OpenSUSE-small-serverBasics
Starting Point
Hardware
I own a hosted server on the kimsufi.com site, part of the ovh.com hosting service (one of the biggest french one). As of July 2009, the cheaper one is a Celeron D/215/220 (whatever this mean :-(), 1.2GHz with 1Go DDR RAM and 250Gb Hard drive, much enough for a personal server.
Get a Domain Name
I know you can use a dynamic system, but having your own domain name is very handy and very cheap. I use http://gandi.net and pay only €12 a year for my dodin.org domain name (so I own also the dodin.net one, but this is an other story). I always had fixed IP, including at home, so I don't know much about a server on a variable IP system.
know what you want
The first task is to take a paper and a pencil and write down exactly what you want. Of course, when working, you will understand better your needs and change accordingly, but any change can give painfull results.
As an example, gandi.net allows you to have a full mail server with no administration and unlimited e-mails for as low as €1 (one!) a month and if you want only the myname@mydomain e-mail, better use it. I wanted to learn mail administration, so I decided to go the hard way and install my own one.
What I wanted was:
- an http server for me and my family (I have two daughters working as singer and actress, so they need also web site);
- a mail server. I want to be able to manage all my mails from this server, to be able to read them (and the archives) from any computer on the world, without having to bring one with me;
- a ftp server to store files as needed and allow customers to do also;
- of course ssh access;
- rsync daemon to use my server as backup server;
Installation et partitionning
The server is given pre-installed, but the default install don't fit my needs. It's possible to do again the install with manual partitionning quite easily, so I did and got this:
fdisk -l Disque /dev/hda: 250.0 Go, 250059350016 octets 255 heads, 63 sectors/track, 30401 cylinders Units = cylindres of 16065 * 512 = 8225280 bytes Disk identifier: 0x8a8e8a8e Périphérique Amorce Début Fin Blocs Id Système /dev/hda1 * 1 2550 20482843+ 83 Linux /dev/hda2 2551 30401 223713157+ 5 Extended /dev/hda5 2551 2805 2048256 83 Linux /dev/hda6 2806 5355 20482843+ 83 Linux /dev/hda7 5356 7905 20482843+ 83 Linux /dev/hda8 7906 30401 180699088+ 83 Linux df -h Sys. de fich. Tail. Occ. Disp. %Occ. Monté sur /dev/hda1 20G 2,1G 17G 12% / udev 484M 80K 484M 1% /dev /dev/hda6 20G 10G 8,3G 55% /home /dev/hda7 20G 33M 19G 1% /extra /dev/hda8 170G 24G 138G 15% /data /dev/shm 484M 24K 484M 1% /dev/shm
You may notice I built one "extra" and one "data" partition. I keep room to be able, eventually, to install an other distro on the same computer (for example as update). In that case, having the same home is not handy. So I have basic home and important data in the "data" partition.
After this part, you can log in the server and you are on your own.
Basic config
Update
It's mandatory to make an immediate update. Using zypper dup is probably the best way, at this step if there is a failure it's easy to install again.
Setup repositories
Use YaST (preferably yast2 through ssh -X) to setup the repositories. Add updates, may be Packman if you want very new stuff. You probably don't want restricted licence files (why have a mp3 reader on a hosted server?).
Install basic stuff
Depending of your initial install you will probably have to install a lot of things. My provider installed a very minimal system. I had to install nearly all by hand. Begin to install all the meaningfull yast modules (search for yast in software install). I had yast (mandatory!), but not yast2 (no gui) when using sh -X to connect then YaST2 is much friendlier.
I didn't write down all what I installed. A short list is probably: mc, w3m, yast2-gtk and qt, vsftpd (ftp), dovecot (mail imap/pop3), mrtg (http statistics), inn (news server), mailman (list server), spamassassin (spam fighter), apache2, ntp (time sync), tightVNC (remote admin).
Don't forget to activate the necessary services in Yast, system, services (run levels).
Automatic updates
You should have a yast module to manage automatic security updates? If you don't have, you didn't install the relevant module. Do and configure the update. Recently (11.1), the module is available from yast software install config.
Firewall
Default openSUSE firewall is SuSEFirewall2. Most options are setup with the YaST2 module.
The main error to avoid is to launch the firewall before having setup the ssh opening - doing so you will lose the connection to the server...
Test the firewall: http://www.auditmypc.com/firewall-test.asp (but from the tested computer). To be able to use this easily look at Doc.TunnelSshEtFirefox.