===== B) user, permissions & storage =====

Since different pieces of the email infrastructure will need to interoperate, it is a good idea to create a specific user to store all the emails on the filesystem. This user will own the email storage folders which i assume will be located under **/home/vmail**. I choose UID and GID 5000 since the ones  up to 1000 are reserved for system users.

The second user that you need to take into account is user **web**. PostfixAdmin will be running under user web, because on the external server i choose to run only one instance of PHP-FPM. This means that the database itself will need to be writable by user web and readable by user vmail. Due to security concern, you do not want the user web to be in the same group as user vmail, and vice versa.

As storage structure, you will need two different locations:
  * **/home/vmail/storage** to actually store the mail accounts mailbox'es
  * **/home/vmail/database** to store the shared SQLite3 database for PostfixAdmin, Postfix and Dovecot.

I assume you already have a //web// account. So:
<code bash>
groupadd -g 5000 vmail
mkdir /home/vmail
useradd -m -d /home/vmail/storage -s /bin/false -u 5000 -g vmail vmail
chmod 2770 /home/vmail/storage
mkdir /home/vmail/database
chown web:vmail /home/vmail/database
</code>

The resulting permissions should look like:
<code bash>
ls -ld /home/vmail/
drwxrw-xr-x 3 root root 4096 Aug 2 07:24 /home/vmail
ls -ld /home/vmail/storage
drwxrws--- 3 vmail vmail 4096 Aug 2 07:24 /home/vmail/storage
ls -ld /home/vmail/database
drwxr-x--- 3 web vmail 4096 Aug 2 07:24 /home/vmail/database
</code>


Now create the database:
<code bash>
su - web
cd /home/vmail/database
sqlite3 vmail.sqlite3
sqlite> .databases
main: vmail.sqlite3 r/w
sqlite> .tables
sqlite> .exit
</code>