcd865f21f24e5d80b77a772da3f1</open-checksum> <location href="repodata/c858284a272fc99633c2157a1e455cb3fc4344603fae7f3b25f3e9f7220e126e-other.xml.gz"/> <timestamp>1569581771</timestamp> <size>32764</size> <open-size>177832</open-size> </data> <data type="filelists_db"> <checksum type="sha256">ff1ae7d10ee21bbc0c322ccc516687a22f657385793388e9e2aa6c07a0dabb71</checksum> <open-checksum type="sha256">3c19127fbf9d9e97d810d1d908dbc650e73152e2dc869a0c9a0080dca87d8e8b</open-checksum> <location href="repodata/ff1ae7d10ee21bbc0c322ccc516687a22f657385793388e9e2aa6c07a0dabb71-filelists.sqlite.bz2"/> <timestamp>1569581772</timestamp> <database_version>10</database_version> <size>281424</size> <open-size>1262592</open-size> </data> </repomd>
Cara Membuat Server Repository Lokal Zimbra OSE 8.8.15 di Centos 7
Info Server:
hostname= repo.saad.my.id
ip public= 111.222.333.444
Spesifikasi:
1 CPU Core
1 GB RAM
25 GB HDD
1. Buat A record pada DNS Public dengan hostname repo.saad.my.id pointing ke ip public 111.222.333.444
2. Ubah timezone
timedatectl set-timezone Asia/Jakarta
3. Ubah hostname server
hostnamectl set-hostname repo.saad.my.id
4. Install epel repository
yum install epel-release -y
5. Install python
yum install python-pip -y
6. Install Amazon Web Services CLI
pip install awscli
7. Buat Directory Repositories dan masuk ke directory Repositories
mkdir /var/repositories cd /var/repositories
8. Cloning packages dari Official Repository Zimbra
aws s3 sync s3://repo.zimbra.com/rpm/87 ./rpm/87 --no-sign-request --delete aws s3 sync s3://repo.zimbra.com/rpm/8815 ./rpm/8815 --no-sign-request --delete
9. Install cerbot Let’s Encrypt
yum install certbot-nginx -y
10. Install nginx
yum install nginx -y
11. Jalankan nginx
systemctl start nginx systemctl enable nginx
12. Ubah /etc/nginx/nginx.conf
vi /etc/nginx/nginx.conf
– ubah server_name _; menjadi server_name repo.saad.my.id;
– beri (#) pada root /usr/share/nginx/html;
– tambahkan root /var/repositories; seperti berikut kemudian simpan
server { listen 80 default_server; listen [::]:80 default_server; server_name repo.saad.my.id; #root /usr/share/nginx/html; root /var/repositories; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
13. Verifikasi sintak nginx
sudo nginx -t
14. reload nginx
systemctl reload nginx
15. Install, start dan enable firewalld
yum install firewalld -y systemctl start firewalld systemctl enable firewalld
16. Open akses service http dan https
firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --reload
17. Disable SELinux
vi /etc/selinux/config
ubah enforcing menjadi disabled, seperti di bawah ini, kemudian simpan
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
masukan perintah berikut untuk disable tanpa restart
setenforce 0
18 auto cloning official repository zimbra menggunakan crontab
crontab -e
tambahkan berikut pada baris paling bawah
30 3 * * * /usr/bin/aws s3 sync s3://repo.zimbra.com/rpm/87 /var/repositories/rpm/87 --no-sign-request --delete 30 3 * * * /usr/bin/aws s3 sync s3://repo.zimbra.com/rpm/8815 /var/repositories/rpm/8815 --no-sign-request --delete
Pada Server zimbra yang menggunakan repository local zimbra
1. Buat file dengan nama zimbra.repo
vi /etc/yum.repos.d/zimbra.repo
dan isi dengan berikut:
[zimbra] name=Zimbra RPM Repository baseurl=http://repo.saad.my.id/rpm/87/rhel7 gpgcheck=1 enabled=1 [zimbra-8815-oss] name=Zimbra New RPM Repository baseurl=http://repo.saad.my.id/rpm/8815/rhel7 gpgcheck=1 enabled=1
2. Import public.key zimbra
rpm --import https://files.zimbra.com/downloads/security/public.key
3. Ketika install zimbra ketik ‘n’ enter pada bagian berikut
Use Zimbra's package repository [Y] n
Selesai, Semoga bermanfaat
Berikut layanan yang ada di saadwebid terkait zimbra
Layanan Jasa Maintenance Zimbra
Layanan Jasa Migrasi Zimbra Mail Server
VPS/Cloud Zimbra
SSL Zimbra Mail Server
SMTP Relay
Layanan Antivirus, Antispam dan Antimalware