How to Install Zimbra on Docker Container

Posted by

Docker container that build on this article based on Ubuntu 18.04. The benefit when using container, you can build on any operating system. You can create Docker container on Linux, Mac and Windows. You can also use any Distro Linux (that supported by Docker) to running Docker container 🙂

# Build Docker Images
Please make sure your system already installed Docker 🙂

– Download Dockerfile

cd /srv/
curl -k https://raw.githubusercontent.com/imanudin11/zimbra-docker/master/Dockerfile > Dockerfile

– Build Docker image

docker build -t imanudin:zcsub1804 .

With the above command, you will create Docker image with repository name imanudin and zcsub1804 as Tag. Check Docker images with “docker images” command.

# Create container
Now you can create a container from an image that has been built. Please run below command

docker run -dit --name zcs -h mail.imanudin.net -p 25:25 -p 80:80 -p 443:443 -p 465:465 -p 587:587 -p 993:993 -p 995:995 -p 7071:7071 imanudin:zcsub1804

Now, you have created a Zimbra container. Enter to container

docker exec -it zcs bash

# Configure local DNS
Before installing Zimbra, you should configure local DNS. This DNS needed by Zimbra to resolve MX and A records. I have saved a script to create local DNS automatically. You can see the script on /srv/ folder. So, just run the script and local DNS will automatically be created 🙂

/srv/dns-auto.sh

Below is the example output from dns-auto script

# Download and Install Zimbra
Now, you can install Zimbra. Download, extract and run install.sh script

cd /opt/
wget -c https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.UBUNTU18_64.20190917004220.tgz
tar -zxvf zcs-8.8.15_GA_3869.UBUNTU18_64.20190917004220.tgz
cd zcs-8.8.15_GA_3869.UBUNTU18_64.20190917004220
./install.sh

Type y/Y if asked :

– Do you agree with the terms of the software license agreement? [N] y
– Use Zimbra’s package repository [Y] y

Type y/Y on all packages except zimbra-dnscache and zimbra-imapd. Zimbra-dnscache not selected because I am using Bind for internal DNS and zimbra-imapd still BETA version

Select the packages to install

Install zimbra-ldap [Y] y
Install zimbra-logger [Y] y
Install zimbra-mta [Y] y
Install zimbra-dnscache [Y] N
Install zimbra-snmp [Y] y
Install zimbra-store [Y] y
Install zimbra-apache [Y] y
Install zimbra-spell [Y] y
Install zimbra-memcached [Y] y
Install zimbra-proxy [Y] y
Install zimbra-drive [Y] y
Install zimbra-imapd (BETA - for evaluation only) [N] N
Install zimbra-chat [Y] y
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.

Installing:
    zimbra-core
    zimbra-ldap
    zimbra-logger
    zimbra-mta
    zimbra-snmp
    zimbra-store
    zimbra-apache
    zimbra-spell
    zimbra-memcached
    zimbra-proxy
    zimbra-drive
    zimbra-patch
    zimbra-mta-patch
    zimbra-proxy-patch
    zimbra-chat

The system will be modified.  Continue? [N] y

Type Y if asked The system will be modified. Continue?

if you get message like below, press enter or type Yes and change domain name

DNS ERROR resolving MX for mail.imanudin.net
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes] Yes
Create domain: [mail.imanudin.net] imanudin.net

Type 6 and then press key enter to change password of admin account. Type again 4 and then press key enter. Insert your password that you want

Main menu

   1) Common Configuration:                                                  
   2) zimbra-ldap:                             Enabled                       
   3) zimbra-logger:                           Enabled                       
   4) zimbra-mta:                              Enabled                       
   5) zimbra-snmp:                             Enabled                       
   6) zimbra-store:                            Enabled                       
        +Create Admin User:                    yes                           
        +Admin user to create:                 admin@imanudin.net            
******* +Admin Password                        UNSET                         
        +Anti-virus quarantine user:           virus-quarantine.7nbg3upe@imanudin.net
     
... skip ...                      

Address unconfigured (**) items  (? - help) 6

Store configuration

   1) Status:                                  Enabled                       
   2) Create Admin User:                       yes                           
   3) Admin user to create:                    admin@imanudin.net            
** 4) Admin Password                           UNSET                         
   5) Anti-virus quarantine user:              virus-quarantine.7nbg3upe@imanudin.net

... skip ...

Select, or 'r' for previous menu [r] 4

Password for admin@imanudin.net (min 6 characters): [9M1CRucQ] v3rysecre7p4ssword

After insert password, Select, or ‘r’ for the previous menu. If all has been configured, apply configuration and wait until Zimbra install finished

*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes] Yes
Save config in file: [/opt/zimbra/config.1450] press key enter
Saving config in /opt/zimbra/config.1450...done.
The system will be modified - continue? [No] Yes
Operations logged to /tmp/zmsetup.20191003-082624.log

Type Yes if asked Notify Zimbra of your installation? and if has been appeared Configuration complete – press return to exit, your zimbra installation has been finished. Check Zimbra status with this command su – zimbra -c “zmcontrol status” and make sure all service running well. You can access webmail via browser at url https://ZimbraServer

You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server.
The only information that will be transmitted is:
	The VERSION of zcs installed (8.8.15_GA_3869_UBUNTU18_64)
	The ADMIN EMAIL ADDRESS created (admin@imanudin.net)

Notify Zimbra of your installation? [Yes] Yes
Notification skipped
Checking if the NG started running...done. 
Setting up zimbra crontab...done.

Moving /tmp/zmsetup.20191003-082624.log to /opt/zimbra/log

Configuration complete - press return to exit 

# Add service Zimbra to /services.sh
For make sure Zimbra service auto start/restart when start Docker container, please add Zimbra service to script /services.sh.

vi /services.sh

and add this line on the bottom

/etc/init.d/zimbra restart

So, the lines on /services.sh like below

cat /etc/resolv.conf > /tmp/resolv.ori
echo "nameserver 127.0.0.1" > /tmp/resolv.add
cat /tmp/resolv.add /tmp/resolv.ori > /etc/resolv.conf
/etc/init.d/bind9 restart
/etc/init.d/rsyslog restart
/etc/init.d/zimbra restart

Good luck and hopefully useful 🙂

40 comments

  1. While install zimbra ….i got this error
    Warning: apt-key output should not be parsed (stdout is not a terminal)
    Importing Zimbra GPG key
    ERROR: Unable to retrive Zimbra GPG key for package validation
    Please fix system to allow normal package installation before proceeding

  2. apt-key adv –keyserver keyserver.ubuntu.com –recv-keys 9BE6ED79 Executing: /tmp/apt-key-gpghome.3FiaRPtE69/gpg.1.sh –keyserver keyserver.ubuntu.com –recv-keys 9BE6ED79
    gpg: keyserver receive failed: Invalid argument

    I was try some other way as per zimbra instruction same error coming.

    1. Hello,
      Maybe keyserver.ubuntu.com cannot resolve by your system. Please try this command

      host -t A keyserver.ubuntu.com | awk '{print $4,$1}' >> /etc/hosts
      

      Or you can add manual the records on /etc/hosts

      162.213.33.8 keyserver.ubuntu.com
      162.213.33.9 keyserver.ubuntu.com
      

      Then install again

  3. Great tutorial, can I suggest using volumes to get persist data when docker daemon restart o even the server restart? also this is good for backup that volumes and configuration of Zimbra.

    Thanks for you knowledge.

    Best regards
    Ignacio

  4. Hi Imanudin,

    Very good installation guidance.
    Anyway can I replace the domain mail.imanudin.net / mail.imanudin.net to dummy domain or just the server IP Address instead ? In case I dont have domain yet and need to use the zimbra email for internal Local Network ?

    Thank you 🙂

    1. Hello,
      Yes you can. You can change this “-h mail.imanudin.net” with your local domain. for example :

      docker run -dit --name zcs -h mail.domain.local
      

      domain.local is domain name that used for internal purpose

  5. Anyway I already installed the zimbra on Docker container. But somehow after installation and go to Zimbra Administration i got notification with yellow banner says “some service are not running” , “Service failed”. If I click the Server Status on the ellow banner, then it will show the list of failed services.
    I have tried to check with this: su – zimbra -c “zmcontrol status” but it says: zimbra: zmcontrol: command not found.
    I already tried reinstall zimbra on docker from the begining again, but this issue is still appear.
    Have you experienced anything like this too? Or maybe you have the solution for this issue?

    Thank you again 🙂

      1. Yess it is 😀
        Because although there is notification appears, but the services is actually running.

        I will try to install it directly to the Ubuntu OS as you suggest.

        Thank you 🙂

  6. Halo mas,
    Aku install zimbra, karena aku install di server private dan butuh di proxy_pass di nginx itu gagal terus. Waktu di access domain.com/zimbraAdmin tapi error Request not allowed on port 443. Bisa tolong bantu, itu kesalahan di mana ya?

    server {
    server_name mailadmin.domain.com;

    location / {
    proxy_pass https://10.20.31.81:7071;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection ‘upgrade’;
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    }
    }

    1. Hi mas Sugeng,
      Jika proxy_pass disisi Nginx sulit, mungkin bisa coba ditambahkan aplikasi haproxy untuk memudahkan. Jadi akses khusus ke Zimbra Admin menggunakan haproxy

  7. My apologies, the problem appears to have been with my docker-compose file although I am still not sure what the issue it.

    version: “3.3”

    services:
    zcs:
    container_name: zcs
    privileged: true
    image: zimbra
    hostname: zimbra.flmaine.com
    ports:
    – “25:25”
    – “8080:80”
    – “465:465”
    – “587:587”
    – “7071:7071”
    – “8143:143”
    – “8443:443”
    – “993:993”
    – “995:995”

    It rns fne using docker run, but it gives the error above when I use my docker compose file. Odd, any ideas what the issue is?

  8. Hi Imanudin,

    Thank you so much for this extremely helpful guide. All went well with the installation except from the fact that all services appear as not running in the admin console (although they are running perfectly). Along with this, no stats are displayed. The issue most probably is caused by rsyslog not having the required permissions and thus not being able to run from inside the docker container. According to: https://wiki.zimbra.com/wiki/Ajcody-Logger-Issues#Logger_Not_Working_.2C_No_Stats.2C_Services_Show_Not_Running_In_Admin_Console I need to setup rsyslog and while running:

    sudo /opt/zimbra/libexec/zmsyslogsetup
    I get:
    updateRsyslogd: Updating /etc/rsyslog.d/50-default.conf…done.
    rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Operation not permitted.
    rsyslogd: activation of module imklog failed [v8.32.0 try http://www.rsyslog.com/e/2145 ]

    Some say that I need to start the container in priviledged mode, but in order to do that I need to recreate it. Other posts suggest to restrict the capabilities I am giving the container and map certain directories (/dev/log) from the host machine. As I’m new to docker, what exactly should I do to make rsyslogd work on your docker container?

    Btw, I have already executed “sudo docker update –restart=always zcs” to make the container restart upon system boot.

    Thank you in advance

    1. Hi Ernani,
      Thanks for your information. I also saw the status logger that is not running in Zimbra Admin. However, if you restart the rsyslog service, the status logger will turn green in Zimbra admin. You can create a crontab to make an automatic restart every hour

  9. Assalam Alaykum Akhy Imanudin,
    I just wanted to say that your guide was very nice and worked Mashallah. Thank you.
    I am a seasoned Zimbra User and Developer and had tried other Dockers versions of ZCS and they just didnt work. But Yours did Mashallah.
    I will be testing your setup extensively and can offer some very constructive feedback . First would be to use volumes in docker-compose.yml

    Mohammad Kaan
    Senior Engineer
    ABD Computer Installations
    W: http://www.abdcomputers.net
    E: admin@abdcomputers.net
    P: 0450 592 017

  10. Hallo mas Imanuddin,

    kalau misal zimbra docker ini dibuat untuk mesin produksi,… apa ada perlu setting khusus misal di dns ?

    Kemudian kalau misal saya ingin merubah port 443 di host menjadi port lain supaya di host bisa saya pakai virtual host lainnya, kira2 perlu apa lagi ya ?

    makasih

    1. Hi mas Dhoto,
      Jika hendak dijadikan produksi, gunakan Docker volume agar data2nya persistent. Khususnya folder /opt/. Untuk port 443 yang diganti, cukup dilakukan ketika melakukan expose port nya. Tadinya -p 443:443 menjadi 3443:443 misalnya

  11. Hello, on the same server I want to install Zimbra, I run nextcloud which uses port 443. Can I use a different port for Zimbra?

    1. Hello Davide Baldoni,
      Yes you can. You can check the default port by gs command and change it with ms command

      zmprov gs `zmhostname` zimbraMailPort
      zmprov gs `zmhostname` zimbraMailSSLPort
      
      zmprov ms `zmhostname` zimbraMailPort port-do-you-want
      zmprov ms `zmhostname` zimbraMailSSLPort port-do-you-want
      
  12. Assalamu’alaikum mas iman

    pada awal artikel mas iman bilang sbb “Docker container that build on this article based on Ubuntu 18.04. The benefit when using container, you can build on any operating system. You can create Docker container on Linux, Mac and Windows. You can also use any Distro Linux (that supported by Docker) to running Docker container”

    jadi begini, saat ini saya menggunakan OS armbian amlogic yang saya install pada STB HG680p
    berikut keterangan OS dari terminal:
    root@arm-64:~# uname -a
    Linux arm-64 5.9.0-arm-64 #20.10 SMP PREEMPT Wed Oct 14 12:04:42 MSK 2020 aarch64 aarch64 aarch64 GNU/Linux
    root@arm-64:~# lsb_release -a
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description: Ubuntu 18.04.5 LTS
    Release: 18.04
    Codename: bionic
    root@arm-64:~#

    pada artikel diatas di bagian # Download and Install Zimbra
    kita perlu untuk download zimbra, nah saya cek https://www.zimbra.com/downloads/zimbra-collaboration-open-source/archives/ semuanya hanya untuk arsitektur 64bit x86.

    jadi menurut mas iman dan teori, apa bisa install zimbra menggunakan docker di mesin arm saya?

  13. Hi,
    Followed your Zimbra install guide and after a few tweaks for my environment, it worked great.
    I can get to the web email and web admin console from the physical host the container is running on.

    Now …. i have 33 other containers running on the host and they are all behind a Traefik reverse proxy and again they are all working fine.

    Now I am trying to get your Zimbra container to work behind Traefik too. I have treied it by using labels in teh docker compose and by configuring the Zimbra container as an external resource and both ways fail.

    I cant use port 80 or 443 on the host as that is the ports that the Traefik container listens too.

    Have you ever tried using Zimbra behind a reverse proxy ? Or can you point me in a direction to look ?
    Thanks.

  14. Err:1 http://singapore.mirrors.linode.com/ubuntu bionic InRelease
    Temporary failure resolving ‘singapore.mirrors.linode.com’
    Err:2 http://singapore.mirrors.linode.com/ubuntu bionic-updates InRelease
    Temporary failure resolving ‘singapore.mirrors.linode.com’
    Err:3 http://singapore.mirrors.linode.com/ubuntu bionic-security InRelease
    Temporary failure resolving ‘singapore.mirrors.linode.com’
    Reading package lists…
    W: Failed to fetch http://singapore.mirrors.linode.com/ubuntu/dists/bionic/InRelease Temporary failure resolving ‘singapore.mirrors.linode.com’
    W: Failed to fetch http://singapore.mirrors.linode.com/ubuntu/dists/bionic-updates/InRelease Temporary failure resolving ‘singapore.mirrors.linode.com’
    W: Failed to fetch http://singapore.mirrors.linode.com/ubuntu/dists/bionic-security/InRelease Temporary failure resolving ‘singapore.mirrors.linode.com’
    W: Some index files failed to download. They have been ignored, or old ones used instead.
    E: Problem executing scripts APT::Update::Post-Invoke ‘rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true’
    E: Sub-process returned an error code

    ini kenapa ya mas, tidak bisa akses ke repo kah ketika build

  15. Hai mas imam,
    Saya sudah setting zimbra dengan docker di tutorial ini dan berhasil tidak ada masalah, tapi ketika saya jalankan di belakang NAT firewall, untuk pengiriman keluar seperti gmail, yahoo dan yang lain di luar domain. tidak bisa kenapa ya mas? Untuk pengiriman ke domain yang sama bisa. Untuk recieve ke dari semua domain bisa.
    Kebutuhan port sudah dibuka semua baik dari firewallnya maupun dari ISPnya
    keterangan bla bla bla … timeout

  16. Assalaamu’alaikum mas Iman…

    Apa boleh dibantu untuk menggunakan docker-compose script nya mas ?

    Terima kasih banyak

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.