Ctrl+K
What do you think about our new Documentation Layout? Take the survey
Back to Documentation Hub

Database

Database#

To install Carbonio CE, the availability of a Postgres database is required. It is possible to install the Postgres database in a separate structure (as long as access to the service is guaranteed) or you can opt to directly access a Postgres database provided by a cloud service provider.

Obviously it is also possible to install a node dedicated to Postgres in the same infrastructure that hosts the Carbonio CE nodes. Below are the steps to follow in this case.

Installation of PostgreSQL#

Warning

In case you install this Role on a Node which already features the Mesh and Directory Role, make sure you do not install the service-discover-agent package.

Repository Setup

# sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

# wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

# wget -O- "https://www.postgresql.org/media/keys/ACCC4CF8.asc" | \
gpg --dearmor | sudo tee /usr/share/keyrings/postgres.gpg > \
/dev/null

# chmod 644 /usr/share/keyrings/postgres.gpg
# sed -i 's/deb/deb [signed-by=\/usr\/share\/keyrings\/postgres.gpg] /' /etc/apt/sources.list.d/pgdg.list

# dnf -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm

# apt update
# apt install postgresql-16 service-discover-agent

# apt update
# apt install postgresql-16 service-discover-agent

To make sure that Postgresql 16 is installed, run commands

# dnf -qy module disable postgresql
# dnf -y install postgresql16 postgresql16-server service-discover-agent

Once installed, initialise and enable the database

# /usr/pgsql-16/bin/postgresql-16-setup initdb
# systemctl enable --now postgresql-16

Carbonio CE relies on a number of databases to store and keep track of all the objects it needs to manage. The main database can be configured in few steps.

Note

If you are running Carbonio CE on RHEL 8, make sure you installed and configured PostgreSQL 16 according to the instruction in section Preliminary Tasks.

We start by defining a robust password for PostgreSQL’s administrative user.

# read -s -p "Insert Password:" DB_ADM_PWD

When prompted, enter a password of your choice: it will be stored in a variable denoted $DB_ADM_PWD that can be used throughout the whole procedure. It is important to notice that the password is accessible to the user (root) in the current terminal only. No one else can access it and it will be deleted upon logging out.

# su - postgres -c "psql --command=\"CREATE ROLE carbonio_adm WITH LOGIN SUPERUSER encrypted password '$DB_ADM_PWD';\""

Remember to replace the password with a robust password of your choice and store it in a safe place (preferably using a password manager), as you need it in the remainder of the procedure, and you also might need them in the future. This password will be denoted as DB_ADM_PWD.

The second step is to create the database.

# su - postgres -c "psql --command=\"CREATE DATABASE carbonio_adm owner carbonio_adm;\""

You can manually delete the variable–and the password it stores– at any moment with the command below, but remember that you need it in the next step.

# unset DB_ADM_PWD

Finally, allow the other nodes to access the databases that will be stored on this node by running these commands.

# su - postgres -c "psql --command=\"ALTER SYSTEM SET listen_addresses TO '*';\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET max_connections = 500;\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET shared_buffers = 5000;\""
# echo "host    all             all             0.0.0.0/0            md5" >> /etc/postgresql/16/main/pg_hba.conf
# systemctl restart postgresql

# su - postgres -c "psql --command=\"ALTER SYSTEM SET listen_addresses TO '*';\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET max_connections = 500;\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET shared_buffers = 5000;\""
# echo "host    all             all             0.0.0.0/0            md5" >> /etc/postgresql/16/main/pg_hba.conf
# systemctl restart postgresql

# su - postgres -c "psql --command=\"ALTER SYSTEM SET listen_addresses TO '*';\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET max_connections = 500;\""
# su - postgres -c "psql --command=\"ALTER SYSTEM SET shared_buffers = 5000;\""
# echo "host    all             all             0.0.0.0/0            md5" >> /var/lib/pgsql/16/data/pg_hba.conf
# systemctl restart postgresql-16

Hint

You may replace the 0.0.0.0/0 network with the one within the cluster is installed (e.g., 172.16.0.0/24) to prevent unwanted accesses.

Installation of Carbonio CE databases# 

# apt install carbonio-files-db carbonio-mailbox-db \
  carbonio-docs-connector-db carbonio-tasks-db \
  service-discover-agent

# dnf install carbonio-files-db carbonio-mailbox-db \
  carbonio-docs-connector-db carbonio-tasks-db \
  service-discover-agent

Bootstrap Carbonio CE# 

# carbonio-bootstrap

The bootstrap command will execute a number of tasks and will set up the node. At the end, you will be prompted with a menu and, if you already configured all, you only need to click y for confirmation.

During the process, you need to provide these values, which you can retrieve from the first Mesh and Directory node.

  • Ldap master host is the FQDN of the first Mesh and Directory node, (example: ldap-mstr.example.com)

  • Ldap Admin password is obtained from the first Mesh and Directory node (ldap-admin-password)

Join Carbonio Mesh#

Carbonio Mesh is required to allow communication between Carbonio CE and its components. The configuration is interactively generated by command

# service-discover setup-wizard

This command will:

  • ask for the IP address and netmask

  • ask for the Carbonio Mesh secret, which is used for setups, management, and to access the administration GUI. See section Carbonio Mesh Administration Interface for more information.

    This password will be denoted as MESH_SECRET throughout the documentation.

    Hint

    We suggest to use a robust password which is at least 16 characters long, including at least one of lowercase and uppercase letters, numbers, special characters and store it in a password manager.

    In case the password is lost or the credential file becomes corrupted and unusable, you can reset them using the procedure detailed in section Carbonio Mesh Credentials.

  • store the setup in file /etc/zextras/service-discover/cluster-credentials.tar.gpg

To complete Carbonio Mesh installation, run

# pending-setups -a

Hint

The secret is stored in file /var/lib/service-discover/password, which is accessible only by the root user.

Bootstrap Carbonio Databases#

You can use the password of the Postgres user carbonio_adm that you defined when installing the Database role or any other administrator user created previously.

You need to run the commands only if the corresponding Role is installed.

Carbonio Files
# PGPASSWORD=$DB_ADM_PWD carbonio-files-db-bootstrap carbonio_adm 127.0.0.1
Carbonio Tasks
# PGPASSWORD=$DB_ADM_PWD carbonio-tasks-db-bootstrap carbonio_adm 127.0.0.1
Carbonio Workstream Collaboration
# PGPASSWORD=$DB_ADM_PWD carbonio-ws-collaboration-db-bootstrap carbonio_adm 127.0.0.1
Carbonio Workstream Collaboration Dispatcher
# PGPASSWORD=$DB_ADM_PWD carbonio-message-dispatcher-db-bootstrap carbonio_adm 127.0.0.1
Contents