First time office/corporate opensuse linux server setup

Hi everyone,

I’ve been browsing the web for hours/days and just can’t find a solution. We’re a startup business and i’m the dedicated IT guy. I know quite a few things about networking (running servers and services for home use… mostly teamspeak and arms servers :-D) but never got too deep into business server setups. I think my question would be too broad, but would still I would appreciate any help. Maybe it would start a nice discussion and could teach all of us more about enterprise grade setups (without having to spend x amount of dollars for appropriate education). In case we all find the perfect solution, I would be more than happy to keep everybody up to date on development and such and give back to the community. Your help will be my help to others in the future. Lets figure this thing out together.

This is the setup:

We have a dedicated internet connection and VOIP telephone service from ATT.

My plan would be to setup the main server to handle pretty much everything for now until we can afford more equipment.

I would like to run:

LDAP server for authentication and and server home directory (similar to AD if we can figure this out)
DHCP for IP assignment (workstations, several MacBooks, the phones, network printer, network share with raid and maybe owncloud,)
DNS
Email server

The challenge started already with the setup of the server meaning installation.

I can’t find any good guide about how to partition the server during installation, my question would be what is the best partitioning scheme (i.e I’ve read instead of /home I should use /srv) etc.

Hopefully, if I’m not asking for too much, we could get some people together with different expectees and set this thing up step by step.
Like I mentioned I would, if the main server is working, document all the steps and create a tutorial in a vm for the community.

Thanks in advance

PS.

I love Linux collaboration is the way to success.

Just partitioning

For most things your data goes into /home thus it is best to keep on a separate partition. This allows upgrades ad OS changes to be made without touching your personal data. This is the default install option.

Some things default set up in root. So if you do a large important database (mysql,Maria,etc) it is best to provide a separate partition for such data to remove one step from system files. General rull is to move important data off the root partition (/).

System settings are generally in /etc. DO NOT make this a separate partition but be sure to back it up.

Make a backup plan and stick to it

It all depends on the details

Regarding partitioning for a Server role…

Do not specify a separate /home partition, particularly if you’re not provisioning extravagantly for storage, it would be inefficient and wasteful.

Start with your hardware, and consider what the Server will be doing.
When implementing something like LDAP, your machine can become a critical point of failure (if it goes down, it affects every machine in your LAN). Therefor, build fault tolerance into your hardware, make reliable backups and consider a “live backup solution” like virtualizing and maintaining a standby image that’s continually updated.
Provision for performance. What this means is to weigh the hardware resources for whatever your Server will be doing. For this, you have to know the types of Application loads on your machine… Providing network services (Generally light, but can be slammed if enough Users log on to your network in the morning for example), firewall filtering (can be light but with plenty of filtering can be substantial), databases (generally heavy on disk I/O), more.
Speaking of databases, because databases can be corrupted so easily, not only should you have system power UPS, disk controllers with their own onboard batteries might be a consideration).
Consider virtualization or isolation to separate apps on the machine, so that if something goes wrong and needs troubleshooting, you can reduce the complexity of what is affected.

Besides the server roles (server applications) you listed, others commonly deployed include

  • File Server serving Network Shares
  • Web server, which itself can be an application gateway to various services including mail, files, shared collaboration, more
  • Not as often, but can also be a “critical node” firewall for your LAN which can be far more capable than typical SOHO Gateway appliances.

There is some good documentation (not very extensive, but covers a lot of ground) in the openSUSE community documentation
https://doc.opensuse.org/

If you’d rather pay a little bit rather than figure out how to set everything up, you might want to contact MicroFocus and ask whether anything still exists. Years ago, there used to be a collaboration package based on SLES that including identity and some security, and before that there was a “proper” Server setup that fully provided for a small LAN’s needs. But, I don’t see that on the Microfocus Products listing now, only a la carte offerings.
https://www.microfocus.com/about/contact/

TSU

thank you so much for your feedback already. I’ve tried to edit my post (because things changed a little bit today) but i can’t find the option to edit my thread. Like I’ve mentioned, I would like to give back to community in tutorial form in case we get this thing up and running together. I would love for us to keep this this thread running and updated in case people would like to add/extend services to the current setup.

the setup will be (in chronological order [hardware to software] (if that makes sense)):

  • router (please let me know if the router should handle DHCP and DNS or the opensuse server please, that would mean no additional services running on the server)
  • opensuse server (dell inspiron workstation)
  • firewall (software)
  • dhcp (software or not (i.e router handles this))
  • dns (software or not (i.e router handles this))
  • print server
  • ldap for authentication (group policies for file access)
  • nas storage with RAID setup for backups (reason for asking about partitioning in the first place)
  • openvpn (field employees)

In order for me to make this tutorial friendly in the future lets get back to:
Step number 1 Partitioning.

If I understand correctly (and please correct me) Install opensuse leap 42.2 without any changes to partitioning scheme meaning standard is fine.

  • /
  • /home
  • /swap

It is not /swap (that is a directory you most probably will not find on any system)… It is a par tition used for swap.

And this setup is a good default/starting point for a desktop/laptop. Or more precisely for one with a user population (one or more) that stores it’s important data in their home directories. But it is only a default because the majority of usage seems to be such “personal GUI system” one. Using your brains and creating something that fits best for your system usage is of course a must.

When your system only has one or two “normal” users for system maintenance (and for first login so that user can then switch to root when needed), often a separate partition for /home is not needed (but of course backup the small amount of data in there like you backup all other important things).

And as explained above already when your serve data (using NFS, HTTP/HTTPS, FTP, or whatever), stored in one or more databases or not, create distinct volumes (partitions, whole disks, Logical Volumes) for them. And using RAID in some form for those might be an option, but that depends on the threads you want to battle (mainly reflected in uptime) vs. your budget and added work.