Laura Arjona: Going selfhosting: Installing Debian Wheezy in my home server
It was in my mind to open a new series of articles with topic selfhosting , because I really believe in free software based network services and since long time I want to plug a machine 24 7 at home to host my blog, microblog, MediaGoblin, XMPP server, mail, and, in conclusion, all the services that now I trust to very kind third parties that run them with free software, but I know I could run myself (and offer them to my family and friends).
Last September I bought the domain larjona.net (curious, they say buy but it s a rent, for 1,2,3 years never yours. Pending another post about my adventures with the domain name, dynamic DNS, and SSL certs!) and I bought an HP Microserver G7 N54L, with 2 GB RAM. It had a 250GB SATA harddisk and I bought 2 more SATA harddisks, 1 TB each, to setup a RAID 1 (mirror). Total cost (with keyboard and mouse), 300 . A friend gave me a TFT monitor that was too old for him (1024 768) but it serves me well, (it s a server, no graphical interface, and I will connect remotely most of the times).
Installing Debian stable (wheezy)
I decided to install Debian stable. Jessie was not frozen yet, and since it was my first non-LAMP server install, I wanted to make sure that errors and problems would be my errors, not issues of the non-released-yet distro.
I thought to install YunoHost or some other distro prepared for selfhosting, but I ve never tried them, and I have not much free time, so I decided to stick on Debian, my beloved distro, because it s the one that I know best and I m part of its awesome community. And maybe I could contribute back some bug reports or documentation.
I wanted to try a crypto setup (just for fun, just for learn, for its benefits, and to be one more freecrypto-tester in the world) so after reading a bit:
https://wiki.debian.org/DebianInstaller/SataRaid
https://wiki.archlinux.org/index.php/disk_encryption
http://madduck.net/docs/cryptdisk/
http://linuxgazette.net/140/kapil.html
http://smcv.pseudorandom.co.uk/2008/09/cryptroot/
http://www.linuxquestions.org/questions/linux-security-4/lvm-before-and-after-encryption-871379/ and some other pages, and try some different things, this is the setup that I managed to configure:
Filed under: My experiences and opinion Tagged: Debian, encryption, English, libre software, MediaGoblin, Moving into free software, N54L, selfhosting, sysadmin
https://wiki.archlinux.org/index.php/disk_encryption
http://madduck.net/docs/cryptdisk/
http://linuxgazette.net/140/kapil.html
http://smcv.pseudorandom.co.uk/2008/09/cryptroot/
http://www.linuxquestions.org/questions/linux-security-4/lvm-before-and-after-encryption-871379/ and some other pages, and try some different things, this is the setup that I managed to configure:
- A rescue system with /boot and / partitions, both in the 250 GB disk.
- A RAID 1 system of the two 1TB disks, setup in the BIOS of the machine (so the motherboard handles the RAID and the OS is focused in other things).
- Inside the Debian installer, I went to manual partition, then I put my /boot in the 250GB disk (yes, a 2nd /boot there), and then selected the 1TB disk (since the RAID was already made, it appeared a single 1TB disk) as physical device to be encrypted.
- After that, still in the Debian installer, I setup LVM there: configured a volume group, then, two volumes, one for / and the other one for swap.
- Then I saved the changes and go on installing my system.
- I m still not sure if this BIOS RAID ( Fake RAID ) is better than a software RAID or not. I suppose it s better since I delegate in the motherboard to do it, and leave the OS to care about other things (transcode my videos yeah!). But I don t know how to measure performance and which metrics and results should I expect. The disks (cheap disks) are a bit noisy (just a bit! or maybe it s the fan that it s very quiet! poor Laura, never saw/had a luxury machine like this one :)
- I had to install firmware-linux-nonfree in order to properly use the graphics card (Mobility Radeon HD 4225/4250). I have no graphical environment there, only a console, so I was not sure if installing the firmware or not (without the firmware, the letters of the console were bigger, but I just don t mind since I most of the time I log in remotely from my laptop). Then, two questions arised to my ignorant mind:
- Do I need the driver for better performance (aka is the graphics card used for rendering/transcoding/showing images and videos in my MediaGoblin site or just when it s needed to display them in local (and subsequently, never)?
- If I leave the system like that, and forget about the firmware warning at boot time, can the hardware be damaged by the default (free) driver? (for example, due to fan controlling malfunction or something like that).
- I noticed something strange in my setup. Sometimes, after a system reboot, cryptsetup was not accepting the password to unlock the encrypted disk. And believe me, I was typing it carefully. But when I completely shutdown the computer, unplug the cable, replug the cable, and start again, the password was accepted. The keyboard is USB and this machine does not accept other connection for the keyboard. The keyboard configuration, language and so, was all correct. No Non-ASCII symbols in my password. My password would need to press the same keys in a Spanish and an English keyboard.
- I thought that maybe something in my RAID was failing. I tried to disconnect one of the disks, and see if (1) the bug was solved (no) and (2) the RAID was working (yes). I made the same with the other disk. I was happy that I could reconstruct my RAID when plugging the disk again. But still I had the problem of the password.
Filed under: My experiences and opinion Tagged: Debian, encryption, English, libre software, MediaGoblin, Moving into free software, N54L, selfhosting, sysadmin