Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- content:serverbasics [2024/04/20 13:02] – [UMask- Approach] Daniel
+++ content:serverbasics [2025/02/11 07:43] (aktuell) – [Which Usecase] Daniel
@@ Zeile 1: / Zeile 1: @@
-====== Linux: Basic Server Configuration ======
+====== Linux: Advanced SoHo- Server Configuration ======
+Welcome to my **Advanced Server Setup- Documentation**.
+In these chapters, i will explain how to setup and configure a full featured Active Domain- Network with Kerberos Single-Sign-On and Domain Integration of Linux Clients on a rootless containerized Docker- Installation including Nextcloud as personal Cloud to store all your Data and PIM locally and safe. That way you get a fully managed, Cloud enabled Homeoffice Network at low costs and much space for your personal data on your own pc.
+===== Current State =====
+This Document is currently under developement and chapters are not final right now. This will change in the Future.
+===== Usecase =====
+This is not a slim Setup - so if you only have old hardware or you are trying to figure out on yoru small office-pc, this may not work as well as you need it.
+You should have at least
+  * Large Harddrives: If you have maybe 1.5 TB of Data all togehter, you will need:
+      * 3 TB of space on your working directory / raid5 = 3 Harddrives, each 1 TB at least
+      * 6 TB of space on your backup / raid5 = 3 Harddrives, each 2 TB at least
+      * about maybe 100GB for the system / raid1 = 2 Harddrives
+      * about maybe 100GB for the databases / raid1 = 2 Harddrives
+      * maybe two extra drives for external backups, each 6 TB (you can also store that in the internet, but you will need a large space there too)
+  * A Server, that has relyable, quite fast internet in Download and Upload rates - while Upload may be more Importen
+  * The Server should be reachable all the time
+===== How to Start =====
+First, read this Page, get the Hardware and install the system. You should understand the Hardwaresetup and the installation of Linux and Raid- Systems first (as decribend beneath).
+Then, go on whith [[.:serverbasics:network-dyndns|DynDNS- Setup]] to make your PC reachable from the net.
+Next, setup docker as decribed in the Chapter. When you have portainer running, you can go like this:
+  - Nextcloud-AIO
+  - FreeIPA
+  - Authentik
+Then glue them together with SSO, SPNEGO and Nextcloud-SSO. Then you should have understood everything, you can now play around on your own.
-These setting here are an advice to think about when setting up a new linux- machine (here on an opensuse distrubution, which i really like).
 ===== Subpages =====
 <catlist content:serverbasics -nohead -noNSInBold -sortAscending -sortByTitle -noAddPageButton -maxDepth:1>
+===== Basic System =====
+As Hardware, you should have at least:
+  * a single standard Desktop- PC with 4 or more Cores
+  * equipped with at least 16 GB of RAM and
+  * for failure of Discs a swappable mounting Rack to contain at least 5 Discs (should not have Raid as Hardware, as Software Raid in Linux is much more efficient!)
+  * Additional at least one external Disk, you may use to copy your Backups to and store them on a different physikal location
 ===== Mountpoints =====
@@ Zeile 61: / Zeile 108: @@
 You than install your Linux Bootmanager / EFIBOOT to that md- Device. If its not found in the beginning of the installation, scan for raid- devices or just create it while installing with the line above.
+=== Recover faulty Disc ===
+If some Raid- Disc becomes faulty, it will show up like this (its for raid5, but raid1 will look alkie):
+<code>
+obel1x:~ # mdadm -D /dev/md126
+/dev/md126:
+          Version : 1.0
+    Creation Time : Fri Apr 10 11:44:19 2020
+       Raid Level : raid5
+       Array Size : 1460286976 (1392.64 GiB 1495.33 GB)
+    Used Dev Size : 730143488 (696.32 GiB 747.67 GB)
+     Raid Devices : 3
+    Total Devices : 2
+      Persistence : Superblock is persistent
+    Intent Bitmap : Internal
+      Update Time : Sat Oct 26 14:26:37 2024
+            State : clean, degraded
+   Active Devices : 2
+  Working Devices : 2
+   Failed Devices : 0
+    Spare Devices : 0
+           Layout : left-symmetric
+       Chunk Size : 128K
+Consistency Policy : bitmap
+             Name : any:slowstorage
+             UUID : 6542dc7c:a8f93b36:15f90ca1:54d03417
+           Events : 285411
+   Number   Major   Minor   RaidDevice State
+       8        5        0      active sync   /dev/sda5
+       8       21        1      active sync   /dev/sdb5
+      -       0        0        2      removed
+</code>
+Maybe instead of removed you can see some entry like faulty instead of removed - this is, when the array had just failed.
+To add a new device, you need an empty partiotion with at least the expected size (here 696 GB would be enough):
+<code>
+obel1x:~ # fdisk -l /dev/sdc
+Disk /dev/sdc: 698.64 GiB, 750156374016 bytes, 1465149168 sectors
+Disk model: WDC WD7500AAVS-0
+Units: sectors of 1 * 512 = 512 bytes
+Sector size (logical/physical): 512 bytes / 512 bytes
+I/O size (minimum/optimal): 512 bytes / 512 bytes
+Disklabel type: gpt
+Disk identifier: 699DC7F4-D344-4447-8C5B-1F98E017A12B
+Device     Start        End    Sectors   Size Type
+/dev/sdc1   2048 1465149134 1465147087 698.6G Linux RAID
+</code>
+That Partition should have the Type Linx Raid. If you don't have that, create it with partition- tool of kde or what you want.
+Now you can simply add the device to the raid and it will begin to work:
+<code>
+obel1x:~ # mdadm /dev/md126 --add /dev/sdc1
+mdadm: re-added /dev/sdc1
+obel1x:~ # mdadm -D /dev/md126
+/dev/md126:
+          Version : 1.0
+    Creation Time : Fri Apr 10 11:44:19 2020
+       Raid Level : raid5
+       Array Size : 1460286976 (1392.64 GiB 1495.33 GB)
+    Used Dev Size : 730143488 (696.32 GiB 747.67 GB)
+     Raid Devices : 3
+    Total Devices : 3
+      Persistence : Superblock is persistent
+    Intent Bitmap : Internal
+      Update Time : Sat Oct 26 14:34:57 2024
+            State : clean, degraded, recovering
+   Active Devices : 2
+  Working Devices : 3
+   Failed Devices : 0
+    Spare Devices : 1
+           Layout : left-symmetric
+       Chunk Size : 128K
+Consistency Policy : bitmap
+   Rebuild Status : 1% complete
+             Name : any:slowstorage
+             UUID : 6542dc7c:a8f93b36:15f90ca1:54d03417
+           Events : 285497
+   Number   Major   Minor   RaidDevice State
+       8        5        0      active sync   /dev/sda5
+       8       21        1      active sync   /dev/sdb5
+       8       33        2      spare rebuilding   /dev/sdc1
+</code>
 ==== LVM ====
@@ Zeile 173: / Zeile 325: @@
 And there is one Reason: Docker - at the current time of writing this (20.04.2024) you should NOT USE BTRFS with Docker. More is explained later.
 ==== Mountoptions ====
@@ Zeile 306: / Zeile 457: @@
 So you should maybe think of setting a better umask than 022 - which would make all users of you group have read access to you files to lets say 077. Or - even better don't use the group "users", but make a group with the same name as the user per User itself. Than you can have umask 007.
-On my system the umask can be defined in the file ''/etc/login.defs'' .
+On my system the umask can be defined in the file ''/etc/login.defs''  .
 But to go on directory- permissions: forget about umask.
 ==== FACLs ====