# Internet server in a box, powered by Gentoo?

## Fuzzplug Jones

I'm a recovering Slackware user who rebuilt all his server boxen with Gentoo about this time last year.  I love this distro unconditionally and Portage alone has saved me a lot of time and headaches.

I use Gentoo primarily for Internet servers - LAMP plus email, content scanning, virus scanning, spam filtering, and sometimes other internet-related things like IRC or Icecast.  While Portage makes grabbing, building, interconnecting, and upgrading packages a snap, I'd like to take it to the next level.  And that's something that's missing from ANY distro, not just our distro of choice.

For example: to get started with a LAMP system with e-mail, I can type 

```
emerge mod_php postfix
```

 (provided my USE flags are correct, that should emerge Apache, MySQL, PHP, mod_php, Postfix, and all their dependencies).  That alone has saved me so much time (I remember doing it by hand in Slackware, and it made me want to set up NT/IIS).  But say I want virtual mailhosting with Postfix.  Now I have to do everything in http://www.gentoo.org/doc/en/virt-mail-howto.xml by hand.  Then if I want content filtering with amavisd, SpamAssassin, and ClamAV, I have to do everything in http://www.gentoo.org/doc/en/mailfilter-guide.xml by hand.  Then of course are all the nickel-and-dime things one has to do, such as making sure your phpMyAdmin and webmail pages are never spidered by search engines.

Now don't get the wrong idea - I'm not against working on Linux, and I'm certainly not a Windows script kiddie.  I understand in Linux circles (though not so much Gentoo) there are those people to whom any sort of automation is the devil's work.  What I really want out of this idea is something like CPanel users have - not only a way for the server admin to get more work done easier, but to also offload client-specific admin tasks (i.e. subdomains, mail aliases, site-specific setup) off to the clients themselves.

So I got thinking, what if there was almost an internet-appliance-like Gentoo-based distro, that took advantage of the power of Portage, that could just be dropped on any box ("dropped" as in the box is cleanly formatted and this is intstalled, not "dropped" in the sense of emerging it onto a running system).  After a few small hardware setup things (which could even be bypassed because the LiveCD is good at detecting network cards, for instance), the system would be installed to strict and secure but generic defaults: Apache in chroot jail, mod_gzip, PHP with every possible option, PHP Accelerator, MySQL (set up with a superuser), Postfix WITH amavisd-new, SpamAssassin, RulesDuJour, and several antivirus daemons, the structure for Postfix virtual mail hosts set up in MySQL already, Courier-IMAP and POP3 daemons, DNS services, phpMyAdmin installed and working, a good open-source webmail client (or two) for each site, log analyzers, and (here's the only really difficult part, because we'd have to write it) a CPanel-style web-based administration facility that allowed the sysadmin to access all relevant customization/config options system-wide (much like Webmin, but not as clunky), and allowed specific clients on the box to manage their own virtual server, check e-mail, view logs, do log analysis.

Anything one doesn't use could be disabled (for example, my domain registrar does my DNS so I'd just disable the DNS daemon on this system).

If you're feeling like this is the Windowsization of Gentoo, let me try to ease your mind: The beauty of Linux is that open-source programs are often rock-solid and more reliable than anything else out there, especially when they're as mature as some of the packages I'm talking about here.  However, computers are supposed to work for us, not the other way around.  Every time I set up a new server box there's so much to do by hand that's almost exactly the same.  I think the vast majority of people running servers out there would be well served by a solution such as this: When you get down to it, just how different are our respective setups anyway?  Sure, some of us need IRC and some of us don't; some of us use Postfix and some Exim.  But how much would it really matter what packages were installed if it just works?  For example, I just moved from Exim to Postfix because after researching for almost two years, I still can't figure out how the hell to do virtual email hosting in Exim, and Postfix spells it all out nicely, though it's still a bit of work.  Plus, Exim's only interface to content filtering systems was a freakin' patch.  Anyway, any personal differences in server setups can be addressed by the web-based admin interface.

Red Hat people do this all the time with CPanel, and it costs them money (plus, they have to run Red Hat).  I envision a system that's open source and free from the ground up.  Better, more complicated open source software has already been written.  This shouldn't be all that bad.

So I'd like to ask the Gentoo community, who have given me a lot of help over the past year even though my post count doesn't reflect it, what do you think of such an idea?  And who would be on board to work on it?  I would of course host whatever we need.  I know I need a solution like this right now (especially the client-side administration), and will need it much more in the future as I continue to host sites for people who not comfortable with working on the command-line.  I'm very interested in the opinions of the Gentoo community on this.  Thanks.

----------

## Tyir

wow, I think that is a great idea. Perhaps a better way is that it would ask what packages you want installed (PostgreSQL instead of MySQL, for ex) but I like the idea of the simple system-wide configuration.

Anyway, I'd help test it once it gets started.

----------

## Fuzzplug Jones

 *Tyir wrote:*   

> wow, I think that is a great idea. Perhaps a better way is that it would ask what packages you want installed (PostgreSQL instead of MySQL, for ex) but I like the idea of the simple system-wide configuration.
> 
> Anyway, I'd help test it once it gets started.

 

Thanks!  I appreciate that.  Yeah, perhaps the best way for non-conflicting packages would be to install them all and let each client decide what they want to use.

Love the Avatar btw.

----------

## mdshort

What we could do is reverse engineer Webmin for our cpanel, it runs ok, but it's somewhat insecure and doesn't have support for everything.

----------

## Fuzzplug Jones

Is that even possible?  I've never owned a copy of Webmin (hence the need for this project).

----------

## mdshort

...Webmin is available in portage...

----------

## Fuzzplug Jones

But as I understand it, it is not usable without an $1100 license?

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> But as I understand it, it is not usable without an $1100 license?

 

Where did you hear that?

----------

## Fuzzplug Jones

 *Headrush wrote:*   

>  *Fuzzplug Jones wrote:*   But as I understand it, it is not usable without an $1100 license? 
> 
> Where did you hear that?

 

Well I certainly hope I'm mistaken, but I could've sworn a fair amount of threads on this forum were lamenting the fact that CPanel isn't free.  CPanel.com says you can try it free for 15 days - and I guess I was wrong on the price.  CPanel.com says, "One time licenses are currently priced at USD $1250.00."

So I was off a bit  :Smile: 

In case I'm not being clear, I'd like it to work for more than 15 days and I don't have $1250.

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> Well I certainly hope I'm mistaken, but I could've sworn a fair amount of threads on this forum were lamenting the fact that CPanel isn't free.  CPanel.com says you can try it free for 15 days - and I guess I was wrong on the price.  CPanel.com says, "One time licenses are currently priced at USD $1250.00."
> 
> So I was off a bit 
> 
> In case I'm not being clear, I'd like it to work for more than 15 days and I don't have $1250.

 

I thought you were talking about Webmin since your comment followed the post mentioning Webmin.

----------

## Fuzzplug Jones

Oh crap, my bad.  I was talking about CPanel, but the other day I must've blanked when he said Webmin.  Yeah I have Webmin installed, it's cute, but there's a lot it doesn't do, or doesn't do right.  I know the one time I tried to edit some Apache virtual domain settings with it, it was actually HARDER than editing the conf file by hand.

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> Oh crap, my bad.  I was talking about CPanel, but the other day I must've blanked when he said Webmin.  Yeah I have Webmin installed, it's cute, but there's a lot it doesn't do, or doesn't do right.  I know the one time I tried to edit some Apache virtual domain settings with it, it was actually HARDER than editing the conf file by hand.

 

I just setup port knocking and sshd and use the command line for administration.

I find its faster if you know what and where the files you need to edit are.

----------

## Fuzzplug Jones

I appreciate the advice, but go back and read my original message... I was talking about some sort of uber-ebuild or something that would set up a lot of the mundane things on a new server (virtual mailboxes with postfix and whatever else it needs, for example, without all the repetitive work).

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> I appreciate the advice, but go back and read my original message... I was talking about some sort of uber-ebuild or something that would set up a lot of the mundane things on a new server (virtual mailboxes with postfix and whatever else it needs, for example, without all the repetitive work).

 

Try www.clarkconnect.com

It's not Gentoo, but quickest easiest gateway/server Linux disto I have seen.Last edited by Headrush on Fri Jul 15, 2005 6:55 am; edited 1 time in total

----------

## Fuzzplug Jones

Interesting, but the nice one costs almost $1,000.  Thought maybe somebody would be interested in doing it in an open-source fashion.  Maybe I'm wrong.  I'm sure there are other distros out there but this is 75% about wrapping cool stuff around Portage.  I certainly don't want to stop using Gentoo, and most of the Linux boxen I touch are Internet servers.

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> Interesting, but the nice one costs almost $1,000.  Thought maybe somebody would be interested in doing it in an open-source fashion.  Maybe I'm wrong.  I'm sure there are other distros out there but this is 75% about wrapping cool stuff around Portage.  I certainly don't want to stop using Gentoo, and most of the Linux boxen I touch are Internet servers.

 

It's free. The free version includes all the things you mentioned in the first post.

I love Gentoo myself, but after awhile I found this was a faster and easier setup for my servers.

----------

## mdshort

Well what I was saying about what you said, is that we could reverse engineer webmin, and recode it the right way (theres alot of things they did very messy, such as themes etc).

----------

## Headrush

 *mdshort wrote:*   

> Well what I was saying about what you said, is that we could reverse engineer webmin, and recode it the right way (theres alot of things they did very messy, such as themes etc).

 

No need to reverse engineer, the code is freely available.

More power to ya, but for how little config screens like this are used once your production system is running, seems like a lot of work. Like I hinted at above, when I started I wanted a nice GUI for configuring my servers but eventually logging in by ssh, editing a config file and restarting the service ended up being easier and faster.  :Wink: 

Of course if you're searching for something and don't know what option you're looking for, the GUI really helps.

You could easily design your own Web configuration pages. 

Make the web page forms and then use the data from them in a cgi scipt to edit the files as needed and restart the service.

----------

## trickypicky75

Well I hope no one lights me up for this one but here I go.

Fuzzplug, I know exactly what you mean.

In my opinion, the "easy administrator tools" have always been a weak point in linux.

Don't get me wrong.  I love linux, I even ran nothing but linux for over a year just to prove to my nay-saying co-workers, that I can do everything in linux that can be done in Win.

However, although I can do a config via a text file, it would be easier if there was a little more "Smarts" when I install it.

For example, lets say I want to  install BIND

It would make sense to me if the installation asked me some up front questions like:

What do I want to call my domain, Do I want to use forwarders, if so what are the IP's of those forwarders.   

Then to top it off, if I had a GUI that would allow me to add records, or confiugre DDNS, or anything else I could configure, that would make it easier, not just easier for me, but easier for someone who may understand DNS, but may not understand how to do it via the text file.

Furthurmore, although you can do everything via text files, it's easy to make mistakes, whether typos, syntax, or use of a special charachter.  It can be confusing!   Something I didn't understand back in the SAMBA 2.x days, was why I had a /etc/passwd file, but then needed a different file for samba, and then when I was using POPTOP for VPN access, I had to have a differnt password file for it too, and all 3 of them had different formats.

Once again, don't get me wrong.  I love linux, and I understand that there aren't a lot of paid developers out there like M$  I know, in time, linux could have all of this functionality, It's just a matter of time....

If I could write code, I'd totally jump in on it, but I'm an Administrator type...

-TrickyPicky75

----------

## Headrush

trickypicky75,

I know what you are saying and there are several specialized Linux distros out there that do exactly that, Gentoo is just not one of them.

That's why I suggested clarkconnect. 

Very easy for even the newest Linux users to setup and administer a gateway and/or server.

Even easier than Windows.  :Very Happy: 

Try using the GUI wizards for setting up IPSec filters in Windows 2000 Server and tell me how much GUIs make things easier and less confusing.  :Razz: 

----------

## Fuzzplug Jones

For the last time I'M NOT A NEW USER I just thought it would be neat to have a solution that got rid of some of the redundant tasks (if it's in a 24-page howto, it should just be a damned USE flag or something).  But nobody's biting at this and the only passion I'm getting here is from textfile zealots and my intention was not to piss you off.  Just forget it.

----------

## Headrush

 *Fuzzplug Jones wrote:*   

> For the last time I'M NOT A NEW USER I just thought it would be neat to have a solution that got rid of some of the redundant tasks (if it's in a 24-page howto, it should just be a damned USE flag or something).  But nobody's biting at this and the only passion I'm getting here is from textfile zealots and my intention was not to piss you off.  Just forget it.

 

Easy.

Threads often take their own path and veer from what the original poster asked.

A lot of these posts aren't just for you and are useful for other people that might have similar questions.

Maybe nobody cares or isn't interested in your idea that much! Lighten up. Yelling, calling people zealots, and pouting because you don't get exactly what you want won't help your cause. Maybe just try to restate your idea or add a new idea to support your position.

I'm not pissed off .  :Cool: 

Edit: I think maybe what you want is something more like support for custom groups in portage. We have system and world now, but additional ones like kdedesktop, gnomedesktop, emailserver, webserver. Each would pull in packages that someone predetermined fit this model. Of course you would have to add some type of wizard that established default entries for the config files.

There's a new project.... get to it!  :Razz: Last edited by Headrush on Mon Jul 18, 2005 7:27 pm; edited 2 times in total

----------

## trickypicky75

HeadRush,

I'm aware of the Distro's you're talking about.  But it would be nice to see some more GUI's and Wizards work it's way into Gentoo (and other Distros)  

I totally agree what you said about setting up IPSec Filters in 2k Server, but, stuff like that keeps some one else in buisness, or MS can make thier own product (Like ISA Server) and charge you $1500 + CAL's!

I understand it would be insane to say "Make a GUI for each thing that can somehow be configured."

In Linux most everything is somehow configured using a file.

In Windows most everything is somehow configured using a file (the registry)

I guess to most people using linux it's just not a big deal.  (It isn't to me either)  But to compete with another O/S, that's a critical feature.

Now it just clicked to me, part of what Fuzzplug was saying...

If I'm going to follow http://www.gentoo.org/doc/en/virt-mail-howto.xml

I'm going to haveto do these configurations, so, once I'm done emerging them, why don't I just automatically get asked:

Please enter your host name =

Please enter your domain name =

What interfaces would you like postfx to run on (lo, eth0, all) =

Please enter your networks=

Please enter your home mailbox =

etc.. etc.. etc..

Generally, a reduced amount of "by hand" editing during setup.  If so many people are using a how-to, why not have something like:

emerge postfix --ask-config-questions

That would give you the option to either, do it all  manually (like in the how-to)  or to emerge, and ask the usual config questions that you would normally type in manually anyhow.

----------

## Headrush

 *trickypicky75 wrote:*   

> Generally, a reduced amount of "by hand" editing during setup.  If so many people are using a how-to, why not have something like:
> 
> emerge postfix --ask-config-questions
> 
> That would give you the option to either, do it all  manually (like in the how-to)  or to emerge, and ask the usual config questions that you would normally type in manually anyhow.

 

That seems like a good idea.

Using the post_install section of an ebuild you can have a script run that does that.

(doesn't necessarily have to be GUI)

This way you wouldn't be affecting the original ebuild at all for people that didn't want to use that part and would only be a trivial adjustment to existing ebuilds.

(Add a call to script and download the script into the files directory of the ebuild)

One thing about Gentoo is choice. I've noticed before in the forums that generally Gentoo devs stay away from implementing overly "aggressive" defaults for anything. I have seen many times where it would help, but they like to keep options open.

I thought Fuzzplug original post actually involves three different things: installation, configuration, and administration. Each is actually a separate problem.  My point to him was that I thought a customized distro like clarkconnect, was pretty close to what he wanted except that they have chosen which app for each type of program for you. So all he needed was a similar setup that let him choose which app he wanted. (aka which DNS server, which ftp server, or mail server)

I have nothing against anyone trying to implement what he said for Gentoo.

----------

## Maxwell

Where any follow-ups in this discussion? I mean, one year passed, maybe some application or feature appeared in the mean time that could do what you guys were talking about. I sure wanted something like that!!

----------

## Fuzzplug Jones

 *Maxwell wrote:*   

> Where any follow-ups in this discussion? I mean, one year passed, maybe some application or feature appeared in the mean time that could do what you guys were talking about. I sure wanted something like that!!

 

Sorry mate, I don't even use Gentoo anymore.

There was an incident last summer where somebody in charge changed the Apache ebuild so much that a simple "emerge update" (sorry I forget the exact command, but it's where you go through and update all packages) took my webserver down for two freakin' days.

When I came to these forums to learn what had happened, and find out how to fix it, the regulars here were treating people who had gotten hit from that "feature" with disdain.  We were rudely scolded that we should have been watching a developer's mailing list (the only place this bork had been announced) and we were also very sternly reminded that Gentoo is not a "production" system and I should have the money, resources, and time to have a second, identical server running to protect myself against huge borks like this.

Needless to say, I immediately began a migration to Debian Sarge, and haven't looked back once.

(Note to anyone involved in that fiasco: you don't have to reply and flame me over this; I only noticed this post because I had it set to notify last year, I don't come here regularly anymore.  Besides, it's water under the bridge and even though I'm an ameteur/hobbyist/enthusiast who runs his own sites, I want them UP, so if I have to run Debian to do that, so be it.  With all due respect to kernel hackers, I have other things to do.)

I originally suggested the "server in a box" because Linux is usually so stable that if I don't set up a new server every few weeks, I begin to forget all the stupid little steps to get it perfect.  Also if I have to switch boxes in an emergency, it makes it worse that there's no quick way to set up a good LAMP box.

I haven't finished the project yet, but my experience with Debian has been that I could do what I originally envisioned with a shell script that can be run on a new install that apt-gets all the required packages, and runs 'patch' on the configuration files (for apache, postfix, etc) with .diff files i specify (for example, one that already has amavisd and clamav set up in postfix).

Strangely, the project stalled because Debian has been so freakin' stable.  I guess it comes down to what you want to do.  Gentoo is a neat idea for the hobbyist and the hacker, but I jumped the gun in assuming that I could run websites (that I wanted up 24/7) on it.  I've even had to move my debian server to another box in an emergency, and literally I just moved the hard drive and it came up.  You don't get any better than that.

----------

## Maxwell

Very well!! I understand your point of view perfectly! Sometimes i also have some problems in getting some information. Don't know if the problem is mine or (....) but it happens.

Thanks for the quick reply!

----------

## morphal

For what it's worth, I had absolutely zero problems with the Apache refresh and I'm most emphatically not a Gentoo expert ... or even notably skilled with Linux. I had never run any kind of server before Apache on Gentoo. My only experience with Linux was some old Mandrake and Red Hat from years ago. That really isn't the point of the thread though.

The number one failing of Gentoo (and I know people will hate me for this) is that in its efforts to give us all the choices, we're left completely unaware of what our choices are. Portage is an absolutely amazing system and it's what keeps me standing by Gentoo. However, the lack of anything at all to give us a direction or something to go on after we "emerge foo" is a problem. This is only mildly on-topic.

If there is a postfix howto that thousands upon thousands of Gentooers pretty much are required to use and each of the users trudges through the same steps over and over again ... why not speed the process up by scripting it? As the OP said, there are circles in which any form of automation is considered evil, but really, if we're all doing the same steps, why waste the time?

When I was first learning how to handle Gentoo, I would frequently go through a stage 1 (or later, a stage 1/3) install just for the extra little bit of experience and another opportunity to tinker with settings. As I progressed on to playing with Apache, I enjoyed finding the exact directive I needed. Again, as I learned the finer points, it just got tedious. control != tedium  We've all done this dozens of times. Why do we have to do it dozens more? There are certain things we know must be done to every install and certain choices that must be made. If it's possible to present the user with a direct way to handle them, it's a much better idea than just leaving the files in the right directories and telling the user to fend for themselves from there.

----------

## geforce

I have think of a project like this, but since i'm not a programmer (except PHP) I can only give my ideas.

What I thought is an ebuild that simply ask for what you want (server):

My english is not good enough, i'm searching words to explain what I mean so i'll just give you a little example:

 *Quote:*   

> 
> 
> $ emerge gentoo-super-server
> 
> * download the stuff etc*
> ...

 

My idea is much more deep that this: all my setup is completly virtual and on the fly: I only have to connect my *almost finished* control pannel to add users, domains, etc .

For example, my Apache setup use Mod_rewrite to have on-the-fly sub-domains and stuff like this, all the users are on an OpenLDAP db  ..

I think this project could be really benefict for us to install / configure servers (pretty much faster, flexible setup (virtual servers & users) )

Give me news on this , I'd like to contribute !

Phil

----------

