Initiation à Puppet (Configuration : Editeurs – SSH – Apache)

Introduction

Ce tuto permet de configurer les services Apache2, SSH et d’installer des paquets et en supprimer (exemple les éditeurs) via Puppet.

Bien regarder ou les commandes sont exécutées : puppetmaster ou workstation

Fixer les adresses IP

VM 1

root@SRV-DEBIAN:~# nano /etc/network/interfaces

# The primary network interface 
allow-hotplug eth0 iface eth0 inet static
address 192.168.33.162
netmask 255.255.255.0 
gateway 192.168.33.2  

allow-hotplug eth1 
iface eth1 inet static
address 172.17.2.2
netmask 255.255.255.0 

VM 2

root@SRV-DEBIAN:~# nano /etc/network/interfaces

# The primary network interface 
allow-hotplug eth0 iface eth0 inet static
address 192.168.33.100
netmask 255.255.255.0 
gateway 192.168.33.2  

allow-hotplug eth1 
iface eth1 inet static
address 172.17.2.3
netmask 255.255.255.0 

Changeons les noms

root@SRV-DEBIAN:~# echo "puppetmaster" > /etc/hostname 
root@SRV-DEBIAN:~# /etc/init.d/hostname.sh  
root@SRV-DEBIAN:~# echo "workstation" > /etc/hostname 
root@SRV-DEBIAN:~# /etc/init.d/hostname.sh 

Configuration DNS

Installation du serveur DNS

root@puppetmaster:~# apt-get install bind9

Configuration du Forwarder

root@puppetmaster:~# cd /etc/bind/ 
root@puppetmaster:/etc/bind# nano named.conf.options          

// the all-0's placeholder.  
        forwarders {
                 8.8.8.8;
          };  
root@puppetmaster:/etc/bind# service bind9 restart 

Modifier les serveurs DNS sur vos VM

root@puppetmaster:/etc/bind# apt-get install resolvconf 
root@puppetmaster:~# nano /etc/resolvconf/resolv.conf.d/base  

domain utopia.net 
search utopia.net 
nameserver 172.17.2.2 

root@puppetmaster:~# reboot 

root@workstation:~# apt-get install resolvconf 
root@workstation:~# nano /etc/resolvconf/resolv.conf.d/base  

domain utopia.net 
search utopia.net 
nameserver 172.17.2.2 

root@workstation:~# reboot 

Créer une nouvelle zone DNS

root@puppetmaster:/etc/bind# nano named.conf.default-zones  

zone "utopia.net" {
         type master;
         file "/etc/bind/db.utopia.net";
 };
  
root@puppetmaster:/etc/bind# cp db.local db.utopia.net 
root@puppetmaster:/etc/bind# nano db.utopia.net

 ; ; BIND data file for local loopback interface
 ; $TTL    604800
 @       IN      SOA     ns.utopia.net. root.utopia.net.(                               2         ; Serial
                          604800         ; Refresh                           86400         ; Retry
                         2419200         ; Expire
                          604800 )       ; Negative Cache TTL 
;
@       IN      NS      ns.utopia.net. 
ns      IN      A       172.17.2.2 
puppetmaster    IN      A       172.17.2.2 
workstation     IN      A       172.17.2.3 
www       IN        A        192.168.33.100 

root@puppetmaster:/etc/bind# service bind9 restart
[....] Stopping domain name service...: bind9waiting for pid 3366 to die . ok 
[ ok ] Starting domain name service...: bind9. 

Test

root@puppetmaster:/etc/bind# ping workstation.utopia.net -c2 
PING workstation.utopia.net (172.17.2.3) 56(84) bytes of data. 
64 bytes from 172.17.2.3: icmp_req=1 ttl=64 time=0.383 ms 
64 bytes from 172.17.2.3: icmp_req=2 ttl=64 time=0.647 ms 

root@workstation:~# ping puppetmaster.utopia.net -c2 
PING puppetmaster.utopia.net (172.17.2.2) 56(84) bytes of data. 
64 bytes from 172.17.2.2: icmp_req=1 ttl=64 time=0.241 ms 
64 bytes from 172.17.2.2: icmp_req=2 ttl=64 time=0.479 ms 

Configuration de Puppet

Installation de Puppet

root@workstation:~# apt-get install puppet 
root@workstation:~# nano /etc/puppet/puppet.conf 

[main]
server=puppetmaster.utopia.net 

root@puppetmaster:/etc/bind# apt-get install puppetmaster 

root@workstation:~# puppetd --test --waitforcert 60 
notice: Did not receive certificate 
root@puppetmaster:~# puppetca --list   
"workstation.utopia.net" (F2:41:3D:A0:CB:7A:C5:47:A2:B8:48:86:DA:BD:D0:FD) 
root@puppetmaster:~# puppetca --sign workstation.utopia.net 
notice: Signed certificate request for workstation.utopia.net notice: Removing file Puppet::SSL::CertificateRequest workstation.utopia.net at '/var/lib/puppet/ssl/ca/requests/workstation.utopia.net.pem' 

Activer Puppet

root@workstation:~# echo "START=yes" > /etc/default/puppet 
root@workstation:~# service puppet start 
[ ok ] Starting puppet agent. 

Activer le transfert de fichier puppet

root@puppetmaster:/# nano /etc/puppet/manifests/site.pp  
filebucket { 'main': server => 'puppetmaster.utopia.net' }
File { backup => 'main' }  
import "nodes" 

Créer l’arborescence des répertoires

root@puppetmaster:/# cd /etc/puppet/modules/ 
root@puppetmaster:/etc/puppet/modules# mkdir -p {editor,sshdconfig,apache}/{manifests,files,templates} 

Configuration d’Editeurs

root@puppetmaster:~# nano /etc/puppet/modules/editor/manifests/init.pp  
class editor {  
        package {
                 "vim":
                        ensure => installed
              }  
        package {
                 "nano":
                        ensure => absent
                 }  
        package {
                 "curl":
                        ensure => installed
              }  
} 

Déclaration des Nodes et affectation des class

root@puppetmaster:/etc/puppet/modules# nano /etc/puppet/manifests/nodes.pp  

node 'basenode' {
include editor
 }  
node 'workstation.utopia.net' inherits 'basenode' {
 } 

Configuration de SSH

root@puppetmaster:~# nano /etc/puppet/modules/sshdconfig/manifests/init.pp
  
class sshdconfig {
         sshd_config{ puppet: listenaddress => $ipaddress } 

package {
                 "openssh-server":
                         ensure => latest
                 }
 }  

define sshd_config($listenaddress) {
         file         
{ "/etc/ssh/sshd_config":
                 path    => "/etc/ssh/sshd_config",
                 owner   => root,
                 group   => root,
                 mode    => 444,
                 content => template("sshdconfig/sshd_config.erb"),
                 notify  => Service[ssh],
         }  
        service         
{ ssh:
                 ensure  => running
         }
 } 

Créer le template de SSH

root@puppetmaster:~# nano /etc/puppet/modules/sshdconfig/templates/sshd_config.erb  

Port 2222 
Protocol 2 
PermitRootLogin yes 
PasswordAuthentication yes 
X11Forwarding yes 
Banner /etc/motd

Ajouter SSH sur le node workstation

root@puppetmaster:/# nano /etc/puppet/manifests/nodes.pp 

node 'basenode' {
 include editor 
}  
node 'workstation.utopia.net' inherits 'basenode' {
 include sshdconfig 
}  

root@puppetmaster:/# service puppetmaster restart 
[ ok ] Restarting puppet master. 

Tester votre configuration

root@workstation:/etc/puppet/templates# puppetd --test
root@puppetmaster:~# ssh -p 2222 root@workstation.utopia.net
 
The authenticity of host '[workstation.utopia.net]:2222 ([172.17.2.3]:2222)' can't be established. 
ECDSA key fingerprint is 3f:2f:bf:98:26:ae:59:8f:69:62:9b:cb:c5:89:77:41. 
Are you sure you want to continue connecting (yes/no)? yes 

Warning: Permanently added '[workstation.utopia.net]:2222,[172.17.2.3]:2222' (ECDSA) to the list of known hosts. 
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. 

root@workstation:~# logout 
Connection to workstation.utopia.net closed. 

root@puppetmaster:~# 

Configuration d’Apache

root@puppetmaster:~# nano /etc/puppet/modules/apache/manifests/init.pp  

class apache {
  
        
case $operatingsystem {
                                    debian, ubuntu: { $apache_name = 'apache2'}
                                    fedora, redhat: { $apache_name = 'httpd' }                               }  
        
package {
                 "apache":
                         name => $apache_name,
                         ensure => latest
                 }
  
        
service {
                 "apache":
                         name => $apache_name,
                         ensure => running,
                         enable => true,
                         hasstatus => true,
                         hasrestart => true,
                         require => Package[$apache_name]
                 }
  
        
file    { "/etc/apache2/sites-available/default":

                         owner => root,
                         group => root,
                         mode => 644,
                         content => template("apache/default.erb"),
                         notify => Service[$apache_name],
                         require => Package[$apache_name]
                 }  
         
file   { "/etc/apache2/sites-enabled/default":

                        ensure => link,
                        target => '/etc/apache2/sites-available/default'
                 }  

Création du template pour apache

root@puppetmaster:~# nano /etc/puppet/modules/apache/templates/default.erb

<VirtualHost <%= ipaddress_eth0 %>:80>
         ServerAdmin webmaster@localhost
         Servername www.utopia.net
         DocumentRoot /var/www/utopia.net
         ErrorLog /var/log/apache2/error.log
         LogLevel warn
         CustomLog /var/log/apache2/access.log combined
 </VirtualHost>  

Créer le répertoire utopia.net et le Index.html

root@workstation:~# mkdir -p /var/www/utopia.net 
root@workstation:~# vim /var/www/utopia.net/index.html
<html> 
<body> 
<h1>Welcome to Utopia.net</h1> 
</body> 
</html>

Affecter la configuration d’Apache sur le node Workstation

root@puppetmaster:/# nano /etc/puppet/manifests/nodes.pp  

node basenode {
 include editor 
}  

node workstation.utopia.net inherits basenode {
include ssh 
include apache 
}

Redémarrer le service puppetmaster

root@puppetmaster:~# service puppetmaster restart 

Tester la Configuration

root@workstation:~# puppetd --test 

Naviguer sur la page http://www.utopia.net

root@workstation:~# curl http://www.utopia.net 

<html> 
<body> 
<h1>Welcome to Utopia.net</h1> 
</body> 
</html>

Serveur Mail IMAPs-POPs-SMTPs

Fixer les adresses IP :

root@SRV-DEBIAN:~# nano /etc/network/interfaces
allow-hotplug eth1
iface eth1 inet static
address 172.17.2.2
netmask 255.255.255.0
root@SRV-DEBIAN:~# ifdown eth0 eth1
root@SRV-DEBIAN:~# ifup eth0 eth1

Renommer votre serveur :

root@SRV-DEBIAN:~# echo "SRV-MAIL" > /etc/hostname
root@SRV-DEBIAN:~# /etc/init.d/hostname.sh

Configurer votre serveur DNS (Bind9)

Installer bind9

root@SRV-DEBIAN:~# apt-get install bind9

Configurer une zone (exemple : supmail.fr)

root@SRV-DEBIAN:~# cd /etc/bind
root@SRV-DEBIAN:/etc/bind# nano named.conf.default-zones

zone "supmail.fr" {
        type master;
        file "/etc/bind/db.supmail.fr";
};

root@SRV-DEBIAN:/etc/bind# cp db.local db.supmail.fr
root@SRV-DEBIAN:/etc/bind# nano db.supmail.fr

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     ns.supmail.fr. root.supmail.fr. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.
@       IN      MX 10   mail.supmail.fr.

ns      IN      A       172.17.2.2
mail    IN      A       172.17.2.2
pop     IN      CNAME   mail

Redémarrer le service et tester votre nouvelle zone

root@SRV-DEBIAN:/etc/bind# service bind9 restart
root@SRV-DEBIAN:/etc/bind# apt-get install dnsutils
root@SRV-DEBIAN:/etc/bind# dig @127.0.0.1 mx supmail.fr

;; QUESTION SECTION:
;supmail.fr.                    IN      MX

;; ANSWER SECTION:
supmail.fr.             604800  IN      MX      10 mail.supmail.fr.

;; AUTHORITY SECTION:
supmail.fr.             604800  IN      NS      ns.

;; ADDITIONAL SECTION:
mail.supmail.fr.        604800  IN      A       172.17.2.2

Ajouter l’adresse de votre serveur DNS sur votre serveur mail :

root@SRV-DEBIAN:/etc/bind# nano /etc/resolv.conf

domain localdomain
search localdomain
nameserver 127.0.0.1
nameserver 192.168.33.2

root@SRV-DEBIAN:/etc/bind# ping -c 3 mail.supmail.fr
PING mail.supmail.fr (172.17.2.2) 56(84) bytes of data.
64 bytes from 172.17.2.2: icmp_req=1 ttl=64 time=0.025 ms
64 bytes from 172.17.2.2: icmp_req=2 ttl=64 time=0.068 ms
64 bytes from 172.17.2.2: icmp_req=3 ttl=64 time=0.070 ms

Configurer vos services mail

Installer Postfix

root@SRV-DEBIAN:/etc/bind# apt-get install postfix

Installer Dovecot

root@SRV-DEBIAN:/etc/bind# apt-get install dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules sasl2-bin

Activer SASLAUTHD

root@SRV-DEBIAN:/etc/bind# nano /etc/default/saslauthd

# Should saslauthd run automatically on startup? (default: no)
START=yes

Générer les différents certificats :

root@SRV-DEBIAN:/etc/bind# cd
root@SRV-DEBIAN:~# openssl req -new -x509 -days 3650 -nodes -out "supmail.fr.cert" -keyout "supmail.fr.key"

Generating a 2048 bit RSA private key
.................................+++
........+++
writing new private key to 'supmail.fr.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:Nord
Locality Name (eg, city) []:Valenciennes
Organization Name (eg, company) [Internet Widgits Pty Ltd]:supmail.fr
Organizational Unit Name (eg, section) []:supmail.fr
Common Name (e.g. server FQDN or YOUR name) []:mail.supmail.fr
Email Address []:admin@supmail.fr

root@SRV-DEBIAN:~# ls
supmail.fr.cert  supmail.fr.key

Créer .pem à partir de la clé privé et de la clé publique

root@SRV-DEBIAN:~# cat supmail.fr.cert supmail.fr.key > supmail.fr.pem
root@SRV-DEBIAN:~# cp supmail.fr.* /etc/ssl/private/
root@SRV-DEBIAN:~# ls  /etc/ssl/private/
ssl-cert-snakeoil.key  supmail.fr.cert  supmail.fr.key  supmail.fr.pem

Certificat du CA

root@SRV-DEBIAN:/etc/ssl/private# cd /etc/ssl/certs/
root@SRV-DEBIAN:/etc/ssl/certs# openssl req -new -x509 -days 3650 -nodes -out "ca-certificates.crt" -keyout "ca-certificates.key"
Generating a 2048 bit RSA private key
..................................................................................................................................................................................+++
..........................................................................................+++
writing new private key to 'ca-certificates.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:Nord
Locality Name (eg, city) []:Valenciennes
Organization Name (eg, company) [Internet Widgits Pty Ltd]:supmail.fr
Organizational Unit Name (eg, section) []:supmail.fr
Common Name (e.g. server FQDN or YOUR name) []:mail.supmail.fr
Email Address []:admin@supmail.fr
root@SRV-DEBIAN:/etc/ssl/certs# ls
16174d9a  ca-certificates.crt  ca-certificates.key  ssl-cert-snakeoil.pem

Configuration de Postfix

root@SRV-DEBIAN:~# nano /etc/postfix/main.cf

smtpd_banner = $myhostname Welcome
biff = no
myorigin = /etc/mailname
mydestination =
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
# Your hostname and domain name here
myhostname=supmail.fr
mydomain=supmail.fr
myorigin=$mydomain
# Virtual mailbox configuration (/var/email should have been created through the previous commands)
virtual_mailbox_base=/var/email
virtual_mailbox_domains=hash:/etc/postfix/vmail_domains
virtual_mailbox_maps=hash:/etc/postfix/vmail_mailbox
virtual_alias_maps=hash:/etc/postfix/vmail_aliases
virtual_minimum_uid=100
virtual_uid_maps=static:7788
virtual_gid_maps=static:7788
virtual_transport=dovecot
# SSL configuration, make sure to use the certificates from step 2 (optional)
smtpd_tls_cert_file=/etc/ssl/private/supmail.fr.cert
smtpd_tls_key_file=/etc/ssl/private/supmail.fr.key
smtpd_tls_CAfile=/etc/ssl/certs/ca-certificates.crt
smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt
smtp_use_tls=yes
smtpd_use_tls=yes
smtpd_tls_loglevel=1
smtpd_tls_received_header=yes
tls_random_source=dev:/dev/urandom
smtp_tls_note_starttls_offer=yes
smtpd_tls_session_cache_timeout=3600s
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
queue_directory=/var/spool/postfix
# Authentication settings, making use of SASL
smtpd_sasl_type=dovecot
smtpd_sasl_path=private/auth
smtpd_sasl_auth_enable=yes
broken_sasl_auth_clients=yes
smtpd_sasl_security_options=noanonymous
smtpd_sasl_tls_security_options=$smtpd_sasl_security_options
smtpd_sasl_local_domain=$myhostname
smtpd_sasl_application_name=smtpd
smtpd_helo_required=yes
smtpd_helo_restrictions=reject_invalid_helo_hostname
smtpd_recipient_restrictions=reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

Décommenter ces lignes

root@SRV-DEBIAN:~# nano /etc/postfix/master.cf

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Et ajouter ces lignes à la fin du fichier

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=email:email argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}

Créer un fichier /etc/postfix/sasl/smtpd.conf et ajouter ces lignes

root@SRV-DEBIAN:~# nano /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login cram-md5 digest-md5

Configuration de Dovecot

Editer le fichier dovecot.conf

root@SRV-DEBIAN:~# nano /etc/dovecot/dovecot.conf

# Basic configuration
protocols = imap imaps pop3 pop3s
log_timestamp = "%Y-%m-%d %H:%M:%S "
disable_plaintext_auth=yes
# User and group permissions
first_valid_uid=7788
last_valid_uid=7788
first_valid_gid=7788
last_valid_gid=7788
mail_location = maildir:/var/email/%d/%n/Maildir
mail_privileged_group = email
auth_verbose = yes
# SSL config
ssl_cert_file = /etc/ssl/private/supmail.fr.cert
ssl_key_file = /etc/ssl/private/supmail.fr.key
# LDA config
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  postmaster_address = admin@supmail.fr
  mail_plugins = sieve
  log_path =
}
# Authentication configuration
auth default {
    mechanisms = plain login
    passdb passwd-file {
        args = scheme=SHA1 /etc/dovecot/users.conf
    }
    userdb static {
        #args = /etc/dovecot/users.conf
        args = uid=7788 gid=7788 home=/var/email/%d/%n allow_all_users=yes
    }
socket listen {
        master {
            path = /var/run/dovecot/auth-master
            mode = 0600
            user = email
            group = email
   }
        client {
            path = /var/spool/postfix/private/auth
            mode = 0660
            user = postfix
            group = postfix
        }
    }
}

Création des utilisateurs

Hash des mots de passe

root@SRV-DEBIAN:~# echo -n "Supinfo2015" | sha1sum
d96c57f362c003083e542d57f7c67ccb00aa2158  -

Editer le fichier contenant les utilisateurs

root@SRV-DEBIAN:~# nano /etc/dovecot/users.conf

dominique@supmail.fr:d96c57f362c003083e542d57f7c67ccb00aa2158
delphine@supmail.fr:d96c57f362c003083e542d57f7c67ccb00aa2158

Créer un group ’email’ avec le gid 7788

root@SRV-DEBIAN:~# groupadd email -g 7788

Créer un utilisateur système et l’ajouter dans le group email

root@SRV-DEBIAN:~# useradd email -r -g 7788 -u 7788 -d /var/email -m -c "mail user"

Sécuriser les fichiers de configuration

root@SRV-DEBIAN:~# chgrp email /etc/dovecot/dovecot.conf
root@SRV-DEBIAN:~# chmod g+r /etc/dovecot/dovecot.conf
root@SRV-DEBIAN:~# chown root:root /etc/dovecot/users.conf
root@SRV-DEBIAN:~# chmod 755 /etc/dovecot/users.conf

Gérer les domaines, les boîtes aux lettres et les alias

Gestion des domaines

root@SRV-DEBIAN:~# nano /etc/postfix/vmail_domains

supmail.fr      OK

Gestion des boîtes aux lettres

root@SRV-DEBIAN:~# nano /etc/postfix/vmail_mailbox

dominique@supmail.fr    supmail.fr/dominique
delphine@supmail.fr     supmail.fr/delphine

Gestion des alias

root@SRV-DEBIAN:~# nano /etc/postfix/vmail_aliases

dominique@supmail.fr    dominique@supmail.fr
delphine@supmail.fr     delphine@supmail.fr
directeur@supmail.fr    dominique@supmail.fr
secretaire@supmail.fr   delphine@supmail.fr

Mapper et redémarrer les services

root@SRV-DEBIAN:~# postmap /etc/postfix/vmail_domains
root@SRV-DEBIAN:~# postmap /etc/postfix/vmail_aliases
root@SRV-DEBIAN:~# service postfix stop && service dovecot stop
root@SRV-DEBIAN:~# service postfix start && service dovecot start

Tester votre configuration avec telnet

root@SRV-DEBIAN:/etc/ssl/certs# telnet 172.17.2.2 imap
Trying 172.17.2.2...
Connected to 172.17.2.2.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE START                                                                                        TLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a1 LOGIN dominique@supmail.fr Supinfo2015
a1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT                                                                                         SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESP                                                                                        ACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES                                                                                         WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE] Logged in
a2 LIST "" "*"
* LIST (\HasNoChildren) "." "Sent"
* LIST (\HasNoChildren) "." "Drafts"
* LIST (\HasNoChildren) "." "Trash"
* LIST (\HasNoChildren) "." "INBOX"
a2 OK List completed.
a3 EXAMINE INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS ()] Read-only mailbox.
* 2 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1430416227] UIDs valid
* OK [UIDNEXT 3] Predicted next UID
* OK [HIGHESTMODSEQ 5] Highest
a3 OK [READ-ONLY] Select completed.
a4 FETCH 1 BODY[]
* 1 FETCH (BODY[] {875}
Return-Path: <delphine@supmail.fr>
Delivered-To: dominique@supmail.fr
Received: from [172.17.2.50] (unknown [172.17.2.50])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)       
by supmail.fr (Postfix) with ESMTPSA id 930AF40380
        for <dominique@supmail.fr>; Thu, 30 Apr 2015 20:02:26 +0200 (CEST)
Message-ID: <55426E2D.4070301@supmail.fr>
Date: Thu, 30 Apr 2015 20:02:21 +0200
From: Delphine <delphine@supmail.fr>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31                                                                                        .6.0
MIME-Version: 1.0
To: Dominique <dominique@supmail.fr>
Subject: Re: test
References: <55426E08.4010501@supmail.fr>
In-Reply-To: <55426E08.4010501@supmail.fr>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

super

On 30/04/2015 20:01, Dominique wrote:
> test

)
a4 OK Fetch completed.
a5 LOGOUT
* BYE Logging out
a5 OK Logout completed.
Connection closed by foreign host.
Votre serveur mail est correctement configuré, vous pouvez l’utiliser avec un client lourd. (Attention aux DNS sur votre client)

Webmail

Je vous conseille d’utiliser RainLoop

http://www.rainloop.net/docs/installation/
Son installation est très simple, il suffit d’installer apache2 et php5, de télécharger et d’extraire l’archive et de configurer apache.
Pour accéder à l’interface d’administration il faut entrer http://monserveur/?admin
Les identifiants par défaut sont :
admin
12345

Vous devez configurer le nom de domaine de votre serveur à partir de l’interface d’administration.

Une fois le nom de domaine renseigné, vos clients peuvent se connecter grâce à leurs adresses mails et leurs mot de passe.

Installation DRBD 8.4 sur Debian 7 (wheezy)

#Installation DRBD8 Module Source
wget http://debian.man.ac.uk/local/tmp/drbd/8.4.1/all/drbd8-module-source_8.4.1-0_all.deb
apt-get install module-assistant
dpkg -i drbd8-module-source_8.4.1-0_all.deb
apt-get -f install
dpkg -i drbd8-module-source_8.4.1-0_all.deb
module-assistant auto-install drbd8

#Installation DRBD8 utils
apt-get install rpm xsltproc flex git
cd /usr/src
wget http://oss.linbit.com/drbd/8.4/drbd-8.4.1.tar.gz
tar xfvz drbd-8.4.1.tar.gz
cd drbd-8.4.1/
./configure --with-utils --with-km
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-mk --with-utils --with-udev --with-pacemaker --with-rgmanager --with-bashcompletion
make
make install 
reboot