Revision as of 17:27, 5 April 2022

Need to email? Set up a web server? Well, here's some advice. We're gonna try to write this page like you've never done this shit before. It does, however, assume you have at least some basic GNU/Linux knowledge. If you don't, you probably aren't ready for this. You weren't going to set up a server using Windows, were you? Jesus Christ, how horrifying.

Common uses for a server:

Install a media player system and stream content to your local network
Install a cloud service like Nextcloud to run your own Dropbox service, no privacy issues, full control, unlimited space (well, limited by how many drives you can cram in).
Always on seedbox. Start torrents with your phone through the web interface while out, they're done by the time you're back home.
Host a personal website.
Run your own mailserver just like Hillary!
- Warning: Running a mailserver is a shitton of work. You will get hacked all the fucking time and it's very high-maintenance.
Run a dedicated game server.
Run various webapps, develop your own webapps.
SSH-tunnel to the server from work/school/etc to use it as a proxy, so that the admin of the network you're on can't see what sites you're going on.
Run a VPN for location spoofing or security when you're out and about.

Getting Started

Recommended software

Common home server services

Most packages have clear tutorials on their repo/project site. Here are some handpicked guides for the most common types of software used

Cloud Storage - Nextcloud
Web Server - Apache or NGINX
VPN - Wireguard or OpenVPN
Media Streaming - Jellyfin or PLEX
XMPP - Prosody

Centralized storage

A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or Samaba if you have Windows clients on your network, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronised. This synchronisation is a key benefit of the network storage.

You may want to consider a RAID array for long-term file storage. RAID is not backup, but will protect your files in case of drive failure. See Home server#File Systems and RAID for more information.

Web server

A reminder why you should always self-host and if you don't, avoid inbred retards

A web server serves up a page. The nice things about serving it from a server, than, say, Wordpress or your Dropbox share, is that now you can run web apps and server side code for a dynamic page.

Keep in mind that many server software installs (such as email with) involve setting up a webserver, so you may not even need to do anything.

HTTPS

The extra CPU burden of TLS is minuscule. Your server should serve up everything on HTTPS only. Keep port 80 (plain HTTP) open but redirect everything to HTTPS. If port 80 is closed, typing the address of your server into the address bar of a browser will probably fail (because the browser assumes you meant HTTP, but you have to go to HTTPS).

Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one. If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.

Certbot makes https easy to implement with Let's Encrypt certificates

External links

Linode Library - Good beginner tutorials
landchad.net - "Chad's Guide to Starting Your Own Website"
Script to secure Debian and Debian based Linux installs
Setup pfSense
Raspberry Pi KVM for managing servers remotely
The Complete System Administrator Guide
Example of a personal server
Increase Linux Internet speed with TCP BBR congestion control

@@ Line 1: / Line 1: @@
-'''Need a fileserver that won't face the external internet?  Check [[Home server]].'''
 Need to email? Set up a web server?  Well, here's some advice.  We're gonna try to write this page like you've never done this shit before.  It does, however, assume you have at least some basic [[GNU/Linux]] knowledge.  If you don't, you probably aren't ready for this.  You weren't going to set up a server using Windows, were you?  Jesus Christ, how horrifying.
-A lot of this applies to both a physical machine as well as a [[VPS]] setup.
+Common uses for a server:
+* Install a media player system and stream content to your local network
-=== Common uses for a server===
+* Install a cloud service like Nextcloud to run your own Dropbox service, no privacy issues, full control, unlimited space (well, limited by how many drives you can cram in).
-* Install FTP software and run an FTP site.
-* Install a cloud service like Seafile to run your own Dropbox service, no privacy issues, full control, unlimited space (well, limited by how many drives you can cram in).
 * Always on seedbox. Start torrents with your phone through the web interface while out, they're done by the time you're back home.
 * Host a personal website.
@@ Line 17: / Line 13: @@
 * Run a VPN for location spoofing or security when you're out and about.
-= Getting Started =
+=Getting Started=
-[[Setting up a Server/Home or Remote?|Home or Remote?]]
+* [[Encryption|Encrypted or unencrypted drive (LUKS)]]
+* [[Home server/Choosing an Operating System]]
+* [[Home_Server/Setting up your Storage]]
+* [[Home server/Remote access]]
-[[Setting up a Server/Choosing an Operating System|Choosing an Operating System]]
+=Recommended software=
-=Setting up your services=
+* [[Home server#Server software]]
+* [[Home server#System administration software]]
-[[Setting up a Server/Mail|Mail]]
+==Common home server services==
-[[/DNS|DNS]]
+Most packages have clear tutorials on their repo/project site. Here are some handpicked guides for the most common types of software used
+* Cloud Storage - Nextcloud
+* Web Server - [https://homebrewserver.club/fundamentals-webserver-website.html Apache] or NGINX
+* VPN - Wireguard or OpenVPN
+* Media Streaming - Jellyfin or PLEX
+* XMPP - [https://homebrewserver.club/configuring-a-modern-xmpp-server.html Prosody]
-== Centralized storage==
+=Centralized storage=
-A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or samba, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronized. This synchronization is a key benefit of the network storage.
+A server is perfect for this job. It is (supposedly) an always available resource on the local network. If using this in your house, you can expect reasonable speeds, even over WiFi that will let you do many daily tasks. One option is to set it up with NFS (Linux-centric, can be used on windows but it's shit) or Samaba if you have Windows clients on your network, so you can watch your chinese cartoons on any device and keep your documents/whatever synchronised. This synchronisation is a key benefit of the network storage.
-You may want to consider a [[RAID]] array for long-term file storage.  RAID is not backup, but will protect your files in case of drive failure.  NAS4Free allows you to easily set up RAID arrays using UFS or ZFS.
+You may want to consider a [[Wikipedia:RAID|RAID]] array for long-term file storage.  RAID is not backup, but will protect your files in case of drive failure. See [[Home server#File Systems and RAID]] for more information.
-== Cloud storage ==
+== Web server ==
-You can store files on your server, so that they are accessible from anywhere (but [[Passwords | password]] protected). These services are aimed at gaining access from the WAN (Wide Area Network, aka the internet). These services can be used on a LAN, but are cumbersome at times for most uses.
+[[File:Tidle town.png|thumb|right|alt=A reminder why you should always self-host and if you don't, avoid inbred retards|A reminder why you should always self-host and if you don't, avoid inbred retards]]
-=== FTP ===
-FTP refers to a protocol specification that stands for File Transfer Protocol. This is a protocol that allows uploading, downloading, moving, and renaming files on a remote system. This simple protocol that is supported in a large number of places but offers a reasonable amount of security to the remote system. There are not automated aspects to this, as it is just a protocol, but there are plenty of tools that work on this standard to do work for you (notably FileZilla for beginners)
-=== Seafile ===
-A file hosting software system. Files are stored on a central server and can by synchronized with personal computers and mobile devices via the Seafile client. Files can also be accessed via the server's web interface. Seafile's functionality is similar to other popular services such as Dropbox and Google Drive, with the primary difference being that Seafile is free and open-source, enabling users to host their own Seafile servers without artificially imposed limits on storage space or client connections.
-=== OwnCloud ===
-OwnCloud is essentially your own Dropbox. You run the OwnCloud server program on your server to make the cloud available, and create accounts for users. The rest is analogous to Dropbox: Every machine that wants to access the cloud installs the OwnCloud client, puts in your server address, their OwnCloud username/password and choose a directory to sync.
-As of early 2015, the files are stored on the server's hard drive without any extra encryption. This means that the admin of the server (ie. you) can see the files of all clients. If you only want to sync your own files, that's fine. But if, say, you want to let your friend use your server instead of Dropbox then this potentially allows you to eavesdrop on what your friend puts in his cloud. Granted, this is exactly the same as Dropbox Inc being able to see what you put on your Dropbox.
-Usually after setting up OwnCloud you also set up a web server like apache which provides a web interface at something like http[s]://server.com/owncloud. This is analogous to the Dropbox web UI, and allows users to do things like share files with others, manage their cloud files without running a client/syncing, and so on. It also lets the server admin (probably you) manage the accounts and various settings.
-OwnCloud also keeps file history data (changes/deletions) in a SQL database, so usually setup involves getting MySQL running on your server as well.
-== Web server ==
 A web server serves up a page. The nice things about serving it from a server, than, say, Wordpress or your Dropbox share, is that now you can run web apps and server side code for a dynamic page.
-Keep in mind that many server software installs (such as the email server below) involve setting up a webserver, so you may not even need to do anything.
+Keep in mind that many server software installs (such as email with) involve setting up a webserver, so you may not even need to do anything.
-===Apache vs. nginx ===
 ===HTTPS===
-The extra CPU burden of SSL is minuscule. Your server should serve up everything on HTTPS only. Keep port 80 (plain HTTP) open but redirect everything to HTTPS. If port 80 is closed, typing the address of your server into the address bar of a browser will probably fail (because the browser assumes you meant HTTP, but you have to go to HTTPS).
+The extra CPU burden of TLS is minuscule. Your server should serve up everything on HTTPS only. Keep port 80 (plain HTTP) open but redirect everything to HTTPS. If port 80 is closed, typing the address of your server into the address bar of a browser will probably fail (because the browser assumes you meant HTTP, but you have to go to HTTPS).
-Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one.
-If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.
-== Setting Up Email the EASY way ==
-''See also:  [[Email]]''
-Want to use your own email server to avoid the [[NSA]]?  Good call!  But setting up email servers can be pretty complicated.  Assuming you mostly don't know what the hell you are doing, and assuming you're already secured your system per above, have a peek at [http://www.iredmail.org/ iRedMail].  iRedMail is an automated email and web server setup package.  It works best if installed on a FRESH system - if you're already fumbled around with Apache and/or dovecot and/or postfix and failed, wipe your shit and start over with iRedMail.  It will install and configure Postfix, Dovecot, Apache, and MySQL.  It also installs and configures fail2ban and iptables.  It includes spam filtering and greylisting.  It just works.  Its pretty awesome.
-You will, however, still need to manually set up your DNS records (MX, SPF, and DKIM).  Refer to the [[Email]] article for more on this.
-If you want to get fancy and replace MySQL with MariaDB, or replace Apache with, say, Nginx, you can do that after you set up iRedMail, but any breakage is up to you to fix.
-==Remote access via SSH==
-=== GNU or BSD based systems ===
-. You usually enable the ssh server during the installation. Do this if possible, it is the simplest way.
-. If you did not setup sshd to auto start you can type:
-:* <code>/etc/rc.d sshd start</code>, if you use System V init.
-:* <code>systemctl enable sshd.service && systemctl start sshd</code>, if you use systemd.
-. If that does not work, you need to install <code>sshd</code> with your package manager.
-=== On [[Windows]] ===
-* Download [http://cygwin.com/install.html Cygwin]
-* Choose "Install From Internet"
-* Choose a mirror to download from
-* When you get to the "Select Packages" screen, search SSH
-* Choose to install the "Bin" version of the "openssh" package
-* Download all dependencies and wait for setup to complete
-* Open Cygwin and wait for the initial setup to complete
-* Type "ssh-host-config" without the quotes
-* Say yes when you get asked about privilege separation
-* Say yes when asked to create a local user named sshd
-* Say yes when asked to install sshd as a service
-* When you see "CYGWIN=", type "ntsec tty" without the quotes ([http://www.chinese-watercolor.com/LRP/printsrv/cygwin-sshd.html this guide]explains why)
-* You should be done now setting up the SSH server. To start it, type "net start sshd" without the quotes.
-If you see:
- The CYGWIN sshd service is starting.
- The CYGWIN sshd service was started successfully.
-Then everything went correctly. If not, you should Google the error.
-=== On [[OS X]] ===
-Simply go into sharing permissions and enable fucking everything.
-=== Post-setup ===
-* Forward port 22 to the server ([http://portforward.com/ Here's a guide if you don't know how])
-* OPTIONAL: [[Setting_up_a_Server#Domain_and_static.2Fdynamic_IP|Assign the server an address]], so you can type ''server.com'' instead of XXX.XXX.XXX.XXX ([http://lifehacker.com/software/web-publishing/geek-to-live--how-to-assign-a-domain-name-to-your-home-web-server-124804.php Read this])
-===Tunneling===
-Create a tunnel and use it as a proxy for environments that block certain DNS requests or pages and to encrypt your data
-===Wake on LAN===
-Turn on a PC on your LAN [https://wiki.archlinux.org/index.php/Wake-on-LAN Arch Wiki guide]
-===Web hosting===
-Host webpages, use nginx or apache [https://library.linode.com/web-servers/nginx/installation/debian-6-squeeze debian nginx guide]
-===Proxy===
-You can use a proxy [http://www.debiantutorials.com/installing-and-configuring-squid-proxy-server/ guide]
-====Compression====
-[http://freecode.com/projects/ziproxy Ziproxy] (Opera style web compression, including images)
-==Media automation==
+Issue a self-signed certificate. CAs are for jerks. Set the duration short (eg. a year) and don't forget to make a new one. If you've got a domain, get a Lets Encrypt-signed cert and set up a cron job to renew it. They're pretty sweet.
-===Torrenting===
-Use a daemon like Transmission or Deluge.
-===TV Series===
+[https://certbot.eff.org/ Certbot] makes https easy to implement with Let's Encrypt certificates
-You can use a daemon like [http://sickbeard.com/ Sickbeard]
-===Movies===
-You can use a daemon like [https://couchpota.to/ Couchpotato]
-===Music===
-You can use a daemon like [https://github.com/rembo10/headphones/ Headphones]
-=Security=
+=External links=
-[[Setting up a Server/Security]]
+* [https://library.linode.com/ Linode Library] - Good beginner tutorials
+* [https://landchad.net/ landchad.net] - "Chad's Guide to Starting Your Own Website"
+* [https://github.com/x08d/lockdown.sh Script to secure Debian and Debian based Linux installs]
+* [https://gist.github.com/deergod1/818ec78ab70947a2f89df2bb5bb28896 Setup pfSense]
+* [https://github.com/pikvm/pikvm Raspberry Pi KVM for managing servers remotely]
+* [https://devconnected.com/syslog-the-complete-system-administrator-guide/ The Complete System Administrator Guide]
+* [https://github.com/erebe/personal-server/blob/master/README.md Example of a personal server]
+* [https://www.cyberciti.biz/cloud-computing/increase-your-linux-server-internet-speed-with-tcp-bbr-congestion-control/ Increase Linux Internet speed with TCP BBR congestion control]
-= External links =
+=See also=
-[https://library.linode.com/ Linode Library] - Good beginner tutorials.
+* [[Home server]]
+* [[Setting up a Server/Home or Remote?]]
+* [[Setting up a Server/Mail]]
+* [[Setting up a Server/DNS]]
 [[Category:Tutorials]]
 [[Category:HowTo]]

Difference between revisions of "Setting up a Server"

Revision as of 17:27, 5 April 2022

Contents

Getting Started

Recommended software

Common home server services

Centralized storage

Web server

HTTPS

External links

See also

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools