Like a lot of families these days, our household IT
infrastructure has had to adapt as we all became more and more fond
of computers for work, school and recreation. With digital
photograpy, ripping hundreds of CDs, describing our various
activities and travels on web pages, two teenagers and the
heavy use of email, and the need to provide stable storage for
homework and digital art, we've been playing catchup for a while.
This led us directly to designing and building a new server to handle
storage of all the digital media, web-serving and email. At the
same time, I was tired of the whine from the surplus X1 rack mount
server I had stuffed in the closet, and decided to merge my home
desktop and server together to reduce power consumption. With
some
thinking we arrived at the following hardware design:
Tyan 2865 motherboard - 4 SATA ports that worked w/ Solaris in compatibility mode, sound and an on-board nvidia gigabit ethernet chip, both supported by Solaris.
2 x 2.6 GHZ AMD CPU; this was rather more CPU than I originally planned, but sometimes things turn up...
1 GB ECC RAM, later upgraded to 2 GB.
4 x 500 GB Seagate drives for data storage, plus a leftover 40GB IDE drive for root and a DVD-RW drive for movies and burning DVDs.
NVIdia 6600 GT video card - available for a reasonable price and with good 3D graphics for playing with those video game ports to Solaris. With the bundled NVidia OpenGL drivers in 55, the cool screen savers work out of the box, too!
450 W power supply
inexpensive second NIC for our external interface; I happened to have an $7 Airlink card which uses the Realtek part; this works out of the box as well.
A small case - I used an Antec Lanboy as they're small and
light. In retrospect, a larger case such as an Antec P180
would have been a better choice. I do like the disk
cooling on this design, though - the 120 MM (blue, heh) fan keeps
the drive temps very moderate.
Well, this went together pretty easily (especially since I had my son do all the work...). The software selection and configuration was actually considerably more effort than picking the hardware components and building the system. We're now running:
the bundled Bind 9 for handling internal, dmz and external views of our various domains.
the bundled Apache 2.2 handles our various web pages and our 3 virtual domains.
the bundled dhcp server handles DHCP service. I configured this with dhcpmgr.
the bundled Samba server provides NAS for the various Microsoft and Mac clients in the house. With the latest OS-X builds, NFS works well enough to use; we may switch. I use Swat to configure Samba.
Printing is provided by the stock lp and ipp-listeners aided by Samba (also bundled) for the kid's microsoft game platforms. I configured this with printmgr. We print to an HP1200 that has worked flawlessly for years w/ just a couple of toner changes.
the bundled IPFilter provides carefully controlled port filtering on both the external and internal network interfaces.
Dovecot (compiled from source) provides IMAP service for both our LAN and (with SSL) over the Internet. This service is under SMF control so it starts automatically when the machine boots.
Postfix (compiled from source + Berkeley DBM libraries). This provides SMTP service with TLS and AUTH needed to control relaying by family members using external connections. The anti-SPAM features are also excellent and pretty easy to setup given the numerous how-to guides available on the web.
the unbundled SUNcry{r} encryption packages I needed to get the bundled OpenSSL libraries working correctly w/ TLS and Thunderbird.
OpenFire jabber server
slimserver 6.5.4 and mysql 5.0 to support the Logitech Squeeze Box we got for Christmas.
So far things are working very well. The 4x500 GB drives are in a RAID-Z configuration with ZFS; we can sustain 120 MB/sec or so reading or writing to the 20 odd filesystems configured on the single pool. Samba works well enough; we managed to feed 10 different files to 10 different clients at nearly 100Mb/sec apiece during one of the kids' Lan parties. Dovecot in particular seems very fast on top of ZFS. What are we still thinking about changing? Well:
My son wants a Ventrilo audio server for his Guild Wars games. Another manifest, some more testing.
I may add greylisting to our SPAM prevention techniques; this will require a bit more configuration work.
I'm thinking about adding a separate Ethernet interface to plug in the wireless router This will let me experiment with more secure ways to configure wireless services.
When ZFS root and boot is supported , I'll configure another pair of drives for a mirrored root pool using a SI3114 card.