Doc /

OpenSUSE-small-serverBasics

<-OpenSUSE-small-server

Starting Point

Hardware

I own a hosted server on the kimsufi.com site, part of the ovh.com hosting service (one of the biggest french one). As of July 2009, the cheaper one is a Celeron D/215/220 (whatever this mean :-(), 1.2GHz with 1Go DDR RAM and 250Gb Hard drive, much enough for a personal server.

Get a Domain Name

I know you can use a dynamic system, but having your own domain name is very handy and very cheap. I use http://gandi.net and pay only €12 a year for my dodin.org domain name (so I own also the dodin.net one, but this is an other story). I always had fixed IP, including at home, so I don't know much about a server on a variable IP system.

know what you want

The first task is to take a paper and a pencil and write down exactly what you want. Of course, when working, you will understand better your needs and change accordingly, but any change can give painfull results.

As an example, gandi.net allows you to have a full mail server with no administration and unlimited e-mails for as low as €1 (one!) a month and if you want only the myname@mydomain e-mail, better use it. I wanted to learn mail administration, so I decided to go the hard way and install my own one.

What I wanted was:

  • an http server for me and my family (I have two daughters working as singer and actress, so they need also web site);
  • a mail server. I want to be able to manage all my mails from this server, to be able to read them (and the archives) from any computer on the world, without having to bring one with me;
  • a ftp server to store files as needed and allow customers to do also;
  • of course ssh access;
  • rsync daemon to use my server as backup server;

Installation et partitionning

The server is given pre-installed, but the default install don't fit my needs. It's possible to do again the install with manual partitionning quite easily, so I did and got this:

fdisk -l

Disque /dev/hda: 250.0 Go, 250059350016 octets
255 heads, 63 sectors/track, 30401 cylinders
Units = cylindres of 16065 * 512 = 8225280 bytes
Disk identifier: 0x8a8e8a8e

Périphérique Amorce    Début         Fin      Blocs    Id  Système
/dev/hda1   *           1        2550    20482843+  83  Linux
/dev/hda2            2551       30401   223713157+   5  Extended
/dev/hda5            2551        2805     2048256   83  Linux
/dev/hda6            2806        5355    20482843+  83  Linux
/dev/hda7            5356        7905    20482843+  83  Linux
/dev/hda8            7906       30401   180699088+  83  Linux

df -h
Sys. de fich.         Tail. Occ. Disp. %Occ. Monté sur
/dev/hda1              20G  2,1G   17G  12% /
udev                  484M   80K  484M   1% /dev
/dev/hda6              20G   10G  8,3G  55% /home
/dev/hda7              20G   33M   19G   1% /extra
/dev/hda8             170G   24G  138G  15% /data
/dev/shm              484M   24K  484M   1% /dev/shm

You may notice I built one "extra" and one "data" partition. I keep room to be able, eventually, to install an other distro on the same computer (for example as update). In that case, having the same home is not handy. So I have basic home and important data in the "data" partition.

After this part, you can log in the server and you are on your own.

Basic config

Update

It's mandatory to make an immediate update. Using zypper dup is probably the best way, at this step if there is a failure it's easy to install again.

Setup repositories

Use YaST (preferably yast2 through ssh -X) to setup the repositories. Add updates, may be Packman if you want very new stuff. You probably don't want restricted licence files (why have a mp3 reader on a hosted server?).

Install basic stuff

Depending of your initial install you will probably have to install a lot of things. My provider installed a very minimal system. I had to install nearly all by hand. Begin to install all the meaningfull yast modules (search for yast in software install). I had yast (mandatory!), but not yast2 (no gui) when using sh -X to connect then YaST2 is much friendlier.

I didn't write down all what I installed. A short list is probably: mc, w3m, yast2-gtk and qt, vsftpd (ftp), dovecot (mail imap/pop3), mrtg (http statistics), inn (news server), mailman (list server), spamassassin (spam fighter), apache2, ntp (time sync), tightVNC (remote admin).

Don't forget to activate the necessary services in Yast, system, services (run levels).

Automatic updates

You should have a yast module to manage automatic security updates? If you don't have, you didn't install the relevant module. Do and configure the update. Recently (11.1), the module is available from yast software install config.

Firewall

Default openSUSE firewall is SuSEFirewall2. Most options are setup with the YaST2 module.

The main error to avoid is to launch the firewall before having setup the ssh opening - doing so you will lose the connection to the server...

Test the firewall: http://www.auditmypc.com/firewall-test.asp (but from the tested computer). To be able to use this easily look at Doc.TunnelSshEtFirefox.