We are still actively working on the spam issue.

Difference between revisions of "Setting up a Server"

From InstallGentoo Wiki
Jump to: navigation, search
(Cloud storage)
(Setting up your services)
Line 22: Line 22:
 
[[Setting up a Server/Choosing an Operating System|Choosing an Operating System]]
 
[[Setting up a Server/Choosing an Operating System|Choosing an Operating System]]
 
=Setting up your services=
 
=Setting up your services=
 
+
Most packages have clear tutorials on their repo/project site. Here are some handpicked guides as well as some written by other anons.
 
*[[Setting up a Server/Mail|Mail]]
 
*[[Setting up a Server/Mail|Mail]]
 
*[[Setting up a Server/DNS|DNS]]
 
*[[Setting up a Server/DNS|DNS]]
Line 30: Line 30:
 
*ZNC
 
*ZNC
 
*SSH
 
*SSH
 +
*Everything in Docker
 +
*HAProxy (for multiple machines behind one ip).
 +
*VPN
 +
*Media Automation (Sickbeard, Flexget etc.)
 +
*Security
 +
*Media Streaming with icecast/ffmpeg/cvlc
 +
 +
=Recommended software=
 +
*Mail: see [[Setting up a Server/Mail]]
 +
*DNS: see [[Setting up a Server/DNS#Authoritative]]
 +
*FTP: vsftpd, glftpd (nonfree)
 +
*IRCd: inspircd, ngircd, kike
 +
*IRC Bouncer: znc
 +
*XDCC: iroffer-dinoex
 +
*XMPP: just buy a rope
 +
*Proxy: danted
 +
*Usenet Server: Leafnode, InterNetNews
 +
*Web Cache/Reverse Proxy: varnish, squid, nginx
 +
*Web: nginx, darkhttpd (use stunnel for ssl)
 +
*Config Management: cdist, ansible, salt
 +
*Control Panel: Webmin, Cockpit
 +
*Direct Connect Server (DCC): uhub, luadch
 +
*Monitoring:
 +
 +
==Less common ==
 +
*BBS Server: Mystic BBS (BBSs are dead)
 +
*MUD: PennMUSH
 +
 +
 +
 +
 
== Centralized storage==
 
== Centralized storage==
 
A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or samba, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronized. This synchronization is a key benefit of the network storage.
 
A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or samba, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronized. This synchronization is a key benefit of the network storage.
Line 38: Line 69:
 
A web server serves up a page. The nice things about serving it from a server, than, say, Wordpress or your Dropbox share, is that now you can run web apps and server side code for a dynamic page.
 
A web server serves up a page. The nice things about serving it from a server, than, say, Wordpress or your Dropbox share, is that now you can run web apps and server side code for a dynamic page.
  
Keep in mind that many server software installs (such as the email server below) involve setting up a webserver, so you may not even need to do anything.
+
Keep in mind that many server software installs (such as email with) involve setting up a webserver, so you may not even need to do anything.
 
 
===Apache vs. nginx ===
 
  
 
===HTTPS===
 
===HTTPS===
Line 47: Line 76:
 
Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one.
 
Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one.
 
If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.
 
If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.
 
== Setting Up Email the EASY way ==
 
 
''See also:  [[Email]]''
 
 
Want to use your own email server to avoid the [[NSA]]?  Good call!  But setting up email servers can be pretty complicated.  Assuming you mostly don't know what the hell you are doing, and assuming you're already secured your system per above, have a peek at [http://www.iredmail.org/ iRedMail].  iRedMail is an automated email and web server setup package.  It works best if installed on a FRESH system - if you're already fumbled around with Apache and/or dovecot and/or postfix and failed, wipe your shit and start over with iRedMail.  It will install and configure Postfix, Dovecot, Apache, and MySQL.  It also installs and configures fail2ban and iptables.  It includes spam filtering and greylisting.  It just works.  Its pretty awesome. 
 
 
You will, however, still need to manually set up your DNS records (MX, SPF, and DKIM).  Refer to the [[Email]] article for more on this.
 
 
If you want to get fancy and replace MySQL with MariaDB, or replace Apache with, say, Nginx, you can do that after you set up iRedMail, but any breakage is up to you to fix.
 
  
 
==Remote access via SSH==
 
==Remote access via SSH==

Revision as of 19:10, 27 October 2017

Need a fileserver that won't face the external internet? Check Home server.

Need to email? Set up a web server? Well, here's some advice. We're gonna try to write this page like you've never done this shit before. It does, however, assume you have at least some basic GNU/Linux knowledge. If you don't, you probably aren't ready for this. You weren't going to set up a server using Windows, were you? Jesus Christ, how horrifying.

A lot of this applies to both a physical machine as well as a VPS setup.

Common uses for a server

  • Install FTP software and run an FTP site.
  • Install a cloud service like Seafile to run your own Dropbox service, no privacy issues, full control, unlimited space (well, limited by how many drives you can cram in).
  • Always on seedbox. Start torrents with your phone through the web interface while out, they're done by the time you're back home.
  • Host a personal website.
  • Run your own mailserver just like Hillary!
    • Warning: Running a mailserver is a shitton of work. You will get hacked all the fucking time and it's very high-maintenance.
  • Run a dedicated game server.
  • Run various webapps, develop your own webapps.
  • SSH-tunnel to the server from work/school/etc to use it as a proxy, so that the admin of the network you're on can't see what sites you're going on.
  • Run a VPN for location spoofing or security when you're out and about.

Getting Started

Home or Remote?

Choosing an Operating System

Setting up your services

Most packages have clear tutorials on their repo/project site. Here are some handpicked guides as well as some written by other anons.

  • Mail
  • DNS
  • FTP
  • Cloud Storage
  • Web Server
  • ZNC
  • SSH
  • Everything in Docker
  • HAProxy (for multiple machines behind one ip).
  • VPN
  • Media Automation (Sickbeard, Flexget etc.)
  • Security
  • Media Streaming with icecast/ffmpeg/cvlc

Recommended software

  • Mail: see Setting up a Server/Mail
  • DNS: see Setting up a Server/DNS#Authoritative
  • FTP: vsftpd, glftpd (nonfree)
  • IRCd: inspircd, ngircd, kike
  • IRC Bouncer: znc
  • XDCC: iroffer-dinoex
  • XMPP: just buy a rope
  • Proxy: danted
  • Usenet Server: Leafnode, InterNetNews
  • Web Cache/Reverse Proxy: varnish, squid, nginx
  • Web: nginx, darkhttpd (use stunnel for ssl)
  • Config Management: cdist, ansible, salt
  • Control Panel: Webmin, Cockpit
  • Direct Connect Server (DCC): uhub, luadch
  • Monitoring:

Less common

  • BBS Server: Mystic BBS (BBSs are dead)
  • MUD: PennMUSH



Centralized storage

A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or samba, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronized. This synchronization is a key benefit of the network storage.

You may want to consider a RAID array for long-term file storage. RAID is not backup, but will protect your files in case of drive failure. NAS4Free allows you to easily set up RAID arrays using UFS or ZFS.

Web server

A web server serves up a page. The nice things about serving it from a server, than, say, Wordpress or your Dropbox share, is that now you can run web apps and server side code for a dynamic page.

Keep in mind that many server software installs (such as email with) involve setting up a webserver, so you may not even need to do anything.

HTTPS

The extra CPU burden of SSL is minuscule. Your server should serve up everything on HTTPS only. Keep port 80 (plain HTTP) open but redirect everything to HTTPS. If port 80 is closed, typing the address of your server into the address bar of a browser will probably fail (because the browser assumes you meant HTTP, but you have to go to HTTPS).

Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one. If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.

Remote access via SSH

GNU or BSD based systems

1. You usually enable the ssh server during the installation. Do this if possible, it is the simplest way.

2. If you did not setup sshd to auto start you can type:

  • /etc/rc.d sshd start, if you use System V init.
  • systemctl enable sshd.service && systemctl start sshd, if you use systemd.

3. If that does not work, you need to install sshd or openssh-server with your package manager.


On OS X

Simply go into sharing permissions and enable fucking everything.

Post-setup

Tunneling

Create a tunnel and use it as a proxy for environments that block certain DNS requests or pages and to encrypt your data

Wake on LAN

Turn on a PC on your LAN Arch Wiki guide

Web hosting

Host webpages, use nginx or apache debian nginx guide

Proxy

You can use a proxy guide

Compression

Ziproxy (Opera style web compression, including images)

Media automation

Torrenting

Use a daemon like Transmission or Deluge.

TV Series

You can use a daemon like Sickbeard

Movies

You can use a daemon like Couchpotato

Music

You can use a daemon like Headphones

Security

Setting up a Server/Security

External links

Linode Library - Good beginner tutorials.