On 26 September 2011 22:18, Bruno Girin <brunogi...@gmail.com> wrote: > On 26/09/11 21:35, Matthew Daubney wrote: >> >> On 26 September 2011 21:17, Alan Pope<a...@popey.com> wrote: >> <snip> >> >>> Ahh, SoHo server... a perennial "want" of many (including myself). >> >> I'm getting so annoyed by this being missing it's starting to become an >> itch :( >> >>> I'll refer you to this spec:- >>> >>> https://wiki.ubuntu.com/UbuntuEasyBusinessServer >> >> Ah, lovely. I agreed with it largely until this.... >> "The interface will be web based" >> And then I wanted to curl up in the foetal position and cry. >> >> BEWARE RANT AHOY! >> >> <rant> >> Why do people always want these things web based? I'd much rather >> prefer something that works simply in a nice easy gui that I could >> VNC/whatever into. In order to make things like this web based, you >> either have to lose some flexibility and/or can make it really hard to >> report back to the user what actually is going on. I've never really >> found a web based configuration gui I liked (and I write them for >> work). > > Well the main benefit of a web based UI is that you don't need all the > desktop GUI libraries on the server, which means that the server stays a > server and can be a fairly lean machine that doesn't burn CPU to paint a > desktop (important for a small office where running a powerful server 24x7 > can be prohibitively expensive and/or noisy). And considering the size and > complexity of GUI code these days, adding a GUI to a server is likely to > increase the potential for bug several folds. > > I hear what you say about web front-ends but balancing the pros and cons, I > would still go for a web front-end, mainly to keep the server lightweight. > This doesn't preclude a standard GUI front-end on client machines though.
*Yes.* This. What he said, in spades. Linux servers should be low-resource and efficient, so they can devote their RAM to caching and so on - not X. Secondly, a GUI encourages people to run apps on the server, browse the web or whatever - stuff you don't want happening. I have maintained many Windows Server boxes and you'd be amazed at all the rubbish people install. Eval versions of things, trialware, whole office suites, etc. One man's useless junk is another's "essential" tool. SME Server has a pretty decent web interface; so does Smoothwall. Both merit a look for anyone designing such a thing. If you'll forgive me paraphrasing the OP: >>> I'll refer you to this spec:- >>> >>> https://wiki.ubuntu.com/UbuntuEasyBusinessServer >> >> Ah, lovely. I agreed with it largely until this.... >> Firewall/Internet gateway This is a core function of SME Server, ClearOS and Zentyal, and I feel it shouldn't be. A Linux box that is exposed directly to the Internet is a potential weak point, a point of entry into the network - /especially/ if it's not up to date or not configured correctly. E.g., by a non-expert who chose a distro that does this for them because they are not sure what they're doing. This is doubly hazardous if said router is also a file/mail/web server: if the crackers break into the firewall, they don't need to get /through/ it - they are into the organization's main storage device, full of user passwords, possibly-confidential files and so on. It's quite difficult to find a low-end to mid-range ISP these days that /doesn't/ provide a router for free with their connections. You don't want a NAT firewall talking to another NAT firewall - there's no real benefit, it saps performance and it can stop some apps working. Firewalls are a solved problem now. There are lots of good routers, even OpenWRT if you want to get in their and fiddle. The server should be just a server; if it has multiple NICs, team them for resilience. Assume that in most cases the router will also be a DHCP server and the upstream DNS server. If possible, Universal PnP support might be useful so that the server can interrogate the router for settings and config. -- Liam Proven • Info & profile: http://www.google.com/profiles/lproven Email: lpro...@cix.co.uk • GMail/GoogleTalk/Orkut: lpro...@gmail.com Tel: +44 20-8685-0498 • Cell: +44 7939-087884 • Fax: + 44 870-9151419 AIM/Yahoo/Skype: liamproven • MSN: lpro...@hotmail.com • ICQ: 73187508 -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
