Planet Zentyal

One more year, I’ll be at FOSDEM. This time almost the whole Zentyal team will be there also! So if you want to hang out with us we will attend the Friday beer event and, of course, Saturday and Sunday tracks.

See you there!

Few highlights of the year 2011 at Zentyal! It was a busy, exciting, interesting and funny year, with many good laughs and moments – Thanks for everybody on my behalf, I’m looking forward to this new year 2012!

Zentyal Summit 2011 is over, and I think we had a very good time, thank you all for coming!

Heidi and I did this little video to acknowledge all contributions made by the community (forum support, bug reporting, translation, howto’s, patches…). We showed it at the summit, I hope you like it

If you couldn’t attend Zentyal Summit take a look at the presentations, most of them are already published, I’m sure you will find them interesting! We will also publish videos of each one soon, stay tuned

Name or Forum nick:

Christian

I’m familiar with Zentyal project since:

August 2009

I contribute to Zentyal project:

As Zentyal forum moderator, my main contribution is obviously forum. I’m spending more and more time on IRC and published my first “How To” some days ago.

What’s your very first memory of computers?

As far as I remember, it was long time ago (beginning of 80′s), with Sinclair Z81. My very first steps with Basic system. It was more matter of curiosity than computing and it never became my hobby. Few years later, I worked for a company running ICL System 25 then S39 for their CAPM: my very first real close contact with computers and network. At the same time, I assembled my first 8080 personal computer (yes, one with 5 1/4″ floppy).

What was the first Linux-based program you ever used?

Frankly, I don’t remember, although it’s not that old. Aside platforms I was working on as system administrator (S/36, AS/400 and mainframes) I mainly utilized Windows OS based computers (starting with 2.11) and discovered Solaris before Linux. I tried to compile my first Linux kernel sometime beginning of 2000′s but never really used it after I succeeded because it was too much time consuming !

Finally first Linux program I used was openWRT and then DD-WRT in order to get more control over my Linksys router. This pushed me to look again at Linux: I had a quick try with RedHat then switched to Debian and next Ubuntu which was at this time stable enough for me to run it full time on my main PC. Since I’m running it for anything I need except video editing.

How did you end up as Zentyal user?

Some years ago I started playing with Kurobox as NAS. Pretty active community there with people explaining ho to install Debian on this minimalist ARM platform. I jumped in the pool, played with Debian on KuroBox and this lead me to mini-ITX sized PC. Having decided to use it as my Internet gateway at home, I made multiple tries with zeroShell, Clark Connect, pfSense… I finally end up with basic Ubuntu server and my own set of components (postfix, ldap, samba), reproducing what I’m used to design at the office .

It was very efficient and flexible but delegating administration (at this time, I was traveling a lot) appeared to be the main issue. Looking for something more “end-user” oriented, I discovered eBox, decided to give a try and since I’m still running Zentyal as Internet gateway platform. My NAS is still running Samba, not yet Zentyal, because there is a couple of design choices that I don’t fully share but this may evolve.

Why do you contribute to open source projects, such as Zentyal?

First, and mainly, because I like the “community” concept permitting to explain your own view, share your experience and learn from others. Zentyal is obviously not the only forum I’m contributing to, but because this covers technical aspects I’m quite comfortable with (working as an IT architect for large company since years) and it’s maybe the one I’m currently more involved in.

What’s the single most important lesson you’ve learnt from open source/Linux projects?

“Other people may have different, but still very valid, if not better view than your own.”

What is the biggest mistake open source users make?

To me, there is not one but at least three main mistakes:

• Open source means free.
• More and more willingness to just mimic Windows instead of analyzing and describing needs in order to find suitable solution.
• Lack of understanding at concepts level before starting to implement and use components.

More and more users, moving from Windows world, are targeting Linux only because they want to reproduce with open source what they have with Windows, but for free. Because of the nature of open source, multiple components are available to cover similar needs. This requires maybe better technical understanding of involved concept, but this necessary effort is often not made. Hopefully there is still a lot of people balancing this with in-depth knowledge they are prone to share.

What is the most frustrating / rewarding thing about open source projects?

If question relates to community and forum, I feel very frustrated by two kind of topics:

• “It doesn’t work, please help asap!” I hate people mixing up “community based forum” and “helpdesk with SLA”, furthermore not being able to explain what their problem or error message is.
• Any topic leading to unproductive fight. Forum is the right place to share ideas and even have different views. This may result in some conflicting exchanges, which is fine as long as this is respectful.

On the other hand, forums and community based projects are very interesting and motivating thanks to knowledge you may acquire, from technical standpoint first but also because of people explaining why they have different needs, different view different way of solving similar problem. I learn a lot from this.

What’s the (best) thing about Zentyal for you?

For sure the concept that is to hide behind simple, unified and somehow “end-user” oriented interface complex settings.

What new feature/improvement would you like to see introduced to Zentyal 3.0?

I’m perhaps one of the few ones not asking for any new feature. My very first reaction is often to reject, as first approach, adding of any new component to Zentyal. I would rather vote for more limited scope (e.g. only infrastructure gateway) with improved features for these few components:

• DNS with replication capability.
• LDAP with easier set up in master/slave mode (too much restrictions and issues as of today).
• More DHCP options.
• Better clean up (but also no end-user data deletion without warning) when settings change.

And definitely openness. Zentyal as open source platform should provide more flexibility with components it involves to make it open to external programs:

• Capability to use CA as true CA, not for Zentyal servers only.
• Capability to use LDAP for external clients.

Last but not least, resource footprint does matter: with current design, running Zentyal on small platform is difficult because of some quite rather heavy components: replacing HTTP server with lighter equivalent (and permitting BTW to run Apache as “business web server” if needed) may help.

Who would you like to know better from the Zentyal community? What would you like to ask him?

Rather than asking only one community member, face to face meeting is really what I’m expecting. I will unfortunately not be able to join Zentyal summit in November, being already busy at this date, but this is definitely the kind of event I’m awaiting for. Go ahead guys and I’ll do my best to attend to the next one.

Zentyal 2.2 RC2 was released on Thursday, so we are almost there, Zentyal 2.2 stable version will be ready in a few weeks. One of the new features that was not present in 2.0 is the new Captive Portal module. We raised enough money in our fundraising initiative so finally the module was included in 2.2 release

Official doc is still in the oven so I’m going to explain how to use the module, this will help you if you want to join testing efforts.

What is a Captive Portal?

A captive portal limits users access to the Internet redirecting any web request to a login page. When the user correctly authenticates he/she is allowed to navigate and use any of the network services.

Captive portals are typically used at WiFi hotspots but also in wired networks at hotels, schools, airports…

Basic configuration

Zentyal Captive Portal is very easy to configure, you just need to select interfaces where you want to control access and the group of users who will be allowed to log in:

Also, if you installed Bandwidth Monitor module, you can setup a bandwidth usage quota. This will measure and control bandwidth usage for each connected user, forbidding access to those who exceed it.

Accessing trough Captive Portal

From the user point of view this is what will happen:

First time you connect through a captive interface your web browser will redirect to a login for any request:

Once you have logged in, a popup window will open. This window is in charge of keeping your session alive. It’s used by Zentyal to know if you left just closing the web browser without logging out.

Conclusions

I think Captive Portal has been a very requested feature and I’m glad Zentyal finally has it! This was a good example on how the community helped us to make a decision about a new feature we should include and crowdsourcing made the funding possible.
If you liked this tutorial, give the module a try and give us feedback! Zentyal 2.2 is just around the corner!

The second Zentyal 2.2 release candidate (Zentyal 2.2-rc2) is now out and the Development Team is challenging the Community Members to participate in the bug hunt! The most active bug-reporters as well as the people who report the trickiest bugs (severe, hard to find, affects most users) will be rewarded with Zentyal t-shirts, that many of you have been asking for!

SHORT FAQ BEFORE YOU START YOUR BUG HUNT:

1. How to report the bug correctly?
Check first if the bug was reported already. If not, you can report the bug via the Zentyal server UI (if the crash appears there) or manually via the Zentyal bug tracker. If the bug was reported already, don’t worry, you can still help by confirming that you have reproduced it and giving additional details about it.

Please note that it is absolutely necessary to include detailed steps to reproduce the issue you have faced (so that the Dev. Team can fix it): If you are reporting manually, include at least the /var/log/zentyal/zentyal.log file or any other useful information you think it’s related with your issue. Screenshots are also welcome if you think they will help us to see the problem.

2. What if someone reports the same bug?

In the case of a duplicate bug report, the report first filed is the one considered valid.

3. It’s fairly easy to see who are the most active bug-reporters, but who decides what’s a tricksy bug?

This will be done by the Zentyal Development Team members (jacalvo, sixstone, jsalamero…) who will receive your bug reports and who’ll reproduce and fix the issues.

4. Until when I can participate?

This particular campaign is valid until the release of Zentyal 2.2, but naturally we encourage you to continue submitting bug reports after the release as well (we’ll continue rewarding the most active reporters and the tricksiest reported bugs).

5. So, now what?

Download the latest Zentyal server release candidate, install it in a testing environment, configure it as if was your production environment and let us know if you come up with any bug!

We’re looking forward to receiving your reports!

Zentyal 2.2 will come with many cool new features and improvements, but in this post I would like to highlight the usability improvements this new stable Zentyal version will introduce. Some of the most visible improvements would probably include: new package selection interface on the installer, warnings in the configuration screen when the module is disabled, explanatory diagrams in the firewall packet filter section (they also increase the clickable surface), possibility to define objects with IP ranges and a lot more changes, most of them related with the redistribution of elements on the interface. We hope you enjoy them all, and I can assure you that this is only the beginning, as we hope to go much further with Zentyal 3.0!

One of the major changes – and something we’re very proud of because we believe this improvement really increases the productivity of system administration when interacting with some Zentyal modules – is the possibility of adding elements (such as objects or services) directly from the drop-down list instead of having to go to their own configuration pages.

Let’s see this with an example. In Zentyal 2.0, if you want to add a firewall rule, you are asked to introduce some fields like source, destination or ports, which can be defined as objects, or services. Maybe you have already created all the objects and services you need, but if not, you’ll realize that it’s a bit uncomfortable to have to go to the Objects or Services menu, add the desired object, go back to the firewall section you were before, and maybe even have to retype some fields you already entered.

In Zentyal 2.2 this is much easier: when you open the drop-down list, besides to the objects or services that you have already added, you’ll see a new “Add new…” option in the top. When you click it, a new dialog will pop up allowing you to, not only create a new element, but also automatically select it right after closing the dialog. Nice, huh? Let’s see a couple of screenshots of what this looks like:

Of course the firewall is just an example. As this is implemented at the framework level, any other interface using this schema, for example the DHCP objects for configuring fixed addresses, also benefits from it.

Oh, and I almost forgot to mention that we have made great performance improvements in this release, so, although this is not directly an usability improvement, it should also greatly improve the user experience.

So, what are you waiting to test the current Zentyal 2.2-rc1 installer and see all this with your own eyes? We’re waiting for your feedback!

Two months ago there was a discussion in our forum proposing to make it English-only (it was mostly English, but there were two small Spanish and Portuguese sections). Almost at the same time, there was a petition to open a Dutch-speaking board. Which decision should we take?

Both options had good convincing reasons. If we standardized to English-only, we could avoid dispersion of information and isolation of groups of users in language-specific islands. Every comment, suggestion, solution and improvement could be shared equally for everyone in a common language. And Zentyal users need to have some level in English anyway, because no one can work in IT nowadays without understanding Shakespeare’s language.

However, even if people can understand written English, interacting in a forum is a different matter. Many users would feel more comfortable if they could do so in their mother tongue. So, forcing everyone in English might make us actually lose many interactions from potential users who can then start their own Zentyal forum elsewhere in their own language. The result would be eventually similar with either option, except that with an English-only forum, users interactions would be scattered in different sites, instead of different boards in the same forum.

With this rationale we eventually opted for a multilingual forum. We can open as many language-specific boards as required, with three conditions:

1. The main forum language will remain English
2. A board needs to have at least one person responsible for its moderation and maintenance
3. Every useful contribution will be translated and shared in the English sections and/or in the community documentation

So, once we set these minimal rules, and once mmullenders kindly offered his help, we launched the Dutch board. The results have been very positive: the board started to get alive and during the 7 weeks since launch, it has accounted for some 5% of all the forum posts during the same time. More importantly, the number of Dutch forum member has increased by an astonishing 40%!!! Which means that either there were many Dutch who did not feel comfortable writing English, or that our SEO in Dutch has improved and we have been found by many new users searching in their mother tongue. That is easy to prove: take the words “VPN achter een proxy server” (VPN behind firewall), one of the topics started during the past 7 weeks. Now google them and the first result is our forum Proost Nederland!

Encouraged with these results, this week we launched the French board, again after a petition from the community and with a responsible for it (christian, one of our Forum Moderators, who happens to be from France). The results are even better: in just two days the number of posts in French have surpassed the total number in Dutch, and a google search of a topic started yesterday, with such a generic title as “Comment envoyer et recevoir des mails” (How to send and receive emails) is on the top 10 results!!! All I can say is: Mes félicitations à la communauté francophone!

Now, when will we have boards in German and Italian?

Although this post might a bit off-topic, I believe it might be worth a try. At least, it brings back the blogging spirit I had some years ago, when I posted more often and spontaneously

So, I would like to summarize the lessons I found most interesting from a talk I just attended. It was delivered by Pekka Himanen at the conclusion of the 5th International Committee of Experts, a board created eight years ago by the city of Zaragoza among its efforts to promote knowledge society and become a hub of innovation.

Pekka Himanen, well-known by his best-seller “The hacker ethic” and his publication with Manuel Castell “The Information Society and the Welfare State: The Finnish Model”, is one of the internationally best-known researchers of the information age. He obtained his PhD in Philosophy as the youngest doctor ever in Finland at the age of 20 and was selected as one of the 200 Young Global Leaders in 2005. His talk was centered on the culture of creativity as a driver of economic and social development and here are the four most important lessons I found:

1. Innovators, businessmen and culture. In order to create a hub of innovation you need three things: creative people, producers/managers (i.e. businessmen and investors) and a culture of creativity. I found particularly interesting the key role of entrepreneurs and businesses to foster innovation, specially in the current context when anything related to business is increasingly demonized (as so was shown by some of the attendants during the later debate).
2. Athens, the innovation hub of all times. The most successful case of innovation hub in the Western world is in Athens, 2500 years ago. A relatively small group of people (a city-state estimated in 100,000 inhabitants) managed to develop by themselves the foundations of current Western culture, from philosophy to politics, law, science, literature and arts, in a relatively short time. Any small town has the potential of becoming a world-class innovation hub if the three previously mentioned ingredients meet simultaneously. By the way, the population of ancient Athens was 30% foreign. Food for thought!
3. Innovation hubs happen in physical and reduced environments. Ancient Athens was 2 kms wide, and most of its cultural life happened in the Agora (the Greek forum), a 300×300 meters space. Physical proximity is not only important but necessary if you want to be innovative (heard that, bencer?)
4. Switch the tragedy-mode off. In a reply to an attendee’s comment filled with bitter critics to politicians and collective self-pityness, Himanen explained the example of the Greek tragedy (yes, plenty of lessons to learn from our Mediterranean neighbors): it all started when the main character believed his fate was inevitably dreadful; after that deep conviction was attained, all his subsequent actions were just steps to meet his unavoidable final destiny. Real life is very similar: if we believe we cannot escape our dreadful fate, our actions will inevitably lead to self-destruction. Complementary to this line of thought, he commented that in nowadays society, there is a trend to outsource our own lives: we base our happiness in those who provide leisure and entertainment and we blame everyone else of our misfortunes, instead of trying to find the sources of our happiness and misfortunes in ourselves.

Pragmatic philosophy for a Tuesday evening…

Zentyal includes the file sharing functionality since the very beginning. One of the key features is the shares: which allow you to create a shared directory where different people can work cooperatively.

The way the users cooperate can be defined with access control support in Zentyal. For instance, you can define how the users can access the share: by read-only, read and write or with administrator permissions. The latter allows the user to modify other users’ files, to do so the logged user is managed as root within the samba realm. However, this access control list (ACL) is done by share basis. This granularity is not enough for several users who need to manage access control on directories within the shares. For instance, your company has a share where one of the directories must be available as read-only to all people except for the members of the accounting department whose permission must be set to read and write. However, the accounting department members must not be able to write any other file or directory in the share. Currently, to do this you have two options:

• Using the Windows ACL interface
• Using the CLI tools for ACL in Linux

The former option has some drawbacks, mainly because the Windows ACL does not match one by one with the POSIX standard ACL. As described by Samba developers, Samba depicts the matching they do with an ACL given by Windows. For instance, you cannot add the delete action for a user in Linux, only in Windows. In addition to this, the deny access is not explicit in Linux, but you set up the allow permissions explicitly. If the selected option does not match with Linux ACL, then the Windows selection dialogue will return again with old values and the permission you set previously keeps empty.

The latter option requires a knowledge of command line (CLI) to manage the ACL in a more granular way which may require advanced skills reading manual pages. Here you can find a complete and detailed description of how ACL works in Linux. Take into account that for those two options, you need to have the system mounted with ACL support. Zentyal installer does this by default. However, if your filesystem does not, you just need to add acl option in /etc/fstab and reboot or remount the partition with the acl flag. You can check the ACL support using the getfacl command.

Regarding the permission set, you have to have clear the following permission layers Samba daemon will check in order:

• Samba permission set
• File system permission set

The former is set in the Zentyal server interface within the Access control table. There, you define the users and groups that have reading, writing or administration access in a share. The latter defines how the file system allows you to access or modify a file in the share.

When you look at the group owner of the shared files, you will see the __USERS__ group. Who belongs to that group? All the users in the domain, that is, all users you created using Zentyal server interface. Take that into account when you set up your permission set.

Let’s make an example: you have a share called “Admin” with several users with read and write permissions. In addition, you have a directory called “Protected Directory” where it should not be allowed for any person to write except for the administrator. How can you achieve this?

Firstly, set the configuration for those users and groups to read and write the share in Zentyal server interface in File Sharing –> Shares –>Access Control.

ACL by share in Zentyal

Then, log in as administrator in the share and edit the “Protected Directory” properties. In “Properties –> Security tab”, select the groups and users to not have write permissions by deselecting the permission set as image shows:

Editing ACL in Windows

In Linux you may change it via command line by running the setfacl command and use getfacl command to show the current ACL for a directory:

$ getfacl ‘/home/samba/shares/Admin/Protected Directory’

# file: home/samba/shares/Admin/Protected Directory/
# owner: root
# group: __USERS__
user::rwx
user:cperez:r-x
group::r-x
group:developers:r-x
mask::rwx
other::r-x
default:user::rwx
default:user:cperez:r-x
default:group::r-x
default:group:developers:r-x
default:mask::rwx
default:other::—

So it is already done!

Finally, I want to say thank you to one of our partners in Portugal, Miguel Silva from Goris, to help us to track and debug issues with this and solve them successfully.

When the latest updates in the Zentyal Cloud User Interface were released, we thought it was fair enough for the time being, but we all had in our minds that a total change was going to be necessary along the time. We wanted to improve the usability of the interface: make it easier to generate a new report, make it possible to view your Zentyal server farm at first glance…

With this new look, we have made an important change. The workflow has changed to a concept called “context“. A context is an environment you are currently working on. Now Zentyal Cloud has two kinds of contexts, Zentyal Servers and groups of Zentyal Servers. Every feature has turned into context-based feature; configuration backup, alerts, jobs, monitoring, software updates, reporting or our add-ons (Disaster Recovery and Advanced Security Updates) all show different information depending on the context you are in. For instance, you can see alerts from a server and then from another, or you can see the monitoring graphs for the group of your servers and afterwards take a detailed look at one of the servers. The context switching is made gracefully with a slide and search button. So quite a few things have changed, but everything is up there for sure.

A new shiny dashboard is also available, and not only one, but each server and server group has got their own! Now you can see the severe alerts, the connected servers, the latest support issues and a graph of aggregated load for the servers in the group. Moreover, the server dashboard may also show the module status, the remote access or the load graph from the last hour.

Additionally, the Zentyal Cloud settings section has grown and every configurable feature has been moved here. For instance, the group, job or report management are now more visible in this part of the application.

Finally, we have worked very hard on monitoring feature to be more intuitive and powerful in the Zentyal Cloud side. We have switched our plotting library to flot and we have added the feature of querying custom period of times to check what happened yesterday from 1pm to 2:34pm.

But I have to stop talking and let you take a look on the new interface that will be made available later this week (remember that you can get a free Basic Subscription to see Zentyal Cloud in action):

This is the direction we have taken to improve the usability of Zentyal Cloud and we will bring on improving it with your feedback as well as including new features to make Zentyal Cloud even more useful and easy to use.

To sum up, the context is the key of the new look & feel. Do you think this is more usable and useful? We do .

Open source is an attractive badge that most software vendors are eager to wear, especially in times when customers’ budgets are being tightened and their ears are keen to hear about cost cutting. However, many vendors’ approach on open source are filled with myths and false expectations, most probably because they did not experienced it by themselves.

During the last 10 years I have being deeply involved with open source business almost non-stop and from multiple points of view (system integrator, business association, software vendor, etc) and I have had the chance to discuss about it with many different people (customers, vendors, VARs, public sector, contributors, users, etc). So, I will try to sum up what I have learned in the way in just 7 tips, hoping to do my bit in understanding how software vendors can sensibly embrace open source.

1. Know why you do it: once you open-source a product there is no way back, so you better know why you are doing it. There are many reasons why it would make sense for a company to open-source its technology. For example to improve the quality/functionality of its products, to grow its user base, to gain visibility, to prepare for international expansion, etc. However, open-sourcing will have a profound effect in many of the operations, from sales to marketing, business development and, of course, R&D. Have a very clear understanding of why you are doing so and communicate it internally before going forward.
2. Make it useful: it seems an obvious tip, but I found several vendors planning to open-source their core product, but keeping an essential part under a commercial license. The result would be a useless piece of software, with no way whatsoever of doing anything unless you pay for the license. Needless to say it is impossible to develop a user community around a useless product. In addition, making a product difficult to install or undocumented will turn it almost equally useless.
3. Be active: when a potential contributor stumbles upon your project, one of the first things he/she will decide is whether spending a few hours testing and learning about it will be worth his/her precious time. That is, does the project seem active enough and thus guarantee some continuity to make use of initial investments of time. If you just publish it and “let them come and code for free” (sic) you are very much mistaken. You need to show commitment with your own project, by fixing bugs, releasing new versions or answering questions in the forum, especially in the beginning regardless nobody is downloading it. Otherwise, you will not find valuable contributors
4. Get ready for different kinds of contributions: many vendors have the wrong perception that the main contribution they might receive are “free programmers”. However, the value received from the community will probably have very different forms. To start with, testing and debugging is a cumbersome task that usually consumes around half of the total R&D resources in a product’s life cycle. A large community, by trying it in very different scenarios and by very different users, can hunt the most hidden bug. Moreover, localization, a costly task acting often as an important barrier for internationalization, can be another benefit that the community can bring to the table. User requirements, documentation, expert suggestions and, eventually, code can be some other valuable contributions as well. However, you need to make it easy for users to contribute and be ready to receive and process these contributions in an orderly way
5. Plan ahead: to outsiders it might seem that communities spring out around any project like magic and that “build it and they will come” is the way to go. But that is far from reality. Developing a community requires a continuous effort in communication and promotion, as well as investing much energy in providing technical support and documentation for free. You might also want to open up your community governance to externals, which will require a careful design of rules and a plan to make it happen. All these tasks mean precious time and resources that should be reserved in advance
6. Hunt the community champions: members in a community do not behave uniformly. In fact, a year ago I had a look at the behavior of Zentyal forum members and the results were enlightening: just like in Pareto principle, 20% of members were responsible for 80% of posts in the forum. That means that a community will very likely have a small core of enthusiasts, surrounded by a bulk of occasional contributors and users. You need to spot your champions and focus your energies on them
7. Be patient: developing a community is a complex and long process of engaging in a conversation, creating trust, educating your users, sharing common goals and developing in common. It is not something that you can build in one day, but it will probably take a few years before you can call it a community

Zentyal Server offers some features that allow it to be used as a web server of not only static content, but also of different kinds of rich applications. In this post I’ll explain step by step how to publish a django application using its own domain.

As you may know, Django is an open source web framework designed to make easier the development of complex, database-driven websites, with emphasis in high modularity, automatization and the use of widely known design patterns such as MVC. It’s also distributed with very useful plugins that offer implementations of common features such as basic authentication and a CRUD interface.

In this tutorial we’ll make use of the wsgi interface to deploy the application.

To start with, you should have:

• A Zentyal Server, with Web Server module installed.
• A Django application to deploy, e.g. exampleapp
• A domain, e.g. example.com

So, let’s start!

Creating the virtual host

The first step is to create a virtual host in the Zentyal Server: a virtual host is used to give a different configuration for a specific location in a physical server that serves different domains from the same IP.

Now go to your Zentyal Server web interface and click on Web Server, if you have the module installed, you’ll find it in the Infrastucture section. If not, install it!

Once you are in the Web Server configuration screen, click on Add New…, you’ll see that basically you only need to specify the domain of your virtual host to create it. You can also select if you want to enable the virtual host (you do) and if you want to enable SSL support, for that you’d also need to create a certificate first, you can check the Web Server module documentation for more information.

Now just enter your domain in the Name field and click on Add. Save changes and that’s it! If your domain is already configured to resolve to the IP address of your Zentyal Server you can try to visit your new web site. It will currently show only an empty directory, so let’s fill it with your application.

Preparing the Django application

If your application already has a wsgi (Web Server Gateway Interface) file, skip this step, if not, open a text editor and write:

import os
import os.path
import sys

#sys.path.append(os.path.realpath(os.path.dirname(__file__)))
#sys.path.append('/srv/www/example.com')

os.environ['DJANGO_SETTINGS_MODULE'] = 'exampleapp.settings'

import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()


Not everything is always needed here, but there are three mandatory lines:

os.environ['DJANGO_SETTINGS_MODULE'] = 'exampleapp.settings'

Tells the Django wgsi handler which one is the settings module of the application to serve.

import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()

Instantiates the wsgi handler that will handle the interactions between the web server and the Django application.

The other lines can be used to add the path where your application is installed to the python path: the first one considers that the application is installed in the same directory as the wsgi file itself, the second one locates the application in the directory created by Zentyal for the virtual host. If your application is installed in any of the default paths, you don’t need any of these lines. You can also put any other valid python code there that your application might need.

Save your file where you want, e.g. in /srv/www/example.com/example.wsgi.

Configure your web server

And the two final steps are to check that your web server has all the needed dependencies and to add the last configuration.

The dependencies are the Python and WSGI modules for apache and, of course, Django. To install these dependencies and enable the modules run the commands:

sudo apt-get install libapache2-mod-python libapache2-mod-wsgi python-django
sudo a2enmod python
sudo a2enmod wsgi
sudo /etc/init.d/apache2 reload


Finally, you can add any configuration to your virtual host by adding files to /etc/apache2/sites-available/user-ebox-example.com. For this example let’s map a path in the url to the wsgi handler. To do this you can use the WSGIScriptAlias apache directive and the wsgi file, so open again your favorite editor and type:

WSGIScriptAlias / /srv/www/example.com/django.wsgi

This indicates that when a request asks for root in this virtual host, it will be handled with the indicated file. Change the path if your wsgi file is in another place. After that, save it in /etc/apache2/sites-available/user-ebox-example.com/django, reload apache and your application will be deployed.

Summary

• Add a virtual host
• Prepare a wgsi file
• Install dependencies (libapache2-mod-python, libapache2-mod-wsgi and python-django at least)
• Add the WSGIScriptAlias directive to your virtual host configuration

As you can see, it’s really easy to deploy complex web applications in your own domain using Zentyal, why not try?

Warning: This was an April’s fools joke!

When we started Zentyal we had in mind that a good design for any server software has to be based on modularity and security, so, after a long deliberation we have finally decided to give an important (and unavoidable) step in the evolution of this project. From 2.2 on, Zentyal won’t be based anymore on Linux in favor of GNU/Hurd.

We have made this decision after the recent visit of Richard Stallman to our region. We had the opportunity to talk to him and he dedicated great words to this microkernel project “The Hurd offers interesting, powerful capabilities. For instance, you can write your own filesystem, so you could implement any sort of behavior you want and package it as a file. It offers the possibility of implementing sandboxes, where you can run a program but have another program monitoring all its I/O to make sure it doesn’t start writing in files it wasn’t expected to”, great advantages for a project like Zentyal. These capabilities will allow us to map our modules to kernel services providing a new generation of small bussiness servers with the highests standards of robustness and security.

Not everything are good news though, some of the software we depend on is not available for this operating system, so from now on, we’ll need more than ever your contributions, join the Hurd!

There are plenty of things one can do to help his/her favorite open source project to grow and gain more visibility and users, and fortunately all of them do not require programming skills at all! In the Zentyal server project, for example, the localization i.e. the translation of the server user interface is made extremely easy for anyone who simply has goodwill, knowledge of English (the language you’re translating from) and knowledge of another language (the language you want to translate to).

In order to encourage Zentyal users and fans to translate Zentyal to other languages and to help to complete the already started translations, I wanted to share a short post with you, showing how easy it really is to start translating Zentyal server to your own language.

So, the first thing to do is to go to Zentyal’s Pootle-based translation site. If you are not familiar with Pootle, let’s just say that it is a web translation tool that offers easy-to-use, graphical user interface for carrying out the translation process of different applications. And (of course ;)) it’s also an open source project.

In the home page, on the left you have a list of languages Zentyal has already been translated to/started to translate and next to each language, you can see a progress bar that indicates how complete the translation is. If in this list you can’t find the language you want to translate Zentyal to, just send an email to the Zentyal’s internationalization mailing list and ask for a new “language project”, mentioning the language you would like to be added. Once “your language” is on the list, click on the Register button in the upper right corner of the screen to create your user account.

Zentyal Translation Site

Next you will be asked for some basic information (user name, email address and account password) to create your account and once you have filled in this data, simply click on Register.

Register as a user

Then your math skills are tested, just to check if you are human or not. Type in the answer and click on Confirm.

Checking if you are human...

Next screen tells you that your registration is complete and you have been sent an email to the address you indicated earlier, to activate your account. Go to your mailbox, open the Pootle Registration message and click on the link to activate your account.

Registration complete

Your account has been now activated and you only need to log in to configure your account and start translating!

Account Activated!

Simply type in your user name and password, choose the Pootle interface language you want to use and click on Login.

Login to your account

You are now at your account’s home page and you should choose the languages you want to translate to. To do this, simply click on the No languages or projects selected. Choose yours now. link or go to the Settings page.

Dashboard

On the Settings page you configure five simple values. Number of rows means how many phrases to translate are shown in the same page – you can just leave it with default value. Then let´s choose again the preferred Interface language. In the Languages option you choose the language you want to translate Zentyal to and in the Projects option you choose the translation project you want to contribute to (Zentyal). Next, you can choose Alternative Source Languages; the default source language you translate from is English, but if you are fluent in other languages, it is useful to choose here these languages as they will also appear while you translate and help you to figure out the best translation for each phrase. Finally just click on Save.

Configure your account settings

Now you are back at your account’s home page; as you see, the language(s) you have chosen to translate to have been added here. Click on Zentyal.

Go to translate

Here you are shown an overview of your languages’ translation status: how many words are translated, how many words are left to translate, how complete the translation is (%) and who are the translators who have already contributed to the project. The quickest way to start translating, is to click on the X words need attention link in the Summary column: it takes you to the first untranslated word/phrase (also called “string”) of your language.

Dashboard of your language

Now you are about to translate your first string! As you can see, the text you must translate appears in the source languages you chose earlier in the Settings page. Just type in the correct translation and click on Submit if you are absolutely sure about your translation or Suggest if you want someone else to review and submit your suggestion. If you are not quite sure about your translation, you can submit the string ticking the Fuzzy checkbox. And if you have absolutely no idea about how to translate the given string, don’t worry – simply click on Next and you will be taken to the next untranslated string. The same thing happens once you have clicked either Submit or Suggest buttons.

Suggesting a translation

And once you have got until here, you are now ready to translate the whole language! Easy, don’t you think? For additional help, tips or tricks or getting to know other translators you can always write to the Internationalization mailing list.

On Zentyal we are pleased to announce that starting today and during the following weeks will be publishing a serie of posts on Zentyal development. These posts are an update of the old eBox module development guide and will replace this one at the end.

Intro

This tutorial is meant to be an easy-to-follow guide for developing new Zentyal modules and extending the features of the existing ones.

We will show you the necessary steps to implement a full-fledged Zentyal module, using an incremental development approach.

The Zentyal framework has a clear goal: make life easier for those developers and system integrators who want to create an UI to manage Linux services integrated with other services using the same technology. We want developers to focus only on adding functionality with the service their modules manage. The framework tries hard to keep you away from messing with HTML, CGIs, the interaction between the different modules and so on.

Requirements

You should be familiar with a programming language. Although modules are written in Perl, the data structures and syntax should be easily understood by newcomers.

We will start building and running the code, for that you will need a machine running Ubuntu Lucid. We strongly recommend the use of virtual machines for Zentyal development. You can use VirtualBox with a clean Zentyal 2.1 (development version) installation to start up. The reason to work with an already installed Zentyal environment is to avoid solving dependency problems when installing packages with dpkg. It’s always a good practice to use the snapshot capabilities to keep a clean environment where to go back.

Learning to build from source

One of the first steps to get involved with the project development is to be able to build the software from the source. You can download the Zentyal source code from our Subversion repository. Let’s see how to fetch Zentyal source and build everything from scratch.

First install some basic development tools:

sudo apt-get install --no-install-recommends \
subversion autoconf automake gettext dpkg-dev devscripts cdbs liberror-perl

Then you have to fetch trunk which is the main development branch. You will also have to download the scripts directory too:

mkdir ~/zentyal ; cd ~/zentyal
svn co http://svn.zentyal.org/zentyal/trunk/
svn co http://svn.zentyal.org/zentyal/scripts/

Now add the zentyal-package script to your PATH:

mkdir ~/bin ; cd ~/bin
ln -s ~/zentyal/scripts/zentyal-package .

After spawning a new shell to add the new bin directory to your PATH, if you go to the trunk directory, you will be able to start building the Zentyal packages:

cd ~/zentyal/trunk
zentyal-package common
zentyal-package core
zentyal-package software
zentyal-package network
zentyal-package services
zentyal-package objects
zentyal-package firewall

… and so on. Now you only need to copy the packages to the virtual machine and install them. If you don’t have these modules already installed you will have to deal with the missing depends:

scp debs-ppa/*.deb user@zentyal-dev:
ssh user@zentyal-dev
sudo dpkg -i --force-all *.deb

You can find all Zentyal modules inside the main directory::

$ ls -1 main/
antivirus
asterisk
ca
common
core
dhcp
dns
ebackup
firewall
ftp
ids
jabber
l7-protocols
mail
mailfilter
monitor
network
ntp
objects
openvpn
printers
radius
remoteservices
samba
services
software
squid
trafficshaping
usercorner
users
webmail
webserver
zarafa

When you start working on your own module, please let the Zentyal Developers and other community members know what you are working on. This is good thing to do in order to avoid overlapping (different people working on similar project) as well as to get feedback and help when necessary. Simply start a new thread in the Zentyal Forum when you start your project and post the advances in the same thread or alternatively, send an e-mail to the public Zentyal Development mailing list.

Last Tuesday, I attended to a gathering of public administrations using or interested in open source software: “III Intercambio Experiencias Foro de Administraciones Públicas”, funded by CENATIC. The goal of the event is to make easier for Spanish public organizations sharing experiences about their open source projects.

During the whole day, the word Zentyal was present, 3 of the talks commented about their experiences with Zentyal Server. Actually, the Council which kindly hosted us for the gathering (Marchena) was managing its network and internet access with Zentyal

In the afternoon, I got a call from our R&D certification advisor about the amounts in 2010, and he told me Zentyal had appeared in an Spanish on-line publication about innovation (Madrid I+D). Moreover, through Facebook, some of my friends let me know that a generic magazine, “Muy interesante”, also published a reference to Zentyal Server as the alternative to Windows Small Business Server.

Zentyal was everywhere in Spain on Tuesday, our popularity keeps growing. However, converting popularity in cash is not an easy task, that’s what I want to talk about in this post.

The hardest issue for an open source start-up is not to gain popularity (tough enough though), but to make users pay for a free product.  It’s “the penny gap“, a concept created by the the venture capitalist Josh Kopelman:

The truth is, scaling from $5 to $50 million is not the toughest part of a new venture – it’s getting your users to pay you anything at all. The biggest gap in any venture is that between a service that is free and one that costs a penny.

Zentyal Server is open source GPL and free (as free beer). Our business model is based on subscriptions, add-ons and technical support; which are sold mainly through certified VARs and on-line.

The last six months we have been selling subscriptions on-line, growing consistently quarter to quarter and so proving ourselves that our subscriptions are considered a compelling reason to buy by Zentyal users.  Our business model is supported by the numbers, it works.

Now it’s time to invest in sales and grow.

In the Zentyal project we automatize tests with ANSTE. This tool is able to deploy complex scenarios with several virtual machines installed during the process. As you can imagine, the creation of lots of different images is a heavy task. To speed it up we make use of RAM disks, a feature offered by Linux and other operative systems to create filesystems directly over RAM, that are tens of times faster that physical disks.

Our testing machine, a quad-core computer, was blessed since it’s very first day with 16GB of RAM to be able to deploy a very broad spectrum of scenarios with virtual machines, routers, networks and so, the type of complex scenarios in which Zentyal servers are involved every day. We dedicated 12 of its 16GB to RAM disk, for that we used tmpfs, a file system that can be directly mounted in any Linux in any moment, you only need to specify the size during mount time, the module reserves the space and includes its own file system, avoiding the need to format the virtual disk. All the configuration needed to use it, is to add this line to /etc/fstab:

tmpfs           /tmp    tmpfs   size=12G,nr_inodes=120k 0       0

But we had a problem with this system, from time to time we had to reboot the machine because the RAM disk seemed to be full, although it wasn’t.

After some time we bought a second testing machine, with very similar specs, only to increase the availability of this valuable resource so our developers can use the free time of the new machine to test in complex scenarios while programming new features or to quickly mimic the cases involved in reported issues.

In this machine we decided to test raw RAM disks. The main differences between these disks and the ones created with tmpfs is that they don’t include any filesystem, (so you need to format them before mount) and that they don’t check if there is enough space in RAM for them, so if you are not aware, you can take all the space (by the kernel) blocking the machine.

The first thing you need to do to use this technology is to add a parameter to the kernel that specifies what is the size of the disks. In Ubuntu Server, or in any other Linux system with grub 2.0 you can do that by editing /etc/default/grub adding the option ramdisk_size=12000000 to the variable GRUB_CMDLINE_LINUX:

GRUB_CMDLINE_LINUX="ramdisk_size=12000000"

Then you need to format the disk and mount it during boot time, for that we have implemented a simple upstart task (e.g. /etc/init/mounttmp.conf):

description     "Mount tmp filesystems on boot"

start on startup

expect daemon

task

script
    mke2fs -m 0 /dev/ram0
    mount /dev/ram0 /tmp
    chmod a+rwxt /tmp
end script

As you can see, we format the virtual disk with ext2 file system. We chose this option because it’s a very well known one, but especially because it doesn’t have journaling, a very cool feature to avoid disasters when you have precious data in your physical disks, but totally useless when you are caching files in temporal storage.

So far we haven’t had any problem with RAM disks and both options have very similar performance, so we have finally discarded tmpfs and configured our first testing server to use RAM disk also.

Although we use it for testing, this is only an example of what can be done with temporal RAM disks. You can really apply this solution to speed up almost any application that makes heavy use of cached data stored in physical filesystems without any single change in the implementation, and, as a last note, there are also very interesting uses of RAM disks with union filesystems, but that is another story.

I really love services like Spotify but I feel like loosing my freedom when I get used to them. Because of this lately I have been looking for open source alternatives to (eventually) replace these services with ones hosted by myself. This is the case of Subsonic, which lets you to listen all your music from a web browser or even from an Android phone. Also this is a very good example on how easy it is to integrate 3th party software with Zentyal. Let’s see how to do it:

First step: Installation

We will start from a working Zentyal server and install Subsonic on top of it. You will need to follow installation guide for Debian/Ubuntu. Basically these are the steps:

Install Java and the previously downloaded Subsonic .deb package:
sudo apt-get install openjdk-6-jre
sudo dpkg -i subsonic-x.x.deb


It is also recommended to install typical multimedia transcoders: sudo apt-get install lame flac faad vorbis-tools ffmpeg

After installing, open the Subsonic web page on http://zentyal-ip:4040. A wizard will show up letting you configure basic Subsonic features.
Remember that you may need to configure Zentyal’s firewall to open 4040 port. Firewall section of documentation is a good source for that.

Second step: LDAP configuration

Subsonic includes a LDAP backend, so you can configure it to bind to Zentyal’s one. Go to Settings > Advanced and fill LDAP info as seen on the image:

LDAP URL: ldap://localhost:389/ou=Users,dc=zentyal,dc=com
LDAP Search Filter: (uid={0})

If your Zentyal Users and Groups module is configured as slave you will need to change the port in the URL to 1389.

Congratulations, it’s done! Now your Zentyal users can login into Subsonic and play and share music!

Bonus track (Optional): File Sharing

You can take advantage of Samba based File Sharing module. By configuring a share pointing to the place where the music is stored users will be able to upload and organize their music. In the following screenshots you can see a share and its access list configuration, giving read and write permissions to developer’s group.

As you see it’s very easy to integrate Zentyal with other applications through LDAP, service hooks or even writing your own module! If you have any doubts I’m sure you can find help in Zentyal mailing lists or community forum.

I’m going to talk again about changes, as I already did with my earlier post about rebranding changes. This time the changes are also mainly related to the rebranding from eBox Platform to Zentyal, but more from a technical point of view.

When we prepared the Zentyal 2.0 release, we focused our attention on the most visible stuff: logos, brand texts and the like. We avoided making more “low-level” changes in order to not jeopardize the stability of the product. But once the 2.1 development has started, we have paid some more attention to this, trying to remove most of the eBox Platform references, mainly in file names and URLs. So far I think we have done a good job, and despite 2.1 being a beta release, it is currently pretty stable. On a side note, I want to encourage you to help us testing this beta version so that we can improve it further !

So, here is the list of the most relevant changes that may affect you in some way while administering your Zentyal Server:

As you can imagine, there are many more changes in this 2.1 release, if you’re interested you can see the full changelog here. If you have any questions, please don’t hesitate to ask in the community forum or as a comment in this post.

DHCP and DNS infrastructure services are quite good for working
together. So Zentyal whose aim is to provide a tightly integrated
product had to make it work together.

Its cooperation is based on DHCP server asking to add the DHCP clients
in DNS zones. For instance, your client called foo asks for a IP
address lease to connect to your local network. Once the lease is
done, the DHCP server ask to DNS server to add foo client with the
given IP address to the configured dynamic DNS zone, for example,
example.lan.

Therefore, if you ask for foo.example.lan then the leased IP address
is returned, and reverse resolution also returns as expected.

The above explanation was the simplest and easiest to understand by
Zentyal community as these posts reminds me. But I thought the right
way to do it is to set the hostname by the sysadmin. That is, if your
host is a dynamic one and it is not a server, then a dynamic name is
set such as dyn-192.168.0.1.example.lan . Furthermore, due to time
constraints I was not able to finish a complete dynamic DNS + DHCP feature in
the past and reverse resolution was not implemented. That was odd for
Zentyal users although it is stated clearly in the documentation.

So, we decided to fix these things when a slot of time was available, so
I was able to finish the proper implementation with this shiny
features:

• Set the hostname based on DHCP client data when the client belongs to a DHCP range
• Reverse resolution is working for DHCP client names
• Mix static and dynamic defined DNS zones

The latter feature is a very neat one. This allows you as Zentyal
administrator to have a DHCP server assigning names and IP addresses
dynamically, as the hosts requests and releases demands to, and you as
system administrator are able to manage the zone to add different
resource records to that zone, such as, specific host names, alias,
name servers or mail exchangers.

In order to do that, I used nsupdate tool to dynamically set the
manual settings in a dynamic zone allowing us not to corrupt the
journal file by named daemon and be as kind as possible with bind.

Dynamic and static DNS domains

To sum up, to maximise this new feature you firstly must create a domain in
DNS section and then select it in the Dynamic DNS options from DHCP
section. Once this is done, save changes. Then, every new client
request will update your DNS zones to give direct and reverse
resolution for this name – IP address pair.

Dynamic DNS options in DHCP module

This feature is available in 2.X package series of Zentyal server. Namely, ebox-dns 2.0.3 and ebox-dhcp 2.0.4 are the packages with this feature.

Listening to your community requirements usually make your product better!

Best regards and thanks a million for your feedback on this great feature!

Edit: I have updated the post to include the definite version of the packages.

When a student decides to do an internship, he/she sets a number of objectives and also has an idea of the advantages and disadvantages such an internship can bring. As a student, when I began my internship at Zentyal some of my own goals were to get some working experience and some credits to complete the computer engineering degree. But I did not know what could happen, so I will tell you about my experience.

In total, I have made five hundred hours of internship, during which my main task has been helping the QA Team to update and create automated tests to verify proper operation of the software. I have covered areas such as programming in Perl and shell script, use of Selenium tool (web application testing system) that is a Firefox add-on and ANSTE tool (Advanced Network Service Testing Environment) for virtualization of machines and running of such tests. In addition, I have also spent time in high-level programming using Perl, and of course, to perform my task I have used and expanded my knowledge of UNIX system and its commands. At the same time, I could study in depth an open source server, gaining better understanding of its operation and some of the services it integrates.

I feel satisfied when I think about the experience gained, I have enhanced my education by participating in the daily life of a company, but I have also enjoyed an independence that has given me the opportunity to get to where I wanted. I have been considered as one of the staff members at all times, I have worked without pressure or obligation and I have never lacked support from the colleagues. Thus, I have been free to take advantage of this internship by checking my own limits, which undoubtedly has been beneficial.

On the other hand, the developed project has great challenges, covering many different fields of industry, which enables a professional growth without limits.

But that has not been all, I have worked with great people, in addition to their help, they have given me a great atmosphere both inside and outside the company. It has been like working in a small family business, although in this case, the small business is a great project and this little family is formed by great professionals.

Freedom, independence and a great atmosphere makes Zentyal a really nice place to work and the project provides an excellent motivation. From my point of view as a student, I could not have picked a better place to do my internship.

A few weeks ago, the 451 group posted an update for their open source business strategy framework, which summarizes the different strategies that can be put in place by an open source vendor in aspects like license, copyright, development and business model.

The framework is comprehensive but at the same time condensed, and it is quite self-explanatory for anyone in the open source business. However, I wonder whether it would make more sense to extend the framework to apply to any software vendor, including also the strategies that could be implemented by a business choosing not to open up the source code. I believe it would be very interesting to be able to grasp at a single glance what are the different options a software vendor can choose regarding revenue, licenses and development models, without having to be previously categorized into open source or closed source vendor.

One reason to support a more generic vendor approach is that it is very hard to implement a purely open source strategy, when most of the possible options are just a combination of open and closed source licensing: dual licensing, open core, open platform, etc. So, the limits between an open source-based business strategy and a closed source one are at least fuzzy. How much different would be, let’s say, a business developing an open core product under a cathedral development model from another business not publishing any of its code but giving away a trial version for free? They might execute differently, but the results would be reasonably similar: they would both find it hard to have a developers community but they would both have good chances to create a successful users community. Just remember that the largest users community is that of Photoshop, not quite open source I would say.

Another reason is that a company needs to be able to explain its strategy to very different audiences, from customers, partners and media to community members and investors, and not all of them are open source savvy. Sadly, one generation after the first release of Linux, a large part of the market and influencers still see open source as a geek, idealistic, non-commercial movement. Explaining the plan of action of an open source-based business as a natural set of decisions within a generic software vendor strategy framework would do much to overcome their initial prejudices.

And finally, if you have a look at the 451 group’s framework, there are actually few modifications required to make it work for a generic software vendor. For example, the list of revenue generators are valid for almost any software company, from Google to Microsoft, from Oracle to Facebook, from IBM to RedHat, or from a system integrator to a local reseller.

I believe the 451 group is doing a great job in analyzing and modeling different viable strategies for open source-based companies. But I also believe that there is a risk in assuming that their management and direction are completely different from more “traditional” software companies. In my opinion there are way more similarities than dissimilarities and there is a lot to learn from, let’s say Microsoft, but I leave that for another post.

In this cold winter I’m glad to remember summertime!

Thank you Heidi for the photos!

Hello everyone!

As you can see, we have completed the deployment of a newer version of our Pootle-based translation site.

We are aware of the importance of a strong community for the success of a project like Zentyal, that’s why we want to put the appropriate tools in your hands to streamline collaboration.

With the new version, we have a nicer interface and a bunch of other goodies: Top contributors ranking, configuration options to differentiate between original committers and supervisors (which will help us to enforce our contributor roles, see below), improved communication between users, suggestions, RSS…

We hope you enjoy this new version, and are looking forward to your feedback! If you are interested in joining the Zentyal Translation Team or want to make any suggestions, simply subscribe to Zentyal’s internationalization mailing list or leave a comment to this post.

Currently we are finishing a quick “getting started” online manual, until then, I would like to remind you that our translation roles and policies are available at the wiki. Using this scheme, our vision is to encourage the best contributors with more responsibility and relevance, apart from being recognized as a Zentyal official contributor.

Time to try out our new platform! We sincerely thank our language contributors, past, present and future ones .

The Zentyal 2.0 release included a new groupware module to support the Zarafa Collaboration Platform. This software can be used as a unified communications platform, it includes a lot of features such as calendar, contacts, tasks, mail gateways and much more. It supports many clients, such as Microsoft Outlook 2007, web browsers and the ones that are compliant with protocols like ActiveSync, Blackberry Enterprise Server, POP3/IMAP and iCal/CalDAV.

For storing the mail, Zarafa has its own database, so if you want to migrate all the messages of an account from a standard mail server to Zarafa, the best way is to use the IMAP protocol, that allows to read all the messages in the original server and copy or move them to the new server. Although you can probably use your mail client to manually copy all your messages from one account to the other one, some tools exist to automatize this process. In this article I’m going to explain how to use imapsync, one of these tools, to migrate a mail account.

imapsync can be installed in a debian based system using apt-get:

sudo apt-get install imapsync

After installing it we need to know, at least, the following information to connect with our mail accounts:

• Authentication mechanism or protocols used to connect with the server. They are usually plain, SSL or TLS.
• Hostname of the server that contains the account
• User name
• User password

And you will also probably need information about how the messages are stored in the server:

• Path separator, that can be different between servers. It usually is “.” or “/”.
• Path prefix. Prefix added to any path in the server.
• Header information particularities. Important to compare messages and avoid repeated ones.

If you are using Zentyal and Zarafa, the separator is “/” and there is no prefix. You’ll need to take this into account when configuring the destination server during the migration.

imapsync tries to avoid duplicate copies of the messages and for that reason, by default, it compares all the headers of copied messages with the existing ones in the destination account. This can cause problems with servers with custom header information because they will be always different, as is the case of Zarafa. To solve this, you can specify the way to compare the messages. The most common solution is to use only some header fields, e.g. for this migration we will only use Message-ID, that is usually unique.

Once you know all this, you can start to use the tool. Let’s see the needed parameters (the parameters ending with 1 are for the origin server and the ones ending with 2 are for the destination server):

• –noauthmd5, to not to use md5 authentications.
• –ssl1 and –ssl2, to use SSL connections.
• –host1 and –host2, hostname.
• –user1 and –user2, user name.
• –password1 and –password2, to specify the passwords in the command line. This is only useful if you are going to make scripts to migrate lots of accounts, if you are going to migrate only one, it’s safer to let imapsync ask for the passwords if needed.
• –sep1 and –sep2, path separator.
• –prefix1 and –prefix2, path prefix.
• –skipheader, regular expression of headers to skip when checking the duplicated messages.

At the end, the command result in something like this:

imapsync --noauthmd5 \
    --ssl1 \
    --host1 origin.example.com \
    --user1 jsoriano@origin.example.com \
    --ssl2 \
    --host2 mail.example.com \
    --user2 jsoriano \
    --sep2 / \
    --prefix2 '' \
    --skipheader '^(?!Message-ID)'

Notice that the format of the user account depends on the server, e.g. Zentyal uses the complete mail address in the mail module, while Zarafa uses only the user name. Notice also how to specify that all the headers that are not Message-ID have to be skipped by using the –skipheader argument and regular expressions.

If your connection with the servers is not very good and you keep disconnecting, you can run the command in a loop and add the –skipsize argument to avoid the initial size checks:

while ! imapsync --skipsize [...]; do true; done

And finally, if you want to copy only some directories, you can use the argument –folderrec followed by the base path.

Once all your messages have been migrated, you can also configure your mail client to use the same folders as Zarafa, e.g., in Thunderbird you can specify the following paths:

• Move deleted messages to Deleted Items
• When a message is sent, put a copy on Sent Items
• Move spam to Junk E-mail

With this instructions you should have all that you need to migrate your IMAP account to a Zarafa server.

As few of you might remember, Zentyal Academy (eBox Academy at that moment) was launched last April and as we’ve been working hard on it ever since, I thought about giving you an update on our advances!

If you are not yet familiar with Zentyal Academy, you should know that it is a certified training program similar to Microsoft IT Academy or Cisco Networking Academy. The program is mainly aimed at vocational education centers (it is compatible with the European vocational curriculum) and its main purpose is to complement the currently offered Linux-based network management training with practical knowledge and easy-to-use open source network management tool.

Since the publication of the academy program, we have been working on a pilot program with about ten vocational education centers located in the region in order to improve the courseware offered to the Zentyal Training Academies – Currently we’re in the final phase of the pilot program and we believe we’ve improved enormously both the course contents and the training platform, as well as the complementary materials offered to teachers.

However, although the course contents and training materials are undoubtedly the hearth and soul of our academy program, they are not nearly enough to respond comprehensively to the needs and expectations of both education centers and the students. During the last six months we’ve finished preparing two indispensable complements: the certification exam (Zentyal Certified Associate) and the “Zentyal for Network Administrators” manual, that is currently available in Spanish. And simultaneously, we’ve also prepared special Training Academy materials, such as presentations, posters, plaques… that help to communicate better the value of the Zentyal Academy program in the interested education centers.

And the future looks bright! Just few months ago we signed a partnership agreement with the very first Regional Training Academy (for Spain), that will be in charge of managing and supporting all those public and private education centers that want to introduce certified Zentyal training to their training programs. And during the first quarter of this year we plan to have the “Zentyal for Network Administrators” manual available also in English, thing that – we believe – will help us to expand the academy program further in Europe and elsewhere.

Interested in becoming a Zentyal Training Academy? Simply fill in this form or drop us a line. Or leave any additional questions below in the comments!

As you know, the Linux small business server Zentyal automatically configures all the network services needed by a SMB. This includes writing of all the necessary configuration files (/etc/samba/smb.conf, /etc/squid/squid.conf, …). Typically most of the users don’t want or simply don’t need to manually edit these files because the Zentyal administration interface provides enough elements to customize the configuration of the services. But there is a bunch of advanced users that usually need to go further, fine tuning the automatically generated configuration to better fit their needs or even set up features that are not covered (yet ) by Zentyal server.

The aim of this post is to tell you about a new feature that was recently included (in the 2.0.10 version of the core package) to ease the customization of the configuration templates. But first let me briefly explain how the templates system work and what were the customization possibilities the users had before this new improvement.

The actual configuration files of each service are overwritten each time the service is restarted or changes are saved from the administration interface. The contents of each file are generated by using a Mason template which mainly consist of a skeleton of the actual file including some substitution variables and some small pieces of code like conditions or loops.

For example, the template that corresponds to he main Squid configuration file, /etc/squid/squid.conf, is located at /usr/share/ebox/stubs/squid/squid.conf.mas. In general, all the templates follow the rule /usr/share/ebox/stubs/<modulename>/<filename>.mas.

Having this in mind, you should never be tempted to directly edit a configuration file managed by Zentyal in /etc. It’s clearly better to edit the template, because that way it doesn’t matter if the configuration is rewritten, it will always contain your modifications. But this is not a perfect solution, what happens when the Zentyal module that contains the template is updated? Yes, the template is also overwritten. To avoid this, we introduced a hooks mechanism some time ago.

Under /etc/ebox/hooks you can add scripts (in any language) that will be executed before and after writing the configuration, and also before and after restarting the service daemons. In this directory you can find generic example files for the four types of supported hooks (presetconf, postsetconf, preservice and postservice). And in addition, you find here an already created firewall.postservice hook script that directly allows you to add any custom iptables rule you may want to add.

Let’s see a practical example. Imagine you want to add ad-blocking capabilities to the Zentyal content filter and you’ve found this post in the community forum explaining how to do it. A better way to do the second step without modifying the template file would be to create a /etc/ebox/hooks/squid.postsetconf script with the following line:

echo "url_rewrite_program /usr/bin/adzapper.wrapper" >> /etc/squid/squid.conf

That way, right after the squid.conf file generation is finished, our customized line will be appended to the end of the file.

So, let’s go now with the new possibility. Maybe it’s a bit overkill in this case, but it is really useful if instead of adding a new line you want to make deeper changes in the configuration template. Just execute the following commands:

mkdir -p /etc/ebox/stubs/squid
cp /usr/share/ebox/stubs/squid/squid.conf.mas /etc/ebox/stubs/squid
echo "url_rewrite_program /usr/bin/adzapper.wrapper" \
    >> /etc/ebox/stubs/squid/squid.conf.mas

After that, our custom line will be added forever to our custom template, and this template will be used for generating the configuration instead of the default one. It won’t get overwritten by any software update. Easy, right?

Finally, I don’t want to finish the post without thanking Oliver, the community member who not only gave the idea, but also sent a patch with his modifications in the Zentyal code. This allowed us to add this improvement quickly. I also want to encourage any of you to follow Oliver’s steps and become active contributors. Together we can make a great project!

Hi there people!

It’s been a lot time since the last time I wrote in a blog (2 years and a half ago exactly). Somehow it always happens you almost forgot you had a blog to write stories or even something interesting. However, in Zentyal there was a proposal to spread out the word both internally and externally about the stuff we do, and I was there to give a Zen Chat and I’m here again to talk about a brand new service we offer: the Disaster Recovery.

Have you ever found yourself in a situation where you have lost everything in your server because of power outage or simply the server hard disk collapse? Or even having configured the backup properly, you have lost hours or even days setting up everything again? Here it comes Disaster Recovery to help you to reduce your downtime. With this service, your data will be safely stored in a remote and redundant location with a pretty straightforward configuration.

Disaster Recovery backup configuration

Available data to back up

But the main advantage of this service is its ease to recover your server from a disaster. Supposing you have lost your server hard disk but thanks to $DEITY you have found one empty in your desk. In that moment, your recovering procedure is as simple as follow these simple steps:

1. Insert Zentyal Server ISO and enter in Disaster Recovery mode
2. Configure your new hard disk and minimal network settings
3. Enter your user/password for Disaster Recovery service
4. Select your server and date
5. Have a cup of tea and watch how progress bars work for you

Restoring process

In order to make this feature works seamlessly in Zentyal, we had to work really hard on making restoring process rock solid. This have required the total implication from the Zentyal Development Team since
it almost covers the whole code base in Zentyal server. Not only making functional tests but also testing configuration automatically using our homemade tool, ANSTE.We have found rough edges with our
data back-end, get into the guts of Perl IPC or discovering how UTF-8 is really beautiful, but poorly integrated in some applications.

It has been a very tough time, but we think this feature deserves so.

PS: You can try the configuration backup if your server has free Basic Subscription. The full Disaster Recovery service is only available for servers with Professional or Enterprise Server Subscriptions.