Re: [Ldsoss] NAS and Firewall Hardware / Software
Thanks for all the input. I actually already have a Linksys router for a hardware firewall, and I wasn't planning to replace that. For the two of you that recommended splitting the hardware, would it change your mind if I limited the new machine to content filtering proxy and NAS (and leave the firewall and NAT to the router)? Kevin Scott Barber wrote: I'd second the recommendation to split them up. I run IPCop for the firewall, NAT, etc. and FreeNAS for the network storage. -Scott On 5/15/07, Shawn Willden [EMAIL PROTECTED] wrote: On Tuesday 15 May 2007 12:26:08 am Kevin Wise wrote: I'd really like one piece of hardware that does both. In my mind this would save me maintenance (fewer patches to apply) and maybe even cost. Any comments? I can see value in separating firewall and other functionality, but I personally use one system for both, for just this reason. I Is 512 MB of RAM enough? Plenty. I have 1 GiB in mine, but that's mostly because I had extra RAM lying around from upgrading another box. Should I get hardware RAID or software RAID? In terms of importance to me, reliability is second only to cost. I don't want my files to disappear because my single RAID controller failed and the drive is unreadable by another controller. I use software RAID primarily for this reason, but there are other reasons as well. A big one is flexibility. With Linux MD RAID you can mix and match drives of different types and sizes with no problem, and you can use as many disks as you can pack into the box. I also made use of MD RAID's flexibility to make adding new disks easier. I partitioned my drives into small (50GB) pieces and constructed multiple arrays (each array element on a different disk, obviously), then combined the RAID arrays into a large storage pool with LVM. That way, when I need to add another disk I can add it to the running system by: 1. Pick one physical volume (which is a RAID array) and use pvmove to migrate all of the data off of it. 2. Remove the array from the volume group 3. Destroy the array and rebuild it, adding another partition from the new disk. 4. Add the resulting (larger) physical volume back into the volume group. 5. Go back to step 1, until all arrays have been upgraded. This approach takes a long time, but it's perfectly safe -- after a power outage pvmove picks up right where it left off, yes I have firsthand experience -- and the system continues running and serving files the whole time. Last time I did it, I wrote a script to perform the operations. The script took about 30 minutes to write and about four days to run. Supposedly, someone is looking into giving MD the native ability to add another drive into RAID-5 arrays, which would make the partitioning + LVM stuff less necessary, but it hasn't happened yet. One other thing to consider with your RAID configuration is hot spare vs. RAID 6. I use a hot spare, but I'm planning on rebuilding my system with RAID 6 (one partition array at a time). The odds of two drives failing at once are negligibly small, but I had a scare a few weeks ago when one of the RAID 5 drives failed and while the system was rebuilding onto the hot spare, another drive had some transient error -- I think caused by a SATA controller driver bug, but I can't be sure. The problem with RAID 5 is that the process of rebuilding a degraded RAID 5 array is very intense, so if you have another drive with any latent problems, they'll probably crop up then -- the worst possible time. I think I did the best possible thing I could do -- I immediately shut the machine down (and told the kids the video server was down, possibly for good) and thought things over for a full week. I realized that if I could forcibly reconstruct each array with the exact sequence of drives that were running when the second failure occurred, I might be able to get it back. Luckily, mdadm had e-mailed me the contents of /proc/mdstat, and that had the information I needed. So I powered the machine back up, forcibly rebuilt an array (still in degraded mode) with --assume-clean, then added the spare and crossed my fingers while it recalculated parity and changed to non-degraded mode. When that worked, I repeated with each of the other arrays, then held my breath while I reactivated LVM and then ran fsck on the file systems. It worked and I didn't lose anything. After that harrowing experience, I made two decisions: 1) I need to be more diligent about backing up my important data. I had most of it, but not all of it. 2) I'm going to move to RAID 6 so that I can take two *simultaneous* disk failures and not lose anything. That's better than RAID 5 with a hot spare, and much better than RAID 5 without a spare. BTW, my system has 4 PATA and 2 SATA drives: 3 200 GB PATA 1 250 GB PATA 2 500 GB SATA I have four PATA controllers (two on the mobo, two on a PCI card), so each drive
[Ldsoss] PHP web components?
At work I develop web applications using ASP.Net, and we recently purchased the obout suite of web components (http://www.obout.com/). For my personal development, I currently use PHP, mostly because that's what my hosting provider supplies. Does anyone know of any web components like these (preferably open source) that work with PHP? The one I am most interested in initially is the autosuggest combobox (http://www.obout.com/combobox/ex_autosuggest.aspx). Kevin Wise ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss
Re: [Ldsoss] PHP web components?
I know I could roll my own (I have done my share of ajax), but at a certain level it seems like a waste of time if someone else has already packaged it into something that frees me from having to write boilerplate JavaScript code. It's even better if it's a suite of tools that use a similar approach, so I don't have to learn a new API for each component. I guess I should have been more specific. Thanks for the url, I'll evaluate it. Kevin Kyle Mathews wrote: What they're doing is just ajax. There are dozens of javascript libraries out there that make it fairly simple to do ajax. If you're a developer, you could roll out your own solution fairly quickly with a javascript library like jquery http://jquery.com/. Googling ajax autosuggest search found one promising solution: http://www.brandspankingnew.net/archive/2007/02/ajax_auto_suggest_v2.html http://www.brandspankingnew.net/archive/2007/02/ajax_auto_suggest_v2.html Kyle On 5/19/07, *Kevin Wise* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: At work I develop web applications using ASP.Net, and we recently purchased the obout suite of web components (http://www.obout.com/). For my personal development, I currently use PHP, mostly because that's what my hosting provider supplies. Does anyone know of any web components like these (preferably open source) that work with PHP? The one I am most interested in initially is the autosuggest combobox ( http://www.obout.com/combobox/ex_autosuggest.aspx). Kevin Wise ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org mailto:Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss
[Ldsoss] NAS and Firewall Hardware / Software
I was wondering if anyone out there has some suggestions for me. You can reply to the list or to me personally ([EMAIL PROTECTED]) if you think your responses would not be appropriate for the whole list. And let me apologize in advance for the length of this post... I'm trying to solve several problems at once (seems to me like many other people face these same problems). Here are my needs (for use in my home network): -- a fault-tolerant (RAID 5 or mirrored) network drive, say 250 GB - 1 TB, available from Windows -- web content filtering proxy / firewall Now I know we've talked about specific software solutions (such as Samba or Dan's Guardian) on this list before. If you have suggestions on what software I might use, I'm all ears. But I'm mostly interested in what kind of hardware I might get or reuse to make this work. I'm pretty sold on Linux for the OS, but there are still a blinding array of possibilities, even if I ignore the choice of distribution. For example, my co-worker has installed Linux on his Linksys router for his firewall, and Linux on a NAS server for his network attached storage. I'm not quite as adventurous, and I'd really like one piece of hardware that does both. In my mind this would save me maintenance (fewer patches to apply) and maybe even cost. Any comments? I was thinking about getting a new bare-bones Intel or AMD system. One problem I have with that is that every computer I've purchased so far is from Dell or Apple, and neither offers a system without the OS. Any suggestions on where I might turn to get a Linux-ready system (need not be pre-installed) suitable for the above purposes, preferably for less than $300? I'm also looking for input on what the system requirements would be for such a system. Is 512 MB of RAM enough? Should I get hardware RAID or software RAID? In terms of importance to me, reliability is second only to cost. I don't want my files to disappear because my single RAID controller failed and the drive is unreadable by another controller. Another choice is to reuse an old computer (Pentium 4, 2.2 GHz). It does not have a SATA controller, so I'd be stuck buying new ATA drives (it currently has 2 80GB drives, which is really not enough for what I want to do). Would I be crazy to use something that old from a reliability standpoint? Also seems like a waste to buy new ATA drives (are they even available any more?). Another option of course is to buy a SATA controller card. Any idea how much that might cost? I look forward to your replies. I'm open to any ideas you might have on how to solve these problems. Kevin Wise ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss
Re: [Ldsoss] Recommendations for family history site tools
Interesting that so many of us appear to be doing similar things. See my comments below. Kevin RedBugz Software wrote: On 10/28/06, m h [EMAIL PROTECTED] wrote: Since it appears you're looking for a CMS system, drupal is quite popular. It appears there is a ged plugin as well[1]. Note that I haven't used the plugin, so I can't comment on it, but it might be worth checking out. Drupal has quite a large userbase and community, so you might want to check them out. I'm right in the middle of setting up a collaborative website for our family. After some research, we've decided to go with Drupal/CiviCRM/PHPGedView/Gallery2 for now. We're still getting it setup so I'm not sure how it'll end up, but I'll give my impressions so far. snip I, too, have been trying to set up a site for my extended family. I haven't been very focused on genealogy, though-- mostly just communication. I want people to be able to post contact information, reunion notices, news items, and pictures. Also, it would be nice if people could send secure messages, such as a private message accessible only through SSL, with notification to email that there was a new message. My first idea was to look into re-using some of the code used to create some of the mission alumni pages. I was unable to convince my mission webmaster to release the code. Plan B was to roll my own site (that is what you see on https://www.morewisefam.net/, though you won't be able to see much since you don't have an account). At the time I started, every CMS tool I found seemed like gross overkill and had too much of a learning curve. I also leaned towards a custom website since I do a fair amount of custom web apps and database stuff at work. However, the custom approach has proven to be more time-consuming than I planned. Two years after I started the effort, I still have not finished. Plus, I am not much of a security expert and with all the personal information I hope to store, I am a bit leery that something I develop will be the means of enabling identity theft (or worse) for my entire extended family. So, I decided to re-evaluate existing CMS tools. I really like Gallery2 for images. I evaluated Drupal, Mambo, Joomla, and CivicSpace. Frankly, they all seemed to be about the same. Again, I got overwhelmed by their complexity and decided I was far enough down the custom path that I should just finish what I started. Down the road I'll probably migrate to Drupal (or whatever best meets the bill at the time). That was a couple of months ago, and with the birth of my daughter I haven't really done anything more. My current site is written in PHP and uses a MySQL backend. It is my first attempt at PHP, but if anyone thinks there is anything worth sharing I'd entertain the idea. I had always intended to make it open source at some point but I've been pretty lazy. Maybe when it's feature-complete... CiviCRM is more than we need, but it seems to be the nicest/easiest way to get rich contact information for the family members, and has nice groups and tags support and some mapping capabilities. Another solution we're looking at is called the CCK, but we haven't done much with that yet. Drupal does require some hands-on work. It's very flexible and looks like it will be the best to add some custom functionality we want to add later, but does have a bit of a learning curve, especially with terminology (nodes and other abstract terms). The Drupal forums are active and there seem to be many helpful people. snip Well said. Flexible, but very hands-on. Not very usable out of the box. At best you have to know exactly which plugins to use, and which ones aren't too buggy. CiviCRM is also much more than we needed, and there were certain elements which would have to be changed before I would consider using it (such as gender: Female/Male/Transgender). So we decided to roll our own using Drupal. It's been more time-consuming than I hoped, but I think we can build what we want for now. Once it's done, I'll post a link so people can check it out. I think it would be very cool to put together a nice Drupal distro for family sites with all the stuff nicely integrated. At some point, I'd like to help code something, I just don't have time right now. My biggest complaint about all the CMS tools I looked at is how loosely the different components are integrated. It always seems like a collection of 80 tools instead of 1 tool with 80 plugins. And since none of the tools did everything I wanted, I would be stuck writing my own code anyway, which just adds to the steep learning curve. A distro would be great. If I ever get around to finishing off my current site and migrating it to Drupal, I would definitely consider contributing to your effort. My time is rather limited, but at a minimum I could assist with feedback. Kevin ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org
[Ldsoss] SSL Certificates
Does anybody know of an inexpensive (free would be good) alternative for SSL server certificates? I know how to self-sign, but that requires my certificate authority certificate be installed as a trusted root CA in every browser that visits my site. The process of installing a trusted root certificate isn't easy, and although I could probably create an installer for the certificate on Windows, I'm hesitant to do that until I've explored alternatives. I'm hoping someone out there knows of a way to get a certificate signed by an authority that is already trusted by most browsers, without having to pay Verisign or Thawte several hundred dollars a year. Some kind of non-profit exemption might do the trick, or perhaps someone who has set up free infrastructure to do the job. The solution to this particular problem need not be open source, so if anyone knows of a better source for this info, please let me know. Kevin Wise ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss
Re: [Ldsoss] Scout Tracking
Personally, I would be fine with my finances on the web as well. I do all my banking online, so why not tithing? That said, I understand your point, and I agree that legally some opt-in would be needed, but I far fewer people care about online privacy than you might think. I must admit I have never understood why I should care what others know about me. I would honestly like to know what motivates you (or people in general) to care about keeping your finances or personal information secret? Are you concerned about identity theft? Kevin Steven H. McCown wrote: Actually, the only parents who are that out of the loop are those who either choose to be or don't concern themselves enough to ask. A little how's my son doing? to the Scoutmaster would give a better picture. Most Scout Masters are excited to talk with parents. Posting minor children's information to the internet and trying to secure it with software that isn't secure won't really cure that. As for the $40/year and writing a new software package, that's great, I support it. My only complaint is with posting minor children's information (as discussed on this list) to the web. Legally, the church will have to provide an opt-out mechanism (in several countries besides the US). People keep mentioning parental involvement and parental tracking. Here's a thought, it might be valuable for tithing payers to monitor their charitable donations and compare their records to the church's. If only FIS was online accessible (with appropriate security to only monitor ones own donations), then we could all go online with a great tool to assist in financial planning. This would ease a busy person's burdens and make it so they never had to go ask the ward clerk for a printout. Why is that unreasonable (to all but the most devoted techies)? Because it's money. Whenever money is involved, people get real sensitive. Why don't people share the same concern about children? Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stacey Sent: Thursday, August 31, 2006 10:39 AM To: LDS Open Source Software Subject: Re: [Ldsoss] Scout Tracking Steven H. McCown wrote: The key is that if you don't *really* have to be web-accessible, then don't. If it isn't web-accessible then parents continue to be largely out of the loop on their son's status in scouts and we continue to spend money out of our YM budgets for TroopMaster licenses. Why would we want to take the time to change to save about $40/yr? However, collectively with all the wards this could add up for the Church as a whole. We don't think collectively at the ward level, however. Therefore, $40/yr for scout tracking software can be easily budgeted for to save a headache. Each parent could have their own copy of the scout tracking software... Wrong. Installing and supporting an application on every parent's computer is impractical. We would end up fixing parent's operating system issues for the most part. Scout masters want to be scout masters and not software support specialist. IMHO, -stacey. ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss ___ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss