How to Install Open-Xchange on Debian Linux

5712

 

Since its beginnings as a Microsoft Exchange alternative for small- to medium-sized businessed, the Open-Xchange collaboration suite has stretched a bit beyond just a messaging solution. The flagship product, Open-Xchange Server, is regarded as a full collaborative platform, particularly with the addition of the Infostore document sharing module. Here’s how to install Open-Xchange Server to start on the way to replacing Exchange.

Open-Xchange comes in a multitide of flavors. There is, of course, the stand-alone Server Edition, as well as the Hosting Edition that delivers Open-Xchange to users as a Web app. The Advanced Server Edition features the same Web-based GUI found in the Hosting Edition, but delivers content similarly as the Server Edition. The Open-Xchange Appliance Edition uses the Web-based GUI, too, and functions as a completely self-contained appliance with a wizard-based interface to get started.

For this article, we’ll go old-school and walk through setting up the Server Edition (SE) on an Debian (Lenny) box.

Besides Debian GNU/Linux, Open-Xchange SE is optimized to run on SUSE Linux Enterprise Server 10, and Red Hat Enterprise Linux 5. Additional software requirements include a MySQL database, Oracle Java VM 1.5, and an IMAP server such as Cyrus, Courier, Dovecot, UW IMAP. Finding of all of these pieces isn’t difficult, since Open-Xchange SE ships them with the SE package. However, you will need to know how to configure all of these services, which requires a fair amount of expertise, since there’s no GUI configuration tools for the Server Edition.

Specifically, this article will demonstrate how to set up Open-Xchange SE 6.18, as well as the basic configuration steps. This is a single server install, without any distributed or clustering capabilities involved in the deployed product. All you need is a Debian Lenny install and a working Internet connection.

The easiest way to install Open-Xchange SE on Debian is to add the Open-Xchange repository to the repository list and let Debian’s package manager do the heavy lifting.

Start the Terminal application to start your favorite editor that will modify the Debian repository information file sources.list to add the Open-Xchange software repository.

$ sudo gedit /etc/apt/sources.list

At the end of the file add:

deb http://software.open-xchange.com/OX6/6.18/DebianLenny/ /

In addition, you’ll also need Sun Java and thus you should add/activate the Debian non-free repositories if it’s not in sources.list already:

 


deb http://mirrors.kernel.org/debian/ lenny main non-free
deb-src http://mirrors.kernel.org/debian/ lenny main non-free
deb http://security.debian.org/ lenny/updates main non-free
deb-src http://security.debian.org/ lenny/updates main non-free

 

Reload the package index with the next command. This will download the package descriptions available at the software repositories:

 

$ sudo apt-get update

 

Because Open-Xchange started using meta packages after version 6.16, you can pretty much type in one command to start the download and installation process of all required packages of an Open-Xchange deployment on a single server:

$ sudo aptitude install mysql-server open-xchange-meta-singleserver open-xchange-authentication-database open-xchange-spamhandler-default

The install process runs mostly automatically, but you will need to watch it to approve the sun-jre packages. If you plan to only manage your Open-Xchange installation via database and do not plan to integrate, such as with LDAP and Open-XchangeLDAPSync, you might also want to install the package open-xchange-meta-databaseonly.

You can still install the single packages individually, if you need to select a specific set of functionality that you’d like to have. No matter what, be sure to install the mysql-server package along with the (meta-) packages you use for your install.

When you get the packages installed, it’s time to configure your system. There are three administration levels that require different credentials at some point during installation and server configuration. The provided passwords are weak and must be replaced by stronger passwords.

  • The MySQL database user
  • Username: openexchange
  • Password provided: db_password

The Open-Xchange Admin Master

  • Username: oxadminmaster
  • Password provided: admin_master_password

The Context Admin

  • Username: oxadmin
  • Password provided: admin_password

In order to set up Open-Xchange SE, it is mandatory to have the database running:

$ /etc/init.d/mysql start

It’s also a good idea is to add the Open-Xchange binaries to your $PATH:

$ echo PATH=$PATH:/opt/open-xchange/sbin/ >> ~/.bashrc && . ~/.bashrc

Now we have to initialize the Open-Xchange configdb database. This can all be done by executing the initconfigdb script.

$ /opt/open-xchange/sbin/initconfigdb --configdb-pass=db_password -a

Add the -i option if you want to remove an already existing Open-Xchange configdb.

It should be noted, the -a parameter adds an administrative account to mysql, which is required for the creation of the oxdatabase database. You may have problems following the instructions of this article if you either set a mysql root password or do not create this administrative account. If you have manually setup an administrative account, grant the permissions for database creation or you may have problems in the context creation.

Before starting any service, all basic configuration files need to be set up correctly. The --configdb-pass option indicates the password of the openexchange database user previously created, the --master-pass options specifies the password of the Open-Xchange adminmaster user created when executing the oxinstaller script:

$ /opt/open-xchange/sbin/oxinstaller --add-license=YOUR-Open-Xchange-LICENSE-CODE
--servername=oxserver --configdb-pass=db_password
--master-pass=admin_master_password --ajp-bind-port=localhost

If you do not plan to license Open-Xchange, you can use the option --no-license instead. Please also check Open-XchangeReportClient documentation for more information about configuring a supported and maintained Open-Xchange server.

After initializing the configuration, start the Open-Xchange Administration service by executing:

$ sudo /etc/init.d/open-xchange-admin start

Next, we have to register the local server at the Open-Xchange configdb database:

$ /opt/open-xchange/sbin/registerserver -n oxserver -A oxadminmaster -P admin_master_password

Now we have to create a local directory that should be used as Open-Xchange filestore. This directory will contain all Infostore content and files attached to groupware objects. To maintain access by the Open-Xchange Groupware service, it is required to grant permissions to the Open-Xchange system user.

$ mkdir /var/opt/filestore
$ chown open-xchange:open-xchange /var/opt/filestore

Register the directory as a filestore at the Open-Xchange server:

$ /opt/open-xchange/sbin/registerfilestore -A oxadminmaster -P admin_master_password
-t file:/var/opt/filestore

Finally, register the groupware database, which is a separated database where all groupware specific data is stored:

$ /opt/open-xchange/sbin/registerdatabase -A oxadminmaster -P admin_master_password
-n oxdatabase -p db_password -m true

Now that the Open-Xchange Server has been set up and the database is running, you need to configure the Apache Web server and the mod_proxy_ajp module to access the groupware frontend. To gain better GUI performance, the usage of mod_expires and mod_deflate is strongly recommended. Those modules will limit the amount of client requests and compress the delivered content.

 

$ sudo a2enmod proxy_ajp
$ sudo a2enmod expires
$ sudo a2enmod deflate
$ sudo a2enmod headers
$ sudo a2enmod rewrite

 

To enable the modules, run:

 

$ sudo /etc/init.d/apache2 force-reload

 

Configure the mod_proxy_ajp module by creating a new Apache configuration file with the following content:

$ gedit /etc/apache2/conf.d/proxy_ajp.conf

 


<Proxy *>
Order deny,allow
allow from all
</Proxy>

ProxyPass /axis2 ajp://127.0.0.1:8009/axis2 smax=0 ttl=60 retry=5
ProxyPass /ajax ajp://127.0.0.1:8009/ajax smax=0 ttl=60 retry=5
ProxyPass /servlet ajp://127.0.0.1:8009/servlet smax=0 ttl=60 retry=5
ProxyPass /infostore ajp://127.0.0.1:8009/infostore smax=0 ttl=60 retry=5
ProxyPass /publications ajp://127.0.0.1:8009/publications smax=0 ttl=60 retry=5
# next line is required for Open-Xchangetender for Business Mobility only
ProxyPass /Microsoft-Server-ActiveSync ajp://127.0.0.1:8009/Microsoft-Server-ActiveSync smax=0 ttl=60 retry=5

 

Modify the default website settings to display the Open-Xchange GUI with your preferred text editor.

$ gedit /etc/apache2/sites-available/default

 


<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /var/www/

	<Directory /var/www/>
		AllowOverride None
		Order allow,deny
		allow from all
		RedirectMatch ^/$ /ox6/
               Options +FollowSymLinks +SymLinksIfOwnerMatch
	</Directory>
       # deflate
      AddOutputFilterByType DEFLATE text/html text/plain text/javascript application/javascript text/css text/xml application/xml text/x-js application/x-javascript

	# pre-compressed files
	AddType text/javascript .jsz
	AddType text/css .cssz
	AddType text/xml .xmlz
	
	AddEncoding gzip .jsz .cssz .xmlz
	SetEnvIf Request_URI ".(jsz|cssz|xmlz)$" no-gzip
	
	ExpiresActive On
	
	<Location /ox6>
	        # Expires (via ExpiresByType to override global settings)
	        ExpiresByType image/gif "access plus 6 months"
	        ExpiresByType image/png "access plus 6 months"
	        ExpiresByType image/jpg "access plus 6 months"
	        ExpiresByType image/jpeg "access plus 6 months"
	        ExpiresByType text/css "access plus 6 months"
	        ExpiresByType text/html "access plus 6 months"
	        ExpiresByType text/xml "access plus 6 months"
	        ExpiresByType text/javascript "access plus 6 months"
	        ExpiresByType text/x-js "access plus 6 months"
	        ExpiresByType application/x-javascript "access plus 6 months"
	        ExpiresDefault "access plus 6 months"
	        Header append Cache-Control "private"
	        Header unset Last-Modified
	        Header unset Vary
	        # Strip version
	        RewriteEngine On
	        RewriteRule v=w+/(.+) $1 [L]
	        # Turn off ETag
	        Header unset ETag
	        FileETag None
	</Location>
	
	<Location /ox6/ox.html>
	        ExpiresByType text/html "now"
	        ExpiresDefault "now"
	        Header unset Last-Modified
	        Header set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
	        # Turn off ETag
	        Header unset ETag
	        FileETag None
	</Location>
	
	<Location /ox6/index.html>
	        ExpiresByType text/html "now"
	        ExpiresDefault "now"
	        Header unset Last-Modified
	        Header set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
	        # Turn off ETag
	        Header unset ETag
	        FileETag None
	</Location>
</VirtualHost>

 

After the configuration is done, restart the Apache Web server.

$ sudo /etc/init.d/apache2 restart

Finally start the Open-Xchange Groupware service.

$ sudo /etc/init.d/open-xchange-groupware start

With the whole setup is complete, you should see a login screen when accessing the server with a web browser. At this point, we have to setup a context and a default user.

Mapping defaultcontext will allow you to set this context as the default one for the entire system, so that users created within this context can login into Open-Xchange Server without specifying their domain at the login screen. Only one context can be specified as defaultcontext.

The oxadmin user also created by this command is the default admin of the created context. This account will gather additional functions, which are also described in the administration manual. The context id parameter be unique and numeric, else the server will complain when you try to create a context. New contexts must be created by the oxadminmaster user, while user accounts inside a context are created with the credentials of the context’s oxadmin account. The access-combination-name property defines the set of available modules and functions for users of the context.

 

$ /opt/open-xchange/sbin/createcontext -A oxadminmaster -P admin_master_password -c 1 
-u oxadmin -d "Context Admin" -g Admin -s User -p admin_password -L defaultcontext 
-e 
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
  -q 1024 --access-combination-name=all

 

If you would like to create a user for testing purposes, use this command:

 

$ /opt/open-xchange/sbin/createuser -c 1 -A oxadmin -P admin_password -u testuser 
-d "Test User" -g Test -s User -p secret -e 
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
  
--imaplogin testuser --imapserver 127.0.0.1 --smtpserver 127.0.0.1

 

Now connect to the server with a Web browser and login using the credentials testuser / secret.

At this point, you have completed the core steps to getting your Open-Xchange SE installation up and running. There are, naturally, more configuration settings to be manages, and it is recommended you visit the Open-Xchange Configuration Guide for more information.