How to bind Zimbra to a specific IP? Run Apache on the same server
So, something that came out of a comments posting from another article – how to integrate Z-Push – was the question ‘Is it possible to run Apache on the same server?’ The answer is yes, providing you have multiple IP’s – there is another way to proxy the requests but im not doing to discuss that here. So, if you want to bind the web GUI to a specific IP, use the following. This does not bind Postfix to only 1 IP, i see no need for that personally.
This method should work on all versions of Zimbra that utilise Jetty as the web server, that should be Zimbra version 5.x and above; including 6.x. Edit the following files:
- /opt/zimbra/mailboxd/etc/jetty.xml.in
- /opt/zimbra/mailboxd/etc/zimbra.web.xml.in
- /opt/zimbra/mailboxd/etc/zimbraAdmin.web.xml.in
- su – zimbra
- zmcontrol stop; zmcontrol start
<Set name=”Host”>your-ip-address</Set>
Add the above entry to the HTTP connector, or HTTPS – depending which you are using, it should look like the below:
<!– =========================================================== –>
<!– Set connectors –>
<!– =========================================================== –><!– user services connector, no SSL –>
<!– HTTPBEGIN
<Call name=”addConnector”>
<Arg>
<New id=”http”>
<Set name=”port”><SystemProperty name=”jetty.port” default=”%%zimbraMailPort%%”/></Set>
<Set name=”maxIdleTime”>30000</Set>
<Set name=”lowResourceMaxIdleTime”>1000</Set>
<Set name=”Acceptors”>2</Set>
<Set name=”confidentialPort”>%%zimbraMailSSLPort%%</Set>
<Set name=”useDirectBuffers”>%%zimbraMailUseDirectBuffers%%</Set>
<Set name=”Host”>your-ip-address</Set>
</New>
</Arg>
</Call>
HTTPEND –><!– user services connector, SSL –>
<!– HTTPSBEGIN –>
<Call name=”addConnector”>
<Arg>
<New id=”ssl”>
<Set name=”Port”>%%zimbraMailSSLPort%%</Set>
<Set name=”useDirectBuffers”>%%zimbraMailUseDirectBuffers%%</Set>
<Set name=”maxIdleTime”>30000</Set>
<Set name=”lowResourceMaxIdleTime”>1000</Set>
<Set name=”Acceptors”>2</Set>
<Set name=”keystore”><SystemProperty name=”jetty.home” default=”.”/>/etc/keystore</Set>
<Set name=”password”>@@mailboxd_keystore_password@@</Set>
<Set name=”KeyPassword”>@@mailboxd_keystore_password@@</Set>
<Set name=”ExcludeCipherSuites”>
<Array type=”java.lang.String”>
%%zimbraSSLExcludeCipherSuitesXML%%
</Array>
</Set>
<Set name=”Host”>your-ip-address</Set>
</New>
</Arg>
</Call>
<!– HTTPSEND –>
Uncomment the SOAP URL, so it changes from this:
<!– =============
<context-param>
<param-name>zimbra.soap.url</param-name>
<param-value>http://localhost:7070/service/soap</param-value>
</context-param>
–>
To the following, notice the :7070 disappears and is instead replaced by your IP – note change HTTP to HTTPS if youre using that instead:
<context-param>
<param-name>zimbra.soap.url</param-name>
<param-value>https://your-ip-address/service/soap</param-value>
</context-param>
Now we need to do the same for the above file, uncomment the SOAP URL and modify to HTTP or HTTPS, removing port 7070:
<!– =============
<context-param>
<param-name>zimbra.soap.url</param-name>
<param-value>http://localhost:7070/service/soap</param-value>
</context-param>
–>
To this:
<context-param>
<param-name>zimbra.soap.url</param-name>
<param-value>https://your-server-ip/service/soap</param-value>
</context-param>
I obviously strongly recommend you backup, by copying, all the files BEFORE you modify them – making roll back easy. Im not currently using this method, as i moved my web server to a separate box – but it was from my notes, so should work! Let me know if you have any issues and ill do my best to help….
Hi,
can you maybe write a post about the way to proxy the requests?
Thanks a lot!
JOe