Build a home server - take two, part 4.
Set up the file server
Okay! So far you have installed the operating system, configured monitoring, created a zpool for your data. You have also configured hourly, daily, weekly and monthly snapshots, so that you can rollback during workdays for example. Now it is time to configure the file server. Focus for now is fileshaing for Windows. We will use Jails to contain the file server. The containment is very useful because the jailed server acts on its own, has got its own IP address and FQDN and can not "escape" its confinement and taint the host. In case of a misconfiguration or something else that makes the jailed server unuseable, the host will not be affexted. This is very powerful!
Start with installing Samba:
Add ADS, ACL_SUPPORT, AIO_SUPPORT and DNSUPDATE.
Following dialogs:
tdb 1.2.9.1 - default
talloc 2.0.7 - default
cups-client 1.5.2_2 - default
openldap-client 2.4.31_1 - default
If you are not planning to use Active Directory as a central authentication source, you just have a few things left; install and configure a jailed Samba server.
(http://people.virginia.edu/~ll2bf/docs/nix/freebsd_jail.html, http://www.freebsd.org/doc/handbook/jails-build.html, http://erdgeist.org/arts/software/ezjail/)
Continue with installing EZJail:
...and creating a filesystem for the jail template:
My
20120610, 20.50: Croatia scores!
Okay! So far you have installed the operating system, configured monitoring, created a zpool for your data. You have also configured hourly, daily, weekly and monthly snapshots, so that you can rollback during workdays for example. Now it is time to configure the file server. Focus for now is fileshaing for Windows. We will use Jails to contain the file server. The containment is very useful because the jailed server acts on its own, has got its own IP address and FQDN and can not "escape" its confinement and taint the host. In case of a misconfiguration or something else that makes the jailed server unuseable, the host will not be affexted. This is very powerful!
Start with installing Samba:
ohlala# cd /usr/ports/sysutils/ezjail && make install cleanAdd ADS, ACL_SUPPORT, AIO_SUPPORT and DNSUPDATE.
Following dialogs:
tdb 1.2.9.1 - default
talloc 2.0.7 - default
cups-client 1.5.2_2 - default
openldap-client 2.4.31_1 - default
If you are not planning to use Active Directory as a central authentication source, you just have a few things left; install and configure a jailed Samba server.
(http://people.virginia.edu/~ll2bf/docs/nix/freebsd_jail.html, http://www.freebsd.org/doc/handbook/jails-build.html, http://erdgeist.org/arts/software/ezjail/)
Continue with installing EZJail:
ohlala# cd /usr/ports/sysutils/ezjail/
ohlala# make install clean...and creating a filesystem for the jail template:
zfs create data/jailMy
/usr/local/etc/ezjail.conf:
ezjail_jaildir=/data/virt/jails
ezjail_jailtemplate=${ezjail_jaildir}/jailskel-template
ezjail_jailbase=${ezjail_jaildir}/jailbig-template
ezjail_sourcetree=/usr/src
# [email protected]:/home/ncvs
# ezjail_ftphost=ftp.freebsd.org
ezjail_default_execute="/usr/bin/login -f root"
ezjail_default_flavour=""
ezjail_archivedir="${ezjail_jaildir}/ezjail_archives"
ezjail_uglyperlhack="YES"
ezjail_mount_enable="YES"
ezjail_devfs_enable="YES"
ezjail_devfs_ruleset="devfsrules_jail"
ezjail_procfs_enable="YES"
ezjail_fdescfs_enable="YES"
# Setting this to YES will start to manage the basejail and newjail in ZFS ezjail_use_zfs="YES"
# The name of the ZFS ezjail should create jails on, it will be mounted at the ezjail_jaildir
ezjail_jailzfs="data/virt/jails"
# ADVANCED, be very careful!
ezjail_zfs_properties="-o compression=lzjb -o atime=off"20120610, 20.50: Croatia scores!
Kommentarer
Trackback
