unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed
* My very own Guix System Server in my apartment
@ 2021-06-30 15:35 Joshua Branson
  2021-06-30 15:58 ` Gary Johnson
                   ` (6 more replies)
  0 siblings, 7 replies; 11+ messages in thread
From: Joshua Branson @ 2021-06-30 15:35 UTC (permalink / raw)
  To: help-guix

Hello Guix people!

So I will shortly be setting up my very own Guix System server in my
apartment!  I am super excited!  I would love to hear any and all
advice.  I should probably set up a good firewall.  I should probably
use REALLY LONG passwords.  AND ONLY use ssh authentication.

I plan to have this Guix System Server host my websites:

gnucode.me and propernaming.org.

I intend this server to host email for the above sites.

I do have a static IP address a signed by my ISP.

I want to run cuirass or the Guix Build Coordinator.

I want to run a GNU FM and or libre.fm instance.

What else should I do with said server?

It's a Dell Optiplex 7020 with 30GB of RAM with a 3TB HDD.  It cost me
$250 USD.


What do you all think?

Joshua


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
@ 2021-06-30 15:58 ` Gary Johnson
  2021-06-30 18:10 ` jbranso
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 11+ messages in thread
From: Gary Johnson @ 2021-06-30 15:58 UTC (permalink / raw)
  To: Joshua Branson; +Cc: help-guix

Joshua Branson <jbranso@dismail.de> writes:

> Hello Guix people!
>
> So I will shortly be setting up my very own Guix System server in my
> apartment!
>
> [enthusiasm and a list of services to run on the new server...]
>
> What else should I do with said server?

Run a Gemini server, of course!

https://gemini.circumlunar.space/

Happy hacking!
  Gary

-- 
GPG Key ID: 7BC158ED
Use `gpg --search-keys lambdatronic' to find me
Protect yourself from surveillance: https://emailselfdefense.fsf.org
=======================================================================
()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments

Why is HTML email a security nightmare? See https://useplaintext.email/

Please avoid sending me MS-Office attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
  2021-06-30 15:58 ` Gary Johnson
@ 2021-06-30 18:10 ` jbranso
  2021-06-30 19:25 ` Jonathan McHugh
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 11+ messages in thread
From: jbranso @ 2021-06-30 18:10 UTC (permalink / raw)
  To: Gary Johnson; +Cc: help-guix

Yes I do want to do that!  Thanks for the reminder!

June 30, 2021 12:02 PM, "Gary Johnson" <lambdatronic@disroot.org> wrote:

> Joshua Branson <jbranso@dismail.de> writes:
> 
>> Hello Guix people!
>> 
>> So I will shortly be setting up my very own Guix System server in my
>> apartment!
>> 
>> [enthusiasm and a list of services to run on the new server...]
>> 
>> What else should I do with said server?
> 
> Run a Gemini server, of course!
> 
> https://gemini.circumlunar.space
> 
> Happy hacking!
> Gary
> 
> --
> GPG Key ID: 7BC158ED
> Use `gpg --search-keys lambdatronic' to find me
> Protect yourself from surveillance: https://emailselfdefense.fsf.org
> =======================================================================
> () ascii ribbon campaign - against html e-mail
> /\ www.asciiribbon.org - against proprietary attachments
> 
> Why is HTML email a security nightmare? See https://useplaintext.email
> 
> Please avoid sending me MS-Office attachments.
> See http://www.gnu.org/philosophy/no-word-attachments.html


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
  2021-06-30 15:58 ` Gary Johnson
  2021-06-30 18:10 ` jbranso
@ 2021-06-30 19:25 ` Jonathan McHugh
  2021-06-30 20:24 ` Paul Jewell
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 11+ messages in thread
From: Jonathan McHugh @ 2021-06-30 19:25 UTC (permalink / raw)
  To: Gary Johnson, Joshua Branson; +Cc: help-guix

Snap!

Joshua is well suited for the Gemini community as they equally enjoy writing.

The Gemini mailing list is full of interesting ideas
=> https://lists.orbitalfox.eu/listinfo/gemini

One of them is NNCP
=> https://lists.orbitalfox.eu/listinfo/gemini
> (Node to Node copy) is a collection of utilities simplifying secure store-and-forward files, mail and command exchanging.

Its comparison with alternative solutions paints it in a good light
=> http://www.nncpgo.org/Comparison.html

Im dreaming of what 30GB of RAM can do, nom, nom, nom

====================
Jonathan McHugh
indieterminacy@libre.brussels

June 30, 2021 6:05 PM, "Gary Johnson" <lambdatronic@disroot.org> wrote:

> Joshua Branson <jbranso@dismail.de> writes:
> 
>> Hello Guix people!
>> 
>> So I will shortly be setting up my very own Guix System server in my
>> apartment!
>> 
>> [enthusiasm and a list of services to run on the new server...]
>> 
>> What else should I do with said server?
> 
> Run a Gemini server, of course!
> 
> https://gemini.circumlunar.space
> 
> Happy hacking!
> Gary
> 
> --
> GPG Key ID: 7BC158ED
> Use `gpg --search-keys lambdatronic' to find me
> Protect yourself from surveillance: https://emailselfdefense.fsf.org
> =======================================================================
> () ascii ribbon campaign - against html e-mail
> /\ www.asciiribbon.org - against proprietary attachments
> 
> Why is HTML email a security nightmare? See https://useplaintext.email
> 
> Please avoid sending me MS-Office attachments.
> See http://www.gnu.org/philosophy/no-word-attachments.html


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
                   ` (2 preceding siblings ...)
  2021-06-30 19:25 ` Jonathan McHugh
@ 2021-06-30 20:24 ` Paul Jewell
  2021-07-01  2:56 ` Bone Baboon
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 11+ messages in thread
From: Paul Jewell @ 2021-06-30 20:24 UTC (permalink / raw)
  To: help-guix

Watching with interest Joshua! Please make more videos detailing the 
process - I find your other videos illuminating!

I feel I should also try this at some point, and stop using an off site 
server.

--

Paul

On 30/06/2021 16:35, Joshua Branson wrote:
> Hello Guix people!
>
> So I will shortly be setting up my very own Guix System server in my
> apartment!  I am super excited!  I would love to hear any and all
> advice.  I should probably set up a good firewall.  I should probably
> use REALLY LONG passwords.  AND ONLY use ssh authentication.
>
> I plan to have this Guix System Server host my websites:
>
> gnucode.me and propernaming.org.
>
> I intend this server to host email for the above sites.
>
> I do have a static IP address a signed by my ISP.
>
> I want to run cuirass or the Guix Build Coordinator.
>
> I want to run a GNU FM and or libre.fm instance.
>
> What else should I do with said server?
>
> It's a Dell Optiplex 7020 with 30GB of RAM with a 3TB HDD.  It cost me
> $250 USD.
>
>
> What do you all think?
>
> Joshua
>


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
                   ` (3 preceding siblings ...)
  2021-06-30 20:24 ` Paul Jewell
@ 2021-07-01  2:56 ` Bone Baboon
  2021-07-01 10:00   ` Joshua Branson
  2021-07-01  8:25 ` Jonathan McHugh
  2021-07-01 18:21 ` david larsson
  6 siblings, 1 reply; 11+ messages in thread
From: Bone Baboon @ 2021-07-01  2:56 UTC (permalink / raw)
  To: Joshua Branson; +Cc: help-guix


Joshua Branson writes:
> So I will shortly be setting up my very own Guix System server in my
> apartment!  I am super excited!

> What else should I do with said server?

Having a public access Guix server would be a nice way for people to try
out Guix.

Two examples of public access servers that I am aware of are the
tildeverse and SDF.

<https://tildeverse.org/>
<http://sdf.org/>

Currently the tildeverse does not have any servers that are running FSDG
distributions. <https://tildeverse.org/members/>

Interestingly this ties in with the other responses about Gemini as when
I was asking about Gemini on Freenode I was directed to
#gemini@tilde.chat which is on the tildeverse IRC network. 
<https://tilde.chat/>


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
                   ` (4 preceding siblings ...)
  2021-07-01  2:56 ` Bone Baboon
@ 2021-07-01  8:25 ` Jonathan McHugh
  2021-07-01 10:11   ` Joshua Branson
  2021-07-01 12:01   ` Jonathan McHugh
  2021-07-01 18:21 ` david larsson
  6 siblings, 2 replies; 11+ messages in thread
From: Jonathan McHugh @ 2021-07-01  8:25 UTC (permalink / raw)
  To: Bone Baboon, Joshua Branson; +Cc: help-guix

Dear Bone,

A great suggestion.

I do wonder whether a 'Guildiverxe' would require more than 30GB to manage users compiling scripts. I guess a build farm strategy would have to be used where precompiled scripts are unavailable.

Would such an enquiry be for the bods upstairs though?
=> https://lists.nongnu.org/archive/html/guix-devel/

====================
Jonathan McHugh
indieterminacy@libre.brussels

July 1, 2021 5:05 AM, "Bone Baboon" <bone.baboon@disroot.org> wrote:

> Joshua Branson writes:
> 
>> So I will shortly be setting up my very own Guix System server in my
>> apartment! I am super excited!
>> 
>> What else should I do with said server?
> 
> Having a public access Guix server would be a nice way for people to try
> out Guix.
> 
> Two examples of public access servers that I am aware of are the
> tildeverse and SDF.
> 
> <https://tildeverse.org>
> <http://sdf.org>
> 
> Currently the tildeverse does not have any servers that are running FSDG
> distributions. <https://tildeverse.org/members>
> 
> Interestingly this ties in with the other responses about Gemini as when
> I was asking about Gemini on Freenode I was directed to
> #gemini@tilde.chat which is on the tildeverse IRC network.
> <https://tilde.chat>


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-07-01  2:56 ` Bone Baboon
@ 2021-07-01 10:00   ` Joshua Branson
  0 siblings, 0 replies; 11+ messages in thread
From: Joshua Branson @ 2021-07-01 10:00 UTC (permalink / raw)
  To: Bone Baboon; +Cc: help-guix

Bone Baboon <bone.baboon@disroot.org> writes:

> Joshua Branson writes:
>> So I will shortly be setting up my very own Guix System server in my
>> apartment!  I am super excited!
>
>> What else should I do with said server?
>
> Having a public access Guix server would be a nice way for people to try
> out Guix.
>
> Two examples of public access servers that I am aware of are the
> tildeverse and SDF.
>
> <https://tildeverse.org/>
> <http://sdf.org/>

I like that idea!  I was actually thinking that Guix System lets regular
users interact with the system...I could probably define an nginx
service that does what https://tilde.club/ does namely a user puts a
static site in their home directory, and it gets served at

https://tilde.club/~<user>/

>
> Currently the tildeverse does not have any servers that are running FSDG
> distributions. <https://tildeverse.org/members/>
>
> Interestingly this ties in with the other responses about Gemini as when
> I was asking about Gemini on Freenode I was directed to
> #gemini@tilde.chat which is on the tildeverse IRC network.
> <https://tilde.chat/>

--
Joshua Branson (joshuaBPMan in #guix)
Sent from Emacs and Gnus
  https://gnucode.me
  https://video.hardlimit.com/accounts/joshua_branson/video-channels
  https://propernaming.org
  "You can have whatever you want, as long as you help
enough other people get what they want." - Zig Ziglar


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-07-01  8:25 ` Jonathan McHugh
@ 2021-07-01 10:11   ` Joshua Branson
  2021-07-01 12:01   ` Jonathan McHugh
  1 sibling, 0 replies; 11+ messages in thread
From: Joshua Branson @ 2021-07-01 10:11 UTC (permalink / raw)
  To: Jonathan McHugh; +Cc: Bone Baboon, help-guix

"Jonathan McHugh" <indieterminacy@libre.brussels> writes:

> Dear Bone,
>
> A great suggestion.
>
> I do wonder whether a 'Guildiverxe' would require more than 30GB to
> manage users compiling scripts. I guess a build farm strategy would
> have to be used where precompiled scripts are unavailable.

This is something to consider I suppose...I'll just have to set
something up and see what what happens.

>
> Would such an enquiry be for the bods upstairs though?
> => https://lists.nongnu.org/archive/html/guix-devel/

I might mail them to get some pointers for setting up a public access
space.  Thanks for the tip!  And I might email Guix HPC too.

>
> ====================
> Jonathan McHugh
> indieterminacy@libre.brussels
>
> July 1, 2021 5:05 AM, "Bone Baboon" <bone.baboon@disroot.org> wrote:
>
>> Joshua Branson writes:
>>
>>> So I will shortly be setting up my very own Guix System server in my
>>> apartment! I am super excited!
>>>
>>> What else should I do with said server?
>>
>> Having a public access Guix server would be a nice way for people to try
>> out Guix.
>>
>> Two examples of public access servers that I am aware of are the
>> tildeverse and SDF.
>>
>> <https://tildeverse.org>
>> <http://sdf.org>
>>
>> Currently the tildeverse does not have any servers that are running FSDG
>> distributions. <https://tildeverse.org/members>
>>
>> Interestingly this ties in with the other responses about Gemini as when
>> I was asking about Gemini on Freenode I was directed to
>> #gemini@tilde.chat which is on the tildeverse IRC network.
>> <https://tilde.chat>

--
Joshua Branson (joshuaBPMan in #guix)
Sent from Emacs and Gnus
  https://gnucode.me
  https://video.hardlimit.com/accounts/joshua_branson/video-channels
  https://propernaming.org
  "You can have whatever you want, as long as you help
enough other people get what they want." - Zig Ziglar


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-07-01  8:25 ` Jonathan McHugh
  2021-07-01 10:11   ` Joshua Branson
@ 2021-07-01 12:01   ` Jonathan McHugh
  1 sibling, 0 replies; 11+ messages in thread
From: Jonathan McHugh @ 2021-07-01 12:01 UTC (permalink / raw)
  To: Joshua Branson; +Cc: help-guix

Joshua,

Im sure you will be fine. Who knows, by the time you run into scaling difficulties you may already have many power users intimate with your service.

I consider the Tilde concept honourable, as it encourages people to trust each other more. Id like to think Guix' security standards and reproducability fits into the mould (though Id countenance the server costs would be more than some leaner (Alpine style) OSes).

Should that cutting eventually grow branches, Id be happy to water the soil, cut leaves and eat the fruit. FYI Im trying to plan services later this year, hopefully I can be in your slipstream. I should email you privately re a recent thread in any case.

====================
Jonathan McHugh
indieterminacy@libre.brussels

July 1, 2021 12:11 PM, "Joshua Branson" <jbranso@dismail.de> wrote:

> "Jonathan McHugh" <indieterminacy@libre.brussels> writes:
> 
>> Dear Bone,
>> 
>> A great suggestion.
>> 
>> I do wonder whether a 'Guildiverxe' would require more than 30GB to
>> manage users compiling scripts. I guess a build farm strategy would
>> have to be used where precompiled scripts are unavailable.
> 
> This is something to consider I suppose...I'll just have to set
> something up and see what what happens.
> 
>> Would such an enquiry be for the bods upstairs though?
>> => https://lists.nongnu.org/archive/html/guix-devel
> 
> I might mail them to get some pointers for setting up a public access
> space. Thanks for the tip! And I might email Guix HPC too.


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: My very own Guix System Server in my apartment
  2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
                   ` (5 preceding siblings ...)
  2021-07-01  8:25 ` Jonathan McHugh
@ 2021-07-01 18:21 ` david larsson
  6 siblings, 0 replies; 11+ messages in thread
From: david larsson @ 2021-07-01 18:21 UTC (permalink / raw)
  To: Joshua Branson; +Cc: help-guix, Help-Guix

On 2021-06-30 17:35, Joshua Branson wrote:
> Hello Guix people!
> 
> So I will shortly be setting up my very own Guix System server in my
> apartment!  I am super excited!  I would love to hear any and all
> advice.  I should probably set up a good firewall.  I should probably
> use REALLY LONG passwords.  AND ONLY use ssh authentication.
> 
> I plan to have this Guix System Server host my websites:
> 
> gnucode.me and propernaming.org.
> 
> I intend this server to host email for the above sites.
> 
> I do have a static IP address a signed by my ISP.
> 
> I want to run cuirass or the Guix Build Coordinator.
> 
> I want to run a GNU FM and or libre.fm instance.
> 
> What else should I do with said server?
> 
> It's a Dell Optiplex 7020 with 30GB of RAM with a 3TB HDD.  It cost me
> $250 USD.

Sounds like you got quite a deal :-P

> 
> 
> What do you all think?
> 
> Joshua

Hi Joshua,

I am excited to hear how this goes!

I can suggest a few things (that may be a bit advanced):

1. Setup the email servers with a spamassasin spamfilter, and make it 
pass the big email providers' spam filters (checking with for example: 
https://duckduckgo.com/l/?uddg=https%3A%2F%2Fwww.mail-tester.com%2F&notrut=duckduck_in). 
For this you usually need ur ISP to add reverse PTR record in DNS 
(though most regular ISP's don't help with this). Otherwise there is 
ovpn.com that lets you self-administer a static VPN ip's reverse PTR 
record via web portal. You also need a few more records in DNS.

2. A Nextcloud server.

3. If you can manage: a guix service knot DNS server (with DNSSec would 
be cool).

and of course all of the above with the lets encrypt service TLS certs! 
:-)
(and why not publish TLSA records in DNS and sign them with DNSSec :-P )

If you wanna go bold, get a second Dell Optiplex 7020 with the same 
specs, and setup a Ganeti cluster as described in the Guix blog post :-) 
I can confirm that those instructions work, as I have a few fun hosting 
things there myself :)


Best regards and best of luck with your new project!

David L


^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2021-07-01 18:22 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-30 15:35 My very own Guix System Server in my apartment Joshua Branson
2021-06-30 15:58 ` Gary Johnson
2021-06-30 18:10 ` jbranso
2021-06-30 19:25 ` Jonathan McHugh
2021-06-30 20:24 ` Paul Jewell
2021-07-01  2:56 ` Bone Baboon
2021-07-01 10:00   ` Joshua Branson
2021-07-01  8:25 ` Jonathan McHugh
2021-07-01 10:11   ` Joshua Branson
2021-07-01 12:01   ` Jonathan McHugh
2021-07-01 18:21 ` david larsson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).