[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

request for server advice

I'd like to set up a linux server on an organization's network but outside the firewall, because otherwise it probably wouldn't be allowed. 

The box should play these roles:

* email server for a workgroup (POP3, SMTP)
* mailing lists for a workgroup
* custom php-based web applications
* postgresql or mysql
* ssh server
* ftp server to allow large files to be shared with collaborators (sftp fine) 
* maybe samba and nfs server accessed only from organization's network
* application server for 4 scientific applications (IDL, MATLAB, MRI-CRO, and VOXBO) - all of these are known to run on Redhat, but I haven't tested on Woody yet. These applications will be configured by authenticated outside individuals but run by people inside the firewall. 
* some data replicated automatically to a server inside the firewall

Other considerations:
* easy user account maintenance for email and ssh, but number of users smallish (5-15) 
* security
* should not require much root-level sysadmin maintenance

I assume the scientific applications (3 are X GUI apps) can run via ssh.

Questions:
* Would debian woody be good for this (assuming I verify scientific app compatibility)? * How many hours do you think it would take to set up (see my experience below)? 
* What is a good way to minimize user and email account administration?
* What software pieces would you recommend, and how would each be administered?
As for my abilities, I'm a programmer by trade, but I run debian testing at home and Mac OS X at work, and I have some but limited experience at setting up and adminning postfix, ssh, cvs, samba, apache, postgresql, mysql, and other things. I have never used user-friendly admin aids like webmin, but it would be necessary in this case, because I want the (fairly technical) tech lead of the workgroup to do most of the admin. I've never done LDAP, mailing lists, or email account administration. On the other hand, I have managed tricks like integrating postfix with amavisd-new, Spam::Assassin, and McAfee Virex (on OS X). I have a decent amount of Perl experience. I understand some sysadmin principles like 'minimize the number of exposed services', 'always put user-writable storage on separate partitions to avoid having user error or attacks cause the server to grind to a halt', 'try to minimize the chance of any partition filling up'. But I'm not a pro. 

Thanks,
Kevin
Reply to: