Hallo zusammen, wie gerade schon angekündigt, hier die zweite E-Mail zu meinen Erfahrungen mit dem DIY-NAS alias Microserver. Die unten beschriebene Konfiguration habe ich über den Debian GNU Linux Installer umgesetzt. Ich beschreibe hier nicht jeden einzelnen Schritt in der GUI. Ich gehe davon aus, dass alle Listlinge zumindest fortgeschrittene Linux-Kenntnisse haben und die hier beschriebene Dokumentation mit Hilfe des Installers selbst umsetzen können.
Die Beschreibung der Konfiguration habe ich in English geschrieben, weil ich sie so evtl noch anderweitig verwerten kann. Für alle, die English nicht so häufig verwenden, bitte ich den Text in ein Übersetzungsprogramm, z. B. translate.google.de, zu kopieren und die Übersetzung zu speichern. Mein English ist sicher an der ein oder anderen Stelle nicht ganz korrekt. Bitte seht es mir nach :) Die in den Referenzen angegebenen Artikel, z. B. aus der Zeitschrift c't, habe ich alle im Heise-Shop gekauft und in mein Notizbuch eingebunden. Runterladen könnt Ihr sie aber nicht, weil mein Notizbuch keine Filesharing-Funktion hat. Wenn Ihr sie nachlesen wollt, müßt Ihr sie also auch noch mal erwerben. Bei der Software-Auswahl im Installer habe ich auf Desktop-Umgebung, Print-Server und Web-Server verzichtet und nur den SSH-Server und die Grundprogramme installiert. Alles andere, was ich benötige, installiere ich später manuell. Meine Konfiguration ist - zugegebenermaßen - sehr ungewöhnlich. Aber Standard kann jeder. Und: Open Source ist ja dafür gemacht, dass man sie verwenden kann wie man möchte. Ich möchte so: -- schnipp -- # Preliminary Remarks * In business activities you can adopt the paradign "Do it right the first time." to get high quality output. Doing it right the first time requires a lot of experience of how to do it right. This experience can only come from doing it over and over again and improving the process with each iteration. If the process has matured, you can do it right the first time when you create the next item. * Using this manual you can setup your microserver right the first time cause you benefit from my experiences, my mistakes and my improvements to the process. * The setup is done in a way that creates a great deal of safety, security and flexibility. * This document is written in English. The references however use documents written in English and German. The ressources on the internet in German can be easily translated into English using the translation feature of your Google Chrome browser. To use the feature go to "Menu/Eigenschaften/Erweitert/Sprachen/Übersetzung von fremdsprachigen Seiten anbieten" in Google Chrome and switch it on. # Pre-Requisites Knowledge that you should have before using the information within this document: 1. shell commands: fdisk, blkid, ls, cd, touch, rm, mkdir, rmdir, cp, mv, adduser, addgroup, groups, passwd, cat /etc/passwd, cat /etc/group, chown, chmod, su, sudo, visudo, mount, umount, more, less, man, apropos, info, lynx, grep 2. Editors: vim or nano 3. Software installation: apt-get update, apt-get install, apt-get remove --purge, apt-cache search 4. File systems: ext2/3/4 5. Standards: FHS Filesystem Hierarchy Standard 6. Edit: /etc/fstab, /etc/apt/sources.list 7. Basic understanding: RAID, LVM 8. Technical terms: IP address, ports, sockets, domain name, DNS, domain name system, domain name service, protocol, http, http/s, ftp, ftp/s, smtp, pop3, ntp, partition, RAID, formatting, mount point 9. Knowledge on how to use Clonezilla disk cloning utiliy # General Specifications ## Hostname * Machine Name: undisclosed ### Reference (1) [wikipedia.de: Benennung von Himmelskörpern](https://de.wikipedia.org/wiki/Benennung_von_Asteroiden_und_Kometen) ## User | Username | Password | Usage | ID | Remarks | |:---|:---|:---|:---:|:---| | root | none | root | 0 | root is not allowed to login | | undislosed | undisclosed | User | 1000 | see entry in sudoers file | ## Partitioning ### Partitions * All disks are partitioned using "gpt" partition format. #### System Disk - sda - 256 GB * Only the disk space needed for root is defined definitly at the beginning. * All other disk space can be changed during the lifetime of the server using LVM Logical Volume Management. * Swap space is at least as much as RAM, which is currently 8 GB. The motherboard supports 64 GB RAM maximum. So we use this value as space for swap. This amount of swap space has another advantage when making use of several virtual machines using a virtual machine manager like VirtualBox. As each virtual machine needs a fixed amount of RAM having enough RAM available is essential. Having 8 GB physical RAM and 64 GB logical RAM as swap space makes 72 GB RAM in total. In the beginning there is no need to extend physical RAM. If more than 72 GB RAM is needed phyical RAM can be extended. The swap space is created on very fast NVMe disk space having to swap data from RAM to disk is relatively fast and might be sufficient in the beginning. During the lifetime of the server phyical RAM can be added as needed. If you need more RAM than 128 GB you need to move to more powerful machine setup. | Partition | Name | Size | Mount Point | Filesystem | Remarks | |:---:|:---|---:|:---|:---|:---| | sda1 | boot | 512 MB | /boot | ext2 | | | sda2 | boot/efi | 512 MB | /boot/efi | vfat | | | sda3 | swap | 64 GB | n/a | swap | max RAM of motherboard | | sda4 | root | 5 GB | / | ext4 | | | sda5 | LVM | 185 GB | vg01 | lvm | | #### Data Disks * The data disks are used to store a basic backup of the system disk. The backup contains only the boot and root partitions. This is done to be able restore the system in case of desaster recovery. About 5 GB of disk space is lost this way but security is costly and that's the price I am willing to pay for it. * These backups are not written on a RAID device cause this would mean to have to use an additional layer during desaster recovery. Being able to work with a file system will ease the recovery process. * The data disks are not equipped with LVM cause they can contain disks for virtual machines. Having an additional layer outside of the virtual machine slows down the machine performance. ##### Data Disk #1 - sdb - 3000 GB | Partition | Name | Size | File System | Mount Point | Remarks | |:---:|:---|---:|:---|:---|:---| | sda1 | efi | 512 MB | vfat | none | backup of system disk | | sda2 | boot | 512 MB | ext2 | none | backup of system disk | | sda3 | swap | 8 GB | swap | none | | | sda4 | root | 5 GB | ext4 | none | backup of system disk | | sda5 | raid-member-01 | ~3 TB | n/a | none | | ##### Data Disk #2 - sdc - 3000 GB | Prtition | Name | Size | File System | Mount Point | Remarks | |:---:|:---|---:|:---|:---|:---| | sda1 | efi | 512 MB | vfat | none | backup of system disk | | sda2 | boot | 512 MB | ext2 | none | backup of system disk | | sda3 | swap | 8 GB | swap | none | | | sda4 | root | 5 GB | ext4 | none | backup of system disk | | sda5 | raid-member-02 | ~3 TB | n/a | none | | #### Reference (1) [Redhat: Introduction to Disk Partitions](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/installation_guide/appe-disk-partitions-overview) (2021-01-31 12:19) (2) [wikipedia.de: GUID Partition Table](https://de.wikipedia.org/wiki/GUID_Partition_Table) (3) [en.wikipedia.org: GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) (4) [Redhat Installation Guide: 8.14. Installation Destination](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/installation_guide/sect-disk-partitioning-setup-x86#sect-recommended-partitioning-scheme-x86) (2021-01-31 12:20) (5) [Minimal Server with Debian GNU Linux](https://www.howtoforge.com/tutorial/debian-minimal-server/) (2021-01-31 12:09) (6) [wikipedia.de: NVMe](https://de.wikipedia.org/wiki/NVM_Express) (2021-01-31 12:55) (7) [File system for /tmp](https://unix.stackexchange.com/questions/377555/which-filesystem-filesystem-option-to-use-for-tmp-partition) ### LVM Volume Management * LVM is used to make backup and recovery easier. To do this several directories are on separate logical volumes which act as partitions. * A separate backup can be made of each logical volume. Backups can be restored separately also. * LVM is also used for flexibility. At the time of installation it is not clear how much disk space is needed for each partition over time. Using LVM allocated disk space can be adjusted for each logical volume over the lifetime of the server. * Having separate partitions mounted into the file system offers the opportunity to mount each partition differently. A partition could be mounted read-only for instance. More on this security feature can be found in section "Security". * The following table describes the layout of the logical volumes for volume group 01. | Logical Volumes | Name | Size | Mount Point | Remarks | |:---:|:---|---:|:---|:---| | | | 185 GB | | Total vg10 | | home | home | 1 GB | /home | | | opt | opt | 10 GB | /opt | | | srv | srv | 10 GB | /srv | | | tmp | tmp | 5 GB | /tmp | | | usr | usr | 10 GB | /usr | | | usr-local | local | 5 GB | /usr/local | | | var | var | 15 GB | /var | | | var-ftp | ftp | 1 GB | /var/ftp | | | var-lib-mysql | mysql | 5 GB | /var/lib/mysql | | | var-mail | mail | 5 GB | /var/mail | | | var-www | www | 5 GB | /var/www | | | | | 72 GB | | Sum vg01 | | | | 90 GB | | free for later allocation | #### References (1) [https://www.selflinux.org/selflinux/html/lvm.html](https://www.selflinux.org/selflinux/html/lvm.html) (2021-01-20 00:07) (2 [https://www.selflinux.org/selflinux/html/lvm04.html](https://www.selflinux.org/selflinux/html/lvm04.html) (2021-01-20 00:04) (3) [https://de.wikipedia.org/wiki/Logical_Volume_Manager#Geschichte](https://de.wikipedia.org/wiki/Logical_Volume_Manager#Geschichte) (2021-01-20 11:42) (4) [https://tldp.org/HOWTO/LVM-HOWTO/](https://tldp.org/HOWTO/LVM-HOWTO/) (2021-01-20 11:48) ### Software RAID * RAID is used to secure the server from data losses. The two disks are run using RAID 1 with no space disk. If one disk fails the data is still available on the other disk. * The chosen hardware configuration is not capable of changing disks while the system is running. To change disks, the system has to be shut down causing times of system unavailability. #### RAID Personalities | Personality | Name | Members | File System | Mount Point | Remarks | |:---:|:---|---:|:---|:---|:---| | md0 | raid-personality-01 | sdb5, sdc5 | ext4 | /data | | #### Reference (1) [wikipedia.de: RAID](https://de.wikipedia.org/wiki/RAID#Contra) (2021-01-31 11:57) (2) Schäfer, Stefan: Root-Server einrichten und absichern, München: Open Source Press, 2010, S. 29 - 33 (3) Deimke, Dirk: Linux Server, Bonn: Rheinwerk, 5. aktualisierte u erweiterte Auflage, 2019, 101-110 (3) [https://www.selflinux.org/selflinux/html/software_raid.html](https://www.selflinux.org/selflinux/html/software_raid.html) (2021-01-20 00:07) (4) [2013-02-09_heise_ct_2013-05_Feddern_RAID-aber-richtig.pdf](:/a3f7993bf18b4a19a11fe7bec2ce9ff1) (5) [2014-09-03_heise-de_ct_2014-09-03_Siering_Linux_Software-RAID_Tipps-n-Tricks.pdf](:/e1f6a8407d674ff2beb236c8f383aa72) (6) [https://www.thomas-krenn.com/de/wiki/Linux_Software_RAID](https://www.thomas-krenn.com/de/wiki/Linux_Software_RAID) (2021-01-20 00:30) (7) [https://wiki.ubuntuusers.de/Software-RAID/](https://wiki.ubuntuusers.de/Software-RAID/) (2021-01-20 00:30) -- schnipp -- Anm.: Ihr erhaltet ein schön gedrucktes Dokument, wenn ihr die Dokumentation in einen Markdown-Editor kopiert und das Ergebnis nach HTML oder PDF exportiert. Die nächsten Schritte sind: 1. Sync des Software-RAIDs. 2. Erstellen des Level 0 System Backups, was ich mit Clonezilla machen werde. Dabei erstelle ich einen Clone der einzelnen Partitionen und Logischen Partitionen, jedoch ohne die Raw-Partitionen des RAID (sdb5, sdc5), weil letztere nicht komprimiert, sondern 1:1 kopiert werden würden. Durch den separaten Clone der Logischen Volumes lassen sich im Falle eines Desaster Recoveries auch einzelnen Logische Volumes wieder herstellen. Viele Grüße Georg
