How to get non-techies to start hosting their own servers

9 risposte [Ultimo contenuto]
kopolee11
Offline
Iscritto: 06/05/2013

We all know that a vital way in ensuring greater privacy on the Internet
is to host our own services. This not only protects yourself, but helps
ensure the greater health of the Internet by promoting decentralized
services. The problem is, of course, that for non-techies such as myself
it is incredibly difficult to even know where to begin. I do not have
the opportunity to ask a more knowledgeable friend or take a course, and
therefore I would like to ask the Trisquel community instead.

I decided to ask on these forms because so much of how we use our
computers today is to access the Internet, and the Free Software
community should work hard to ensure that all users, even the less
technically gifted, are able to use localized, free software, servers.
Ideally we could even come up with a resource that could be helpful for
other individuals seeking to set up their own servers.

My first question, which is probably extremely very basic, is what
material is needed for a small, personal Internet server that should
ideally only be used by myself. I assume a personal computer running
server software (GLAMP, GNU/Linux, Apache, MySQL, and PHP). But what do
each of these individual services do? And does the server need to be a
specialized piece of hardware or is a basic laptop enough? (Again,
assuming the server is meant for only one person)

Do you also need a domain name? Is it possible just to use your IP
address provided by your ISP? What about DNS? Is there anything else
that is required? I am very hazy with all of this, and any resources
that could clarify would be much appreciated.

Finally, which services should I experiment with first? Web, Blogs,
Email, XMPP, Owncloud or SparkleShare, MediaGoblin, GNU
Social/StatusNet, Diaspora, and Pump.io servers are a few of the
programs I would be happy to run myself. But when I have looked at the
documentation, it is way over my head. Is there a particular service
that is easiest to start with?

Obviously, the long term solution is something like the FreedomBox,
which will enable all non-technical people to easily have a full
software stack of servers. But in the meantime, could you help a newbie
start in the right direction? Thanks!

--
Warning! NSA analysts could be reading this email. And because there’s
hardly any accountability, we have no idea how they may use it. If that
bothers you, click (aclu.org/secure/stopnsa) to do something about it.

Telstar
Offline
Iscritto: 08/17/2011

to start your own service (or server), you obviously need a computer. Basically any computer will do, which works even acceptably on free software. The network interface is the most crucial part, and you need a way to control that computer. This means, that just about any computer will do. I've used to run a server on a Pentium 1, with GNU/Linux + apache + php. Those were the days ;)

GNU/Linux provides you a usable Free Software operating system, on top which you build your system.
Apache, nginx or lighttpd are the software that provide your pages to other users, a web server.
PHP is a programming language, with which you can build interactive web pages and such pages that isn't easy or effective with html.
MySQL (and it's likes) are databases. For starter, it's not actually a neccessity, though it'll become handy at some point.

At first you don't really need a domain name, though then you'll have to tell your IP address to everybody who you want to tell about your service. There are a lot of dynamic dns services, which means that your computer tells an external service "Hey, my IP is this", and that service will redirect a name, say www.myservice.somehost.org -> You. This means you don't instantly need a domain service if you can deal with address that has server provider name in it.

I'd say you set up a web site first, and get familiar with that. After that it doesn't really make a huge difference in principle what's the underlying software providing these pages (Forum, mediagoblin or whatever). It's then about learning the software - which might be hard or easy. a forum might be a good start?

Andrew R.
Offline
Iscritto: 09/27/2013

On 10/10/13 13:16, Michael Mehrazar wrote:
> My first question, which is probably extremely very basic, is what
> material is needed for a small, personal Internet server that should
> ideally only be used by myself. I assume a personal computer running
> server software (GLAMP, GNU/Linux, Apache, MySQL, and PHP). But what
> do each of these individual services do?

Okay, so the Apache web server serves up content over HTTP. It supports
modules and it also serves up files by default. It's the thing that
listens for requests (e.g. "I want https://trisquel.info") and provides
a response.

PHP, Python, Ruby, Java etc. provide runtime environments that interpret
code (or, for Java, interpret bytecodes). So, for example, Trisquel.info
uses Drupal which is PHP software. PHP is typically run as an Apache
module and can output content to Apache on-the-fly. It is useful for
forums, search engines, blogs, sites that require logins, etc.

MySQL is a database server. PHP has a library which lets programmers
"talk" to the MySQL server. The MySQL server reads these requests (SQL
queries) for data and returns a result.

Installing these shouldn't really be too difficult. You can look this up
on your favourite search engine, just search for something like
"installing apache php mysql on ubuntu 12.04" (Trisquel 6.0 is based on
Ubuntu 12.04) and you'll find step-by-step instructions.

> And does the server need to be a specialized piece of hardware or is
> a basic laptop enough? (Again, assuming the server is meant for only
> one person)

I ran a Minecraft (I know, proprietary) server years back on a laptop
for a few friends, and didn't have any issues. Some laptops are prone to
overheating, which is probably the biggest issue. Also, home connections
aren't terribly fast in most countries. So it really depends on what
you're doing with it.

You could also consider getting an unmanaged VPS, keeping in mind the
security implications (someone else could have physical access to it)
and that you will basically be forced to learn to use the CLI. I'm
currently using a VPS for approximately $50/yr.

> Do you also need a domain name? Is it possible just to use your IP
> address provided by your ISP? What about DNS? Is there anything else
> that is required? I am very hazy with all of this, and any resources
> that could clarify would be much appreciated.

If you have a static IP, you don't need a DNS. You can use the IP
directly, or you can manually edit your /etc/hosts file to essentially
create your own domain (but it only works on the computer which you
edited the /etc/hosts file).

You also have to take your own home networking into consideration.
Currently most home networks use NAT as a result of IPv4 address
depletion. In this case you will have to setup port forwarding on your
router or buy a block of IPv4 addresses from your ISP. Some ISPs only do
this for businesses, and they are getting tight on IPv4 addresses, so
the first option is more common.

Unfortunately most ISPs give out dynamic IP addresses, which means your
IP will change. It is possible to get a dynamic IP address (DDNS) so
that you can just use the DNS instead of your IP. But DDNS providers
normally provide incentives to pay, so that's potentially another cost.

Finally, if you want to avoid all of this you could consider getting a VPS.

One day IPv6 will be used, and so a lot of this extra setup hopefully
won't be necessary.

> Finally, which services should I experiment with first? Web, Blogs,
> Email, XMPP, Owncloud or SparkleShare, MediaGoblin, GNU
> Social/StatusNet, Diaspora, and Pump.io servers are a few of the
> programs I would be happy to run myself. But when I have looked at
> the documentation, it is way over my head. Is there a particular
> service that is easiest to start with?

One of the first services I set up was an email server. Depending on the
setup you're looking for, that can turn out to be quite difficult, at
least for someone who hasn't done it before.

I haven't tried any of those other services you mentioned, but in my
experience PHP-based projects tend to make the setup very easy. I've
installed phpBB before and it is very beginner-friendly to administrate.

> Obviously, the long term solution is something like the FreedomBox,
> which will enable all non-technical people to easily have a full
> software stack of servers. But in the meantime, could you help a
> newbie start in the right direction? Thanks!

Have fun! :-)

Andrew.

Andrew R.
Offline
Iscritto: 09/27/2013

On 10/10/13 13:57, I wrote:
> It is possible to get a dynamic IP address (DDNS)

Oops, I meant to say dynamic DNS here.

Amdrew.

lembas
Offline
Iscritto: 05/13/2010

My ISP blocks ports so I cannot host servers... apparently this is a fairly common practice. So you need to find out if your ISP is on this racket as well and if they are, perhaps you need to buy another connection type which allows servers.

This whole blocking ports thing is horrible because it's killing p2p for the majority of people and leads to a centralized internet. Such a development isn't in the interests of the ISPs either but they just don't seem to get it or perhaps something compels them to work this way.

Michał Masłowski

I am a member!

I am a translator!

Offline
Iscritto: 05/15/2010

Here ISPs provide primarily telephony and television, it might be
profitable for them to discourage P2P.

Michał Masłowski

I am a member!

I am a translator!

Offline
Iscritto: 05/15/2010

> The problem is, of course, that for non-techies such as myself
> it is incredibly difficult to even know where to begin.

You aren't a "non-techie": you asked it here and you know that you want
to host your server. I don't know how to answer the title question
literally.

> Ideally we could even come up with a resource that could be helpful for
> other individuals seeking to set up their own servers.

There are some existing resources and some distros have their
documentation. This needs much writing and organizing.

> I assume a personal computer running
> server software (GLAMP, GNU/Linux, Apache, MySQL, and PHP).

You don't need exactly these services, it depends on what you want the
machine to serve. (I don't use Apache nor MySQL, I prefer nginx and
PostgreSQL for non-purely-technical reasons.)

> And does the server need to be a
> specialized piece of hardware or is a basic laptop enough? (Again,
> assuming the server is meant for only one person)

I used a desktop computer, relatively new (in 2007): it hosted a Plone
site which had big requirements (the previous machine with 256 MiB of
RAM was too slow). A basic laptop (or, simpler, desktop) should be ok.

> Do you also need a domain name? Is it possible just to use your IP
> address provided by your ISP? What about DNS?

You need a public IP address with some common ports not being blocked by
your ISP.

You practically need a domain name, for some services you can use the IP
address instead if it won't change and if you can remember it. You
should get your own domain, so you will have a greater control of it.
There are gratis nameservers from e.g. dns.he.net or
https://freedns.afraid.org/ (I used the first one only) that can serve
the domain -> IP address mapping, you can use your own unless your IP
address changes often.

Email has a problem with dynamic IPs, see
http://www.arschkrebs.de/postfix/postfix_why_dyndns_does_not_work.shtml
for details. It worked several years ago for my mail when the address
changed once per several weeks.

There are two bigger problems with email hosting at home: many ISPs
block port 25 which is needed to send and receive mail (there is no
reason for them to block receiving, while some do), and IP addresses of
many other ISPs are blocked by big servers from e.g. Google. (I
sometimes had this problem and asked my friends to not use Gmail to send
me mails. It's also one of the reasons why I use a VPS since 2010.)

> Finally, which services should I experiment with first? Web, Blogs,
> Email, XMPP, Owncloud or SparkleShare, MediaGoblin, GNU
> Social/StatusNet, Diaspora, and Pump.io servers are a few of the
> programs I would be happy to run myself. But when I have looked at the
> documentation, it is way over my head. Is there a particular service
> that is easiest to start with?

I have several static Web sites (very easy to host with nginx or Apache;
I maintain them in Mercurial DVCS repos and use Pelican to generate my
blog articles; the hard thing is writing them).

ownCloud is easy with Apache and slightly harder with nginx.

Email is harder, ok if you can spend several days learning it and
reading the logs to see what spam you send.

I have no experience with hosting social networking sites, since I don't
understand their use. I don't make enough photos to have a use for
MediaGoblin (ownCloud works now for sharing photos with family without
making them public). Its installation is much different than other
services, see the manual. (It could have changed since I used it.)

Some other services that I have on my VPS: deluge (for sharing free
distro release images), Mercurial (for my projects and semi-private
data), git, Bazaar (for patches to free software projects), DNS cache
and authoritative nameserver, awstats, Prosody (an XMPP server),
rfc5766-turn-server (for VoIP via XMPP Jingle with machines over NAT).
For personal use, you need just SSH access and appropriate packages
installed to host a distributed version control system repo on your
server.

fbit

I am a member!

Offline
Iscritto: 07/07/2013

The one thing that has stopped me from running my own server is not knowing how secure it is once it is installed.

I have tried owncloud and some other services and they worked great through dyndns. I had the services up (outside my LAN) for about 24 hours. When I checked back on the logs there were all kinds of people trying to break-in. I am too ignorant to know exactly what was going on, my guess is it was mostly automated scanners looking for vulnerabilities and exploits. There were references to vtiger, joomla, and other programs I had not installed, so I'm guessing once these scanners found my dyndns address they automatically executed all these things. In any case, I am not savvy enough to know for sure that I have secured the services I was exposing to the Internet, so I took them off line.

I have tried to learn more about ssh tunnels as perhaps that would be the safest way to open up these services. Maybe restricting access by ip addresses (I only need the services in a few places) and through pgp? I don't know how this setup could work if I wanted to host my own mail, which eventually is one of the first things I would like to do if I could do so securely.

Any ideas? Do you need to be an expert administrator and savvy in server security to connect a server to the Internet?

Michał Masłowski

I am a member!

I am a translator!

Offline
Iscritto: 05/15/2010

Most of these attacks are harmless unless you use the affected software
(static sites for public things help). For SSH disable password
authentication (public key authentication is more secure and more usable
with ssh-agent), maybe use a nonstandard port if you want to have
shorter logs.

Reading logs is useful: it's how I found that I made a mail
configuration mistake which allowed backscatter spam. (I also found
many delayed/lost mails due to bad anti-spam solutions like requiring
reverse DNS.)

Andresm

I am a member!

Offline
Iscritto: 11/21/2010

Thank you for questions and answers, I was looking for server with freedom box and owncloud and this information clearly helps!