This article was inspired by Stefan Seidel’s writing here: https://www.stefanseidel.info/Z-Push_on_Zimbra_8 . On previous article about Exchange ActiveSync for Zimbra Open Source Edition, I used Jetty with some modification. The Jetty custom need more effort if I do a patch or upgrade. I must adjust the Jetty file again to support Exchange ActiveSync. If you want to use Jetty custom, please follow this guidance: https://imanudin.net/2019/08/30/exchange-activesync-for-zimbra-open-source-edition/
When I use Nginx custom and do update patch/upgrade, I only need to customize Zimbra Nginx.
This guide has been tested on Ubuntu 20.04 with Zimbra 8.8.15 and Rocky Linux 8 with Zimbra 10. I am using Z-Push version 2.7.0 and Z-Push Zimbra Backend version 71.
# Ubuntu
Install dependencies
sudo apt -y install php php-cli php-soap php-mbstring php-curl php-fpm php-intl git
Modify php-fpm
vi /etc/php/7.4/fpm/pool.d/www.conf
Adjust line below as follows
listen = 127.0.0.1:9000
Enable and restart php-fpm
systemctl enable --now php7.4-fpm.service systemctl restart php7.4-fpm.service
Create Z-Push directory
sudo mkdir /var/lib/z-push /var/log/z-push sudo chmod 755 /var/lib/z-push /var/log/z-push chown www-data.www-data /var/lib/z-push /var/log/z-push
Clone Z-Push + Z-Push Zimbra Backend
cd /opt/ git clone https://github.com/imanudin11/zimbra-zpush.git z-push
Note: I use Asia/Jakarta as my Timezone. Please open /opt/z-push/config.php and adjust/change Asia/Jakarta to your Timezone
Modify Template
vi /opt/zimbra/conf/nginx/templates/nginx.conf.web.https.default.template
Find line “location ^~ /Microsoft-Server-ActiveSync” and add below line before line “For audit”
# Z-Push start include /opt/z-push/nginx-zpush.conf; # Z-Push end
So, the final line looks like this
# Proxy to Zimbra Upstream proxy_pass ${web.upstream.target}; proxy_read_timeout ${web.upstream.polling.timeout}; proxy_buffering off; # Z-Push start include /opt/z-push/nginx-zpush.conf; # Z-Push end # For audit proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Save and restart Zimbra Proxy
su - zimbra -c 'zmproxyctl restart'
# CentOS/Rocky Linux
Install dependencies
sudo yum install php-cli php-soap php-process php-mbstring php-fpm php-curl php-json php-intl git -y
Modify php-fpm
vi /etc/php-fpm.d/www.conf
Adjust line below as follows
listen = 127.0.0.1:9000
Enable and restart php-fpm
systemctl enable --now php-fpm.service systemctl restart php-fpm.service
Create Z-Push directory
sudo mkdir /var/lib/z-push /var/log/z-push sudo chmod 755 /var/lib/z-push /var/log/z-push chown apache.apache /var/lib/z-push /var/log/z-push
Clone Z-Push + Z-Push Zimbra Backend
cd /opt/ git clone https://github.com/imanudin11/zimbra-zpush.git z-push
Note: I use Asia/Jakarta as my Timezone. Please open /opt/z-push/config.php and adjust/change Asia/Jakarta to your Timezone
Modify Template
vi /opt/zimbra/conf/nginx/templates/nginx.conf.web.https.default.template
Find line “location ^~ /Microsoft-Server-ActiveSync” and add below line before line “For audit”
# Z-Push start include /opt/z-push/nginx-zpush.conf; # Z-Push end
So, the final line looks like this
# Proxy to Zimbra Upstream proxy_pass ${web.upstream.target}; proxy_read_timeout ${web.upstream.polling.timeout}; proxy_buffering off; # Z-Push start include /opt/z-push/nginx-zpush.conf; # Z-Push end # For audit proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Save and restart Zimbra Proxy
su - zimbra -c 'zmproxyctl restart'
# Testing
Please access https://ip-of-zimbra/Microsoft-Server-ActiveSync from your browser. Log in with your Zimbra account. If it works, you can see the output as below. Or you can configure your mail apps on mobile devices and ensure choose Exchange/ActiveSync
Good Luck 🙂
HI. I tried your guide with ubuntu 20.04.06 and Zimbra 9 FOSS and everything works. IT DOES NOT WORK with ubuntu 20.04.06 and zimbra 10 FOSS. The proxy fails reporting that the port is already in use. Is there a way to apply zpush on ubuntu 20 + zimbra 10?
Hello,
Please run the following command and give me the results
root@mail:~# ss -atpn | grep -iE ’80|443′
LISTEN 0 10 127.0.0.1:53 0.0.0.0:* users:((“named”,pid=1066,fd=82),(“named”,pid=1066,fd=81),(“named”,pid=1066,fd=80),(“named”,pid=1066,fd=79),(“named”,pid=1066,fd=78),(“named”,pid=1066,fd=77),(“named”,pid=1066,fd=76),(“named”,pid=1066,fd=75),(“named”,pid=1066,fd=74))
LISTEN 0 50 0.0.0.0:8443 0.0.0.0:* users:((“java”,pid=3863,fd=146))
LISTEN 0 4096 127.0.0.1:10663 0.0.0.0:* users:((“zmlogger: zmrrd”,pid=3680,fd=3))
LISTEN 0 50 127.0.0.1:8080 0.0.0.0:* users:((“java”,pid=3863,fd=145))
ESTAB 0 0 192.168.0.20:39380 192.168.0.20:389 users:((“java”,pid=1500,fd=156))
ESTAB 0 0 192.168.0.20:389 192.168.0.20:39380 users:((“slapd”,pid=1429,fd=13))
LISTEN 0 511 *:7780 *:* users:((“httpd”,pid=4891,fd=4),(“httpd”,pid=4882,fd=4),(“httpd”,pid=4881,fd=4),(“httpd”,pid=4870,fd=4))
LISTEN 0 511 *:80 *:* users:((“apache2”,pid=1291,fd=4),(“apache2”,pid=1290,fd=4),(“apache2”,pid=1289,fd=4),(“apache2”,pid=1288,fd=4),(“apache2”,pid=1287,fd=4),(“apache2”,pid=1284,fd=4))
root@mail:~# netstat -atpn | grep -iE ’80|443′
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 3863/java
tcp 0 0 127.0.0.1:10663 0.0.0.0:* LISTEN 3680/zmlogger: zmrr
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 3863/java
tcp 0 0 192.168.0.20:39380 192.168.0.20:389 ESTABLISHED 1500/java
tcp 0 0 192.168.0.20:389 192.168.0.20:39380 ESTABLISHED 1429/slapd
tcp6 0 0 :::7780 :::* LISTEN 4870/httpd
tcp6 0 0 :::80 :::* LISTEN 1284/apache2
Hi,
There is apache2 service that running. Please disable and stop that service. From the result, port 443 is not listen. Please run the following command
Yes. Fixed by disabling apache2. But why is it activated if it wasn’t installed?
Hello,
When you install php-fpm, you probably install apache/nginx as dependencies
correction. even with 9 it no longer works after a reboot. “Failed to start LSB: Zimbra mail service” Proxy in not running
Does not work with Ubuntu 10 and Zimbra 10.
31/10/2023 09:48:31 [340230] [ERROR] [] Zimbra->SoapRequest(): ERROR: curl_exec – (60) SSL: no alternative certificate subject name matches target host name ‘127.0.0.1’
31/10/2023 09:48:31 [340230] [ERROR] [] Zimbra->Logon(): END Logon – Proxy Error { connected = false }
31/10/2023 09:48:31 [340230] [FATAL] [] Exception: (ServiceUnavailableException) – Access denied. Proxy unable to reach user mailbox server
Hello,
You can try to adjust the server name from 127.0.0.1 into your public hostname. You can find the configuration in /opt/z-push/backend/zimbra/config.php
Does not work either.
extensions – unable to find handler for extension: system failure: Extension HTTP handler not found at /zimbrasync
Hello,
If appear information like this, it means custom nginx not working. Please try again
What should I try again??? I administer 2 Zimbra servers and this method does not wotk on either of those. One server is freshly installed Ubuntu 20, another one is an old machine with Ubuntu 16 upgraded to 18 and then to 20. Please help!