Skip navigation

Moving from Linux to OS X Server

1579 Views 9 Replies Latest reply: Jan 15, 2013 10:59 AM by Jonathan2001 RSS Branched to a new discussion.
Jonathan2001 Calculating status...
Currently Being Moderated
Jan 9, 2013 10:48 PM

We're migrating our home server (email, web, file sharing, ...) from an older RedHat Linux machine to a fast new Mac Mini running OS X server, to complement our growing number of Mac OS machines at home.

 

I'm trying to figure out how to best configure our system. I've used the Server.app and Workgroup Manager to configure a bunch of the basics, and believe I will be pretty happy using the GUI tools to manage file sharing, and some of the basic services.

 

I have relatively complex settings for postfix/dovecot and apache httpd from my linux server that I would like to migrate in a reasonable way. I am a little confused about how the GUI interacts with the underlying settings within the MacOS server for the built-in mail and web servers.

 

I've seen some people reference commands like "sudo serveradmin settings XYZ" however I haven't found a complete reference manual describing all the potential commands, and it feels like a hacky approach. (Is there a reference manual for all settings?) How do commands like these relate to plist files floating around on the server? Is this documented somewhere?

 

I think I would be more comfortable directly editing config files and then restarting services...I think I could more or less reuse my more complex postfix or apache rules. A quick look around suggests they are in /private/etc. Is that correct? If I wish to edit these directly, what is the right way to restart services? If I edit them directly, will it mess up Server.app GUI? Will it be compatible with issuing individual "sudo serveradmin settings mail:XYZ" commands? Will it make it more difficult to upgrade to OS X Server 10.9 in the future?

 

More broadly, I guess I'm interested in best practices for tuning OS X server to meet my needs...

OS X Server
  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jan 10, 2013 4:40 AM (in response to Jonathan2001)

    If you are used to edit configuration files, then it will certainly be easier for you to continue doing so. This gives you way more control than Server.app or serveradmin.

     

    Manual settings are preserved if you are careful about where you place your changes. Most configuration files that Server.app touches, have commented sections which tell you what you shouldn't touch.

     

    As a rule of thumb, wherever supported, don't modify the main config file, but put your changes into a linked/included file. Apache and Dovecot can handle that well. For Postfix, put your changes at the end of main.cf. Postfix will always keep the last instance of a parameter it reads.

     

    Paths:

    Mail config (Postfix, amavisd, etc): /Library/Server/Mail/Config

    Postfix: /Library/Server/Mail/Config/postfix

    Dovecot: /Library/Server/Mail/Config/dovecot and /Library/Server/Mail/Config/dovecot/conf.d

    Apache: /Library/Server/Web/Data

    For Apache it may be worth considering webapps. See:

    man webappctl

    man webapp.plist

     

    HTH,

    Alex

  • FromOZ Level 2 Level 2 (400 points)
    Currently Being Moderated
    Jan 10, 2013 7:49 AM (in response to Jonathan2001)

    "We're migrating our home server (email, web, file sharing, ...)" welcome, you're in a large demographic doing very similar thing.

     

    "from an older RedHat Linux machine " Gentoo for me

     

    For a complete (?) listing of all OS X related (?) mail settings you can run this command.

     

    sudo serveradmin settings mail

     

    you will see it lists settings for postfix, imap (dovecot).

     

    Settings can be changed by using this method and there are settings there, for example,

     

    mail:postfix:greylist_disable = no

     

    which are not in main.cf, which Postfix config file is it defined in??

     

    I agree with you that it is a bit of a 'mishmash' of places where one updates config/settings — and the functionality exposed via the UI might as well not have a UI for what it provides. And you do have to be careful what lines (for example in main.cf) you change because some Apple script can come along and clobber it. For example this command (which I believe is widely used in Postfix)

     

    smtpd_client_restrictions = 

     

    is in the 'Apple' section, will an Apple config setting script overwrite what I put in there?!?

     

    It is a bit of a challenge and I am also working on building up my knowledge of Posfix (was using Exim) to get it to do all I want. For example I want to have greylisting, seems nice feature, but that runs into problems with Google's annoying habit of not using the same mail server name to retry the mail sending after temp reject. So I am trying to whitelist Google's servers by any means - ideally MX server CIDR address ranges... or host domain name, or even domain of sending person. No luck so far don't know if you have any pointers in that area?

     

    What I am doing for the whole documentation thing as I set everything up — mail, certificates, web, Open Directory, Calendar, Contacts — is writing down everything I find out.

     

    This site has helpful info and not just on mail area

     

    http://krypted.com/mac-os-x/setting-up-the-mail-service-in-mountain-lion-server/

    Mac mini, OS X Server
  • FromOZ Level 2 Level 2 (400 points)
    Currently Being Moderated
    Jan 10, 2013 8:31 AM (in response to Jonathan2001)

    Also one tip — if you want some OS X Server specific documentation from Apple you could download from the Apple support site all the Snow Leopard docs. That was the last version where they made available substiantial documentation. Some systems and apps have changed but it is helpful information and covers some apps that haven't changed.

  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jan 11, 2013 11:20 AM (in response to Jonathan2001)

    There's a seperate /etc/postfix/main.cf file (symlinked to /private/etc/postfix/main.cf). It seems to point to config_directory /Library/Server/Mail/Config/postfix. Any idea what this /etc based file is for? My conclusion thus far is that it is installed as a part of the OSX **non-server** base install for the postfix that is used by the "desktop OS" to allow mails to be sent. Is this accurate?

    Yes, you are correct.

     

    Primary issue: I want to make sure that I am accurately configuring postfix. I tried changing the reciipient_delimiter setting to see if I can get the server to propigate the settings. Here's what I've done so far -

    1) edit the /Library/.../main.cf file

    2) sudo serveradmin stop mail

    3) sudo serveradmin start mail

    4) run "postconf -n" ... and yet I don't see the change reflected.

    If I run "postconf -c /Library/Server/Mail/Config/postfix -n" it looks like the changes are reflected, but without going through some tests against the server on port 25 it's hard for me to debug what's going on.

    The correct Postfix config files are in /Library/Server/Mail/Config/postfix so postconf -c /Library/Server/Mail/Config/postfix -n is the way to go.

    Sometimes it may seem to you that changes are reflected also in /etc/postfix/main.cf, but that is simply because serveradmin periodically copies /Library/Server/Mail/Config/postfix/main.cf to /etc/postfix/main.cf

     

    BTW: Changes in main.cf do not require restarting of al mail services. Simply use:

    sudo postfix reload

     

     

    Potential issue that I expect to see soon: Several of the settings that I'd like to change are located in other postfix configuration files - such as the "aliases" file. On other machines I've run commands like "newaliases" to compile new alias.db files, which typically will go into their default hash db location within etc -- like /etc/aliases.db. It would appear that there aren't any custom settings for this defined in either the /Library/.../main.cf file so it would seem like my machine would continue with the default setting. But doing this feels wierd since the OS X Server has gone to great lengths to keep config settings in the /Library/... location.

    Instead of postalias, use postalias /Library/Server/Mail/Config/postfix/aliases

    (newaliases is only needed for sendmail backwards compatibility)

     

     

    Another best practice question: on other machines with postfix it made sense to deliver spooled mail into Mailbox files located within /Users/username/Mailbox rather

    than to a centrally spooled location. I'm somewhat inclined to do that just for transparency sake but perhaps this is a place where Apple and Server.app know best for their enviornment. Thoughts?

    You could change this if you like, but it doesn't really make a difference and you are correct Server.app would go bonkers. Also, putting mail in users directories made sense in the "old days" where users would actually log onto the server and be restriced to their home directory. Nowadays users simply access mail or other services through some kind of front end application.

     

    HTH,

    Alex

  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jan 14, 2013 5:39 AM (in response to Jonathan2001)

    If you want to use the local sendmail interface with Alpine, you should be able to add user creds to submit.cred (haven't tested it, but should work).

     

    That said, even though authenticated SMTP is not necessary on locally transmitted mail, there are no ill effects using it. (I actually try to always use postfix SMTP directly as I can use different ports with different features - like DKIM signing, etc).

     

    Regarding the mailboxes, yes, Apple's setup expects _dovecot:mail permissions. This was introduced in 10.7. The 10.6 implementation used GUID:mail. Don't have it handy right now, but if you check the 10.6 default configurations, youcould find the parameters needed to play nicely with what you'd like to achieve.

     

    HTH,

    Alex

Actions

More Like This

  • Retrieving data ...

Bookmarked By (2)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.