[sf-lug] the new colo box is now minimally built

Mon Nov 5 13:21:31 PST 2007

Quoting jim stockford (jim at well.com):

[Building the new 1U colo box using some minimal Debian image:]

>     for the record, i had to get a boot image on a USB stick:

FWIW, I keep around a known-good, old ATAPI CD-ROM drive for situations
like this one.  To load distros, you needn't mount the drive inside the
box; it suffices to hang a ribbon cable and a power one out the back or
top, for just long enough to complete installation.

> * make 120GB RAID 1 md1 for LVM

Again, for whatever it's worth, I'm personally not sold on LVM in the
general case.  It's yet another layer of indirect reference that I'm not
sure is useful enough to offset the extra system complexity.

>     Now i gotta have help setting things up on this very
> minimum box (doesn't even have sshd on it anywhere).

"apt-get install openssh-server openssh-client"[1]

(I assume you want the client, as well.)

> * what system utilities and standard daemons should go
> on it (sshd, DNS, nagios, osiris, nmap...)?

Well, doesn't that depend entirely on what you want to with the box?  

One of the benefits of running Debian is that you can hold off on
loading it with stuff, and add only what you need (and its
dependencies), when you need it.  So, you might want to fight off the
instinct to grab the kitchen sink.

> * how to get our config and data files transferred over?

Carefully.  ;->

Please consider not just clobbering the default (Debian) system config
files and dropping in ones from the /etc tree of some other
distribution.  First, that may not work without massive twiddling, and,
second, you risk accidentally blowing away some useful infrastructure.
E.g., Debian tends to package http and SMTP daemons in a modular fashion
that's upgrade-friendly.  So, in general, it's in your interest to study
the default Debian-installed configuration files and reimplement the
_ideas_ of your configs from other distributions, rather than just
overwriting the former files with the latter ones.

The same goes for user home-directory dotfiles (and dot-directories),
for the same reason.

>     got ideas, suggestions? note this box will replace the tower
> we're currently running at the colo and will serve at least
> sf-lug and balug web sites and mail and other related.

OK, so you need to figure out what packages provide the desired network
services, etc.  In general, it's not difficult to figure out, and the
package tools will take care of dependencies.

[1] The currently recommended tool for package retrieval and
dependency-resolution is actually no longer apt-get, but rather
aptitude, which has both a full-screen ncurses operating mode and a
command-line one.  The command-line mode has the same syntax as does
apt-get.   I still use apt-get because (1) I'm set in my ways, (2)
aptitude is slow, and (3) I don't like aptitude's more-expansive
approach to grabbing extra packages beyond those minimally required to
satisfy dependencies.  However, whichever toolset you use, you should 
carefully avoid switching back and forth, because they keep the same
sorts of internal records but don't share that information.