Cyrus Backend Instance Configuration
From Syscore
These are configuration steps (beyond what cfengine does) that must be done to bootstrap a Cyrus backend server:
Contents |
Setup Local Filesystems
These assume you've already created a ZFS pool for the server, named appropriately (the name of the server, like "ms1", etc.)
setenv server servername zfs create $server/data mkdir $server/data/config zfs create $server/mail zfs set compression=on $server/mail zfs set atime=off $server/mail zfs create $server/sieve zfs set compression=on $server/sieve zfs set atime=off $server/sieve zfs create $server/meta zfs set compression=on $server/meta zfs set atime=off $server/meta chown -R cyrus /$server
Kerberos Stuff
Cyrus uses krb5/gssapi for a lot of its backend magic. You'll need to create the following credentials and place them in the local krb5.keytab. This can be done with 'kadmin', calling 'ank -randkey' and 'ktadd' for each of these.
cyrus/$server mail/$server.mail.umbc.edu host/$server.mail.umbc.edu imap/$server.mail.umbc.edu pop/$server.mail.umbc.edu lmtp/$server.mail.umbc.edu sieve/$server.mail.umbc.edu
SSL Stuff
For now, copy the contents of /etc/ssl from some other imap/pop server -- this might change if we decided to try out referrals. chown the files to cyrus.
Configuration Files
Copy /etc/cyrus.conf from another backend server. You'll need to edit this, and replace the kerberos principal in the kinit lines with the correct one for this server.
Copy /etc/imapd.conf.local from another backend server. You'll need to change the server name, and partition names, to match the server you're setting up.
That's It
Might want to re-run cfengine before firing things up, as it makes sure certain files have the correct permissions.
