I’m currently working on installing software on the new server. I’ve got the virtualization software installedΒ and a couple of VMs running now.
The setup is based on VMware ESXi booting off a USB-stick. I’ve then allocated almost all space on the two harddrives to a VM running Nexenta (OpenSolaris kernel with GNU userland). I’ve then configured this space for a ZFS mirror (RAID 1), and shared it via NFS. VMware ESXi then mounts this NFS share and uses it as a “datastore” (place to store the virtual harddrives) for the other VMs. I will also make NFS shares for things like home directories for all the users.
I’ve also got the router/firewall VM up and runnig with the lastest OpenBSD release. I’ve just started working on the Blinkenshell-specific VMs now, thus far I’ve got a Gentoo instance with Grsecurity up and running (which will replace titan). I’ve also setup a domain controller which will be running OpenLDAP and MIT Kerberos for handling the user and password database. This will allow for the user database to be accessed from multiple servers, which was not possible before. I will probably set up a separate servers for mail and web services, and use Kerberos/LDAP and NFS for centralized user database and storage.
I have figured out how I want most things setup now, but there are a couple of big pieces left. I havn’t decided how to configure the webserver yet, though I have a couple of ideas I will try out. There’s also the signup-program, and how the different accounts will integrate. There is an opportunity to integrate more accounts into the LDAP directory now, but I’m not so sure I want different types of accounts (signup, ssh, mail etc) to share the same password, especially not passwords you usually store in configuration files (mysql, irc).
There is lots of work to be done still, and I don’t think this new server is going to be ready for at least a couple of months. How long it’s going to take depends a bit on how I decide to do things, if I’m going to rewrite parts of the signup-program and integrate it to LDAP it’s going to take a while longer for example.
So to sum it up, work is in progress, but it’s going to be a while longer. But when it’s all done Blinkenshell will be ready for many more years as the best shell provider on the net! π
Thanks for the hard work!
Keep up the good work!
This looks promising!
What be cool if you will write some guides about the ldap/kerberos with the home directories. I never could make this work π
sounds good π
thumbs up!
Nice π Good luck on the setup. I have been running my own server with OpenSolaris for some time.
For your website, there is a program called nginx if you wasn’t aware of it. It is a proxy for incoming HTTP, it could add ssl to all servers, or redirect you based on a URL or hostname to another server. Might be handy for the user account pages as currently they all redirect to ~/xyz. I remember this used to break some things. But nginx is all powered by a config file so that could be a problem.
Kudos , so any more pics or updates regrading the new server π
Thanx for the hard work!
so whats the progress on new rig? π
Can’t wait! π
Doing a nice job, thanks independence