Installation of eGroupware (How To)

Still looking for an alternative solution for Kopano.
At present - I tested eGroupware. My testinstallation was all on one system (Primary-note + UCS mailserver + eGroupware). Installation was done fine - all apps interacted without any hands-on. Nice!

Next test phase is to bring eGroupware into my real infrastructure:

  • UCS1 → primary-node (5.0-8 errata1125) → with active directory + DHCP app
  • UCS2 → backup-node (5.0-8 errata1125) → with active directory + DHCP app
  • UCS3 → replica-node (5.0-8 errata1125) → with ucs mailserver
  • UCS4 → replica-node (5.0-8 errata1125) → with eGroupware

Installations on UCS1 to 3 are fine with no hands-on work
Installation on UCS4 (eGroupware) is failing with the following error message:

Blockzitat
Diese Fehlermeldungen kommen vom Server. Weitere Informationen können in der Logdatei des Systems enthalten sein: /var/log/univention/appcenter.log

Blockzitat
Creating network “egroupware_appcenter_net” with the default driver Creating volume “egroupware_sources” with default driver Creating volume “egroupware_data” with default driver Creating volume “egroupware_videos” with default driver Creating volume “egroupware_extra” with default driver Creating volume “egroupware_sources-push” with default driver Creating volume “egroupware_push-config” with default driver Creating volume “egroupware_sessions” with default driver Creating egroupware … e[1Ae[2K Creating egroupware … e[32mdonee[0m e[1BCreating egroupware-nginx … Creating egroupware-push … e[1Ae[2K Creating egroupware-push … e[31merrore[0m e[1B ERROR: for egroupware-push Cannot create container for service push: b’failed to mount local volume: mount /var/lib/docker/volumes/egroupware_sources/_data/swoolepush:/var/lib/docker/volumes/egroupware_sources-push/_data, flags: 0x1000: no such file or directory’ e[2Ae[2K Creating egroupware-nginx … e[32mdonee[0m e[2B ERROR: for push Cannot create container for service push: b’failed to mount local volume: mount /var/lib/docker/volumes/egroupware_sources/_data/swoolepush:/var/lib/docker/volumes/egroupware_sources-push/_data, flags: 0x1000: no such file or directory’ Encountered errors while bringing up the project.

All 4 UCS systems are on VM and all are in the same networt (.110 to .113).

Any idea?

Die Sourcen für den separaten Push Server kommen mit dem EGroupware Container, der zuerst gestartet wird.

Irgendwie muss bei Dir die Zeit bis zum Start des Push Containers nicht gereicht haben.

Führe auf der Maschine doch mal folgendes Docker Kommando aus:

docker ps    # um zu schauen ob der egroupware Container läuft
docker-compose -p egroupware up -d

Das Problem besteht auch nur bei der Installation, danach sind die Sourcen des Push Servers immer bereits vorhanden.

Ralf

Thank you - I just rebootet the systems and tried it again - and it works now - eGroupware is installed :wink:

Based on the fact that I don’t need all the feature eGroupware is providing, I switched to CE-Version.
More details are here → https://www.egroupware.org/de/egroupware-ce-vs-epl

The steps to disable are explained here → 🇩🇪 🇬🇧 EGroupware Community Edition auf/on UCS - EGroupware on UCS - EGroupware Help Forum

Next is to “hide” the apps that you don’t need in the CE version → EGroupware disabling/removing apps completely - English - EGroupware Help Forum

Lucky me - the users from UCS are visible in eGroupware. Next is to add these users to the “GROUP DEFAULT”.
grafik

Select the user and double-click on him and add the above group.
grafik

FYI: You will have to login again to see the changes.

Between the eGroupware server and the internet is a revers proxy installed - who is also managing all my LetsEncript certificates.
Hope the reverse proxy settings are simple - otherwise I have to ask someone here - I’m not a PRO.

Let’s find out :wink:

@RalfEGroupware : In the meantime - some questions:

  1. I assume the emails will stay on the server where the UCS(3) mailserver is installed.

  2. What kind of software or better data will be stored on UCS4 (eGroupware) if I’m using the following “apps”:

  • Adress Book
  • CalDAV
  • Calender
  • eSync
  • File Manager
  • Mail
  • News
  • Notificatios

I assume the information will be stored into a database located on the UCS4 - as well as the file-manager.

Are there any recommendations if we are talking about RAM, CPU and disc-space? E.g. with 100 mail accounts you should have xyz to be save over the next 3 years?

Thank you in advance

Looks like the proxy settings are basic @RalfEGroupware - can you please confirm (have not yet tested all function - just the logon.

Settings are as follow (on the dedicated revers-proxy):

VirtuelHost Datei ergänzen um den Proxy Teil:
sudo nano /etc/apache2/sites-available/test.mydomain.selfhost.me-le-ssl.conf

<VirtualHost *:443>
ServerName test.mydomain.selfhost.me
DocumentRoot /var/www/test.mydomain.selfhost.me-ssl

     ProxyPreserveHost On
     SSLProxyEngine On
     SSLProxyVerify none
     SSLProxyCheckPeerName Off
     SSLProxyCheckPeerExpire Off
     ProxyPass /egroupware/ https://192.168.56.113/egroupware/
     ProxyPassReverse /egroupware/ https://192.168.56.113/egroupware/

     Include /etc/letsencrypt/options-ssl-apache.conf
     SSLCertificateFile /etc/letsencrypt/live/mydomain.selfhost.me/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.selfhost.me/privkey.pem
  </VirtualHost>
  </IfModule>

Aktivieren der Konfiguration:
sudo apache2ctl configtest
sudo systemctl restart apache2

Browser Test:
https://test.mydomain.selfhost.me/egroupware/

For EGw min:
2 CPU
2 GB RAM

I run an installation for (during the day) ~90 users with 4 CPU and 6GB RAM. That’s about twice what it need.
This then runs lean on a Debian. With the installation, I still supply employees in the home office with Guacamole.

I once wrote something about it:

The database remains very small because no binary data is stored in it. In the above installation, the EGroupware database dump is just 22MB in size. After 14 years without deletion…
What you need The space for files in the file manager, attachments of tasks, contacts, … you have to calculate yourself.

But as always:
You have to watch that. In principle, EGw is quite resource-efficient.

Stefan

1 Like

@StefanU or @RalfEGroupware
I activated Fetchmail to get some data (mail) to play with.
Will eGroupware automatically refresh the mail inbox? From the fetchmail log I can see that more than 1.000 has been implemented to my account - but mail inbox of eGroupware stays empty ;-(
Just if I switch from one mail folder or app back to the inbox? Anything I can change to get the view refreshed ever x-minutes or on event?

Dovecot mail server on UCS hast push support (I mean). Then you can add your server:

grafik

to use push.

Othewise (without push) you can:

grafik


Please post future questions about the EGroupware application (itself) in our community forum:
https://help.egroupware.org/

And please:
eGroupware => EGroupware
See also:
https://www.egroupware.org

Stefan

In Univention the push of mail is NOT installed automatically, you need to do so by hand, see the instructions in our wiki: IMAP Push Notifications · EGroupware/egroupware Wiki · GitHub

Ralf

1 Like

In Deiner Proxy Konfig fehlt einiges :frowning:

Unter /etc/apache2/ucs-sites.conf.d/egroupware-app.conf findest Du auf dem EGroupware Server die Proxy Konfig die UCS verwendet, die proxy’en ja auch.

Von daher ist die Nummer mit einem weiteren Proxy so oder so relativ sinnfrei. Unter UCS gibt es auch eine Let’s Encrypt App, die Zertifikate ausstellt und aktuell hält.

Wenn Du unbedingt einen weiteren Proxy willst, solltest Du folgendes beachten:

  • X-Forwarded-For und X-Forwarded-Proto Header setzen
  • Websockets müssen unterstützt werden
  • für eSync/ActiveSync sollte eine Request-Dauer von >60 Minuten erlaubt werden

Ralf

Thank you for your feedback
The reason why I’m using a dedicated proxy server (non of the UCS systems) is simple. All externally available web-pages/systems are using port 443. Means I can map this port (without a revers-proxy) just to one web-page/system.
In my setup, the proxy is taking all 443 requests and depending on the requested side/service - it will be forwarded to system A or system B. I’m sure there are also other solutions possible - and I’m happy to learn :wink:
With the proxy conf from UCS I’m not yet happy. I hope I can find something else - just copy and past was not working - even if I changed the IPs (and coms looks like as being just http instead of https).
As mentioned before - I’m IT pro - but not in this area (linux based systems).
If someone has a nicer config - please let me know. The basic functions (mail) are also working with the simple config above.

Looks like this reverse-proxy settings works. It’s basically the UCS one with some adaptations.
I beleave the communication is now http between my internal proxy and the UCS4 server. Would it be possible to improve this to https as well?
Just changing inside the script it to https will not fix it (less good it stops working :wink: )

#############################################

Copy from Univention EGroupware setup

#############################################

RequestHeader set X-Forwarded-Proto “https” env=HTTPS

required for push / websocket

RewriteEngine on
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /egroupware/push ws://192.168.56.113:50100/egroupware/push [P]

ProxyPass /egroupware http://192.168.56.113:50100/egroupware timeout=4000 connectiontimeout=600 acquire=3000 retry=6
ProxyPassReverse /egroupware http://192.168.56.113:50100/egroupware
ProxyPass /Microsoft-Server-ActiveSync http://192.168.56.113:50100/Microsoft-Server-ActiveSync timeout=4000 connectiontimeout=600 acquire=3000 retry=6
ProxyPassReverse /Microsoft-Server-ActiveSync http://192.168.56.113:50100/Microsoft-Server-ActiveSync

RewriteRule ^/.well-known/(caldav|carddav|openid-configuration)$ http://192.168.56.113:50100/usr/lib/univention-install/50egroupware.inst [P]
RedirectMatch ^(/principals/users/.*)$ /egroupware/groupdav.php$1
RedirectMatch ^/egroupware$ /egroupware/index.php

<VirtualHost *:443>
ServerName test.mydomain.selfhost.me
DocumentRoot /var/www/test.mydomain.selfhost.me-ssl

ProxyPreserveHost On
SSLProxyEngine On

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain.selfhost.me/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.selfhost.me/privkey.pem

Mastodon