Dedicated Mail Server Hosting Multiple Domains – Step 2 – Database and Web Administration Interface Setup
This mail server will use Postfix as a MTA, Dovecot as an LDA, IMAP/POP Server, and MariaDB(MySQL) to store user login information. It will also use PostfixAdmin web interface to manage domain, users and mail administrators information.
HTTPD To run the web administration interface and the Webmail we need to have an HTTP server running. Apache probably the most mature HTTP server out there and performance wise is just enough for our setup. You could complicate things by running apache on MPM worker or event, and PHP either by mod_suphp or by FPM. To install these just run yum install httpd php php-mbstring php-imap php-mysqlnd, start the server by running systemctl start httpd and make it start with the server/VM by running systemctl enable httpd.
MariaDB The first part is to install the package(yum install mariadb-server), start the daemon (systemctl start mariadb) and make it start with the server/VM (systemctl enable mariadb). Then you need to run mysql_secure_installation in order to set up the root password for the database. After setting the root password you can answer positively to all of the other question this utility might ask. Also a yum install phpMyAdmin.noarch would help you in the future. Of course you need to edit /etc/httpd/conf.d/phpMyAdmin.conf and add “Require all granted” in the RequireAny section to be able to access it.
Postfix Admin I prefer installing it first, just because the installation process will automatically set up the MariaDB database and create all the necessary tables to run the whole mail server. From the project’s SourceForge page you can download the latest version, unpack it and copy it to the right folder.
wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.91/postfixadmin-2.91.tar.gz cp -R postfixadmin-2.91 /var/www/html/postfixadmin cd /var/www/html/postfixadmin
Now you need to create a MariaDB database and a username with acces to it. To do that in a shell run mysql -p, type in your root password and then type something like this:
create database postfix; grant all on postfix.* to postfixadmin@localhost identified by 'YOUR_POSTFIXADMIN_PASSWORD'; flush privileges;
Edit the file called config.inc.php in the postfixadmin directory and change the following parameters:
$CONF['configured'] = true; $CONF['database_type'] = 'mysqli'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfixadmin'; $CONF['database_password'] = 'YOUR_POSTFIXADMIN_PASSWORD'; $CONF['database_name'] = 'postfix';
In the same file you should probably do a search and replace for the text ‘change-this-to-your.domain.tld’ and put your main domain in.
Then open the server/VM’s IP/hostname in the browser with the right path. You’ll se some problems. One of the problem is the webserver’s ability to write into the templates_c folder. To solve that you need to do something like:
chown apache:apache templates_c/ -R semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/postfixadmin/templates_c(/.*)?" restorecon -R templates_c
If everything went well things should be looking like this:
[root@mailserver postfixadmin]# ls -alsZ templates_c/ total 4 drwxrwxrwt. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 . drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 ..
Then reload the page and type the setup password you want and click on “Generate password hash” then the setup script will give you a hash you need to copy it to the config.inc.php file. The next step is to create the first Postfix Admin username, follow the instructions on the web page.
This web interface needs to send an “Welcome email” that basically creates the virtual Maildir, but, by default, In SELinux HTTPD is not allowed to send email, to allow it just type this in a shell:
semanage boolean -m --on httpd_can_sendmail
Login, create your first domain, your first username, get along with the interface.
And how is the version for nginx for this part of the the tutorial?
I dont know which is the alternative to nginx for httpd_sys_rw_content_t and httpd_can_sendmail
Thanks!
It looks like in CentOS 7 both php-fpm and nginx(installed from EPEL) run as httpd_t so it should work the same.