Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    Multiple Z-push instances on one server

    Z-Push when using other backends
    2
    8
    1271
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Luke1982
      Luke1982 last edited by

      Re: Multi Tenancy

      Reading up on the github repo I see it’s possible to install Z-push in multiple directories. In my case, I’d like a Debian (Ubuntu) rollout. I’m looking at the debian build directories to spot the build, which seems quite straightforward.

      I’d like to write a script (maybe an ansible playbook) that sets up a per-domain z-push instance that can be configured to the nextcloud instance for that domain. Any hints, tips, bewares or caveats that should be taken into account? Could we share some resources or would it be wiser to keep all instances strictly separated?

      fbartels 1 Reply Last reply Reply Quote 0
      • fbartels
        fbartels Kopano @Luke1982 last edited by

        Hi @Luke1982,

        normally you don’t even need multiple z-push installations for multiple tenants (if all these tenants are using the same data source), but with different caldav/carddav backends it is indeed probably the easiest to install z-push multiple times.

        Since there could be overlapping user ids between the different Nextcloud instances I would recommend to have separate data storage per installation.

        Regards Felix

        Resources:
        https://kopano.com/blog/how-to-get-kopano/
        https://documentation.kopano.io/
        https://kb.kopano.io/

        Support overview:
        https://kopano.com/support/

        1 Reply Last reply Reply Quote 0
        • Luke1982
          Luke1982 last edited by

          Hi @fbartels,

          Yeah I really want to setup separate nextcloud instances on a per-company base to keep it nice and separated. Am I right to assume that the master branch on github is frozen at the latest final release? I noticed the latest commit on the master and the latest release date are on the same date.

          Any specific reason for the symlinks to the /etc/z-push folder for for instance the config files?

          1 Reply Last reply Reply Quote 0
          • Luke1982
            Luke1982 last edited by Luke1982

            OK, so I got a first thing working so I’ll share that here for self-reference as well:

            Firstly I decided to stick to the usr/share/ structure but setting up a directory per domain, git controlled. So in /usr/share/z-push (create the z-push directory!) I executed

            sudo git clone --single-branch --branch=master https://github.com/Z-Hub/Z-Push mydomain.nl

            giving me the source in a folder named after the domain you’re setting this up for. That means that the apache configurations (assuming you use Apache) need to be altered a bit. I will only show the altered lines here, keep in mind this is not the entire config:

            Activesync config

            Alias /Microsoft-Server-ActiveSync /usr/share/z-push/mydomain.nl/src/index.php
<Directory /usr/share/z-push/mydomain.nl/src>

            Autodiscovery config

                Alias /AutoDiscover/AutoDiscover.xml "/usr/share/z-push/mydomain.nl/src/autodiscover/autodiscover.php"
    Alias /Autodiscover/Autodiscover.xml "/usr/share/z-push/mydomain.nl/src/autodiscover/autodiscover.php"
    Alias /autodiscover/autodiscover.xml "/usr/share/z-push/mydomain.nl/src/autodiscover/autodiscover.php"

            Do make sure you install the correct PHP modules (php-imap, php-mapi, and so on).

            Logs
            Normally the package manager would create the log files and manage the properties. You have to do that yourself, so create /var/log/z-push as root, create (in that directory):

            • autodiscover-error.log
            • autodiscover.log
            • z-push.log
            • z-push-error.log

            and make sure your z-push instance can write to it. Normally, the apache user (httpd or www-data) would need user or group write access, but in php-fpm that could be the user (or if you use something like mpm_itk).

            Now, you also need a directory called /var/lib/z-push and give it some permission that will allow z-push to do something. Again, this needs to be accessible by z-push. How you do that is up to you.

            Configuration is the same as it normally is, only everything is in a /usr/share/z-push/mydomain.nl/src folder instead of /usr/share/z-push.

            Now I’ve only done a quick IMAP test so far, need to do caldav and carddav now and then do some rigorous testing.

            Luke1982 1 Reply Last reply Reply Quote 0
            • Luke1982
              Luke1982 @Luke1982 last edited by

              Caldav
              Caldav will complain it’s missing XMLDocument.php from the libawl-php package. Even when it’s installed, you’ll get that message since the default include_path is pointing towards Kopano. The way I fixed it (would love to hear a better one) is to change the Apache conf, inside the <Directory /usr/share/z-push/mydomain.nl/src> directive, set

              AllowOverride none

              to

              AllowOverride all

              and then inside /usr/share/z-push/mydomain.nl/src create a .htaccess file with

              php_value include_path ".:/usr/share/awl/inc"

              in it.

              1 Reply Last reply Reply Quote 0
              • Luke1982
                Luke1982 last edited by Luke1982

                To keep noting my progress for anyone interested or stumbling on the same. Of course Outlook is the eternal problemchild, so I figured out some extra PHP settings that make it work. Kind of

                • Reduce SYNC_MAX_ITEMS to something like 100 in /usr/share/mydomain.nl/src/config.php
                • Increase the max_execution_time and max_input_time for PHP to at least an hour
                • Increase the PHP memorylimit, something like 512M or even higher

                Android clients work fine with ActiveSync, of cource it’s the horror that is Outlook that crashes and burns. This is quite a large mailbox, needs to be said.

                Luke1982 1 Reply Last reply Reply Quote 0
                • Luke1982
                  Luke1982 @Luke1982 last edited by

                  For anyone interested: I created an ansible playbook that involves setting up Z-push as multi-tenancy here

                  1 Reply Last reply Reply Quote 1
                  • Luke1982
                    Luke1982 last edited by

                    This thread is also crucial: https://forum.kopano.io/topic/1634/centos7-no-matter-what-i-get-access-denied-please-send-authorisation-information/5?_=1631478031707

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post