Zimbra

How to Integrate Zulip (Zimbra Chat) with Zimbra Mail Server

Posted by

Zimbra 10.1.7 introduces a chat feature that can be deployed on-premises. This article uses a Zimbra trial license.

License Activation:
The Zimbra license must have the following entitlements enabled:
– BasicOneToOneChatAccountsLimit – To enable basic one to one chat
– ChatAccountsLimit – To enable advanced chat

To make it easier to understand, below is my system

# System Information

Zimbra:

Domain : imanudin.web.id
Hostname : mail.imanudin.web.id
IP Address : 192.168.1.81

Zimbra Chat:

Domain : imanudin.web.id
Hostname : chat.imanudin.web.id
IP Address : 192.168.1.82
OS : Ubuntu 24.04

Zimbra Chat is currently compatible with Ubuntu 22.04 and Ubuntu 24.04. For detail information, you can check from Zimbra Documentation here: https://www.zimbra.com/product/documentation/

# Configure /etc/hosts on both servers

127.0.0.1       localhost
192.168.1.81   mail.imanudin.web.id  mail
192.168.1.82   chat.imanudin.web.id   chat
192.168.1.82   imanudinwebid.chat.imanudin.web.id

# Install and Configure Zimbra Chat Server

Prepare zulip configuration

vi /tmp/zulip-config.conf

Please fill with the following lines

ZULIP_SERVICE_TYPE=Combined
ZIMBRA_PROXY_HOST=mail.imanudin.web.id
ZIMBRA_PROXY_ADMIN_PORT=9071
[email protected]
ZULIP_ADMIN_PASSWORD=rahasia
CHAT_SERVER_HOSTNAME=chat.imanudin.web.id
ZULIP_VERSION=9.2
SSL_CERT_TYPE=self-signed
ZIMBRA_JWT_AUTH_KEY=iniJwtToken
CSRF_TRUSTED_ORIGINS=https://mail.imanudin.web.id, https://192.168.1.81
LDAP_AD_SOURCE=Zimbra LDAP
ZIMBRA_LDAP_HOST=mail.imanudin.web.id
ZIMBRA_LDAP_PORT=389
ZIMBRA_LDAP_PASSWORD=1VjgIwCQkF
ZIMBRA_LDAP_PROTOCOL=ldap

Note:

– ZIMBRA_PROXY_ADMIN_PORT = If you have not configured Zimbra Proxy Admin, please enable and restart Zimbra proxy

zmprov mcf zimbraReverseProxyAdminEnabled TRUE
zmproxyctl restart

– ZULIP_ADMIN_EMAIL and ZULIP_ADMIN_PASSWORD. Please use an account that has Global Admin rights.
– SSL_CERT_TYPE = In this guide, I am using self-signed certificate
– ZIMBRA_JWT_AUTH_KEY = You can adjust this configuration with random key
– CSRF_TRUSTED_ORIGINS = Fill in with the URL of how you access the Zimbra proxy
– ZIMBRA_LDAP_PASSWORD = You can get Zimbra Ldap Password with the following command

zmlocalconfig -s zimbra_ldap_password

– ZULIP_VERSION = At the time of writing, the Zulip version is 9.2.
Download and install Zulip

wget -c https://files.zimbra.com/downloads/zfzi/1.0.0/zfzi-1.0.0.tgz
tar -xvf zfzi-1.0.0.tgz
cd zfzi-1.0.0
./install.pl --config=/tmp/zulip-config.conf

Example Process

root@ubuntu:/home/ubuntu/zfzi-1.0.0# ./install.pl --config=/tmp/zulip-config.conf
[2025-04-29 15:36:04] [INFO] Logging initialized. Operations will be logged to /etc/zulip-installer/log/zulip.install.log.20250429_153604
[2025-04-29 15:36:04] [INFO] Detected OS: ubuntu:24.04, Architecture: x86_64. Proceeding.
[2025-04-29 15:36:04] [INFO] All required commands are already installed.
[2025-04-29 15:36:04] [INFO] Checking connectivity to mail.imanudin.web.id:9071
[2025-04-29 15:36:04] [INFO] Connected to mail.imanudin.web.id:9071.
[2025-04-29 15:36:04] [INFO] Fetching Zimbra admin authentication token...
[2025-04-29 15:36:04] [INFO] Admin Auth Token fetched.
[2025-04-29 15:36:04] [INFO] Fetching Zimbra license information.
[2025-04-29 15:36:04] [INFO] License information retrieved.
[2025-04-29 15:36:04] [INFO] Chat services are supported by the existing Zimbra license.
[2025-04-29 15:36:04] [INFO] Checking resolution for hostname: chat.imanudin.web.id
[2025-04-29 15:36:04] [INFO] Hostname 'chat.imanudin.web.id' is resolvable via DNS. Proceeding.
[2025-04-29 15:36:04] [INFO] Checking connectivity to ldap server at mail.imanudin.web.id:389
[2025-04-29 15:36:04] [INFO] Connected to ldap server at mail.imanudin.web.id:389
[2025-04-29 15:36:04] [INFO] Creating package directory: /etc/zulip-installer/package
[2025-04-29 15:36:15] [INFO] Package downloaded: /etc/zulip-installer/package/zulip-server-9.2.tar.gz
[2025-04-29 15:36:16] [INFO] Running in non-interactive mode. Proceeding with provided configuration.
[2025-04-29 15:36:16] [INFO] Saving user inputs to config file: /etc/zulip-installer/config/config.20250429_153616
[2025-04-29 15:36:16] [INFO] User inputs saved to config file.
--- SKIP ---
[2025-04-29 15:50:13] [INFO] Completed: Restarting zulip
! IMPORTANT: Admins should ensure that databases are on a private network and not publicly accessible!
! IMPORTANT: Admins should ensure that zimbra mailstore servers can resolve the Chat server hostname and access Chat server on 443 port!
! IMPORTANT: Please visit admin guide to proceed to realm setup
Configuration complete

After zulip installation completed, please adjust the following file

vi /etc/zulip/settings.py

Please add this line at the bottom.

AUTH_LDAP_GLOBAL_OPTIONS = { ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER }

Restart Chat Server

su zulip -c '/home/zulip/deployments/current/scripts/restart-server'

# Zimbra Configuration

Please run the following command on the Zimbra server.

zmlocalconfig -e ssl_allow_untrusted_certs=true
zmprov mcf zimbraChatBaseHost chat.imanudin.web.id
zmprov mcf zimbraChatJwtSecret iniJwtToken
zmprov fc -a all

Install Zimlet Chat

Ubuntu:

apt install zimbra-zimlet-chat
apt install zimbra-zimlet-admin-chat

RHEL:

yum install zimbra-zimlet-chat
yum install zimbra-zimlet-admin-chat

Restart Mailbox service after install Zimlet chat

su - zimbra
zmmailboxdctl restart

Run the following command to create Chat Realm

zmsoap -vv -z -type admin CreateChatRealmRequest @id="imanudinwebid" / domain="imanudin.web.id" @by="name"

# Test Configuration

Run the following command

Zulip (Zimbra Chat):

su zulip -c '/home/zulip/deployments/current/manage.py list_realms'
su zulip -c '/home/zulip/deployments/current/manage.py query_ldap [email protected]'

Example output

root@ubuntu:/home/ubuntu/zfzi-1.0.0# su zulip -c '/home/zulip/deployments/current/manage.py list_realms'
id    string_id            name                           domain                                            
--    ---------            ----                           ------                                            
1     zulipinternal        System bot realm               https://zulipinternal.chat.imanudin.web.id        
2     imanudinwebid        imanudin.web.id                https://imanudinwebid.chat.imanudin.web.id 
       
root@ubuntu:/home/ubuntu/zfzi-1.0.0# su zulip -c '/home/zulip/deployments/current/manage.py query_ldap [email protected]'
--- skip ---
returned 1 objects: uid=admin,ou=people,dc=imanudin,dc=web,dc=id
full_name: admin
email: [email protected]

Zimbra:

zmprov gd imanudin.web.id zimbraZulipChatDomainId

Example output

zimbraZulipChatDomainId: imanudinwebid

Regenerate Zimbra proxy servers

/opt/zimbra/libexec/zmproxyconfgen
zmproxyctl reload

# Create Chat Account

Login to Zimbra Admin Console. Go to Configure > Domain > the domain. Click “Provision all accounts” button. Click “Get accounts” button and confirm accounts have been deployed on Chat server

Enable Basic Chat:

You can enable zimbraFeatureZulipChatEnabled and zimbraFeatureBasicOneToOneChatEnabled at domain, COS or account level

Example enable Basic Chat on COS level

zmprov mc default zimbraFeatureZulipChatEnabled TRUE zimbraFeatureBasicOneToOneChatEnabled TRUE

Enable Advanced Chat:

You can enable zimbraFeatureZulipChatEnabled and zimbraFeatureAdvancedChatEnabled at domain, COS or account level

Example Enable Basic Chat on COS level

zmprov mc default zimbraFeatureZulipChatEnabled TRUE zimbraFeatureAdvancedChatEnabled TRUE

# Test Zimbra Chat

Login to webmail. In the sidebar, you can see chat icon (for the basic chat)

For advanced chat, please select chat menu in the top bar

Good Luck 🙂

2 comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.