Published September 06, 2020 by

Migrate AWS S3 bucket to another AWS account

In this tutorial, I will explain how to migrate the AWS S3 bucket or objects from one AWS account to another AWS account or region.

Step 1: Get Destination AWS Account Number

Sign in to the destination AWS account. Go to My Account → Account Id and copy the account id from there.

Step 2: Create Source S3 Bucket

Sign in to source AWS account. Create a bucket in S3 and Attach the following policy to the bucket.

 {  
   "Version": "2012-10-17",  
   "Statement": [  
     {  
       "Sid": "DelegateS3Access",  
       "Effect": "Allow",  
       "Principal": {  
         "AWS": "arn:aws:iam::DESTINATION_BUCKET_ACCOUNT_NUMBER:root"  
       },  
       "Action": [  
         "s3:ListBucket",  
         "s3:GetObject"  
       ],  
       "Resource": [  
         "arn:aws:s3:::SOURCE_BUCKET_NAME/*",  
         "arn:aws:s3:::SOURCE_BUCKET_NAME"  
       ]  
     }  
   ]  
 }  

Step 3: Create Destination S3 Bucket

Sign in to the destination AWS account. Create a bucket in S3.

Step 4: Create IAM User In Destination AWS Account
Create a new IAM user in the destination AWS account and Attach the following policy to that user. 
 {   
   "Version": "2012-10-17",   
   "Statement": [   
    {   
     "Effect": "Allow",   
     "Action": [   
      "s3:ListBucket",   
      "s3:GetObject"   
     ],   
     "Resource": [   
      "arn:aws:s3:::SOURCE_BUCKET_NAME",   
      "arn:aws:s3:::SOURCE_BUCKET_NAME/*"   
     ]   
    },   
    {   
     "Effect": "Allow",   
     "Action": [   
      "s3:ListBucket",   
      "s3:PutObject",   
      "s3:PutObjectAcl"   
     ],   
     "Resource": [   
      "arn:aws:s3:::DESTINATION_BUCKET_NAME",   
      "arn:aws:s3:::DESTINATION_BUCKET_NAME/*"   
     ]   
    }   
   ]   
  }  

Step 5: Sync or copy S3 Bucket or objects To Destination bucket

Now we can copy or sync S3 bucket or objects from the source account to the destination account by using the following AWS CLI command.
 aws s3 sync s3://SOURCE-BUCKET-NAME s3://DESTINATION-BUCKET-NAME   
As you see we did not define any access control list during the command. We can use --acl parameter for this purpose and provide canned ACLs to apply to all objects.
 aws s3 sync s3://SOURCE-BUCKET-NAME s3://DESTINATION-BUCKET-NAME --acl public-read   

Read More

,

Published September 06, 2020 by

Auto change AMI in AWS launch-configuration

 

Normally, we create AMIs manually and update the launch configurations of different auto-scaling groups using those AMIs. This kind of repetitive work becomes tedious on a daily basis and there’s no such feature in AWS to do this automatically. 

After getting frustrated, I thought of getting this fixed on a permanent basis. Using my knowledge of shell scripting and basic AWS CLI commands, I have created a shell script to do this automatically. 

What does this script do?
    1. Get instance id from AutoScallingGroup
    2. Get launch configuration name from AutoScallingGroup
    3. Create AMI from the instance which gets in step 1
    4. Create a new Launch Configuration
    5. Update Auto Scaling Group to use newly created Launch Configuration
    6. Delete old Launch Configuration 

How to choose a specific instance from ASG?
In that case, you can specify the instance ID as well along with the autoscaling group name. The script will then create it’s AMI and update the launch configuration.

And Finally below is the shell script 
 #!/bin/bash  
   
 #Define parameters  
 ASG_NAME="myapp"  
 NEW_LC="myapp-$(date +%Y-%m-%d_%H-%M)"  
 TIME=$(date +%Y-%m-%d_%H-%M)  
   
 echo "Selected Auto Scaling Group is ${ASG_NAME}"  
   
 # Get instance id from ASG_NAME  
 RANDOM_INST_ID="$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names ${ASG_NAME} --query 'AutoScalingGroups[].Instances[?HealthStatus==`Healthy`].InstanceId' | head -3 | sed 1d | sed 1d | sed 's/ //g' | sed 's/"//g')";  
   
 # Get launch configuration name from ASG_NAME  
 LC_NAME=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names ${ASG_NAME} --query 'AutoScalingGroups[].LaunchConfigurationName' | head -2 | sed 1d | sed 's/ //g' | sed 's/"//g')  
   
 # Create AMI  
 IMAGE=`aws ec2 create-image --instance-id ${RANDOM_INST_ID} --name NEW-IMAGE-${TIME} --no-reboot --output text`  
   
 echo "Create Image of instance ${RANDOM_INST_ID}"  
   
 # Create Launch Configuration  
 aws autoscaling create-launch-configuration --launch-configuration-name ${NEW_LC} --image-id ${IMAGE} --instance-type t2.micro --key myapp --associate-public-ip-address --security-groups sg-0123456ghbh79  
   
 echo "create new Launch Configuration ${NEW_LC}"  
   
 # Update Auto Scaling Group to use new Launch Configuration  
 aws autoscaling update-auto-scaling-group --auto-scaling-group-name ${ASG_NAME} --launch-configuration-name ${NEW_LC}  
   
 echo "New Launch Configuration is updated in ASG ${NEW_LC}"  
   
 # Delete old Auto Scaling Launch Configuration  
 aws autoscaling delete-launch-configuration --launch-configuration-name ${LC_NAME}  
   
 echo "Delete old Launch Configuration"  
   
 echo "SUCCESS!"  

Read More
Published June 14, 2019 by

Restrict users to send mails to certain domains in Zimbra Mail server

This article, I have been explained how to restrict users to send emails to certain users or domains in the Zimbra mail server.

Do the following activity as Zimbra user.

1. Open file /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf and add this line at the top.
 check_sender_access lmdb:/opt/zimbra/conf/restricted_senders  

2. Open file /opt/zimbra/conf/zmconfigd.cf and Find the section labeled SECTION mta and enter the following two lines directly below
 POSTCONF  smtpd_restriction_classes   local_only  
 POSTCONF  local_only                 FILE postfix_check_recipient_access.cf  

3. Create a file "/opt/zimbra/conf/postfix_check_recipient_access.cf" and add the folloeing line
 check_recipient_access lmdb:/opt/zimbra/conf/local_domains, reject  

4. Create a file "/opt/zimbra/conf/restricted_senders" and list all the users, whom you want to restrict. Follow this syntax:
 user@yourdomain.com      local_only  

If you would like to restrict all users of a domain, enter the domain name instead of email ids. For example:
 yourdomain.com      local_only  

5. Create a file "/opt/zimbra/conf/local_domains" and list all the domains where "restricted users" allowed to sent emails.
 yourdomain.com           OK   
 otheralloweddomain.com   OK  

6. Finally, Run below commands for implement
 postmap /opt/zimbra/conf/restricted_senders  
 postmap /opt/zimbra/conf/local_domains   
 zmmtactl stop   
 zmmtactl start  

Please try to sending email to allowed domain and not allowed domain. If you insert new user on number 4 or new domain on number 5, don’t forget to run again number 6.


Undo this configuration

Remove Step 2

and run below commands:
 postconf -e smtpd_restriction_classes=' '  
 zmmtactl reload  

Read More
Published June 07, 2019 by

How to Take Backup of Zimbra Mail Server


Below shell script is a take a backup of you all email accounts in Zimbra
 #!/bin/bash  
   
 ################################################  
 # Zimbra backup script for open source edition #  
 ################################################  
   
 ZIMBRA_HOME=/opt/zimbra  
 ZIMBRA_BIN=$ZIMBRA_HOME/bin  
 ZIMBRA_BACKUP_DIR=$ZIMBRA_HOME/backup   
 BACKUP_DATE=`date +%G-%m-%d_%H-%M`   
   
 # set default option is 0 (unset)  
 VERBOSE=0   
   
 log()  
 {  
   # verbose option is turn on  
   if [ $VERBOSE -eq 1 ]; then  
     echo $1  
   fi  
 }  
   
 usage()   
 {  
   
   cat << EOF  
 zmbackup: zmbackup [-o path] -a|-u mailbox  
 EOF  
   
 }  
   
 backup_mailbox()  
 {  
   mbox=$1  
   log "start backup mailbox $mbox"  
   
   if [ ! -z $2 ]; then  
     $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$2/$mbox-$BACKUP_DATE.tgz  
     log "backup mailbox $mbox successful"  
     log "backup to $ZIMBRA_BACKUP_DIR/$2"  
   
   else  
     $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$mbox-$BACKUP_DATE.tgz   
     log "backup mailbox $mbox successful"  
     log "backup to $ZIMBRA_BACKUP_DIR"  
   fi  
 }   
   
 create_pack_backup()  
 {    
   log "search domain"  
   domains=`$ZIMBRA_BIN/zmprov gad`  
   
   for domain in $domains; do  
     log "start backup domain $domain"   
   
     # get all accounts from domain  
     mboxs=`$ZIMBRA_BIN/zmprov -l gaa $domain`  
   
     # check directory if -o is set  
     mkdir -p $ZIMBRA_BACKUP_DIR/$domain  
   
     # fetch account in tgz format  
     for mbox in $mboxs; do  
 #      $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$domain/$mbox-$BACKUP_DATE.tgz  
       backup_mailbox $mbox $domain  
     done  
   
     # pack mailbox in domain  
     cd $ZIMBRA_BACKUP_DIR/$domain  
     tar czf $domain-$BACKUP_DATE.tgz `ls`  
     mv $domain-$BACKUP_DATE.tgz $ZIMBRA_BACKUP_DIR  
     cd $ZIMBRA_BACKUP_DIR  
     rm -rf $ZIMBRA_BACKUP_DIR/$domain  
       
     log "backup domain $domain successful"  
   
   done  
 }  
   
 # Option  
 # zmbackup [-ah] [-u mailbox] [-o path]   
 while getopts :aho:u:v OPTION; do  
   case $OPTION in  
     a )  
       AFLAG=1  
       ;;  
     h )  
       usage  
       ;;  
     o )  
       if [ -z $OPTARG ]; then  
         echo "-o option must specific path"  
         exit 1  
       else  
         ZIMBRA_BACKUP_DIR=${OPTARG:0:${#OPTARG}-1} # substring from 0 to strlen - 1  
       fi  
       ;;  
     u )   
       if [ -z $OPTARG ]; then  
         echo "-u option must specific mailbox"  
       else  
         UFLAG=$OPTARG  
       fi  
       ;;  
     v )  
       VERBOSE=1  
       ;;  
     # other option doesn't match  
     * )  
       usage  
       exit 1  
       ;;  
   esac  
 done  
   
 # if not specific -a or -u it error and exit the script  
 if [ -z $UFLAG ] && [[ $AFLAG -ne 1 ]]; then  
   echo "you must specific -a or -u option"  
   exit 1  
 fi  
   
 # if UFLAG has value but AFLAG is used  
 if [ ! -z $UFLAG ] && [[ $AFLAG -eq 1 ]]; then  
   echo "use -a or -u"  
   exit 1  
 # if declare UFLAG  
 elif [ ! -z $UFLAG ]; then  
   backup_mailbox $UFLAG  
 fi  
   
 # if AFLAG on  
 if [[ $AFLAG -eq 1 ]]; then  
   create_pack_backup  
 fi  
   

For taking a backup run this above script with -a parameter
 ./zmbackup.sh -a  

the backup file is stored in /opt/zimbra/backup
Read More
Published June 07, 2019 by

Redirect HTTP to HTTPS in Zimbra Mail Server


Using Below command we can forcefully redirect all HTTP request to HTTPS in Zimbra Mail Server.

 # su - zimbra  
 # zmprov ms myserver.yourdomain.com zimbraReverseProxyMailMode redirect  
 # zmcontrol restart  

OR

 # su – zimbra  
 # zmtlsctl redirect  
 # zmcontrol restart  

Read More
Published June 06, 2019 by

Install Rocket.Chat on Ubuntu or Debian

Rocket Chat is the leading open source team chat software solution. Free, unlimited and completely customizable with on-premises and SaaS cloud hosting.

You can consider rocket chat as an alternative to Skype and Slack chat solutions.


In this tutorial, we are learning how to install rocket chat on Ubuntu or Debian and configure let's encrypt SSL also we discuss how to take backup Rocket chat server.

Install Rocket chat Server

1. Update the system.
 sudo apt-get update  

2. Install snap if it is not installed.
 sudo apt-get install snapd  

3. Install Rocket Chat
 sudo snap install rocketchat-server  

4. Check if Rocket Chat is running
 sudo service snap.rocketchat-server.rocketchat-server status  

Then browse to http://localhost:3000 and setup Rocket Chat Server. 


Setup NGINX with Reverse Proxy and SSL

5. Install Nginx and enabled to start automatically on reboot
 sudo apt install nginx  
 sudo systemctl start nginx  
 sudo systemctl enable nginx  
6. Set up NGINX Reverse Proxy

Remove the default site
 sudo rm /etc/nginx/sites-enabled/default  

Create /etc/nginx/sites-available/rocketchat.conf file.
 vim /etc/nginx/sites-available/rocketchat.conf  

add the necessary values to point to your domain name and to add the reverse proxy. Replace example.com with your actual domain name.
 server {  
   listen 80;  
   
   server_name example.com;  
   
   location / {  
     proxy_pass http://localhost:3000/;  
   }  
 }  

Enable the new configuration by creating a link to it from /etc/nginx/sites-available/
 sudo ln -s /etc/nginx/sites-available/rocketchat.conf /etc/nginx/sites-enabled/  

Test the configuration and reload the new configuration
 sudo nginx -t  
 sudo nginx -s reload  

7. Generate SSL certificates using Certbot
 sudo apt-get install python-certbot-nginx  
 sudo certbot --nginx  

Certbot will ask for information about the site. The responses will be saved as part of the certificate also Certbot will also ask if you would like to automatically redirect HTTP traffic to HTTPS traffic. It is recommended that you select this option.

Again Test the configuration and reload the new configuration
 sudo nginx -t  
 sudo nginx -s reload  

Then browse to https://yourdomain.com and setup Rocket Chat Server. 
Read More
Published May 05, 2019 by

Configure Let's Encrypt SSL in Zimbra Mail Server

In this tutorial, we configure let's encrypt SSL in our Zimbra mail server which we have configured in the previous post.

For install ssl in zimbra create file named zimbra-ssl.sh.
 sudo vim zimbra-ssl.sh   
Insert Below script in a zimbra-ssl.sh file and save.
 #!/bin/bash  
   
 # SSL certificate installation in Zimbra  
 # with SSL certificate provided by Let's Encrypt (letsencrypt.org)  
 # Author: Subhash (serverkaka.com)  
   
 # Check if running as root  
 if [ "$(id -u)" != "0" ]; then  
   echo "This script must be run as root" 1>&2  
   exit 1  
 fi  
   
 read -p 'letsencrypt_email [xx@xx.xx]: ' letsencrypt_email  
 read -p 'mail_server_url [xx.xx.xx]: ' mail_server_url  
   
 # Check All variable have a value  
 if [ -z $mail_server_url ] || [ -z $letsencrypt_email ]  
 then  
    echo run script again please insert all value. do not miss any value  
 else  
   
 # Installation start  
 # Stop the jetty or nginx service at Zimbra level  
 su - zimbra -c 'zmproxyctl stop'  
 su - zimbra -c 'zmmailboxdctl stop'  
   
 # Install git and letsencrypt  
 cd /opt/  
 apt-get install git -y  
 git clone https://github.com/letsencrypt/letsencrypt  
 cd letsencrypt  
   
 # Get SSL certificate  
 ./letsencrypt-auto certonly --standalone --non-interactive --agree-tos --email $letsencrypt_email -d $mail_server_url --hsts  
 cd /etc/letsencrypt/live/$mail_server_url  
 cat <<EOF >>chain.pem  
 -----BEGIN CERTIFICATE-----  
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/  
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT  
 DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow  
 PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD  
 Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB  
 AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O  
 rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq  
 OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b  
 xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw  
 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD  
 aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV  
 HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG  
 SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69  
 ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr  
 AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz  
 R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5  
 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo  
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ  
 -----END CERTIFICATE-----  
 EOF  
   
 # Verify commercial certificate  
 mkdir /opt/zimbra/ssl/letsencrypt  
 cp /etc/letsencrypt/live/$mail_server_url/* /opt/zimbra/ssl/letsencrypt/  
 chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*  
 ls -la /opt/zimbra/ssl/letsencrypt/  
 su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem'  
   
 # Deploy the new Let's Encrypt SSL certificate  
 cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")  
 cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key  
 sudo chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key  
 su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem'  
   
 # Restart Zimbra  
 su - zimbra -c 'zmcontrol restart'  
   
 # setting auto https redirect  
 cd /opt && touch https-redirect.sh && chown zimbra:zimbra https-redirect.sh && chmod +x https-redirect.sh  
 cat <<EOF >>/opt/https-redirect.sh  
 zmprov ms $mail_server_url zimbraReverseProxyMailMode redirect  
 EOF  
 su - zimbra -c '/opt/https-redirect.sh'  
 rm /opt/https-redirect.sh  
 fi  
Give execute permission to the zimbra-ssl.sh file
 sudo chmod +x zimbra-ssl.sh  
Finally, now run the zimbra-ssl.sh file
 sudo ./zimbra-ssl.sh  

After successfully script execute, Go to a browser and check https://mail.servrkaka.com/



For more script and installation note check this link: https://github.com/SubhashPatel/Install-Zimbra-mail-server-ubuntu

Read More
Published May 05, 2019 by

Install and Configure Zimbra Mail Server in Ubuntu/Debian

Zimbra Collaboration Suite (ZCS) is a collaborative software suite that includes an email server and web client.

The software consists of both client and server components, and a desktop client. Two versions of Zimbra are available: an open-source version and a commercially supported version ("Network Edition") with closed-source components such as a proprietary Messaging Application Programming Interface connector to Outlook for calendar and contact synchronization.

The ZCS Server uses open source projects such as:
  • Postfix
  • MariaDB (since version 8.5)
  • OpenDKIM (since version 8.0)
  • OpenLDAP
  • Jetty (since version 5)
  • Lucene
  • ClamAV
  • SpamAssassin
  • Amavis (amavisd-new)
  • DSPAM (deprecated starting 8.7)
  • Aspell
  • nginx (since 5.0)
Prerequisite:

2 GHz 64 bit CPU
Minimum 8 GB RAM
Minimum 10 GB disk

Configure Hostname

Edit /etc/hosts and add the line 192.168.0.25 mail.serverkaka.com mail. Change 192.168.0.25 with the Local IP you want to use.
 root@mail:~# cat /etc/hosts  
 127.0.0.1 localhost  
 192.168.0.25 mail.serverkaka.com mail  
Also edit /etc/hostname and the line 'mail'
 root@mail:~# cat /etc/hostname  
 mail  
Reboot the system and test the FQDN of your server with the command hostname -f and hostname.
 root@mail:~# hostname -f   
 mail.serverkaka.com  
 root@mail:~# hostname   
 mail  
DNS Setup Before Install

Before Zimbra installation, we have to set up DNS configuration (A record and MX Record).

A Record
TypeHostPoints toTTL
Amail34.73.91.191 Hour
MX Record
TypeHostPoints toPriorityTTL
MX@mail.serverkaka.com101 Hour
Don't forget to change above value with actual value.

Zimbra Server Installation

For Install  Zimbra mail server Create a file named Zimbra.sh
 sudo vim zimbra.sh  
Insert Below script in a Zimbra.sh file and save.
 #!/bin/bash -x  
   
 # Zimbra mail server installation in Ubuntu 14.04 and 16.04  
 # Author: Subhash (serverkaka.com)  
   
 # Check if running as root  
 if [ "$(id -u)" != "0" ]; then  
   echo "This script must be run as root" 1>&2  
   exit 1  
 fi  
   
 ## Preparing all the variables like IP, Hostname, etc, all of them from the server  
 RANDOMHAM=$(date +%s|sha256sum|base64|head -c 10)  
 RANDOMSPAM=$(date +%s|sha256sum|base64|head -c 10)  
 RANDOMVIRUS=$(date +%s|sha256sum|base64|head -c 10)  
 HOSTNAME=$(hostname -s)  
   
 ##Install a DNS Server  
 sudo apt-get update && sudo apt-get install -y bind9 bind9utils bind9-doc  
 echo "Installing Bind DNS Server"  
 sed "s/-u/-4 -u/g" /etc/default/bind9 > /etc/default/bind9.new  
 mv /etc/default/bind9.new /etc/default/bind9  
 rm /etc/bind/named.conf.options  
 cat <<EOF >>/etc/bind/named.conf.options  
 options {  
 directory "/var/cache/bind";  
 listen-on { $2; }; # ns1 private IP address - listen on private network only  
 allow-transfer { none; }; # disable zone transfers by default  
 forwarders {  
 8.8.8.8;  
 8.8.4.4;  
 };  
 auth-nxdomain no; # conform to RFC1035  
 #listen-on-v6 { any; };  
 };  
 EOF  
 cat <<EOF >>/etc/bind/named.conf.local  
 zone "$1" {  
     type master;  
     file "/etc/bind/db.$1";  
 };  
 EOF  
 touch /etc/bind/db.$1  
 cat <<EOF >/etc/bind/db.$1  
 \$TTL 604800  
 @   IN   SOA  ns1.$1. root.localhost. (  
                 2    ; Serial  
             604800    ; Refresh  
             86400    ; Retry  
             2419200    ; Expire  
             604800 )   ; Negative Cache TTL  
   ;  
   @   IN   NS   ns1.$1.  
   @   IN   A   $2  
   @   IN   MX   10   $HOSTNAME.$1.  
   $HOSTNAME   IN   A   $2  
   ns1   IN   A   $2  
   mail   IN   A   $2  
   pop3   IN   A   $2  
   imap   IN   A   $2  
   imap4   IN   A   $2  
   smtp   IN   A   $2  
 EOF  
 sudo service bind9 restart  
   
 ##Preparing the config files to inject  
 echo "Creating the Scripts files"  
 mkdir /tmp/zcs && cd /tmp/zcs  
 touch /tmp/zcs/installZimbraScript  
 cat <<EOF >/tmp/zcs/installZimbraScript  
 AVDOMAIN="$1"  
 AVUSER="admin@$1"  
 CREATEADMIN="admin@$1"  
 CREATEADMINPASS="$3"  
 CREATEDOMAIN="$1"  
 DOCREATEADMIN="yes"  
 DOCREATEDOMAIN="yes"  
 DOTRAINSA="yes"  
 EXPANDMENU="no"  
 HOSTNAME="$HOSTNAME.$1"  
 HTTPPORT="8080"  
 HTTPPROXY="TRUE"  
 HTTPPROXYPORT="80"  
 HTTPSPORT="8443"  
 HTTPSPROXYPORT="443"  
 IMAPPORT="7143"  
 IMAPPROXYPORT="143"  
 IMAPSSLPORT="7993"  
 IMAPSSLPROXYPORT="993"  
 INSTALL_WEBAPPS="service zimlet zimbra zimbraAdmin"  
 JAVAHOME="/opt/zimbra/common/lib/jvm/java"  
 LDAPAMAVISPASS="$3"  
 LDAPPOSTPASS="$3"  
 LDAPROOTPASS="$3"  
 LDAPADMINPASS="$3"  
 LDAPREPPASS="$3"  
 LDAPBESSEARCHSET="set"  
 LDAPDEFAULTSLOADED="1"  
 LDAPHOST="$HOSTNAME.$1"  
 LDAPPORT="389"  
 LDAPREPLICATIONTYPE="master"  
 LDAPSERVERID="2"  
 MAILBOXDMEMORY="512"  
 MAILPROXY="TRUE"  
 MODE="https"  
 MYSQLMEMORYPERCENT="30"  
 POPPORT="7110"  
 POPPROXYPORT="110"  
 POPSSLPORT="7995"  
 POPSSLPROXYPORT="995"  
 PROXYMODE="https"  
 REMOVE="no"  
 RUNARCHIVING="no"  
 RUNAV="yes"  
 RUNCBPOLICYD="no"  
 RUNDKIM="yes"  
 RUNSA="yes"  
 RUNVMHA="no"  
 SERVICEWEBAPP="yes"  
 SMTPDEST="admin@$1"  
 SMTPHOST="$HOSTNAME.$1"  
 SMTPNOTIFY="yes"  
 SMTPSOURCE="admin@$1"  
 SNMPNOTIFY="yes"  
 SNMPTRAPHOST="$HOSTNAME.$1"  
 SPELLURL="http://$HOSTNAME.$1:7780/aspell.php"  
 STARTSERVERS="yes"  
 SYSTEMMEMORY="3.8"  
 TRAINSAHAM="ham.$RANDOMHAM@$1"  
 TRAINSASPAM="spam.$RANDOMSPAM@$1"  
 UIWEBAPPS="yes"  
 UPGRADE="yes"  
 USEKBSHORTCUTS="TRUE"  
 USESPELL="yes"  
 VERSIONUPDATECHECKS="TRUE"  
 VIRUSQUARANTINE="virus-quarantine.$RANDOMVIRUS@$1"  
 ZIMBRA_REQ_SECURITY="yes"  
 ldap_bes_searcher_password="$3"  
 ldap_dit_base_dn_config="cn=zimbra"  
 ldap_nginx_password="$3"  
 ldap_url="ldap://$HOSTNAME.$1:389"  
 mailboxd_directory="/opt/zimbra/mailboxd"  
 mailboxd_keystore="/opt/zimbra/mailboxd/etc/keystore"  
 mailboxd_keystore_password="$3"  
 mailboxd_server="jetty"  
 mailboxd_truststore="/opt/zimbra/common/lib/jvm/java/jre/lib/security/cacerts"  
 mailboxd_truststore_password="changeit"  
 postfix_mail_owner="postfix"  
 postfix_setgid_group="postdrop"  
 ssl_default_digest="sha256"  
 zimbraDNSMasterIP=""  
 zimbraDNSTCPUpstream="no"  
 zimbraDNSUseTCP="yes"  
 zimbraDNSUseUDP="yes"  
 zimbraDefaultDomainName="$1"  
 zimbraFeatureBriefcasesEnabled="Enabled"  
 zimbraFeatureTasksEnabled="Enabled"  
 zimbraIPMode="ipv4"  
 zimbraMailProxy="FALSE"  
 zimbraMtaMyNetworks="127.0.0.0/8 $2/32 [::1]/128 [fe80::]/64"  
 zimbraPrefTimeZoneId="America/Los_Angeles"  
 zimbraReverseProxyLookupTarget="TRUE"  
 zimbraVersionCheckInterval="1d"  
 zimbraVersionCheckNotificationEmail="admin@$1"  
 zimbraVersionCheckNotificationEmailFrom="admin@$1"  
 zimbraVersionCheckSendNotifications="TRUE"  
 zimbraWebProxy="FALSE"  
 zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra"  
 zimbra_require_interprocess_security="1"  
 zimbra_server_hostname="$HOSTNAME.$1"  
 INSTALL_PACKAGES="zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-memcached zimbra-proxy"  
 EOF  
   
 touch /tmp/zcs/installZimbra-keystrokes  
 cat <<EOF >/tmp/zcs/installZimbra-keystrokes  
 y  
 y  
 y  
 y  
 y  
 n  
 y  
 y  
 y  
 y  
 y  
 y  
 y  
 n  
 y  
 y  
 EOF  
   
 ## Install Zimbra Mail Server  
 if [[ `lsb_release -rs` == "16.04" ]]; then  
      echo "Downloading Zimbra Collaboration 8.8.10 for Ubuntu 16.04"  
      wget https://files.zimbra.com/downloads/8.8.10_GA/zcs-8.8.10_GA_3039.UBUNTU16_64.20180928094617.tgz  
      tar xzvf zcs-*  
      echo "Installing Zimbra Collaboration just the Software"  
      cd /tmp/zcs/zcs-* && ./install.sh -s < /tmp/zcs/installZimbra-keystrokes  
      echo "Installing Zimbra Collaboration injecting the configuration"  
      /opt/zimbra/libexec/zmsetup.pl -c /tmp/zcs/installZimbraScript  
 fi  
 if [[ `lsb_release -rs` == "14.04" ]]; then  
      echo "Downloading Zimbra Collaboration 8.8.10 for Ubuntu 16.04"  
      wget https://files.zimbra.com/downloads/8.8.10_GA/zcs-8.8.10_GA_3039.UBUNTU14_64.20180928094617.tgz  
      tar xzvf zcs-*  
      echo "Installing Zimbra Collaboration just the Software"  
      cd /tmp/zcs/zcs-* && ./install.sh -s < /tmp/zcs/installZimbra-keystrokes  
      echo "Installing Zimbra Collaboration injecting the configuration"  
      /opt/zimbra/libexec/zmsetup.pl -c /tmp/zcs/installZimbraScript  
 fi  
   
 ## Restart Zimbra  
 su - zimbra -c 'zmcontrol restart'  
   
 ## Add Crontab for server autostart at startup or reboot   
 cat <(crontab -l) <(echo "@reboot su - zimbra -c 'zmcontrol start'") | crontab -  
   
 echo "You can access now to your Zimbra Collaboration Server"  
 echo "Admin Console: https://"$2":7071"  
 echo "Web Client: https://"$2  
Give execute permission to Zimbra.sh file
 sudo chmod +x zimbra.sh  
Finally, now run the Zimbra.sh file with parameter your domain name, machine Local IP and Admin Password.
 sudo ./zimbra.sh serverkaka.com 192.168.0.25 Zimbra123  
Now sit back and Relax, it will take time up to 30 minutes, depending on your internet and machine speed.

After Successfully script executed below is Access Zimbra Admin Portal & Web Mail Client.

To access Zimbra Mail Web Client, type the following URL in the browser
https://mail.serverkaka.com/



To access the Zimbra Admin Portal, type below URL in Web Browser
https://mail.serverkaka.com:7071/



Below Ports should be open in firewall for Zimbra access from external:
HTTP80
HTTPS443
POP3110
SMTP25
SMTP587
POP3S (Secure POP3)995
IMAP143
IMAPS (Secure IMAP)993

Read More
Published April 24, 2019 by

Install Nexus on Ubuntu Linux


Sonatype Nexus is one of the best repository managers out there. It is some tool that you cannot avoid in your CI/CD pipeline. It effectively manages deployable artifacts.

This article guides you to install and configure Sonatype Nexus 3 in a secure way on a Ubuntu Linux System.

Install Java
 apt-get update  
 apt install openjdk-8-jre-headless  

Download Nexus
 cd /opt  
   
 wget https://sonatype-download.global.ssl.fastly.net/repository/repositoryManager/3/nexus-3.16.1-02-unix.tar.gz  
   
 tar -zxvf nexus-3.16.1-02-unix.tar.gz  
   
 mv /opt/nexus-3.16.1-02 /opt/nexus  

As a good security practice, it is not advised to run nexus service as root. so create a new user called nexus and grant sudo access to manage nexus services
 sudo adduser nexus  


Set no password for nexus user and enter below command to edit sudo file
 visudo  

Add the below line and Save.
 nexus   ALL=(ALL)       NOPASSWD: ALL

Change file and owner permission for nexus files
 sudo chown -R nexus:nexus /opt/nexus  
 sudo chown -R nexus:nexus /opt/sonatype-work  

Add nexus as a service at boot time

Open /opt/nexus/bin/nexus.rc file, uncomment run_as_user parameter and set it as following.
 vim /opt/nexus/bin/nexus.rc  
   
 run_as_user="nexus" (file shold have only this line)  

Add nexus as a service at boot time
 sudo ln -s /opt/nexus/bin/nexus /etc/init.d/nexus

Log in as a nexus user and start service
 su - nexus  
 /etc/init.d/nexus start  

Now, log in nexus server from a browser on port 8081 
http://<Nexus_server>:8081

Use default credentials to log in

username: admin
password: admin123
Read More
Published April 05, 2019 by

Deploy Java Web App in Elastic Beanstalk with Jenkins

In this tutorial, we will learn how to automatic update Java Web application in AWS Elastic Beanstalk.

I assume you have already set up elastic beanstalk application in AWS and it's up and running.

Step 1: Create an AWS IAM user and Credentials

Go to AWS > IAM > Users > Add User

Here Create a user with any name (ex. JenkinsBeanstalk) and attach AWSElasticBeanstalkFullAccess policy.


After a user created AWS gives Access Key ID and Secret Access Key. Keep store those two strings in a file. we need it later.

Step 2: Install Jenkins Plugin

Install the AWS Elastic Beanstalk Deployment Plugin.

Open Jenkins: Manage Jenkins > Mange Plugins > Available

Step 3: Configure Credentials

Open Jenkins: Jenkins > Credentials > System > Global credentials (unrestricted) > Add Credentials 




Step 4: Configure Job

In Jenkins Job keep Scroll down to the Build option and Add build step and Select AWS Elastic Beanstalk.



Inside AWS Elastic Beanstalk wizard fill up all details related your app. for reference see below image.



Click on Save button complete the job.

Start the Build

Click Build Now 



Read More
Published March 12, 2019 by

Kernel IMAP to Office 365 – Product Review

With the advancement in cloud technologies, Office 365 is becoming one of the most popular platforms for organizations. Therefore, many businesses are planning to move their data to Office 365, including IMAP mailboxes.
But, migrating from IMAP mailboxes is not that easy as seems to be. Though Microsoft provides some free methods to migrate data from IMAP mailboxes to Office 365, that is not much reliable and simple. So, businesses prefer using a third-party tool that offers straight and quick migration of IMAP mailboxes to Office 365.
Kernel for IMAP to Office 365 is one such utility among many migration tools. But there are some functionalities that make it stand apart from others, such as:
  • Migrate single/multiple mailboxes to Office 365/Exchange Server
  • Facility to migrate public folders and archive mailboxes
  • Migrate multiple mailboxes using CSV file
  • Smart filtering options to migrate desired mailboxes data
  • Support migration from almost every IMAP email server
  • Allow saving migration report summary in CSV format
  • Compatible with every version of Windows OS including Windows 10/8.1/8 etc.

In this article, we’ll discuss in detail about the Kernel IMAP to Office 365 migrator utility. So, let’s find out what else this tool has to offer.
Problems that Kernel IMAP to Office 365 can Solve
According to experts or MVP’s, Kernel IMAP to Office 365 is said to be the most valuable and effective tool in solving problems related to IMAP to Office 365 migration. Some of the common challenges that organizations often face are:
Multiple Mailbox Migration from IMAP Email Servers
Users often have multiple IMAP mailboxes of users, and when it comes to migrating all these mailboxes to Office 365 together, it’s not an easy task. But, Kernel IMAP to Office 365 allow you to migrate multiple IMAP mailboxes to Office 365 easily. You can individually add the mailboxes or use a CSV file to upload multiple mailboxes.
Migrating Specific Emails Based on Requirements
Sometimes, all the data in IMAP mailboxes is not crucial, such as user mailboxes that are of no use anymore. Therefore, businesses like to save data on the cloud by migrating only specific emails from IMAP user mailboxes. You can achieve this task easily with Kernel IMAP to Office 365 smart filtering options, that allow you to migrate data based on date, item type, from, to, etc.
Compatibility for All IMAP Email Servers
Third-party IMAP migration tools often don’t have compatibility with every IMAP email server. But, Kernel IMAP to Office 365 provides support to almost every IMAP email server, including Yahoo, Gmail, Amazon, Zimbra, AOL, WorkMail, GMX, and many more.
After knowing these fantastic features, you may really want to know its working process. To make it easy for you, we performed an IMAP to Office 365 migration with this tool. And the process was very smooth and amazing. Let’s have a clear look at its working process.
Installation Process
Installing Kernel IMAP to Office 365 is very simple and quick. You just need to download the tool and double-click on it. The installation window will appear on the screen. Now, follow the instructions and read the agreement to install Kernel IMAP to Office 365 on your system. After installing the tool on the specific location, you can launch the software by double-clicking on it.
Migrating Gmail to Office 365
We performed the task of migrating Gmail mailboxes to Office 365 with Kernel IMAP to Office 365 tool. Here we have mentioned the detailed migration process to elaborate on how this utility works.
1. Launch the tool and click Add Source on the home screen of the tool.

2. Enter the details for your IMAP account like an email server, email ID, port number, and then click Add. Here we have used Gmail as an email server.

3. Now, add Office 365 as a destination. Click Add destination and enter the details for Office 365 account. The Office 365 account will be added within seconds.

4. After adding both source and destination, select the type of mailbox that you want to migrate and click the Migrate button at the bottom right corner of the tool.

5. The smart filtering options will appear on the screen. You can set filters according to your requirements based on item type, date, folders, deleted items, etc. and click Start Migration.

6. The tool will start migrating your emails to Office 365. After the completion of the process, a notification will appear on the screen displaying Process Completed. Click OK to end the process.

7. If you want to save this migration report to a CSV format, then click Save report to CSV.

As you can see, the process of migrating Gmail mailboxes to Office 365 was quick and easy. Similarly, you can migrate other IMAP mailboxes to Office 365 easily.
Conclusion
Based on our experience with Kernel IMAP to Office 365 tool, we would recommend this software to every individual who wants to migrate from IMAP mailboxes to Office 365. Not only it is a cost-effective utility, but it also provides some unique features that can be helpful to every user. https://www.nucleustechnologies.com/imap-to-office-365/
Read More