Re: Defining ISP?
On Wed, 15 Sep 2004 22:59, "shift" <[EMAIL PROTECTED]> wrote: > The idea seems still interesting to me 2 days after the week-end! ( Did > some definitive dammage happen? :) > I imagine an install, giving possibilities of Raid, backup, replication, > networking etc from the start, all necessary tools and programs, in a Software RAID, backup, and networking are needed on workstations just as badly as on ISP servers. You don't need an ISP specific distribution to need that. > compact, easy to use distribution with some "ncursed" ISP specific > administration tools. Something secure, minimalistic (I like the word and > the concept) and with some optimization possibilities. > does-it still seem confuse? Is it "une idee farfelue"? It is really handy to have GUI administration consoles at ISPs. At the last ISP I ran 17 inch monitors were quite common. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Please write your text after the quoted text and don't quote excessively. This is not AOL. On Wed, 15 Sep 2004 07:48, "shift" <[EMAIL PROTECTED]> wrote: > Well, about the week-end, you're welcome for another one (...) > > About the install, I do almost the same. the second part is the > optimization. > Using an optimized distrib on an SR2200 (dual PIII 1.4GHz Tualatin-S), SCSI > U160, I have better results on Mysql nemchmarks than with a non-optimized > SR2300-SKU0 dual xeon 3.0 1MB L3 cache and SCSI U320!! U160 vs U320 makes little difference if you have only one hard disk. I have never seen a disk that can do more than 70MB/s sustained (and the transfer rates under real load are usually much lower). Two CPUs are not necessarily faster than one. There is overhead in locking data structures. If an application is only written to use one CPU then the second is just dead weight. For good test results you change one thing at a time. Change three or more things at once (CPU, disk, and compilation options) and you will never know how much each one affected the results. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
On Fri, Sep 17, 2004 at 11:51:54AM +0200, shift wrote: > [lots of stuff] top-posting is evil. please don't top-post. > [ 109 lines of excess quoted text deleted ] 2. learn to trim your quotes. craig PS: (standard quote information file) please learn to quote properly. your reply goes UNDERNEATH the quoted material, not above it. this allows the quoted message to be read in sequential order rather than reverse chronological order. top-posting screws up the chronological order of the replies making it a jarring chore to make sense of them - you have to scroll backwards and forwards trying to match who said what to whom and when. the longer a thread goes on, the worse it gets. you should also delete excess quoted material including headers and signature lines - quote just enough to provide context for your reply, and no more. some useful URLs on the topic of correct quoting & email netiquette: http://learn.to/edit_messages http://home.online.no/~vidaandr/news/FAQquoting.html http://www.iwillfollow.com/email.htm -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Relecture... Back on earth. Let us say things are started! There will be a lot of lists of "packages", some will be "prefered" and others "necessary" to build an "ideal distributions". Packages... What will be obvious is the impossibility to satisfy every preferences and desiderata; some difficult choices will have to be done. Packages will be kept and others will have to go... If we treat this subject this way, in the best of cases, what will happen will be fragmentation. In the worst, we will forget what could have been an interesting question. By using the magic Debian formula, I mean Base+dpkg, everyone can build his/her distribution. A distribution containing the necessary and prefered packages and composing the "ideal distribution" Perfectly adapted and exactly responding to his/her actual needs. This works well and doesn't need to be changed. Realising a "beautiful" distribution is part of personal developpement, imposing it is...is...well, can't find the right word. So, then, what is the problem? "Defining ISP" in Debian is more thinking the ISP situation widely and ahead, trying to create the atmosphere that will permit to see how this branch is evoluting and help to adapt to this evolution. Building a different ISP branch (a distribution with simpler words...but it's not so simple in fact) will not be the final purpose then, it could just be one of the multiple consequences of a process. Another consequence could be also the way basic ISP knowledge could be transmitted. Where is the place where knowledge about ISP tasks is given to "newbies"? "Newbie", a word generally whispered in a despising tone and defining these poor subjects that trigger always by their questions the terrible RTFM!!! Well, another week end again. This time it will be "Farfalle et thon aux oignons" and two elegant bottles of Chablis...Is there anyone interested in the recipe? The tunafish accompagned with oignons is delicious. Knowldge gives wisdom, shared knowledge gives freedom... shift - Original Message - From: "shift" <[EMAIL PROTECTED]> To: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, September 15, 2004 2:59 PM Subject: Re: Defining ISP? > > The idea seems still interesting to me 2 days after the week-end! ( Did > some definitive dammage happen? :) > I imagine an install, giving possibilities of Raid, backup, replication, > networking etc from the start, all necessary tools and programs, in a > compact, easy to use distribution with some "ncursed" ISP specific > administration tools. Something secure, minimalistic (I like the word and > the concept) and with some optimization possibilities. > does-it still seem confuse? Is it "une idee farfelue"? > > shift > > - Original Message - > From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, September 14, 2004 3:39 PM > Subject: Re: Defining ISP? > > > > Hi, > > > > what i used to do is install a base system and then install some of the > > package packs i've defined. > > > > For example, if what i want is install a web server with php % perl > > support i use a config file what i've defined myself which contains this: > > > > > > apt-get install apache2-common apache2-mpm-prefork > > libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common > > libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl > > ca-certificates libapache2-mod-php4 php4-mysql php4-pear > > > > > > For the rest of services exactly the same. I'v defined manually the > > whole list of packages needed for web server, ftp server, irc server, > > mail server (smtp, pop and imap), antivirus server, etc... > > > > If you can build a local mirror of you version of debian, i.e. sarge, > > you can do local network installations, and your installs will be so fast. > > > > That work fine for me at least :) > > > > BR, > > > > jonathan > > > > > > > > > > > > > > Christian Hammers wrote: > > > > > On 2004-09-14 shift wrote: > > > > > >>Thinking maybe of a an ISP specific install. Lighter and even more > > >>secure. A minimalistic distribution... > > > > > > > > > Most ISP will probably have different servers for the different services > and on each of them they will start with a secure base install with as few > software installed as possible and then just install apache/postfix/proftpd > whatever they need and customize it. > >
Re: Defining ISP?
Craig Sanders <[EMAIL PROTECTED]> writes: > On Thu, Sep 16, 2004 at 11:35:30AM -0400, Darrel O'Pry wrote: >> Meta-Packages that reflect my deployments would include: >> >>Qmail-MX-scanner (options for NFS, local, and qmtp delivery) >> (vpopmail, djbdns, qmail-scr, qmail-scanner, spamassassin, >>ClamAV) >> [...] >>DNS-primary (djbdns, VegaDNS, mysql) >>DNS-secondary (djbdns) > > both qmail and djbdns are non-free and could never be part of a debian-isp > meta package. > > on a more general note, this highlights exactly why such a meta-package > wouldn't be very useful anyway. there are many alternative packages which > provide the essential ISP services (mail, web, dns, database server, etc), and > everyone has their own preferences, requirements and configuration > peculiarities. making a one-size-fits-all meta-package just isn't going to > work. > > in any case, it isn't needed. debian is already the perfect ISP distribution. > just install the base and then apt-get install whatever server packages you > want for the particular server you are building. pretty nearly every free > software program that provides ISP-related services is available as a debian > package. Something interesting is the differents packages of exim : exim4-deamon-heavy and exim4-deamon-light. It could be interesting to have the same things with httpd, dns... -- William - http://flibuste.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Defining ISP?
Comments inline, I've cut out a bunch of replies to make it easier to read. > -Original Message- > From: Jonathan G [mailto:[EMAIL PROTECTED] > Sent: Friday, 17 September 2004 10:04 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: Defining ISP? > > Comments in line > > Darrel O'Pry wrote: > > > Well I guess I'll try to start a discussion about what would be needed > > for an ISP distribution, and present a basic primer to how I run my > > systems as an example of needs or things to keep in mind developing an > > ISP distribution that can meet a wide variety of needs. > > > > I'm agree with you, a distro with solely what is needed to run a general > purpose ISP. Check out http://debian-enterprise.org/ - Maybe work on that? > > > > I think it might be easier to develop and maintain ISP specific > > meta-packages, as Ben Lisle suggested? Would he be willing to put his > > existing meta-packages on the open market for community review and > > maintenance? Sure, I'll tidy them a little and repackage. Keep in mind, they're very "bennish" - the choice of software I use and the way I configure them reflect the way I administer my servers. I doubt this sort of thing would benefit many other people. > > Meta-Packages that reflect my deployments would include: > > The list of packages to be included should be disussion matter. In > example some people love postfix while i rather like exim, but the > global idea is, at least for me, include in the distro 2 programs for > each need in order to the sysadmin decide which one he will use: > >- web server: apache, minihttpd >- mta: exim, postfix, qmail >- imap/pop3: qpopper, courier, cyrus >- database: mysql, postgress >- radius: freeraidus, radiator >- etc... How many systems administrators do you know that do things the same way? :-) At this level I doubt the ISP distribution would be useful. You'd be catering to people who want a quick setup and nothing else - so maybe hosting providers. I for one would not trust someone else's slapd.conf. > A quick release in not as important as mantain your distro secure and > fault tolerant. However, again i'm agree that is better to patch a small > package distro than a general purpose distro with thousands of packages. > I'd rather see Sarge with better enterprise hardware support. EVMS off the bat, a good 2.4/2.6 kernel. That said, see the link at the top. Those guys need some more developers :-) > > Other expectations I would have of an ISP friendly distribution of > > debian would be a cluster friendly file system layout, and a set of > > shell scripts for managing users, ftp, and web accounts. Currently > > I use a layout along the lines of /var/www/domains/a/adomain.com/, > > /var/www/usersite/u/username/, /var/media/qt/a/auser, > > /var/media/real/a/user > > Use LVM or help admin use it, ok! But inject script to manipulate users > or accounts is not a good idea. For example in my case i use a different > organization than your, organization that as you i love and i don't want > to be forced to change it: > Build an administration tool for that - package it, submit it. I've been doing some LVS stuff at home and I wrote some simple Python scripts to quickly build new Debian and Redhat servers. Maybe something similar would be helpful to server administrators? > > > > I'm sure there are people out there with better method of implementing > > this, or maybe better ideas about going about this kind of work, but > > this seems to work pretty well for my small ISP, but I'm relatively in > > experienced at this job and kind of hack it together as I go to in > > attempts to keep legacy customers happy, provide the widest possible > > base of services and options, keep up with current applications, and > > make an attempt at maintaining the security of my network. Any feedback, > > ideas, or suggestions are greatly appreciated. > > Yep, those http://debian-enterprise.org/ guys could use your help :-) > Same feeling. :) > > > .darrel. > > > > > > > > > > BR, > > jonathan > > >>-Original Message- > >>From: Jonathan G [mailto:[EMAIL PROTECTED] > >>Sent: Thursday, September 16, 2004 6:12 AM > >>To: [EMAIL PROTECTED] > >>Subject: Re: Defining ISP? > >> > >>Well, we can start reading the following documents about how to create > > > > a > > > >>CDD (Custom Debian Distribution): > >> > >>- http://wiki.debian.net/index.cgi?CustomDebian > >>-
Re: Defining ISP?
On Thu, Sep 16, 2004 at 11:35:30AM -0400, Darrel O'Pry wrote: > Meta-Packages that reflect my deployments would include: > >Qmail-MX-scanner (options for NFS, local, and qmtp delivery) > (vpopmail, djbdns, qmail-scr, qmail-scanner, spamassassin, >ClamAV) > [...] >DNS-primary (djbdns, VegaDNS, mysql) >DNS-secondary (djbdns) both qmail and djbdns are non-free and could never be part of a debian-isp meta package. on a more general note, this highlights exactly why such a meta-package wouldn't be very useful anyway. there are many alternative packages which provide the essential ISP services (mail, web, dns, database server, etc), and everyone has their own preferences, requirements and configuration peculiarities. making a one-size-fits-all meta-package just isn't going to work. in any case, it isn't needed. debian is already the perfect ISP distribution. just install the base and then apt-get install whatever server packages you want for the particular server you are building. pretty nearly every free software program that provides ISP-related services is available as a debian package. anyone who doesn't know what packages they want to use really shouldn't be setting up ISP servers anyway. at minimum, they should spend some time getting familiar with the various alternatives so they can make a decision before going online. craig -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Comments in line Darrel O'Pry wrote: Well I guess I'll try to start a discussion about what would be needed for an ISP distribution, and present a basic primer to how I run my systems as an example of needs or things to keep in mind developing an ISP distribution that can meet a wide variety of needs. I'm agree with you, a distro with solely what is needed to run a general purpose ISP. I think it might be easier to develop and maintain ISP specific meta-packages, as Ben Lisle suggested? Would he be willing to put his existing meta-packages on the open market for community review and maintenance? Meta-Packages that reflect my deployments would include: The list of packages to be included should be disussion matter. In example some people love postfix while i rather like exim, but the global idea is, at least for me, include in the distro 2 programs for each need in order to the sysadmin decide which one he will use: - web server: apache, minihttpd - mta: exim, postfix, qmail - imap/pop3: qpopper, courier, cyrus - database: mysql, postgress - radius: freeraidus, radiator - etc... One advantage of an ISP specific branch of Debian may be a quicker release cycle since, hopefully, it will depend on fewer packages, and the bug squashing will be easier. The slow release cycle has been the biggest problem for me as a systems administrator. It is difficult to keep your product line up to date and services up to date, when you are working with outdated packages. I finally gained enough trust in testing and moved over most of my production servers which has alleviated this problem, but I expect I will have it again in a year or two. A quick release in not as important as mantain your distro secure and fault tolerant. However, again i'm agree that is better to patch a small package distro than a general purpose distro with thousands of packages. Other expectations I would have of an ISP friendly distribution of debian would be a cluster friendly file system layout, and a set of shell scripts for managing users, ftp, and web accounts. Currently I use a layout along the lines of /var/www/domains/a/adomain.com/, /var/www/usersite/u/username/, /var/media/qt/a/auser, /var/media/real/a/user Use LVM or help admin use it, ok! But inject script to manipulate users or accounts is not a good idea. For example in my case i use a different organization than your, organization that as you i love and i don't want to be forced to change it: /export/virt-isp/TLD/DOMAIN/htdocs/SUBDOMAINS /export/virt-isp/org/debian/htdocs/www/* With symlinks from the users home directory ~/domains/adomain.com -> domains owned by user, ~/public_html->usersite, ~/media/real/ -> real server content dirs, ~media/Darwin/ -> Darwin content dirs Due to my config i only use 1 symlink for a directory at the same level in the directory structure that 'htdocs' named 'secure' which is intended to be used for SSL content. /export/virt-isp/org/debian/secure | +->/export/virt-isp/org/debian/htdocs/secure I only have to provide shell access on particular servers and users can manage data for all of their services via nfs or your shared file system of choice. I do not have a central authentication architecture in place, currently, just keep uids/permissions etc in line across servers via shell scripts && ssh). I haven't clustered anything besides my mail services yet(still trying to figure out how to best implement everything), but I am currently looking into LVS, and looking for a good low-budget filer/nfs setup to start-with. This is not the moment in fact but i recommend you use a radius for centlam management (there are pam modules for radius authentication named pam_radius) and at least a RAID device or RAID software because your business deppendens on the reliability you can offer. LVS will come then, and beliveme... LVS is not the panacea. I think it is something to keep in mind for allowing ISPs to have an easy expansion path to meet growth. I'm sure there are people out there with better method of implementing this, or maybe better ideas about going about this kind of work, but this seems to work pretty well for my small ISP, but I'm relatively in experienced at this job and kind of hack it together as I go to in attempts to keep legacy customers happy, provide the widest possible base of services and options, keep up with current applications, and make an attempt at maintaining the security of my network. Any feedback, ideas, or suggestions are greatly appreciated. Same feeling. :) .darrel. BR, jonathan -Original Message- From: Jonathan G [mailto:[EMAIL PROTECTED] Sent: Thursday, September 16, 2004 6:12 AM To: [EMAIL PROTECTED] Subject: Re: Defining ISP? Well, we can start reading the following documents about how to create a CDD (Custom Debian Distribution): - http://wiki.debian.net/index.cgi?Cust
Re: Defining ISP?
- Original Message - From: "Darrel O'Pry" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, September 16, 2004 5:35 PM Subject: RE: Defining ISP? > Well I guess I'll try to start a discussion about what would be needed > for an ISP distribution, and present a basic primer to how I run my > systems as an example of needs or things to keep in mind developing an > ISP distribution that can meet a wide variety of needs. > > > I think it might be easier to develop and maintain ISP specific > meta-packages, as Ben Lisle suggested? Would he be willing to put his > existing meta-packages on the open market for community review and > maintenance? > > Meta-Packages that reflect my deployments would include: > >Qmail-MX-scanner (options for NFS, local, and qmtp delivery) > (vpopmail, djbdns, qmail-scr, qmail-scanner, spamassassin, > ClamAV) >Qmail-mailstore-admin > (vpopmail, mysql, qmail-src, apache-ssl, vqadmin, qmailAdmin, > qmailMrtg) >Qmail-POP/Imap(options for delivery from localhost or nfs) > (vpopmail, qmail-src, courier imap, imp/horde) > >listserv-exim ( exim4, mailman, majordomo, majorcool, mhonarc) >listserv-qmail( qmail, mailman, ezmlm, majordomo, majorcool, mhonarc) > >Webserver(apache, suPHP, fastcgi, mod_perl, mod_ssl, zope/plone, > awstats, ) > >MediaServer(icecast2, Darwin, Helix) > >DNS-primary (djbdns, VegaDNS, mysql) >DNS-secondary (djbdns) > >Radius-primary (freeRadius, DialupAdmin, mysql) >Radius-Secondary (freeRadius, mysql) > >Admin-backup (mysql, rsnapshot, phpMyadmin, snort, mrtg, spong ) > > > > One advantage of an ISP specific branch of Debian may be a quicker > release cycle since, hopefully, it will depend on fewer packages, and > the bug squashing will be easier. The slow release cycle has been the > biggest problem for me as a systems administrator. It is difficult to > keep your product line up to date and services up to date, when you are > working with outdated packages. I finally gained enough trust in testing > and moved over most of my production servers which has alleviated this > problem, but I expect I will have it again in a year or two. > > Other expectations I would have of an ISP friendly distribution of > debian would be a cluster friendly file system layout, and a set of > shell scripts for managing users, ftp, and web accounts. Currently > I use a layout along the lines of /var/www/domains/a/adomain.com/, > /var/www/usersite/u/username/, /var/media/qt/a/auser, > /var/media/real/a/user > > With symlinks from the users home directory ~/domains/adomain.com -> > domains owned by user, ~/public_html->usersite, ~/media/real/ -> real > server content dirs, ~media/Darwin/ -> Darwin content dirs > > > I only have to provide shell access on particular servers and users can > manage data for all of their services via nfs or your shared file system > of choice. I do not have a central authentication architecture in place, > currently, just keep uids/permissions etc in line across servers via > shell scripts && ssh). I haven't clustered anything besides my mail > services yet(still trying to figure out how to best implement > everything), but I am currently looking into LVS, and looking for a good > low-budget filer/nfs setup to start-with. > > I think it is something to keep in mind for allowing ISPs to have an > easy expansion path to meet growth. > > I'm sure there are people out there with better method of implementing > this, or maybe better ideas about going about this kind of work, but > this seems to work pretty well for my small ISP, but I'm relatively in > experienced at this job and kind of hack it together as I go to in > attempts to keep legacy customers happy, provide the widest possible > base of services and options, keep up with current applications, and > make an attempt at maintaining the security of my network. Any feedback, > ideas, or suggestions are greatly appreciated. > > .darrel. > > > > > -Original Message- > > From: Jonathan G [mailto:[EMAIL PROTECTED] > > Sent: Thursday, September 16, 2004 6:12 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Defining ISP? > > > > Well, we can start reading the following documents about how to create > a > > CDD (Custom Debian Distribution): > > > > - http://wiki.debian.net/index.cgi?CustomDebian > > - http://alioth.debian.org/projects/cdd/ > > - > > http://people.debian.org/~tille/debian-med/talks/paper-cdd/debian- > > cdd.html/ > > - http://people.debian.org/~kalfa/cdd/debian-devel > > > > > > BR, > >
RE: Defining ISP?
Well I guess I'll try to start a discussion about what would be needed for an ISP distribution, and present a basic primer to how I run my systems as an example of needs or things to keep in mind developing an ISP distribution that can meet a wide variety of needs. I think it might be easier to develop and maintain ISP specific meta-packages, as Ben Lisle suggested? Would he be willing to put his existing meta-packages on the open market for community review and maintenance? Meta-Packages that reflect my deployments would include: Qmail-MX-scanner (options for NFS, local, and qmtp delivery) (vpopmail, djbdns, qmail-scr, qmail-scanner, spamassassin, ClamAV) Qmail-mailstore-admin (vpopmail, mysql, qmail-src, apache-ssl, vqadmin, qmailAdmin, qmailMrtg) Qmail-POP/Imap(options for delivery from localhost or nfs) (vpopmail, qmail-src, courier imap, imp/horde) listserv-exim ( exim4, mailman, majordomo, majorcool, mhonarc) listserv-qmail( qmail, mailman, ezmlm, majordomo, majorcool, mhonarc) Webserver(apache, suPHP, fastcgi, mod_perl, mod_ssl, zope/plone, awstats, ) MediaServer(icecast2, Darwin, Helix) DNS-primary (djbdns, VegaDNS, mysql) DNS-secondary (djbdns) Radius-primary (freeRadius, DialupAdmin, mysql) Radius-Secondary (freeRadius, mysql) Admin-backup (mysql, rsnapshot, phpMyadmin, snort, mrtg, spong ) One advantage of an ISP specific branch of Debian may be a quicker release cycle since, hopefully, it will depend on fewer packages, and the bug squashing will be easier. The slow release cycle has been the biggest problem for me as a systems administrator. It is difficult to keep your product line up to date and services up to date, when you are working with outdated packages. I finally gained enough trust in testing and moved over most of my production servers which has alleviated this problem, but I expect I will have it again in a year or two. Other expectations I would have of an ISP friendly distribution of debian would be a cluster friendly file system layout, and a set of shell scripts for managing users, ftp, and web accounts. Currently I use a layout along the lines of /var/www/domains/a/adomain.com/, /var/www/usersite/u/username/, /var/media/qt/a/auser, /var/media/real/a/user With symlinks from the users home directory ~/domains/adomain.com -> domains owned by user, ~/public_html->usersite, ~/media/real/ -> real server content dirs, ~media/Darwin/ -> Darwin content dirs I only have to provide shell access on particular servers and users can manage data for all of their services via nfs or your shared file system of choice. I do not have a central authentication architecture in place, currently, just keep uids/permissions etc in line across servers via shell scripts && ssh). I haven't clustered anything besides my mail services yet(still trying to figure out how to best implement everything), but I am currently looking into LVS, and looking for a good low-budget filer/nfs setup to start-with. I think it is something to keep in mind for allowing ISPs to have an easy expansion path to meet growth. I'm sure there are people out there with better method of implementing this, or maybe better ideas about going about this kind of work, but this seems to work pretty well for my small ISP, but I'm relatively in experienced at this job and kind of hack it together as I go to in attempts to keep legacy customers happy, provide the widest possible base of services and options, keep up with current applications, and make an attempt at maintaining the security of my network. Any feedback, ideas, or suggestions are greatly appreciated. .darrel. > -Original Message- > From: Jonathan G [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 16, 2004 6:12 AM > To: [EMAIL PROTECTED] > Subject: Re: Defining ISP? > > Well, we can start reading the following documents about how to create a > CDD (Custom Debian Distribution): > > - http://wiki.debian.net/index.cgi?CustomDebian > - http://alioth.debian.org/projects/cdd/ > - > http://people.debian.org/~tille/debian-med/talks/paper-cdd/debian- > cdd.html/ > - http://people.debian.org/~kalfa/cdd/debian-devel > > > BR, > > jonathan > > > > shift wrote: > > hej J. > > > > Me I'd like to be in it. > > > > shift > > > > > > - Original Message - > > From: "Jonathan G" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, September 15, 2004 12:42 PM > > Subject: Re: Defining ISP? > > > > > > > >>I would be so please with the help of the phorun to propose open a new > >>branch into the Debian community dedicated to ISP. > >> > >>Whom of you're interested?? >
Re: Defining ISP?
Well, we can start reading the following documents about how to create a CDD (Custom Debian Distribution): - http://wiki.debian.net/index.cgi?CustomDebian - http://alioth.debian.org/projects/cdd/ - http://people.debian.org/~tille/debian-med/talks/paper-cdd/debian-cdd.html/ - http://people.debian.org/~kalfa/cdd/debian-devel BR, jonathan shift wrote: hej J. Me I'd like to be in it. shift - Original Message - From: "Jonathan G" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 15, 2004 12:42 PM Subject: Re: Defining ISP? I would be so please with the help of the phorun to propose open a new branch into the Debian community dedicated to ISP. Whom of you're interested?? BR, jonathan shift wrote: The idea seems still interesting to me 2 days after the week-end! ( Did some definitive dammage happen? :) I imagine an install, giving possibilities of Raid, backup, replication, networking etc from the start, all necessary tools and programs, in a compact, easy to use distribution with some "ncursed" ISP specific administration tools. Something secure, minimalistic (I like the word and the concept) and with some optimization possibilities. does-it still seem confuse? Is it "une idee farfelue"? shift - Original Message - From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 3:39 PM Subject: Re: Defining ISP? Hi, what i used to do is install a base system and then install some of the package packs i've defined. For example, if what i want is install a web server with php % perl support i use a config file what i've defined myself which contains this: apt-get install apache2-common apache2-mpm-prefork libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl ca-certificates libapache2-mod-php4 php4-mysql php4-pear For the rest of services exactly the same. I'v defined manually the whole list of packages needed for web server, ftp server, irc server, mail server (smtp, pop and imap), antivirus server, etc... If you can build a local mirror of you version of debian, i.e. sarge, you can do local network installations, and your installs will be so fast. That work fine for me at least :) BR, jonathan Christian Hammers wrote: On 2004-09-14 shift wrote: Thinking maybe of a an ISP specific install. Lighter and even more secure. A minimalistic distribution... Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. bye, -christian- P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Jonathan Gonzalez Fernandez (o> mail : [EMAIL PROTECTED] //\ jabber: [EMAIL PROTECTED] V_/ site : www.surestorm.com ::: Registered Linux User #86 ::: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Jonathan Gonzalez Fernandez (o> mail : [EMAIL PROTECTED] //\ jabber: [EMAIL PROTECTED] V_/ site : www.surestorm.com ::: Registered Linux User #86 ::: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
hej J. Me I'd like to be in it. shift - Original Message - From: "Jonathan G" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 15, 2004 12:42 PM Subject: Re: Defining ISP? > I would be so please with the help of the phorun to propose open a new > branch into the Debian community dedicated to ISP. > > Whom of you're interested?? > > BR, > > jonathan > > > > > shift wrote: > > > The idea seems still interesting to me 2 days after the week-end! ( Did > > some definitive dammage happen? :) > > I imagine an install, giving possibilities of Raid, backup, replication, > > networking etc from the start, all necessary tools and programs, in a > > compact, easy to use distribution with some "ncursed" ISP specific > > administration tools. Something secure, minimalistic (I like the word and > > the concept) and with some optimization possibilities. > > does-it still seem confuse? Is it "une idee farfelue"? > > > > shift > > > > - Original Message ----- > > From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, September 14, 2004 3:39 PM > > Subject: Re: Defining ISP? > > > > > > > >>Hi, > >> > >>what i used to do is install a base system and then install some of the > >>package packs i've defined. > >> > >>For example, if what i want is install a web server with php % perl > >>support i use a config file what i've defined myself which contains this: > >> > >> > >>apt-get install apache2-common apache2-mpm-prefork > >>libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common > >>libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl > >>ca-certificates libapache2-mod-php4 php4-mysql php4-pear > >> > >> > >>For the rest of services exactly the same. I'v defined manually the > >>whole list of packages needed for web server, ftp server, irc server, > >>mail server (smtp, pop and imap), antivirus server, etc... > >> > >>If you can build a local mirror of you version of debian, i.e. sarge, > >>you can do local network installations, and your installs will be so fast. > >> > >>That work fine for me at least :) > >> > >>BR, > >> > >>jonathan > >> > >> > >> > >> > >> > >> > >>Christian Hammers wrote: > >> > >> > >>>On 2004-09-14 shift wrote: > >>> > >>> > >>>>Thinking maybe of a an ISP specific install. Lighter and even more > >>>>secure. A minimalistic distribution... > >>> > >>> > >>>Most ISP will probably have different servers for the different services > > > > and on each of them they will start with a secure base install with as few > > software installed as possible and then just install apache/postfix/proftpd > > whatever they need and customize it. > > > >>>I don't see a big bonus in a special ISP distribution. A better > > > > integration of iptables firewalls, vlans or traffic shapers would be nice > > but that's nothing ISP specific. > > > >>>bye, > >>> > >>>-christian- > >>> > >>>P.S.: pbuilder is a nice tool to build minimal installations that you > > > > can just untar onto a new harddisk > > > >> > >>-- > >>To UNSUBSCRIBE, email to [EMAIL PROTECTED] > >>with a subject of "unsubscribe". Trouble? Contact > > > > [EMAIL PROTECTED] > > > > > > > > > > -- > Jonathan Gonzalez Fernandez > > (o> mail : [EMAIL PROTECTED] > //\ jabber: [EMAIL PROTECTED] > V_/ site : www.surestorm.com > >::: Registered Linux User #86 ::: > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
I would be so please with the help of the phorun to propose open a new branch into the Debian community dedicated to ISP. Whom of you're interested?? BR, jonathan shift wrote: The idea seems still interesting to me 2 days after the week-end! ( Did some definitive dammage happen? :) I imagine an install, giving possibilities of Raid, backup, replication, networking etc from the start, all necessary tools and programs, in a compact, easy to use distribution with some "ncursed" ISP specific administration tools. Something secure, minimalistic (I like the word and the concept) and with some optimization possibilities. does-it still seem confuse? Is it "une idee farfelue"? shift - Original Message - From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 3:39 PM Subject: Re: Defining ISP? Hi, what i used to do is install a base system and then install some of the package packs i've defined. For example, if what i want is install a web server with php % perl support i use a config file what i've defined myself which contains this: apt-get install apache2-common apache2-mpm-prefork libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl ca-certificates libapache2-mod-php4 php4-mysql php4-pear For the rest of services exactly the same. I'v defined manually the whole list of packages needed for web server, ftp server, irc server, mail server (smtp, pop and imap), antivirus server, etc... If you can build a local mirror of you version of debian, i.e. sarge, you can do local network installations, and your installs will be so fast. That work fine for me at least :) BR, jonathan Christian Hammers wrote: On 2004-09-14 shift wrote: Thinking maybe of a an ISP specific install. Lighter and even more secure. A minimalistic distribution... Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. bye, -christian- P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Jonathan Gonzalez Fernandez (o> mail : [EMAIL PROTECTED] //\ jabber: [EMAIL PROTECTED] V_/ site : www.surestorm.com ::: Registered Linux User #86 ::: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
The idea seems still interesting to me 2 days after the week-end! ( Did some definitive dammage happen? :) I imagine an install, giving possibilities of Raid, backup, replication, networking etc from the start, all necessary tools and programs, in a compact, easy to use distribution with some "ncursed" ISP specific administration tools. Something secure, minimalistic (I like the word and the concept) and with some optimization possibilities. does-it still seem confuse? Is it "une idee farfelue"? shift - Original Message - From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 3:39 PM Subject: Re: Defining ISP? > Hi, > > what i used to do is install a base system and then install some of the > package packs i've defined. > > For example, if what i want is install a web server with php % perl > support i use a config file what i've defined myself which contains this: > > > apt-get install apache2-common apache2-mpm-prefork > libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common > libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl > ca-certificates libapache2-mod-php4 php4-mysql php4-pear > > > For the rest of services exactly the same. I'v defined manually the > whole list of packages needed for web server, ftp server, irc server, > mail server (smtp, pop and imap), antivirus server, etc... > > If you can build a local mirror of you version of debian, i.e. sarge, > you can do local network installations, and your installs will be so fast. > > That work fine for me at least :) > > BR, > > jonathan > > > > > > > Christian Hammers wrote: > > > On 2004-09-14 shift wrote: > > > >>Thinking maybe of a an ISP specific install. Lighter and even more > >>secure. A minimalistic distribution... > > > > > > Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. > > > > I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. > > > > bye, > > > > -christian- > > > > P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Defining ISP?
> -Original Message- > From: shift [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 15 September 2004 4:13 AM > To: [EMAIL PROTECTED] > Subject: Defining ISP? > > > Hej till alla > > Is it possible to define with some accuracy the needs of ISPs? > Some list of all the components in a Debian that are absolutely necessary > for the ISP work. Is it possible to compose a custom ISP Debian? or custom > ISP debians (different flavours: mail specific, routage-specific, hosting, > db etc...) There are a lot of ways to go about this. I do a bit of research and build my own boot CD depending on hardware requirements. It has an update-to-date kernel with the support you need for various bits of hardware compiled into it. I've usually rolled my own packages from scratch and grouped them depending on function into a larger meta package. An example... I did some contracting for a service provider about 7 months ago. One of the main things they wanted was the ability to deploy new servers that can conform to their standards quickly. I had a base-conform package that pulled down customised packages that were preconfigured (pam, nfs, sudo and others) and removed a lot of crud it didn't need. Depending on what the function of the machine I then did the same sort of deal for that... so mail-server, name-server, samba-server, radius-server, etc. The mail-server meta package pulled down a version of postfix with all the usual extras (clamav, amavis, spamassasin, auth via LDAP, etc.) The post install scripts finished off the rest of the configuration by asking a few questions that it needed to know about. This is a double-edged sword though... you usually take a hit in the ease of upgrade later on. Last I heard they have an administrator who speaks good Debian and he works with it pretty well so it worked out well in the end. Once you start getting larger you might want to investigate using cfengine or something similar for large deployments and making them conform to whatever they are meant to be doing. > mvh > > shift > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED]
Re: Defining ISP?
Oh no, was a typo, is dist-upgrade :) thanks for the note BR, jonthan Arnt Karlsen wrote: On Tue, 14 Sep 2004 17:14:02 +0200, Jonathan wrote in message <[EMAIL PROTECTED]>: 4. apt-get distro-upgrade ..you meant dist-upgrade, or is distro-upgrade different from apt-get dist-upgrade??? -- Jonathan Gonzalez Fernandez (o> mail : [EMAIL PROTECTED] //\ jabber: [EMAIL PROTECTED] V_/ site : www.surestorm.com ::: Registered Linux User #86 ::: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
On Tue, 14 Sep 2004 17:14:02 +0200, Jonathan wrote in message <[EMAIL PROTECTED]>: > 4. apt-get distro-upgrade ..you meant dist-upgrade, or is distro-upgrade different from apt-get dist-upgrade??? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Hello On 2004-09-14 shift wrote: > Using an optimized distrib on an SR2200 (dual PIII 1.4GHz Tualatin-S), > SCSI U160, I have better results on Mysql nemchmarks than with a > non-optimized SR2300-SKU0 dual xeon 3.0 1MB L3 cache and SCSI U320!! Sounds very unrealistic. Are you sure that it wasn't just a question of how much memory was available, using a different MySQL config or chosing the right kernel so that the dual procs were actually detected etc? bye, -christian- pgpTwzk64JGg3.pgp Description: PGP signature
Re: Defining ISP?
Well, about the week-end, you're welcome for another one (...) About the install, I do almost the same. the second part is the optimization. Using an optimized distrib on an SR2200 (dual PIII 1.4GHz Tualatin-S), SCSI U160, I have better results on Mysql nemchmarks than with a non-optimized SR2300-SKU0 dual xeon 3.0 1MB L3 cache and SCSI U320!! - Original Message - From: "Jonathan G" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 5:14 PM Subject: Re: Defining ISP? > yep shift, is what i've done. I've been playing with apt-get and > apt-cache in order to discover all minimal dependencies por a serie of > packages. > > My procedure is the following: > > 1. NetInstall or Minimal install using CD1 from Woody > 2. Minimal Config > 3. Change apt-sources, changing "stable" for "sarge" > 3. apt-get update > 4. apt-get distro-upgrade > > At this step my system is converted from 3.0 Woody to 3.1 Sarge. > Starting from sarge now i star the installation of groups of packages. > > Suppouse that i want to install in a unique box a web, smtp, pop3, > imap4, ftp, database and dns server. > > I have the same config files as servers i want to install. I have in a > file the list of packages for server needed. From console i launch a > batch process calling those files. In about 15' i have a whole system > installed. > > About the configuration, of course, i have done the config once and then > i only copy files from a repository and fix some permission issues on > files, but all documented fine. > > This is my way! > > BR, > > > jonathan > > > > > shift wrote: > > > Well, it seems to be the best method. But isn't it possible to define a > > general list of necessary packages used by ISPs and regroup the whole in a > > minimalistic optimized distribution specificly made for ISP use? And > > excluding all other packages (desktop, non-necessary libraries, windowing > > etc...). > > It's even possible to integrate some optimization tools (apt-build) and > > automatize some installation jobs > > At my actual knowledge, such a distribution doesn't exist. Should it be > > interesting or is it only the remanent effects of a very good long week-end? > > :) > > > > > > BR > > > > shift > > > > - Original Message - > > From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, September 14, 2004 3:39 PM > > Subject: Re: Defining ISP? > > > > > > > >>Hi, > >> > >>what i used to do is install a base system and then install some of the > >>package packs i've defined. > >> > >>For example, if what i want is install a web server with php % perl > >>support i use a config file what i've defined myself which contains this: > >> > >> > >>apt-get install apache2-common apache2-mpm-prefork > >>libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common > >>libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl > >>ca-certificates libapache2-mod-php4 php4-mysql php4-pear > >> > >> > >>For the rest of services exactly the same. I'v defined manually the > >>whole list of packages needed for web server, ftp server, irc server, > >>mail server (smtp, pop and imap), antivirus server, etc... > >> > >>If you can build a local mirror of you version of debian, i.e. sarge, > >>you can do local network installations, and your installs will be so fast. > >> > >>That work fine for me at least :) > >> > >>BR, > >> > >>jonathan > >> > >> > >> > >> > >> > >> > >>Christian Hammers wrote: > >> > >> > >>>On 2004-09-14 shift wrote: > >>> > >>> > >>>>Thinking maybe of a an ISP specific install. Lighter and even more > >>>>secure. A minimalistic distribution... > >>> > >>> > >>>Most ISP will probably have different servers for the different services > > > > and on each of them they will start with a secure base install with as few > > software installed as possible and then just install apache/postfix/proftpd > > whatever they need and customize it. > > > >>>I don't see a big bonus in a special ISP distribution. A better > > > > integration of iptables firewalls, vlans or traffic shapers would be nice > > but that's nothing ISP specific. > > > >>>bye, > >>> > >>>-christian- > >>> > >>>P.S.: pbuilder is a nice tool to build minimal installations that you > > > > can just untar onto a new harddisk > > > >> > >>-- > >>To UNSUBSCRIBE, email to [EMAIL PROTECTED] > >>with a subject of "unsubscribe". Trouble? Contact > > > > [EMAIL PROTECTED] > > > > > > > > -- > Jonathan Gonzalez Fernandez > > (o> mail : [EMAIL PROTECTED] > //\ jabber: [EMAIL PROTECTED] > V_/ site : www.surestorm.com > >::: Registered Linux User #86 ::: > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
About this. (comments in line) shift wrote: At my actual knowledge, such a distribution doesn't exist. Should it be interesting or is it only the remanent effects of a very good long week-end? i'm quite interested. :) jonathan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
yep shift, is what i've done. I've been playing with apt-get and apt-cache in order to discover all minimal dependencies por a serie of packages. My procedure is the following: 1. NetInstall or Minimal install using CD1 from Woody 2. Minimal Config 3. Change apt-sources, changing "stable" for "sarge" 3. apt-get update 4. apt-get distro-upgrade At this step my system is converted from 3.0 Woody to 3.1 Sarge. Starting from sarge now i star the installation of groups of packages. Suppouse that i want to install in a unique box a web, smtp, pop3, imap4, ftp, database and dns server. I have the same config files as servers i want to install. I have in a file the list of packages for server needed. From console i launch a batch process calling those files. In about 15' i have a whole system installed. About the configuration, of course, i have done the config once and then i only copy files from a repository and fix some permission issues on files, but all documented fine. This is my way! BR, jonathan shift wrote: Well, it seems to be the best method. But isn't it possible to define a general list of necessary packages used by ISPs and regroup the whole in a minimalistic optimized distribution specificly made for ISP use? And excluding all other packages (desktop, non-necessary libraries, windowing etc...). It's even possible to integrate some optimization tools (apt-build) and automatize some installation jobs At my actual knowledge, such a distribution doesn't exist. Should it be interesting or is it only the remanent effects of a very good long week-end? :) BR shift - Original Message - From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 3:39 PM Subject: Re: Defining ISP? Hi, what i used to do is install a base system and then install some of the package packs i've defined. For example, if what i want is install a web server with php % perl support i use a config file what i've defined myself which contains this: apt-get install apache2-common apache2-mpm-prefork libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl ca-certificates libapache2-mod-php4 php4-mysql php4-pear For the rest of services exactly the same. I'v defined manually the whole list of packages needed for web server, ftp server, irc server, mail server (smtp, pop and imap), antivirus server, etc... If you can build a local mirror of you version of debian, i.e. sarge, you can do local network installations, and your installs will be so fast. That work fine for me at least :) BR, jonathan Christian Hammers wrote: On 2004-09-14 shift wrote: Thinking maybe of a an ISP specific install. Lighter and even more secure. A minimalistic distribution... Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. bye, -christian- P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Jonathan Gonzalez Fernandez (o> mail : [EMAIL PROTECTED] //\ jabber: [EMAIL PROTECTED] V_/ site : www.surestorm.com ::: Registered Linux User #86 ::: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Well, it seems to be the best method. But isn't it possible to define a general list of necessary packages used by ISPs and regroup the whole in a minimalistic optimized distribution specificly made for ISP use? And excluding all other packages (desktop, non-necessary libraries, windowing etc...). It's even possible to integrate some optimization tools (apt-build) and automatize some installation jobs At my actual knowledge, such a distribution doesn't exist. Should it be interesting or is it only the remanent effects of a very good long week-end? :) BR shift - Original Message - From: "Jonathan G - Mailing Lists" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 3:39 PM Subject: Re: Defining ISP? > Hi, > > what i used to do is install a base system and then install some of the > package packs i've defined. > > For example, if what i want is install a web server with php % perl > support i use a config file what i've defined myself which contains this: > > > apt-get install apache2-common apache2-mpm-prefork > libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common > libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl > ca-certificates libapache2-mod-php4 php4-mysql php4-pear > > > For the rest of services exactly the same. I'v defined manually the > whole list of packages needed for web server, ftp server, irc server, > mail server (smtp, pop and imap), antivirus server, etc... > > If you can build a local mirror of you version of debian, i.e. sarge, > you can do local network installations, and your installs will be so fast. > > That work fine for me at least :) > > BR, > > jonathan > > > > > > > Christian Hammers wrote: > > > On 2004-09-14 shift wrote: > > > >>Thinking maybe of a an ISP specific install. Lighter and even more > >>secure. A minimalistic distribution... > > > > > > Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. > > > > I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. > > > > bye, > > > > -christian- > > > > P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
Hi, what i used to do is install a base system and then install some of the package packs i've defined. For example, if what i want is install a web server with php % perl support i use a config file what i've defined myself which contains this: apt-get install apache2-common apache2-mpm-prefork libapache2-mod-auth-mysql libapache2-mod-perl2 php4-common libmailtools-perl libhtml-format-perl bzip2 file libio-socket-ssl-perl ca-certificates libapache2-mod-php4 php4-mysql php4-pear For the rest of services exactly the same. I'v defined manually the whole list of packages needed for web server, ftp server, irc server, mail server (smtp, pop and imap), antivirus server, etc... If you can build a local mirror of you version of debian, i.e. sarge, you can do local network installations, and your installs will be so fast. That work fine for me at least :) BR, jonathan Christian Hammers wrote: On 2004-09-14 shift wrote: Thinking maybe of a an ISP specific install. Lighter and even more secure. A minimalistic distribution... Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. bye, -christian- P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Defining ISP?
On 2004-09-14 shift wrote: > Thinking maybe of a an ISP specific install. Lighter and even more > secure. A minimalistic distribution... Most ISP will probably have different servers for the different services and on each of them they will start with a secure base install with as few software installed as possible and then just install apache/postfix/proftpd whatever they need and customize it. I don't see a big bonus in a special ISP distribution. A better integration of iptables firewalls, vlans or traffic shapers would be nice but that's nothing ISP specific. bye, -christian- P.S.: pbuilder is a nice tool to build minimal installations that you can just untar onto a new harddisk pgpegR2kKupp5.pgp Description: PGP signature
Re: Defining ISP?
That's what I am actually doing :) Base system then dpkg... But what I'd like to do is something different. Thinking maybe of a an ISP specific install. Lighter and even more secure. A minimalistic distribution... I don't know if there are other persons interested... mvh shift - Original Message - From: "Christofer Algotsson" <[EMAIL PROTECTED]> To: "'shift'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, September 14, 2004 2:24 PM Subject: SV: Defining ISP? > > Is it possible to define with some accuracy the needs of ISPs? Some > > list of all the components in a Debian that are absolutely necessary > > for the ISP work. Is it possible to compose a custom ISP Debian? or > > I.e compose your own debian-distribution? > > > I'd install base-system and dpkg --get-selections < my-needs > > /Chris > > > custom ISP debians (different flavours: mail specific, > > routage-specific, hosting, db etc...) > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
