The Perfect Linux Server Part 1

Written by Conner on September 18, 2008 | Permalink

Posted in: Technology

Designing the perfect Linux Server isn’t difficult, it can be time consuming but with a plan, you should be able to get everything running quickly.  This post will lay out the groundwork of what services the server should provide and how we divide it up among our virtual machines.

The main services that I want the server to provide are web, ssh, mail transport, dns-caching, and file serving. Some additional, but non-essential tasks could be bittorrent, ftp, streaming media, and VPN.  Of course their are a ton of things you could add to this list, but these are the services I feel are the most useful.

The next step is to list the applications that we will need to run to accomplish these tasks.

  • Web Server
    • Apache
    • Mysql or other database is usually necessary
    • PHP
  • SSH Access
    • open-ssh
  • Mail Transport
    • I use Qmail, but there are many options
  • Dns Caching
    • I prefer Tiny-DNS, Bind is also a good choice
  • File Server
    • Samba
  • Bittorrent
    • rtorrent
  • FTP
    • I use SSH for file transfers and you should to
  • Streaming Media
    • Lots of options, ampache and Jinzora are who popular ones.
  • VPN
    • OpenVPN

Some other services that I install to keep an eye on things

  • Munin
  • Nagios

So how do we divide these systems up.  The choice is yours, but for this tutorial I am going to use the following setup.

  • Zeus: Domain0.  This is the top level system that all other servers run on top of
    • Xen
    • Qmail-send
    • Munin-node
    • SSH
  • Pegasus: Web Server
    • Apache
    • PHP5
    • Mysql-Server
    • Qmail-send
    • Munin-node
    • SSH
  • Hades: File Server
    • Samba
    • rtorrent - This makes the most sense here as we will want to access the files downloaded from other systems
    • Qmail-send
    • Munin-node
    • SSH
  • Athena: Monitoring and support services
    • Tiny-DNS
    • Apache - To allow for remote viewing of system status
    • Munin
    • Munin-node
    • Nagios
    • Qmail-send
    • OpenVPN

A few things that I need to point out in regards to this list.  First, I actually installed Samba on Pegasus(Web Server) so I can edit my development files dirctly.  You could host things on Hades and just mount the share under your web root if you wished.  It also would make sense to do all development on a seperate server, I don’t due to the limitations of having one IP address.

A few other points, I don’t actually run an SMTP server on any of my servers.  I use Google apps to receive and store my mail.  Qmail is only installed to send mail from the servers.  It is trivial to install qmail-smtp to allow you to receive mail.  Another change that I would make if I had better hardware would be to seperate the system running apache from the system running MySQL.  This is mainly a security enhancement but is not extremely important.

This post was tagged with: - - - - - -

Leave a Comment

  1. Bill Roehl Says:
    September 18th, 2008 at 11:22 am

    I run all my services on one machine because I don’t want to be sucking power out of multiple machines. While it’s not the best option, it is the least expensive month to month.

    I use Apache, PHP/MySQL, Bind, and Sendmail (I have been using it for nearly 15 years, why change now?) as well as various other things like Samba, OpenSSH, squid, etc.

    While you said you should use SSH for your file transfers, I assume you meant for remote transfers. I use Samba internally and scp only when I’m going from a remote location to/from home. The overhead for scp is just too great to use it otherwise and the speed slowdown just isn’t worth it for most transfers I do.

    My machine is fairly solid and while I do need to replace the hard drive this year (it’s going on 6 years old) I am thinking about just replacing the entire unit. I would like to have a DVD burner on it for backups (I use a variety of homegrown scripts to do the backups to ISO and move them across to different computers on the network as well as backup the MySQL databases to a GMail account every 3 hours) and I would like to have more RAM than the 1.5GB I have now.

    The machine certainly has done well for almost 6 years and it hasn’t gone down in nearly a year: 11:17:40 up 353 days, 3:44, 5 users, load average: 0.01, 0.01, 0.02 but I suppose that has more to do with Dakota Electric than anything :)

    Good luck w/the machines!

  2. conner Says:
    September 18th, 2008 at 11:43 am

    @Bill Roehl
    The power savings is definitely a positive for using one machine. That’s one of the big reasons virtualization is going to become huge over the next 5 years IMHO.
    As far as your choice of Bind and Sendmail, if it works don’t change, both are excellent programs. I just learned about DJB in my first Network Admin job and it’s what I know the best.
    As for the SSH for file transfers, you are correct, internally it just wouldn’t make sense to use scp. I do use it occasionally internally to move things around that I don’t have in a samba share, but that is generally just small text files for configurations and such.
    I like the idea of backing the SQL database to GMail, I’ve never considered that. I take a logical volume snapshot every week of my partitions and copy them to a second hard drive. I back a monthly snapshot up to an external site (currently dropbox).

  3. Bill Roehl Says:
    September 18th, 2008 at 1:55 pm

    22 0,3,6,9,12,15,18,21 * * * /usr/bin/mysqldump --add-drop-table --all-databases -u databaseadminaccount -ppassword > ~/.backup-$(date +\%m\%d\%Y).sql ; gzip ~/.backup-$(date +\%m\%d\%Y).sql ; split -d --bytes=18m ~/.backup-$(date +\%m\%d\%Y).sql.gz ~/.backup-$(date +\%m\%d\%Y).sql.gz- ; for i in ~/.backup-$(date +\%m\%d\%Y).sql.gz-*; do echo| mutt -a $i username@gmail.com ; done ; rm ~/.backup-$(date +\%m\%d\%Y).sql.gz*; rm ~/sent

    I simplified it for this use but you’ll get the idea :)

  4. conner Says:
    September 18th, 2008 at 3:13 pm

    Excellent, Thank you.

  5. Snapshutter Says:
    December 19th, 2008 at 6:53 pm

    Just saw your Linux section here. Been a Linux fan for gosh …. many years. Started when I was looking for an internet sharing app, and someone mentioned Linux. My first setup was a NAT machine using Freesco. Then a Redhat machine (think 2.0), Mandrake, Smoothwall. Now have a mail server running Fedora (just internal, using fetchmail to get our emails from comcast >Postfix > Procmail), file server running Samba, firewall on smoothwall, another server just for spam filtering. Even set up second proxy server specifically for a wireless network for use by my kids (to filter their internet access) , but they’re getting older and just been using wife’s computer because they’re tired of ‘access denied’.

    Been lucky in that at my work we’re all heavy users of PCs and they are routinely upgraded, leaving a steady stream of ‘obsolete’ PCs which I get one or two every now and then. I got about 8 machines sitting in my basement, half of which I don’t even remember what distro is installed. I’m dreading the day one of my servers bites the dust, because I didn’t really take good notes when I set them up, LOL.

  6. Conner Says:
    December 23rd, 2008 at 5:54 am

    Nice to have another Linux fan around. This project went off the rails due to my inability to document anything. I’m currently writing about Linux occasionally at circlesquaretech.com. It’s slow over there now with the holidays keeping me busy, but I have a few items to share that are in the works.

Leave a Reply

connermccall.com | All Content © Conner McCall