request for server advice
I'd like to set up a linux server on an organization's network but
outside the firewall, because otherwise it probably wouldn't be
allowed.
The box should play these roles:
* email server for a workgroup (POP3, SMTP)
* mailing lists for a workgroup
* custom php-based web applications
* postgresql or mysql
* ssh server
* ftp server to allow large files to be shared with collaborators (sftp
fine)
* maybe samba and nfs server accessed only from organization's network
* application server for 4 scientific applications (IDL, MATLAB,
MRI-CRO, and VOXBO) - all of these are known to run on Redhat, but I
haven't tested on Woody yet. These applications will be configured by
authenticated outside individuals but run by people inside the
firewall.
* some data replicated automatically to a server inside the firewall
Other considerations:
* easy user account maintenance for email and ssh, but number of users
smallish (5-15)
* security
* should not require much root-level sysadmin maintenance
I assume the scientific applications (3 are X GUI apps) can run via ssh.
Questions:
* Would debian woody be good for this (assuming I verify scientific app
compatibility)?
* How many hours do you think it would take to set up (see my
experience below)?
* What is a good way to minimize user and email account administration?
* What software pieces would you recommend, and how would each be
administered?
As for my abilities, I'm a programmer by trade, but I run debian
testing at home and Mac OS X at work, and I have some but limited
experience at setting up and adminning postfix, ssh, cvs, samba,
apache, postgresql, mysql, and other things. I have never used
user-friendly admin aids like webmin, but it would be necessary in this
case, because I want the (fairly technical) tech lead of the workgroup
to do most of the admin. I've never done LDAP, mailing lists, or email
account administration. On the other hand, I have managed tricks like
integrating postfix with amavisd-new, Spam::Assassin, and McAfee Virex
(on OS X). I have a decent amount of Perl experience. I understand
some sysadmin principles like 'minimize the number of exposed
services', 'always put user-writable storage on separate partitions to
avoid having user error or attacks cause the server to grind to a
halt', 'try to minimize the chance of any partition filling up'. But
I'm not a pro.
Thanks,
Kevin
Reply to: