How to install SOGo and use it with LDAP on a CentOS 7 Linux VPS

Datetime:2016-08-22 23:55:08          Topic: VPS  MySQL           Share

In the following article we’ll show you  how to install SOGo and use it with LDAP on a CentOS 7Linux VPS . If you’re looking on how to set it up on anUbuntu Linux VPS, please refer to our guide on how to install SOGo on Ubuntu 14.04 VPS .

What is SOGo?

SOGois a fully supported and trusted groupware server with a focus on scalability and open standards. SOGo is released under the GNU GPL/LGPL v2 and above. SOGo provides a rich AJAX-based Web interface and supports multiple native clients through the use of standard protocols such as CalDAV, CardDAV and GroupDAV, as well as Microsoft ActiveSync.

SOGois the missing component of your infrastructure; it sits in the middle of your servers to offer your users a uniform and complete interface to access their information. It has been deployed in production environments where thousands of users are involved.

REQUIREMENTS

We assume you already have the following services installed and running on yourlinux virtual server. If you’re using one of ourManaged VPS Hostingservices, please submit a support ticket about this and we’ll install and setup everything for you.

  • Active Directory Server (OpenLDAP, 389ds)
  • Database server (e.g. PostgreSQL or MySQL)
  • SMTP server (e.g. Postfix, Exim);
  • IMAP server (e.g. Cyrus or Dovecot)

0. SSH TO YOUR LINUX VPS

First thing to do is to login to your virtual server via SSH and optionally fire up a screen/tmux session. For example:

ssh YOUR_VPS_IP -p YOUR_VPS_SSH_PORT
screen -U -S sogo-screen

1. UPDATE YOUR LINUX VPS

Next, it’s recommended to fully update your virtual server using the distribution package manager yum :

yum update

2. ADD SOGO REPOSITORY

Create a new file in /etc/yum.repos.d/SOGo.repo and add the following contents:

vim /etc/yum.repos.d/SOGo.repo

[sogo-rhel7]
name=Inverse SOGo Repository
# SOGO 2
#baseurl=http://inverse.ca/downloads/SOGo/RHEL6/$basearch
# SOGO 3
baseurl=http://inverse.ca/rhel-v3/7/$basearch
gpgcheck=0

3. ADD EPEL AND RPMFORGE REPOSITORIES

Some of the dependencies SOGo uses are provided by external repositories, so lets enable the RPMFORGE and EPEL repositories:

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
yum install epel-release

next, enable extras in rpmforge by editing /etc/yum.repos.d/rpmforge.repo :

vim /etc/yum.repos.d/rpmforge.repo

4. INSTALL SOGO AND ITS DEPENDENCIES

SOGo can be easily installed using your virtual server package manager. For example:

yum update
yum install sogo sope49-gdl1-mysql memcached

5. INSTALL DATABASE SERVER

SOGo requires a database server . You can either use MySQL/MariaDB or PostgreSQL. In this case we’re going to use the MariaDB server, so install it via:

yum install mariadb-server
systemctl restart mariadb
systemctl enable mariadb

Now run the following command to post-configure the MySQL database server in your LINUX VPS:

mysql_secure_installation

It is recommended to accept the default action for all questions which is yes. For example:

- Set root password? [Y/n] y
- Remove anonymous users? [Y/n] y
- Disallow root login remotely? [Y/n] y
- Remove test database and access to it? [Y/n] y
- Reload privilege tables now? [Y/n] y

Next, create the SOGo database in MySQL:

mysql -u root -p

mysql> CREATE DATABASE `sogo` CHARACTER SET='utf8';
mysql> CREATE USER 'sogo'@'localhost' IDENTIFIED BY 'RANDOM_PASSWORD';
mysql> GRANT ALL PRIVILEGES ON `sogo`.* TO 'sogo'@'localhost' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;

6. CONFIGURE SOGO

SOGo configurationfile is located in /etc/sogo/sogo.conf . Feel free to tune any parameter to suit your needs:

{

  /* Database configuration (mysql:// or postgresql://) */
  SOGoProfileURL = "mysql://sogo:[email protected]
:3306/sogo/sogo_user_profile"; OCSFolderInfoURL = "mysql://sogo:[email protected]:3306/sogo/sogo_folder_info"; OCSSessionsFolderURL = "mysql://sogo: [email protected]

:3306/sogo/sogo_sessions_folder"; /* Mail */ SOGoDraftsFolderName = Drafts; SOGoSentFolderName = Sent; SOGoTrashFolderName = Trash; SOGoIMAPServer = imaps://mail.domain.com:993; //SOGoSieveServer = sieve://mail.domain.com:4190; SOGoSMTPServer = mail.domain.com; SOGoSMTPAuthenticationType = PLAIN; SOGoForceExternalLoginWithEmail = YES; SOGoMailDomain = domain.com; SOGoMailingMechanism = smtp; //SOGoForceExternalLoginWithEmail = NO; //SOGoMailSpoolPath = /var/spool/sogo; //NGImap4ConnectionStringSeparator = "/"; /* Notifications */ //SOGoAppointmentSendEMailNotifications = NO; //SOGoACLsSendEMailNotifications = NO; //SOGoFoldersSendEMailNotifications = NO; /* Authentication */ //SOGoPasswordChangeEnabled = YES; /* LDAP authentication example */ SOGoUserSources = ( { type = ldap; CNFieldName = cn; UIDFieldName = uid; IDFieldName = uid; // first field of the DN for direct binds bindFields = (uid, mail); // array of fields to use for indirect binds baseDN = "ou=users,ou=sogo,dc=domain,dc=com"; bindDN = "cn=binduser,dc=domain,dc=com"; bindPassword = LDAPbindPassword; canAuthenticate = YES; displayName = "Shared Addresses"; hostname = ldap://ldap.domain.com:389; id = public; isAddressBook = YES; } ); /* Web Interface */ SOGoPageTitle = Office; SOGoVacationEnabled = YES; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = NO; //SOGoMailAuxiliaryUserAccountsEnabled = YES; //SOGoTrustProxyAuthentication = NO; /* General */ SOGoLanguage = English; SOGoTimeZone = Europe/Paris; SOGoCalendarDefaultRoles = ( PublicDAndTViewer, ConfidentialDAndTViewer ); SOGoSuperUsernames = (Administrator); // This is an array - keep the parens! SxVMemLimit = 384; WOPidFile = "/var/run/sogo/sogo.pid"; SOGoMemcachedHost = 127.0.0.1; /* Debug */ //SOGoDebugRequests = YES; //SoDebugBaseURL = YES; //ImapDebugEnabled = YES; //LDAPDebugEnabled = YES; //PGDebugEnabled = YES; //MySQL4DebugEnabled = YES; //SOGoUIxDebugEnabled = YES; //WODontZipResponse = YES; //WOLogFile = /var/log/sogo/sogo.log; }

7. START SOGO SERVICE

SOGo can be easily started using CentOS 7 init manager systemctl

systemctl restart memcached sogod
systemctl enable sogod memcached

8. INSTALL NGINX HTTP SERVER

Next, install the NGINX HTTP server on yourCentOS 7 Linux VPS using the following command:

yum install nginx

create the following virtual host directive / server block:

vim /etc/nginx/conf.d/sogo.conf
server {
 listen 80;
 server_name sogo.domain.com; 
 root /usr/lib64/GNUstep/SOGo/WebServerResources/; 
 #ssl on;
 #ssl_certificate /etc/nginx/sslcerts/mycertificate.crt;
 #ssl_certificate_key /etc/nginx/sslcerts/mykey.key;
 ## requirement to create new calendars in Thunderbird ##
 proxy_http_version 1.1;
 
 # Message size limit
 client_max_body_size 50m;
 client_body_buffer_size 128k;
 
 location = / {
    rewrite ^ http://$server_name/SOGo; 
    allow all; 
 }

 # For iOS 7
 location = /principals/ {
    rewrite ^ http://$server_name/SOGo/dav; 
    allow all; 
 }

 location ^~/SOGo {
    proxy_pass http://127.0.0.1:20000; 
    proxy_redirect http://127.0.0.1:20000 default; 
    # forward user's IP address 
    proxy_set_header X-Real-IP $remote_addr; 
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
    proxy_set_header Host $host; 
    proxy_set_header x-webobjects-server-protocol HTTP/1.0; 
    proxy_set_header x-webobjects-remote-host 127.0.0.1; 
    proxy_set_header x-webobjects-server-name $server_name; 
    proxy_set_header x-webobjects-server-url $scheme://$host; 
    proxy_set_header x-webobjects-server-port $server_port; 
    proxy_connect_timeout 90;
    proxy_send_timeout 90;
    proxy_read_timeout 90;
    proxy_buffer_size 4k;
    proxy_buffers 4 32k;
    proxy_busy_buffers_size 64k;
    proxy_temp_file_write_size 64k;
    break;
 }

 location /SOGo.woa/WebServerResources/ {
    alias /usr/lib64/GNUstep/SOGo/WebServerResources/;
    allow all;
 }

 location /SOGo/WebServerResources/ {
    alias /usr/lib64/GNUstep/SOGo/WebServerResources/; 
    allow all; 
 }

 location (^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$) {
    alias /usr/lib64/GNUstep/SOGo/$1.SOGo/Resources/$2; 
 }

 location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
    alias /usr/lib64/GNUstep/SOGo/$1.SOGo/Resources/$2; 
 }

}

enable the newly created server block using:

nginx -t
systemctl restart nginx
systemctl enable nginx

If you’re one of ourLinux VPS Hosting customers we can help you install SOGo on yourvirtual server for you free of charge. Justcontact us and some of our experts will complete your request immediately.





About List