[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OT: (Web) server administration advice

From: Urs Liska
Subject: Re: OT: (Web) server administration advice
Date: Tue, 07 Jul 2015 11:35:59 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0

Thanks for your comments.

Am 27.06.2015 um 01:26 schrieb Steve Lacy:
> Web server & mailman are pretty straightforward, even with a fairly
> large number of domains.  Once you get the first one done, you can
> pretty much cut & paste to generate the rest of the configs with unique
> DocumentRoots, or however you're structuring things.  Make sure to use
> apache2's "conf.d" style. 

I think i've done everything properly with regard to web server,
although I can't check yet because I'm waiting for the (internal) domain
transfer to complete.

I also managed to install Gitlab (which is one of the most important
things for me), although it still runs on the servername/IP instead of a

> The one thing that raised a red flag for me is the "mail server and
> accounts".  Are you talking about receiving mail on your custom domain? 
> Getting mail servers secure, dealing with SPAM & virus protection, are
> both huge issues.  That's one place where I would never go back to
> self-hosted.  Getting mail hosted via a Google Apps domain is the way to
> go for single-user cases. 

Hm, of course I'll take that issue seriously. But actually getting my
email (etc.) "back home" under my own control was one of the incentives
to go that route.
And actually the status quo (my current hosting plan) does the same,
only that it's not me having control over the settings but Plesk (which
is the main motivation to consider the current step).

I have a borrowed a serious and up-to-date book from our local
university's library, and this gave me a a quite comfortable and
convincing way to configure postfix, dovecot, spamassassin,
clamav/amavis to have a promisingly reliable set-up. What is left to be
done is
- replace the self-signed certificates with Cacert signed ones
- migrate the actual mail data from the current Courier Maildir to the
new Dovecot Maildor
- wait for all domains to actually be transferred (internally, as I'm
sticking with my provider).

> Or, if you're just talking about sending mail (i.e. mailman-esque) then
> you can self-host this without too many issues. 
> Last piece of advice is make sure you're running a firewall on the
> server.  I recommend ufw for it's simplicity
> (  If your host is Amazon AWS, you
> do get some firewalling included, which is also nice. 

Well, ufw is (now) active, but I haven't started configuring it properly.

> Lots of people seem to use linode for exactly what you describe.  Have
> you looked at them?

I have to admit I'd rather pull my stuff out from commercial US
providers than moving even more in that direction ...

> Another choice for "toy domains" is to run the VM on any other machines
> you happen to have, and host directly from that.  That's what I do for
> several of my domains to save on cost when I don't really care about
> uptime (although the uptime is generally good on my home network
> connection) 

Well, that's not really an option. Currently is just
hosting a static web page (and the fonts. subdomain). But I've already
started with one big collaboration project hosted on my Gitlab
installation, and there will be more to come in that direction,
including integrating a CI server for openLilyLib and the (newly
started) openLilyLib book etc. With moving to a more powerful dedicated
server I even hope to find the time to give GUB a try. So I think I need
a properly connected server in a data center.

> Happy to answer any other admin questions offline if you'd like. 

Maybe I'll come back to that one day ...


> Steve
> On Fri, Jun 26, 2015 at 1:34 PM, Urs Liska <address@hidden
> <mailto:address@hidden>> wrote:
>     Hi all,
>     I'm in (some) need for feedback regarding the complexity of (web) server
>     administration. I am running a "virtual private server", which is a
>     virtual machine in a server of an ISP's server farm. So I "own" root
>     access to a full Debian installation, with all responsibility for it but
>     also all possibilities.
>     This server is "managed" by Plesk, a comprehensive server administration
>     tool. This has probably helped me a lot getting everything to run in the
>     first place, but by now I'm rather annoyed by the fact that it does so
>     many things "the Plesk way" instead of sticking to proven Linux ways. It
>     significantly interferes with domain and web server management, provides
>     its own mechanism to install "apps" etc. As a result it obscures away
>     tons of things and makes it very hard to find documentation and
>     assistance for more or less default tasks such as configuring virtual
>     hosts on Apache (to make web apps like Gitlab work).
>     By now I'm so annoyed that I consider changing this and "falling back"
>     to a plain Linux server. But OTOH I'm reluctant to do so because then I
>     would *have* to do everything on my own, presumably all on the command
>     line and without the convenient web interface. So is anybody able to
>     give me an estimate how big the risks are that I end up with a system
>     that doesn't do what I need at all? Well, the basic things I'd need to
>     set up properly are
>     - web server
>     - a small number of domains and a bigger number of subdomains
>     - mail server and accounts
>     - mailman
>     This is what I would rely on having set up more or less instantly in
>     order to avoid outage. Everything else, from Git server and LilyPond
>     building over dynamic DNS or whatever could wait and accept to be more
>     hassle-like.
>     I am by now a rather seasoned Linux user, having installed, maintained
>     and used my installations on several computers for nearly 10 years. I
>     have administered my current server through the SSH console to some
>     extent already. But of course I'm far from being a competent sysadmin.
>     I know this is extremely hard to tell for anyone else. But maybe you
>     *do* have some comments for me that might help me deciding whether to go
>     in that direction or not.
>     Best
>     Urs
>     --
>     Urs Liska
> <>
>     _______________________________________________
>     lilypond-user mailing list
>     address@hidden <mailto:address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]