openSUSE, despite the vastness of the www stating it’s primarily a KDE distro, prides itself in offering a one stop shop for your operating system needs, regardless of your desktop environment preferences. And it’s true. For a couple of months, I’ve been running openSUSE GNOME exclusively on my laptop. And it worked like a charm. But there was one problem.
Archive for the ‘Software’ Category
I want to share my experience in managing a personal hosted web server with openSUSE.
Two points, first.
- I’m not a computer professional, but an openSUSE addict since 1996;
- I will describe the use of hosted server, that is one that is not in your home, but somewhere in the cloud, but is still a hardware machine reserved to your own usage.
Why should I need my own server?
There are two main reasons.
- The first is fun. It’s fun to use openSUSE Linux to manage a server. It’s fun to ba able to say to friends “I have my own web site, I can manage one for you if you want”. It’s fun to be able to setup the computer to fit your precise needs, without having to cope with shared hosting never having the good php version or refusing ssh access. It’s fun to learn how to manage such a frightening beast, it’s fun to reach a new knowledge level.
- The second is friendliness and sharing. Nowadays, the cloud is everything. Internet is the key. Families are spread all over the world as are friends. To be able to share data, that is images, videos, comments, technical notes is essential. Managing it’s own server is the most effective way to do so.
Why a hosted server?
The first thing one try to do is manage it’s own server at home. It’s easy, most of the time any old hardware do the job -my first one was a 386 laptop with broken screen- (yes, a server do not need screen).
But one will pretty fast notice that the DSL line is not the best internet connection for this use. DSL is usually named “ADSL”, the “A” being for “Asymmetrical”. The speed of the data is approx 10,000 for downloading and only 1,000 for uploading (the real unit do not matter), that’s why it’s so difficult to send photos to a friend. So each time somebody wants to get something from your server at home, he will have to wait forever.
An other reason is cost. It’s not so cheap to have at home a computer running 7/7 and 24/24. Even is you can find a place where the noise is not a problem, power consumption is not that cheap. The simpler computer is like letting a bulb on all the time and my mother kept saying to me “please, switch off the light” :-).
I can’t know for you, but in France, where I live, hosting providers are really cheap. My own provider price list varies largely depending on the moment. Last year one could borrow a server for as low as $3 a month, just when I write it’s $8 for the smaller one. The one I use now cost me approximately $35 a month but have 4 processors, 8 threads, 2Tb Hard drive and 24Gb ram, that is much more than my desktop computer!
And for this price, I have 100Mbits symmetrical network, a fixed IP and a professional staff to maintain the hardware.
The drawback is that I have to manage the software myself entirely, but it’s exactly why I wanted a server so no complain on that :-).
Last word: When I say hosted, I don’t mean it’s you that have to provide the hardware. The hardware is property of the provider and maintained by him.
What do I need on my server?
Before doing anything in the life, one have to ask himself “why”? Same for a server. Right now I use my server to host my photo collection (more than 30,000 photos), my videos (much less in number, but very heavy in size), my personal wiki with all my technical notes and a blog. Also my personal mail server that I find to be more reliable than many professional ones. All this do not take more than 100Gb disk space, so there is a lot of free space where I can backup some data for friends or Linux groups I work with.
What is the real task?
I try to write down all what I do, let only to remember it myself! Of course it’s not very well organized, but my wiki page lists this, and I plan to discuss this with you now and in the future. Not being a professional, many things I do are not that good or not that smart. I always accept constructive criticisms and tips, and will be glad to receive them.
Partition and large disk
- Kimsufi-kernel-and-boot-setup-3 (old pages Kimsufi-kernel-and-boot-setup-2)
- OpenSUSE-small-server_basics-3 (old pages OpenSUSE-small-server_basics-2 OpenSUSE-small-server_basics)
- User creation/move/data move
- Configure Squirrel webmail (June 2011)
- Install Piwigo
- Archive mails in a way one can read the archives
- Display server’s logs
- Reinstal a Kimsufi server
- install php scripts
- Passphrase autentication with ssh
- Complete backup of a server
What I wont cover
As you see in this list, I use VirtualBox. This mean I use virtual server on my own server. I only begun to do so after several years of work, so I wont -yet- discuss this option here, I didn’t remove this item from the list, because I may at some point talk about it, incidentally.
The beginning: partitioning and installing
Installation on a hosted server is not as easy as on a local machine, because you don’t have any DVD access. The way you can access your computer depends on the provider. Mine gives the client a large choice of Linux distributions (among other systems), including openSUSE, and can deliver the server with a basic install and ssh access. One have also a rescue access (similar to openSUSE rescue access) to the server in case the machine do not boot anymore, but this is as friendly as is the rescue disk, better not have to use it too often.
Along the years, I have tested many partitioning schemes, and turn back to the simplest. Fact is on a remote server it’s difficult to manage several installations, like one do with dualboots –you don’t have access to a boot menu!
You can have one or two disks, the goal of two disks being to use raid 1 -my provider offers free change of damaged hardware- but one have to reconstruct it’s own raid. Using half the disk size as raid is pretty expensive, and simply having two disks for raid usually makes you shift to an other price list. I simply do not see any real reason to use raid on such server. After all if my personal server is out of business for some hours, nobody will notice (or nearly), We will see later than I use an other server as a backup.
So simple partitioning. On my own server I had problems with the default (provider) partitioning –yast didn’t like it- but I could reinstall the system and choose a simple configuration:
/dev/sda1 20Gb /
/dev/sda2 512Mb swap
/dev/sda3 1,8Tb /home
Notice I have a very small swap. I probably could have simply avoided to use swap (with 24Gb ram!), but I have this as default and kept it and it’s used by some application (496Kb), I don’t know why.
Actual system size is very low, so the 20Gb root size is much more than necessary, but like this the risk to have /tmp or /usr grow excessively is smaller and with 2Tb total size, why discuss?
Each provider have it’s own install interface, like any Linux distribution do, so I wont speak about it and say what is the result when, finally, you get the ssh prompt :-),
My provider provides a specific Kernel, also available as “net boot”. This is very interesting, because it’s always patched against all the problems, and, after all, you have never to change hardware on a hosted computer, and so one can reboot it’s server against net boot in case something go wrong. But the usual way is to boot normally, the hardware being provided with the kernel installed in /boot.
But, believe it or not, I was years before noticing the kernel was NOT part of default openSUSE install by the provider! It simply added manually the provider disk image. During these years I simply thought the hardware was not standard and that was the reason openSUSE couldn’t boot. I know today it’s wrong, because I had to use the standard kernel to make use of virtualization.
That said, I urge you to use the provider’s kernel if it exists, because it’s much more convenient and simplify eventual problems with the providers maintenance staff.
To get rid of the provider kernel I had to remove the /etc/grub.d/06-something-providersname config file and install the default kernel with YaST. Configure the boot system with YaST and reboot. The file in grubd is only used if it’s executable, so “chmod a-x” is enough to make it unavailable (and easily recovered if necessary).
Test and retest!
Before going to use the server in production, test it as long as necessary, two or three months not being ridiculous. Chance is you will reinstall several times during this period and it’s always better to have as few as possible work to do again. Don’t forget any critical error may need to use the recovery console or reinstall the system.
Write down the exact partition scheme. It can happen that reinstalling with the exact same partitions makes you able to recover at least the data untouched. Not sure, just a guess…
On my server the initial installation was extremely small, may be smaller than the minimal server install openSUSE gives. For sure, no YaST! You are lucky if you have zypper! May be you only have rpm!
So first things to install is zypper (you may have anyway some way to download rpm files, see providers help), then “zypper in yast”,
There having ncurse YaST is extremely handy, but yast2 (graphic) is much more, so it’s a good idea to install a minimum graphic system, then use “ssh -Y firstname.lastname@example.org” to have yast2 displayed locally.
With the server you must have a fixed IP. This mean you have an IP of your own. This may be the case -or not- for your home network. It means also you have to take double care of what you do, because you sign all your passage with your IP. This also mean most server in the net will trust you better exactly for the same reason, they know you.
Using certificates is an all other thing I wont discuss now.
The very first thing you have to do is update your system. The first install is always from initial data and a server have to be uptodate. As soon as you have zypper, do a “zypper ref & zypper up”, Be prepared to see things shine, you get a semi-professional bandwith, at least. Mine is 100Mb symetrical, pretty pleasant.
Having an automatic update through yast is challenged. A professional server manager may not like it (always fearing an update break his system), but on your case, I beg you may be weeks before connection as root on the server and updating is important, so go for it.
Don’t forget to install and launch sshd! Else at the first reboot you will have no mean to log in your server!
Depending of your initial install you will probably have to install a lot of things. My provider installed a very minimal system. I had to install nearly all by hand. Begin to install all the meaningful YaST modules (search for yast in software install). I had yast (mandatory!), but not yast2 (no gui) when using “ssh -X -C” to connect then yast2 is much friendlier. Notice that ssh -X seems to need a minimal X install. I use to install xfce4 (but not to run it at boot).
I didn’t write down all what I installed. A short list is probably: mc, w3m, yast2-gtk and qt, vsftpd (ftp), dovecot (mail imap/pop3), mrtg (http statistics), inn (news server), mailman (list server), spamassassin (spam fighter), apache2, ntp (time sync), tightVNC (remote admin). X and xfce may be useful some day. You even may have to install vim if you get only minimal vi.
Don’t forget to activate the necessary services in YaST, system, services (run levels).
Using patterns is friendly, but for example I ended with libreoffice and Gimp, not really necessary on a web server :-) (don’t forget eventually to remove them :-).
Do you need a firewall is an other controversial question. Your server is alone in it’s network, not a gateway. Unused ports are by the way closed. Open ports are managed par the application that listen. But Firewall is said to manage better than other applications things like attacks. It may also block things done by your others users (you will soon have to host friends). So may be better have a firewall.
Default openSUSE firewall is SuSEFirewall2. Most options are setup with the YaST2 module.
The main error to avoid is to launch the firewall before having setup the ssh opening – doing so you will lose the connection to the server…
Test the firewall: http://www.auditmypc.com/firewall-test.asp (but from the tested computer).
Add as allowed:
- smtp (postfix)
- http (apache)
To be able to use graphical applications is sometime mandatory. The easiest way is to allow X1 forwarding. This makes graphical apps to display right in your local console.
To allow X11 forwarding to work on modern distributions, you have to add
then log in with “ssh -X -C [-p <port>] url
Notice: I keep the “X11UseLocalhost no” in the list (but not activated thanks to #) because it’s often given as a working solution. But I was said that the problem is an obscure IPV6 problem and that “AddressFamily inet” instruct ssh to use IPV4 and is much more secure, so better use it.
To be continued. On the next article, we will discuss how to configure the server, give it a name, communicate with it, setup mysql (in fact mariadb) and finally apache :-).
Article Contributed by Jean-Daniel Dodin
Bodega is a project making use of the Open Build Service. Aside from that, there are many other connections between the Bodega team and openSUSE – time to find out more! We spoke with Aaron Seigo, and discussed Bodega, Appstream, zypper, ymp and the beauty of Free Software.
What is Bodega?
First off, let’s find out what Bodega is all about. Aaron explains:
Bodega is a store for digital stuff. In fancy words: it creates a catalog of metadata which represents digital assets.
The most important thing is of course the ‘digital asset’ term. That can be anything. For example, applications. Applications can be self contained – think how android does its APK files. Of course, things on Linux are often more complicated. Apache isn’t exactly a self-contained thing. And look further – perl, php, ruby, they all have their own addons like gems that need managing. Generalizing further, there are manuals. And books in general. Music, movies, pictures, you can go on.
Of course, the competition has these too – look at Apple or Google.
And how about Linux…
Linux does not have a store where you can get such a wide variety of things. For a game, you can use Appstream, get it from Apper or GNOME’s software center. They all give a view on applications. Unfortunately, that is only useful for desktops and can handle things barely above the level of Angry Birds. If you want a python module as developers – these fancy tools won’t help you. Nor are they useful on servers. For those you have to rely on command line tools or even do things completely by hand. And it is all different between distributions.
What if you can have one place where you can get a book, game, applications, isn’t that nice? That is what Bodega is.
How is Bodega different?
So, Bodega offers a digital store which can handle a wider variety of things than our current solutions. But what sets it apart from proprietary technologies like the Playstore and of course Canonical’s store solution? Aaron:
Most Linux solutions like Appstream assume their audience are users who play Angry Birds and use spreadsheets. Fair enough. Bodega takes a different approach and is far more ambitious.
Bodega has all the meta data in one place and offers ‘stores’ which are views on that data. That means you can have a software developer store, for example listing all languages and their addons separate; and a server section etc. And a separate UI for the angry-bird-and-spreadsheet crowd. All from the same bodega system, filtered by tags (not static categories!).
Talking about Appstream, Bodega can of course benefit from the metadata gathered for Appstream. And GNOME’s Software Center could be reworked to be a front-end to Bodega, adding books, music and lots of other digital data to its store. This is not meant to be a rewrite of what is there, or an isolated effort!
And why would you build on Bodega?
Bodega is open: everybody can quite easily add their own stores; or their own data sources; and add content and even sell it through their channels. It is not a closed system, on the contrary.
Open is a must, especially for Linux:
Take the 440.000 users of openSUSE. That would be a minimal amount of sales… The top-10 of paid apps in ubuntu makes less than a $100 per month of sales. Not really worth the effort. But if we could aggregate the sales between distributions, it would become relevant for third-party developers. Bodega as a cross-distribution is important!
And Bodega is useful for people outside of Linux. You can have your store on your own website so it is realistically possible for a independent author to sell their books in a bodega instance on their own website and never even SEE Linux. Yet the openSUSE users can get the books and benefit from the larger ecosystem…
The beauty of it is that it is all Free and Open Source Software, front and back. You can self-host all you want.
How do Bodega and OBS relate?
Bodega and openSUSE have something in common: the Open Build Service. Not only is OBS used by the Bodega developers and do they run openSUSE on their servers, Bodega supports ymp files!
Bodega is well integrated with the Open Build Service. If you create an app from OBS in Bodega, you just have to take the yaml file and fill in the missing details, adding screen shots for example. Bodega will not pull the package from OBS and store it somewhere. Instead it simply uses the one-click-install and when a user clicks on the install button, it sends the one-click-install file through. It thus does not interfere with updates, but it can show users that a new version is available and let them update from Bodega if they want.
Packagers still have to add their apps to the store but we could kickstart Bodega with the apps already shipped in openSUSE, using the Appstream metadata. Non-official repos can then be added and so on. It would be quite easy to import all of the openSUSE packages. Same with the and documentation and drivers (it can show “developer: nvidia” so users know to trust it). And if there is a new revision of the documentation, Bodega can take care of that, just like it handles software updates (through zypper of course).
This is where you can come in: the team is looking for help in this area and if you are interested in making this happen, come talk to the Bodega folks! You can find them on the active mailing list or the #plasma active channel on Freenode.
You might be eager to find out what is there, today. Well, if you’ve seen the screenshots to the side, you know there is an app to access the store. It is build for touch screens but works just fine and you can get it in openSUSE through software.opensuse.org. Once installed, you can fire it up typing “active-addons” in a run command dialog.
Shawn Dunn (of cloverleaf fame) is putting together a more traditional desktop UI, while maintaining these packages as well. You will be able to have a conversation with him as he’s going to be at the openSUSE Conference in Dubrovnik this month where he will present a session about Bodega! He is known as SFaulken online and pretty much always hangs in the #opensuse-kde channel on Freenode where you can ask how to get things running or how to help him break stuff anytime. He’s also yelling at the world on google plus.
Bodega now contains the entire book set of Project Gutenberg (thousands of awesome, free books) as well as a number of wallpapers and applications. Aaron:
There is work to be done to include all openSUSE Software in Bodega. The store can use a little work too, but is based on QML which makes it very easy to improve. If you’re interested in helping out, let us know!
A few days ago we featured a GNOME Sneak Peek and today it is time for the Blue camp! Whereas GNOME is still going through radical changes, KDE has been in incremental mode for quite a while, polishing their Plasma Desktop, Netbook interfaces and developing the new Plasma Active interface for touch devices. In this article we’ll introduce Plasma, providing a background to the choices behind Plasma and then review some of the major changes for this release. (more…)
On July 31st the YaST team announced that the final Ruby conversion of YaST YCP code is over and YaST is now at version 3.0. It took about a week for the new YaST to enter Factory, which makes it a part of the upcoming openSUSE 13.1 release. In the following article we’ll answer the questions of why this change took place, what exactly happened, and where YaST is going. We spoke to two SUSE developers who had been involved with the port, Josef Reidinger and David Majda. (more…)
Over the weekend, Bernhard Wiedemann has been working on new armv6 based images for the Raspberry Pi. It is built using a set of alternative build scripts aiming to make the building of the image easier. He’s put the scripts as well as an image online, you can get it from oSC orÂ here (image) and here (scripts). If you’re playing around with Raspberry Pi and want to create images for your device(s), this is for you!
The Image and Building It
As Bernhard explains on his blog, the image he created is only 82mb compressed, so it is pretty minimalistic. The image also contains the scripts he created for building under /home/abuild/rpmbuild/SOURCES/.
If you’re interested in playing with the building itself, creating custom images, the following commands will get you going:
osc co devel:ARM:Factory:Contrib:RaspberryPi altimagebuild
bash -x main.sh
He notes: If you have 6GB RAM, you can speed things up with export OSC_BUILD_ROOT=/dev/shm/arm before you do.
This package doesn’t build in OBS or with just the osc command as it requires root permissions for some steps. That is why you have to run it by hand and let it do its magic. The under-250-lines of script will go through the following steps:
Bernhard claims that: “this can build an image from scatch in three minutes. And my Raspberry Pi booted successfully with it within 55 seconds.”
Todo and Open Issues
He also points out some remaining open issues:
- the repo key is initially untrusted
- still uses old 3.1 kernel
- build scripts have no error handling
Compared to the old image, this one has some advantages:
- It is easier to resize as the root partition is the last one
- Compressed image is much smaller
- Reproducible image build, so easy to customize
- It is armv6 with floating point support, so could be faster
- We have 5200 successfully built packages from openSUSE:Factory:ARM
If you wanted to play with building images for the Raspberry Pi, this might well be the easiest way doing so! And as always, merge requests are very much welcome.
Have a lot of fun
openSUSE 12.3 introduced the 32bit ARMv7 architecture as new, fully supported architecture and brought experimental 64bit ARM (AArch64) images. Since the release, support for new hardware was added and more build power brought to the Open Build Service. And as far as we can tell, we now have the first large scale KVM deployment on ARM! We also introduce support for the Calxeda Highbank ARM server SoC, a major step forward for both ARM and openSUSE. Read on for details on where the openSUSE ARMy is going. (more…)
The Linux ecosystem is a varied one with hundreds of distributions, each having their unique set of abilities and limitations. Some compile the source on your system, others let you choose between init systems, try to be as small as possible, experiment with security solutions and more. There is also variation in governance: some are strongly top-down organized, others decide in a meritocratic way or vote. Some have strong corporate sponsor pushing decisions – others don’t. Some care to collaborate, others don’t value the wider ecosystem much and go their own way.
The variety in solutions shows people want different things and the different distributions provide that. But people change, so do their needs. And so, for those looking for Greener pastures, we wrote this articles with an overview of ‘the openSUSE way’ and the major differences between our tools and those from other major distributions. (more…)
What do Qt 5, Linux 3.8 and LibreOffice 4 have in common? They were not released in time to be included in our leading edge, but stable openSUSE 12.3 in time. But fear not: the power of the Open Build Service comes to the rescue! The herd of almost 35000 Geekos working there creates a wide variety of packages for openSUSE 12.3 and we’ll highlight a few of those in this article. (more…)
The new openSUSE is just around the corner so let’s take a closer look at some of the new features that you can look forward to. This time, we will concentrate on the features for servers: databases, virtualization and OpenStack packages. (more…)