1 (edited by persisl 2021-08-19 12:13:27)

Topic: Cannot remote connect to MariaDB after install iRedMail

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.0
- Deployed with iRedMail Easy or the downloadable installer? No
- Linux/BSD distribution name and version: Debian 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySql (MariaDB)
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I have edited file/etc/mysql/mariadb.conf.d/50-server.cnf to change bind-address to 0.0.0.0 and restarted the mysql server:
bind-address            = 0.0.0.0


I have also checked the root user that has granted all privileges to all databases.

I have also enable port 3306 in firewall by:
firewall-cmd --add-port=3306/tcp
firewall-cmd --permanent --add-port=3306/tcp


When I connect to MariaDB remotely it says:
Can't connect to MySQL server on 'example.com' (10060)


I can connect to server using SSH in port 22 and can login the root user to database on the server. Just cannot connect remotely.

Could you please help me out for allowing remove access to MySQL/MariaDB under iRedMail?

Many thanks,

Leon

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Cannot remote connect to MariaDB after install iRedMail

- Try to connect to the IP address?
- Is mariadb actually listening on public IP address? Show us command output: "netstat -ntlp | grep 3306"
- Is port 3306 really open in firewall? show us the firewall rules.

persisl wrote:

I have also enable port 3306 in firewall by:
firewall-cmd --add-port=3306/tcp
firewall-cmd --permanent --add-port=3306/tcp

You didn't specify the firewall zone.

3

Re: Cannot remote connect to MariaDB after install iRedMail

I have the same issue
After installing iRedMail 1.4.2 I cannot access remotely the MariaDB
OS is Ubuntu 20.04
I have tried to disable UFW (already disabled as standard) or open port 3306 for all,
also cleared all itptables by iptables -F
also tried disable fail2bain in case this was the problem by stopping the service,
but in all cases I cannot acces the DB remotely

I have updated the MariaDB file; /etc/mysql/mariadb.conf.d/50-server.cnf
and either # commented out the bind address or changed the address to 0.0.0.0
to confirm MariaDB is LISTENINING I have checked via sudo netstat -anp | grep 3306
result:
for 0.0.0.0; tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      40745/mysqld
for #; tcp6       0      0 :::3306                 :::*                    LISTEN      40324/mysqld
There are neither rules listed for iptables nor ip6tables;
sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

To check I took the same OS
and just installed MariaDB alone and made the same changes to the conf file
and I was able to access the DB remotely without issues
Installation done on AWS EC2 with the same security group in both cases

So something seems to block the DB after installing the iRedMail package
any suggestion is most welcome ?
Thanks

4

Re: Cannot remote connect to MariaDB after install iRedMail

Is firewall service "nftables" running? You may want to disable it and try again.

5 (edited by peter.buhl 2021-11-10 16:38:02)

Re: Cannot remote connect to MariaDB after install iRedMail

ZhangHuangbin wrote:

Is firewall service "nftables" running? You may want to disable it and try again.

@Zhang, Thanks for the fast reply

There is no service called nftables on the OS:
partly display from service -status-all:
[ + ]  multipath-tools
[ + ]  mysql
[ + ]  nginx
[ + ]  ntp
[ - ]  open-iscsi
[ - ]  open-vm-tools

Normal firewall on Ubuntu 20 is iptables and managed through ufw

Any other ideas ?

6

Re: Cannot remote connect to MariaDB after install iRedMail

If MySQL is listening on 0.0.0.0, then it should be reachable from external network. You may need to check the firewall in your network / gateway.

7

Re: Cannot remote connect to MariaDB after install iRedMail

peter.buhl wrote:

Normal firewall on Ubuntu 20 is iptables and managed through ufw

Just to clarify, this is not true.  If you fresh install Ubuntu 20 and iRedMail, iptables is not the default firewall.
It's obsolete.

It's replaced by nftables  ( /etc/nftables.conf )



ufw is installed, but it's disabled.

8 (edited by LuizC 2022-04-09 23:35:28)

Re: Cannot remote connect to MariaDB after install iRedMail

I was facing the same problem in Ubuntu 20.04 and PostgreSQL on iRedMail 1.5.2.

Desabling nftables fix the question (with editing pg_hba.conf AND postgresql.conf, off course).

In case I must to edit nftables.conf to use it, should I add

tcp dport 5432 accept

to properlly configure it?