X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pmg-installation.adoc;h=52e60cb052ee34518722f711465d2e0e813b6cf1;hb=45c2ae52533c14791c4b7b549559ab2f960b9d28;hp=dc5b19f472850434a86e36a00a5d7b45d0562b51;hpb=03c03402b9954b859247af9572281b1c728221bc;p=pmg-docs.git diff --git a/pmg-installation.adoc b/pmg-installation.adoc index dc5b19f..52e60cb 100644 --- a/pmg-installation.adoc +++ b/pmg-installation.adoc @@ -2,7 +2,7 @@ Installation ============ {pmg} is based on Debian and comes with an installation CD-ROM -which includes a complete Debian ("stretch" for version 5.x) system as +which includes a complete Debian ("buster" for version 6.x) system as well as all necessary {pmg} packages. The installer just asks you a few questions, then partitions the local @@ -15,15 +15,17 @@ Alternatively, {pmg} can be installed on top of an existing Debian system. This option is only recommended for advanced users since it requires more detailed knowledge about {pmg} and Debian. +[[pmg_install_iso]] Using the {pmg} Installation CD-ROM ----------------------------------- -Includes the following: +You can download the ISO from http://www.proxmox.com. It includes the +following: * Complete operating system (Debian Linux, 64-bit) -* Partitioning of the hard drive(s) containing the operating system - with ext4, ext3, xfs or ZFS +* The {pmg} installer, which partitions the hard drive(s) with ext4, + ext3, xfs or ZFS and installs the operating system. * Linux kernel @@ -31,9 +33,12 @@ Includes the following: * Web based management interface for using the toolset -Please insert the installation CD-ROM, then boot from that -drive. Immediately afterwards you can choose the following menu -options: +Please burn the downloaded ISO image to a CD or create a +xref:create_bootable_usb[bootable USB stick]. + +Then insert the installation CD-ROM on the physical host where you want +to install {pmg} and boot from that drive. Immediately afterwards you +can choose the following menu options: image::images/installer/pmg-grub-menu.png[] @@ -62,18 +67,16 @@ Test Memory:: Runs `memtest86+`. This is useful to check if your memory is functional and error free. -You normally select *Install {pmg}* to start the installation. First -step ist to read our EULA (End User License Agreement). +You normally select *Install {pmg}* to start the installation. -image::images/installer/pmg-license-agreement.png[] +image::images/installer/pmg-select-target-disk.png[] -After that you get prompted to select the target hard disk(s). +First step ist to read our EULA (End User License Agreement). After +that you get prompted to select the target hard disk(s). NOTE: By default, the complete server is used and all existing data is removed. -image::images/installer/pmg-select-target-disk.png[] - The `Options` button lets you select the target file system, which defaults to `ext4`. The installer uses LVM if you select `ext3`, `ext4` or `xfs` as file system, and offers additional option to @@ -84,25 +87,86 @@ ZFS supports several software RAID levels, so this is specially useful if you do not have a hardware RAID controller. The `Options` button lets you select the ZFS RAID level, and you can choose disks there. -The next pages just ask for basic configuration options like time -zone and keyboard layout. You also need to specify your email address -and superuser (root) password (must have at least 5 characters). +image::images/installer/pmg-select-location.png[] + +The next page just ask for basic configuration options like your +location, the time zone and keyboard layout. The location is used to +select a download server near you to speedup updates. The installer is +usually able to auto detect those setting, so you only need to change +them in rare situations when auto detection fails, or when you want to +use some special keyboard layout not commonly used in your country. + +image::images/installer/pmg-set-password.png[] + +You then need to specify an email address and the superuser (root) +password. The password must have at least 5 characters, but we highly +recommend to use stronger passwords - here are some guidelines: + +- Use a minimum password length of 12 to 14 characters. + +- Include lowercase and uppercase alphabetic characters, numbers and symbols. + +- Avoid character repetition, keyboard patterns, dictionary words, letter or + number sequences, usernames, relative or pet names, romantic links (current + or past) and biographical information (e.g., ID numbers, ancestors' names or + dates). + +It is sometimes necessary to send notification to the system +administrator, for example: + +- Information about available package updates. + +- Error messages from periodic CRON jobs. + +All those notification mails will be sent to the specified email +address. + +image::images/installer/pmg-setup-network.png[] The last step is the network configuration. Please note that you can use either IPv4 or IPv6 here, but not both. If you want to configure a dual stack node, you can easily do that after installation. If you press `Next` now, installation starts to format disks, and -copies packages to the target. Please wait until that is finished, -then reboot the server. +copies packages to the target. + +image::images/installer/pmg-installation.png[] + +Copying packages usually takes a few minutes. Please wait until that +is finished, then reboot the server. Further configuration is done via the Proxmox web interface. Just point your browser to the IP address given during installation (https://youripaddress:8006). +image::images/screenshot/pmg-gui-login-window.png[] + +. Login and upload subscription key. ++ NOTE: Default login is "root" and the root password is defined during the installation process. +. Check the IP configuration and hostname. + +. Check and save the Time Zone. + +. Check your xref:firewall_settings[Firewall settings]. + +. Configure {pmg} to forward the incoming SMTP traffic to your Mail +server ('Configuration/Mail Proxy/Default Relay') - 'Default +Relay' is your e-mail server. + +. Configure your e-mail server to send all outgoing messages through +your {pmg} ('Smart Host', port 26 by default). + +For detailed deployment scenarios see chapter +xref:chapter_deployment[Planning for Deployment]. + +If the installation succeeds you have to route all your incoming and +outgoing e-mail traffic to the Mail Gateway. For incoming traffic you +have to configure your firewall and/or DNS settings. For outgoing +traffic you need to change the existing e-mail server configuration. + [[advanced_lvm_options]] Advanced LVM Configuration Options @@ -124,23 +188,9 @@ Defines the size of the `swap` volume. The default is the size of the installed memory, minimum 4 GB and maximum 8 GB. The resulting value cannot be greater than `hdsize/8`. -`maxroot`:: - -Defines the maximum size of the `root` volume, which stores the operation -system. The maximum limit of the `root` volume size is `hdsize/4`. - -`maxvz`:: - -Defines the maximum size of the `data` volume. The actual size of the `data` -volume is: -+ -`datasize = hdsize - rootsize - swapsize - minfree` -+ -Where `datasize` cannot be bigger than `maxvz`. - `minfree`:: -Defines the amount of free space left in LVM volume group `pve`. +Defines the amount of free space left in LVM volume group `pmg`. With more than 128GB storage available the default is 16GB, else `hdsize/8` will be used. + @@ -162,6 +212,10 @@ installation using the following command: zpool add log +include::pmg-usbstick.adoc[] + + +[[pmg_install_on_debian]] Install {pmg} on Debian ----------------------- @@ -182,3 +236,160 @@ configuration is also completely up to you. NOTE: In general, this is not trivial, especially when you use LVM or ZFS. + + +[[pmg_install_on_debian_container]] +Install {pmg} as Linux Container Appliance +------------------------------------------ + +The full functionality of {pmg} can also run on top of a Debian-based LXC +instance. In order to keep the set of installed software, and thus the +necessary updates, minimal you can use the `proxmox-mailgateway-container` +meta-package. It does not depend on any Linux Kernel, firmware, or components +used for booting from bare-metal, like grub2. + +A ready-to-use appliance template is available through the +https://www.proxmox.com/proxmox-ve[Proxmox VE] appliance manager in the `mail` +section, so if you already use Proxmox VE you can setup a {pmg} instance in a +minute. + +NOTE: It's recommended to use a static network configuration. If DHCP should be +used ensure that the container can always lease the same IP, for example, by +reserving one with the containers network MAC address. + +Additionally you can also install this on top of a normal Debian installation. +After configuring the repositories, you need to run: + +[source,bash] +---- +apt-get update +apt-get install proxmox-mailgateway-container +---- + + +[[pmg_package_repositories]] +Package Repositories +-------------------- + +All {debian} based systems use +http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package +management tool. The list of repositories is defined in +`/etc/apt/sources.list` and `.list` files found inside +`/etc/apt/sources.d/`. Updates can be installed directly using +`apt-get`, or via the GUI. + +Apt `sources.list` files list one package repository per line, with +the most preferred source listed first. Empty lines are ignored, and a +`#` character anywhere on a line marks the remainder of that line as a +comment. The information available from the configured sources is +acquired by `apt-get update`. + +.File `/etc/apt/sources.list` +---- +deb http://ftp.debian.org/debian buster main contrib + +deb http://ftp.debian.org/debian buster-updates main contrib + +# security updates +deb http://security.debian.org buster/updates main contrib +---- + +In addition, {pmg} provides three different package repositories. + + +{pmg} Enterprise Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This is the default, stable and recommended repository, available for +all {pmg} subscription users. It contains the most stable packages, +and is suitable for production use. The `pmg-enterprise` repository is +enabled by default: + +.File `/etc/apt/sources.list.d/pmg-enterprise.list` +---- +deb https://enterprise.proxmox.com/debian/pmg buster pmg-enterprise +---- + +As soon as updates are available, the `root@pam` user is notified via +email about the available new packages. On the GUI, the change-log of +each package can be viewed (if available), showing all details of the +update. So you will never miss important security fixes. + +Please note that and you need a valid subscription key to access this +repository. We offer different support levels, and you can find further +details at {pricing-url}. + +NOTE: You can disable this repository by commenting out the above line +using a `#` (at the start of the line). This prevents error messages +if you do not have a subscription key. Please configure the +`pmg-no-subscription` repository in that case. + + +{pmg} No-Subscription Repository +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +As the name suggests, you do not need a subscription key to access +this repository. It can be used for testing and non-production +use. Its not recommended to run on production servers, as these +packages are not always heavily tested and validated. + +We recommend to configure this repository in `/etc/apt/sources.list`. + +.File `/etc/apt/sources.list` +---- +deb http://ftp.debian.org/debian buster main contrib + +# PMG pmg-no-subscription repository provided by proxmox.com, +# NOT recommended for production use +deb http://download.proxmox.com/debian/pmg buster pmg-no-subscription + +# security updates +deb http://security.debian.org buster/updates main contrib +---- + + +{pmg} Test Repository +~~~~~~~~~~~~~~~~~~~~~ + +Finally, there is a repository called `pmgtest`. This one contains the +latest packages and is heavily used by developers to test new +features. As usual, you can configure this using +`/etc/apt/sources.list` by adding the following line: + +.sources.list entry for `pmgtest` +---- +deb http://download.proxmox.com/debian/pmg buster pmgtest +---- + +WARNING: the `pmgtest` repository should (as the name implies) only be used +for testing new features or bug fixes. + + +SecureApt +~~~~~~~~~ + +We use GnuPG to sign the `Release` files inside those repositories, +and APT uses that signatures to verify that all packages are from a +trusted source. + +The key used for verification is already installed if you install from +our installation CD. If you install by other means, you can manually +download the key with: + + # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg + +Please verify the checksum afterwards: + +---- +# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +or + +---- +# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +