Still looking for an alternative solution for Kopano.
At present - I tested eGroupware. My testinstallation was all on one system (Primary-note + UCS mailserver + eGroupware). Installation was done fine - all apps interacted without any hands-on. Nice!
Next test phase is to bring eGroupware into my real infrastructure:
UCS1 → primary-node (5.0-8 errata1125) → with active directory + DHCP app
UCS2 → backup-node (5.0-8 errata1125) → with active directory + DHCP app
UCS3 → replica-node (5.0-8 errata1125) → with ucs mailserver
UCS4 → replica-node (5.0-8 errata1125) → with eGroupware
Installations on UCS1 to 3 are fine with no hands-on work
Installation on UCS4 (eGroupware) is failing with the following error message:
Blockzitat
Diese Fehlermeldungen kommen vom Server. Weitere Informationen können in der Logdatei des Systems enthalten sein: /var/log/univention/appcenter.log
Blockzitat
Creating network “egroupware_appcenter_net” with the default driver Creating volume “egroupware_sources” with default driver Creating volume “egroupware_data” with default driver Creating volume “egroupware_videos” with default driver Creating volume “egroupware_extra” with default driver Creating volume “egroupware_sources-push” with default driver Creating volume “egroupware_push-config” with default driver Creating volume “egroupware_sessions” with default driver Creating egroupware … e[1Ae[2K Creating egroupware … e[32mdonee[0m e[1BCreating egroupware-nginx … Creating egroupware-push … e[1Ae[2K Creating egroupware-push … e[31merrore[0m e[1B ERROR: for egroupware-push Cannot create container for service push: b’failed to mount local volume: mount /var/lib/docker/volumes/egroupware_sources/_data/swoolepush:/var/lib/docker/volumes/egroupware_sources-push/_data, flags: 0x1000: no such file or directory’ e[2Ae[2K Creating egroupware-nginx … e[32mdonee[0m e[2B ERROR: for push Cannot create container for service push: b’failed to mount local volume: mount /var/lib/docker/volumes/egroupware_sources/_data/swoolepush:/var/lib/docker/volumes/egroupware_sources-push/_data, flags: 0x1000: no such file or directory’ Encountered errors while bringing up the project.
All 4 UCS systems are on VM and all are in the same networt (.110 to .113).
Between the eGroupware server and the internet is a revers proxy installed - who is also managing all my LetsEncript certificates.
Hope the reverse proxy settings are simple - otherwise I have to ask someone here - I’m not a PRO.
I assume the emails will stay on the server where the UCS(3) mailserver is installed.
What kind of software or better data will be stored on UCS4 (eGroupware) if I’m using the following “apps”:
Adress Book
CalDAV
Calender
eSync
File Manager
Mail
News
Notificatios
I assume the information will be stored into a database located on the UCS4 - as well as the file-manager.
Are there any recommendations if we are talking about RAM, CPU and disc-space? E.g. with 100 mail accounts you should have xyz to be save over the next 3 years?
ProxyPreserveHost On
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerName Off
SSLProxyCheckPeerExpire Off
ProxyPass /egroupware/ https://192.168.56.113/egroupware/
ProxyPassReverse /egroupware/ https://192.168.56.113/egroupware/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain.selfhost.me/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.selfhost.me/privkey.pem
</VirtualHost>
</IfModule>
Aktivieren der Konfiguration:
sudo apache2ctl configtest
sudo systemctl restart apache2
I run an installation for (during the day) ~90 users with 4 CPU and 6GB RAM. That’s about twice what it need.
This then runs lean on a Debian. With the installation, I still supply employees in the home office with Guacamole.
The database remains very small because no binary data is stored in it. In the above installation, the EGroupware database dump is just 22MB in size. After 14 years without deletion…
What you need The space for files in the file manager, attachments of tasks, contacts, … you have to calculate yourself.
But as always:
You have to watch that. In principle, EGw is quite resource-efficient.
@StefanU or @RalfEGroupware
I activated Fetchmail to get some data (mail) to play with.
Will eGroupware automatically refresh the mail inbox? From the fetchmail log I can see that more than 1.000 has been implemented to my account - but mail inbox of eGroupware stays empty ;-(
Just if I switch from one mail folder or app back to the inbox? Anything I can change to get the view refreshed ever x-minutes or on event?
Unter /etc/apache2/ucs-sites.conf.d/egroupware-app.conf findest Du auf dem EGroupware Server die Proxy Konfig die UCS verwendet, die proxy’en ja auch.
Von daher ist die Nummer mit einem weiteren Proxy so oder so relativ sinnfrei. Unter UCS gibt es auch eine Let’s Encrypt App, die Zertifikate ausstellt und aktuell hält.
Wenn Du unbedingt einen weiteren Proxy willst, solltest Du folgendes beachten:
X-Forwarded-For und X-Forwarded-Proto Header setzen
Websockets müssen unterstützt werden
für eSync/ActiveSync sollte eine Request-Dauer von >60 Minuten erlaubt werden
Thank you for your feedback
The reason why I’m using a dedicated proxy server (non of the UCS systems) is simple. All externally available web-pages/systems are using port 443. Means I can map this port (without a revers-proxy) just to one web-page/system.
In my setup, the proxy is taking all 443 requests and depending on the requested side/service - it will be forwarded to system A or system B. I’m sure there are also other solutions possible - and I’m happy to learn
With the proxy conf from UCS I’m not yet happy. I hope I can find something else - just copy and past was not working - even if I changed the IPs (and coms looks like as being just http instead of https).
As mentioned before - I’m IT pro - but not in this area (linux based systems).
If someone has a nicer config - please let me know. The basic functions (mail) are also working with the simple config above.
Looks like this reverse-proxy settings works. It’s basically the UCS one with some adaptations.
I beleave the communication is now http between my internal proxy and the UCS4 server. Would it be possible to improve this to https as well?
Just changing inside the script it to https will not fix it (less good it stops working )
#############################################
Copy from Univention EGroupware setup
#############################################
RequestHeader set X-Forwarded-Proto “https” env=HTTPS
Good morning - looks like the question above (is the communication http oder https and if httü, can it be changed to https stays open. Maybe someone with pro skills is able to pick that up.
Thank you in advance
By playing around with EGroupware - focus on mail - it looks like, that I can not search across multiple folders.
This is a function I’m using nearly every day - and should be a basic function from my point of view in all mail clients (Kopano, Outlook, Thunderbird …).
Am I missing a configuration or is this still not given with EGroupware?
FYI: I found in the net an article from 2022 where someone asked the same question. Answer was - it is on the ToDo list with high prio.