13
wowotek
6y

NewLifeNewHope update No.2 / Day 5

My Server Is finally opened and i installed 2x8 TB WDC Harddrives and SATA 128 SSD. I know this server is freaking garbage, but i got this PC for free, and have somewhat good-ish upgrade path, so heres the spec :
-Gigabyte H110m-S2 LGA1151
-Intel i3-6300
-8GB DDR4 single channel RAM
-128 GB SSD
-2x8TB Harddrives
-TP-Link 1000mbps NIC

so the plan is to make this server as the Main Repository -- yes no offsite backup plan for now -- and also i want to make this server as an Email Server and for hosting my company's website. I've already asked for static IP from my ISP and will take effect tommorow.

I need help for choosing the Operating System (i like centOS) for my server. and to setting this Server to work like what i planned but i don't know where to start, Any help and/or References will be great !

Comments
  • 1
    Hmm i don't know who to mention, but i think i'll start with @condor .
  • 2
    My server actually has a similar configuration. A Lenovo Thinkstation S10 with its only major differences being that it's got DDR3 ECC instead of DDR4, and 4TB instead of 16 (man I envy you :P)

    On that server I'm running Proxmox, which I'd advise you run as well because it's rock solid. Different services should ideally reside on their own separate VM. This ensures that when one service goes tits up, the entire server doesn't go down.. and that in case of a disaster, you can log into a guest through the host. Also when a server gets compromised, the rest is still relatively safe etc etc. Not sure if it'll deal well with a direct internet connection though, I've never ran Proxmox in that configuration actually. What I do know for sure is that DHCP won't work on the internet, due to its broadcast nature. I vaguely recall that it's using something called PPPoE.. but not sure. If you decide to plug your server directly behind the modem to make it get a direct internet connection (without passthrough, port forwarding or something like that), be sure to get in touch with your ISP to get instructions about how to get the guest server to obtain the IP.
  • 1
    @Condor well, the PC it self, i got that for free, so my server budget i spent with an upgrade component, maybe the CPU need to be upgraded aswell, but i planned to lift it up with newest i7 CPU or maybe Xeon if that even compatible. A great rig to start nonetheless. I've just fast-read proxmox, is it a VM ? can i know why you advice me to use a Server VM, and why not like full server os?

    i barely have that kind of knowledge like DHCP or something, but i will learn it more. so the static IP is useless ? canceling the order may save some money.

    Thank you for good advice and instruction. Implemented Soon !
  • 1
    Oh and if you want to get some extra performance out of your WDC's, consider putting them in ZFS RAID-0. I've put 2x2TB WD Reds in RAID-0 and I'm getting ~300MB/s both directions that way. Due to the lack of redundancy, one drive failure will mean that your entire array is lost however. So you'll want to combine that with periodic mirroring. Or if you want redundancy, put them in RAID-1 but then you'll only have 8TB at your disposal. You should also keep in mind that RAID of any kind is not a replacement for backups - they should be used in conjunction with one another.
  • 1
    @wowotek Proxmox is a hypervisor. Layer 3 if memory serves me right (edit: looked it up and it's Type 2).. under the hood it uses KVM, i.e. the kernel takes care of the virtualization. The reason why that's preferred is because it provides good separation from the other hosts. That makes the system more stable, manageable and allows for quick migration in case of a failure. Also because each service is on a different VM, a compromised one may not be able to easily talk to the others like it would if it was all on the same system. This can (and should) be configured with the firewall on the host. The VM's can have bridged connections, meaning that they can all be at the same network level as the host. For example, my Proxmox VE currently has 15 guests running in it which results in its physical NIC having 16 IP addresses in the same network. So there's no internal NAT'ing going on or anything.
  • 0
    @Condor sure do, but i don't know if the motherboard support raid arrays
  • 1
    @wowotek Unless you have a RAID controller, don't bother with the RAID on the motherboard. It's called FakeRAID and it's marketed by Intel. Unstable as shit, my server has it and I've used it.. complete garbage. ZFS on the other hand leverages the kernel and mdadm (?) for this purpose. So it's a software RAID, which is far more stable, versatile (because it's abstracted from the hardware into software) and offers really good performance. Highly recommended!
  • 1
    @undef I've never really got the hang of BSD, but in terms of security and stability it's superior to Linux, and I've read an argument for BSD somewhere that ZFS is far better supported in BSD than it is in Linux. So yeah if you can maintain it, by all means use it!
  • 2
    @wowotek Most likely your external IP address from the modem to the internet changes every 24h, this is normal for residential/consumer connections. You could work around this by using a dynamic DNS service or you could ask your provider to give you a static one (which is probably what you did). However this will most likely not give you a second IP address, it just makes you external internet facing IP static. Depending if you have a real modem or a actually a modem with a router from your provider you might need to forward traffic from the modem/router to your server, or you configure the modem/router to forward all traffic to your server, but then your server has to act as a router and do NAT and stuff.

    Also if you want to run email on it, often times residential/consumer IP ranges are blacklisted. When you get your static IP you can check it here: https://www.dnsbl.info/
  • 0
    @bootleg-dev what do you mean by being blacklisted ?
  • 2
    @wowotek To prevent email spam mail servers sometimes check the incomining IP adress against a blacklist (sometimes multiple). If your sending server is on a blacklist your email might not get to it's destination or it might land in the spam folder. Usually dynamic IP ranges are blacklisted to prevent spam from residential connections.

    Also don't forget to setup SPF, DKIM and DMARC. Also throughly test your mail server with Outlook and Gmail recipents. You might need to register for Microsofts anti spam thingy as well.

    But honestly since you are just starting out with a business, you might want to use a third party provider for mail and just point your relevant domain records to them (e.g. ProtonMail, G Suite, etc.). This way you avoid wasting your time dicking around with the email server.
  • 0
    @bootleg-dev ah yes, good point.

    From the rant I've assumed that this is a business connection, with the ability to get a static IP and link a domain to it. Just the desire to self-host (which is reasonable, especially when a lot of storage is needed at low cost). It moves the management part from the DC to the self-hosting company. For mailing however I'd suggest you check your IP first, especially whether your IP is in the RBL lists (domaintools has something for this iirc) and whether your ISP actually allows traffic on port 25. For spam prevention, many nonbusiness lines don't. Again, check with your ISP.

    For mail in particular I'd go with a VPS where the servers aren't often abused. In Europe, Hetzner is a solid choice because they're cheap but require identification by ID papers. This tends to scare away spammers which prefer to remain anonymous. They're located in Germany and a highly recommended hoster for your email servers.
  • 0
    @ngBuild well, if you read my previous rants, im not planning a big company. this is literally one man company, my self. so i just need to start small.
  • 0
    @ngBuild i don't even know how to start a server yet. this is the beginning. it's the matter of time.
Add Comment