[Dovecot] Dovecot replication - I'm stuck
Hi,
I've been following the wiki document at http://wiki2.dovecot.org/Replication, but I've become stuck.
I'm running version 2.1.3 on NetBSD 5.2 (v2.2+ isn't available as a package yet, and compiling my own is well outside my wheelhouse).
I have a couple of questions:
The wiki page keeps referring to "vmail". Is this a just system user I need to create? Presumably on both Dovecot boxes?
If I don't use virtual users, do I need this?
Here is my dovecot -n:
# 2.1.3: /usr/pkg/etc/dovecot/dovecot.conf # OS: NetBSD 5.2 cobalt auth_mechanisms = plain login dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u listen = 192.168.1.1 login_greeting = Go on then, let's have it... mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " notify replication" passdb { driver = passwd } plugin { mail_replica = remote:vmail@server2.mydomain.com replication_full_sync_interval = 1 hours } protocols = imap service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } service imap-login { inet_listener imap { port = 0 } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl_cert = </etc/openssl/certs/mail.mydomain.com.crt ssl_key = </etc/openssl/private/mail.mydomain.com.key userdb { driver = passwd } protocol lda { postmaster_address = postmaster@mydomain.com }
Any help would be greatly appreciated, as I'd really love to get this working.
Thanks,
-Mark
Yes, create the vmail user on both boxes and set up key-based authentication via SSH so the two can talk to each other without passwords.
Also, best upgrade to dovecot 2.2 as mentioned on the wiki page, as only 2.2 supports incremental syncing of mailboxes.
Regards, Lucas
Am 28.10.13 01:43, schrieb IT geek 31:
Hi,
I've been following the wiki document at http://wiki2.dovecot.org/Replication, but I've become stuck.
I'm running version 2.1.3 on NetBSD 5.2 (v2.2+ isn't available as a package yet, and compiling my own is well outside my wheelhouse).
I have a couple of questions:
The wiki page keeps referring to "vmail". Is this a just system user I need to create? Presumably on both Dovecot boxes?
If I don't use virtual users, do I need this?
Here is my dovecot -n:
# 2.1.3: /usr/pkg/etc/dovecot/dovecot.conf # OS: NetBSD 5.2 cobalt auth_mechanisms = plain login dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u listen = 192.168.1.1 login_greeting = Go on then, let's have it... mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " notify replication" passdb { driver = passwd } plugin { mail_replica = remote:vmail@server2.mydomain.com replication_full_sync_interval = 1 hours } protocols = imap service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } service imap-login { inet_listener imap { port = 0 } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl_cert = </etc/openssl/certs/mail.mydomain.com.crt ssl_key = </etc/openssl/private/mail.mydomain.com.key userdb { driver = passwd } protocol lda { postmaster_address = postmaster@mydomain.com }
Any help would be greatly appreciated, as I'd really love to get this working.
Thanks,
-Mark
-- Lucas Rothamel Eye Catching Webdesign info@eye-catching-webdesign.de - www.eye-catching-webdesign.de
You know, we go to the gym to keep the body fit. Similarly the mind needs some rest. The mind is bombarded with so many impressions. Our mind has been bombarded by impressions the whole time. It needs a different kind of rest other than sleep. And meditation is such a rest. It calms the mind. energizes the spirit and makes the body more strong and vibrant. improves the immune system. The immune cells, the T-cell count go higher through Sudarshan Kriya and meditation. And you feel so nice inside. - Sri Sri Ravi Shankar I love deadlines. I like the whooshing sound they make as they fly by. -- Douglas Adams
Hi Lucas,
Thanks for your response. I have done that, and when logged into both servers as the vmail I can SSH to the other server and am not challenged for a password (I'm using keys).
However when I restart Dovecot I get the following error:
Oct 28 10:36:11 server1 dovecot: dsync-local(vmail): Error: remote: Permission denied, please try again. Oct 28 10:36:11 server1 dovecot: dsync-local(vmail): Error: remote: Permission denied, please try again. Oct 28 10:36:11 server1 dovecot: dsync-local(vmail): Error: remote: Permission denied (publickey,password,keyboard-interactive). Oct 28 10:36:11 server1 dovecot: dsync-local(vmail): Error: read() from worker server failed: EOF
So even though I can SSH from one server to another using key-based auth and the vmail account, it appears dsync can't.
Any ideas?
-Mark
On 28 October 2013 06:59, Lucas Rothamel - Eye Catching Webdesign < info@eye-catching-webdesign.de> wrote:
Yes, create the vmail user on both boxes and set up key-based authentication via SSH so the two can talk to each other without passwords.
Also, best upgrade to dovecot 2.2 as mentioned on the wiki page, as only 2.2 supports incremental syncing of mailboxes.
Regards, Lucas
Am 28.10.13 01:43, schrieb IT geek 31:
Hi,
I've been following the wiki document at http://wiki2.dovecot.org/**Replication<http://wiki2.dovecot.org/Replication>, but I've become stuck.
I'm running version 2.1.3 on NetBSD 5.2 (v2.2+ isn't available as a package yet, and compiling my own is well outside my wheelhouse).
I have a couple of questions:
The wiki page keeps referring to "vmail". Is this a just system user I need to create? Presumably on both Dovecot boxes?
If I don't use virtual users, do I need this?
Here is my dovecot -n:
# 2.1.3: /usr/pkg/etc/dovecot/dovecot.**conf # OS: NetBSD 5.2 cobalt auth_mechanisms = plain login dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u listen = 192.168.1.1 login_greeting = Go on then, let's have it... mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " notify replication" passdb { driver = passwd } plugin { mail_replica = remote:vmail@server2.mydomain.**com<remote%3Avmail@server2.mydomain.com> replication_full_sync_interval = 1 hours } protocols = imap service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth { unix_listener /var/spool/postfix/private/**auth { group = postfix mode = 0660 user = postfix } user = root } service imap-login { inet_listener imap { port = 0 } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 } } ssl_cert = </etc/openssl/certs/mail.**mydomain.com.crt ssl_key = </etc/openssl/private/mail.**mydomain.com.key userdb { driver = passwd } protocol lda { postmaster_address = postmaster@mydomain.com }
Any help would be greatly appreciated, as I'd really love to get this working.
Thanks,
-Mark
-- Lucas Rothamel Eye Catching Webdesign info@eye-catching-webdesign.de - www.eye-catching-webdesign.de
You know, we go to the gym to keep the body fit. Similarly the mind needs some rest. The mind is bombarded with so many impressions. Our mind has been bombarded by impressions the whole time. It needs a different kind of rest other than sleep. And meditation is such a rest. It calms the mind. energizes the spirit and makes the body more strong and vibrant. improves the immune system. The immune cells, the T-cell count go higher through Sudarshan Kriya and meditation. And you feel so nice inside. - Sri Sri Ravi Shankar I love deadlines. I like the whooshing sound they make as they fly by. -- Douglas Adams
On Mon, Oct 28, 2013 at 01:43:48AM +0100, IT geek 31 wrote:
I've been following the wiki document at http://wiki2.dovecot.org/Replication, but I've become stuck.
I'm running version 2.1.3 on NetBSD 5.2 (v2.2+ isn't available as a package yet, and compiling my own is well outside my wheelhouse).
I have a couple of questions:
The wiki page keeps referring to "vmail". Is this a just system user I need to create? Presumably on both Dovecot boxes?
If I don't use virtual users, do I need this?
No. If you're using system users, each user owns his/her own mail. Replication would have to be done as root (or of course by a special user with sudo or other privilege escalation.)
Scroll further down that page to the part about "dsync wrapper script for root SSH login (v2.2+)", but oops, you don't have 2.2. Sad. I guess you'll either have to upgrade or figure out another way to do this (probably out of Dovecot scope.)
Here is my dovecot -n: snip
http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Ah, gutted. Neither are an option right now.
Thanks for your help anyway.
-Mark
On 28 October 2013 15:13, /dev/rob0 <rob0@gmx.co.uk> wrote:
On Mon, Oct 28, 2013 at 01:43:48AM +0100, IT geek 31 wrote:
I've been following the wiki document at http://wiki2.dovecot.org/Replication, but I've become stuck.
I'm running version 2.1.3 on NetBSD 5.2 (v2.2+ isn't available as a package yet, and compiling my own is well outside my wheelhouse).
I have a couple of questions:
The wiki page keeps referring to "vmail". Is this a just system user I need to create? Presumably on both Dovecot boxes?
If I don't use virtual users, do I need this?
No. If you're using system users, each user owns his/her own mail. Replication would have to be done as root (or of course by a special user with sudo or other privilege escalation.)
Scroll further down that page to the part about "dsync wrapper script for root SSH login (v2.2+)", but oops, you don't have 2.2. Sad. I guess you'll either have to upgrade or figure out another way to do this (probably out of Dovecot scope.)
Here is my dovecot -n: snip
http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
participants (3)
-
/dev/rob0
-
IT geek 31
-
Lucas Rothamel - Eye Catching Webdesign