Skip to content

Instantly share code, notes, and snippets.

@mohsin
Created August 23, 2019 09:28
Show Gist options
  • Save mohsin/16711d385daea3977fbee5ef6994e239 to your computer and use it in GitHub Desktop.
Save mohsin/16711d385daea3977fbee5ef6994e239 to your computer and use it in GitHub Desktop.
Installation Log Mail-In-A-Box on GCP instance

Setup DNS A record mail.mywebsite.com to external IP of instance

First let's install SSL certificates coz Mail-In-A-Box certificates are not linked to an email

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

If dkpg lock issue appears:

lsof /var/lib/dpkg/lock
ps cax | grep PID
kill PID
ps cax | grep PID # Ensure process is indeed dead
sudo rm /var/lib/dpkg/lock
sudo dpkg --configure -a

And continue with certificate installation:

sudo vim /etc/nginx/sites-available/default # Verify nginx is installed correct by checking existance of this file
sudo ufw status
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP' # Disallow http
sudo ufw allow 'OpenSSH' # So that you can SSH back into the instance next time
sudo ufw enable
sudo certbot --nginx -d mail.mywebsite.com
sudo certbot renew --dry-run # To check if autorenewal works fine

Install Mail In A Box

export PRIMARY_HOSTNAME=mywebsite.com
export PUBLIC_IP=122.98.190.225 # Seen in instance page
export PRIVATE_IP=10.0.0.7 # Seen in instance page
curl -s https://mailinabox.email/setup.sh | sudo -E bash

This results in an error:

Outbound mail (port 25) seems to be blocked by your network.

You will not be able to send mail using this machine, so setup
cannot continue.

Many residential networks block port 25 to prevent hijacked
machines from being able to send spam. I just tried to connect
to Google's mail server on port 25 but the connection did not
succeed.

Exiting the machine and ssh'ing back in and running same command solves the issue for some reason. Specify email ID as admin@mywebsite.com than admin@mail.mywebsite.com And specify primary hostname as mywebsite.com

Now we replace the SSL certificates with our own (Optionally delete the one MIAB made by checking the symlink ls -lh /home/user-data/ssl/

rm /home/user-data/ssl/ssl_certificate.pem
rm /home/user-data/ssl/ssl_private_key.pem
ln -s /etc/letsencrypt/live/mail.mywebsite.com/fullchain.pem /home/user-data/ssl/ssl_certificate.pem
ln -s /etc/letsencrypt/live/mail.mywebsite.com/privkey.pem /home/user-data/ssl/ssl_private_key.pem

And that's it. Ready to use

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment