Wednesday, November 26, 2008

How to fold a fitted sheet

...in pictures!

Catiecake's flickr photo how-to
Posted by at 1 comment:

Saturday, October 25, 2008

Update two

Because learning is such fun...


I think I'll go back to Plan B+. That means setting up a DNS server on the Debian box, so that I can do the Standard Install of the Apple Server (which will include moving the DNS off the Debian box, but I might put it on a pfsense box rather than onto the Apple Server). Doing the Advanced Install and turning on each service one at a time has put me in dependency hell, with iCal not even starting. Given that I *can* bend the infrastructure to my bidding easier than I can beat Apple Server over the head - I think I'll go that way.

I may, of course, revise the plan and the strategy between then and now :-)
Posted by at No comments:

Learning is good - update

Learning is good - update...

Well, I am at least 4 installs, and perhaps 5, of Apple Server 10.5 (Leopard). It was indeed DNS, or at least name resolution that has caused more of my hair to turn white.

My current router, a Linksys RV082 (a fine router, BTW) wasn't providing the host name with the static IP address via DHCP. Even though it has a place to put said host name. It ignores what you put in and just puts in static-host. Which would be fine if I wanted a server called static-host. Which I don't, I was hoping to coerce it into being called leather.

Turns out that a software update I did to the router added some split DNS functionality - and that is where you are supposed to put the name. Rather cool, so I did that. Only the Linksys engineers only did 1/2 the job. It didn't handle reverse lookups - and that's what the Apple Server setup software uses to work out the host name.

*(For those who don't know - a DNS name lookup takes a Fully Qualified Domain Name (or FQDN) such as www.google.com and returns an IP address such as 64.233.167.99. Reverse lookups do the reverse - you give it an address such as 64.233.167.99 and it will return the names that belong to that address, in this case py-in-f99.google.com)

After the diversion in discovering the limitations of the RV082 I finally gave in on the Standard Install of Apple Server and did an Advanced Install. The Standard Install auto-magically sets up all the services that I am going to run on the server - only because of the DNS issue sets them up wrong, and there is some fundamental breakage that causes minor inconveniences such as broken authentication, so I can't authenticate to the LDAP server in order to change the things that need to be changed so authentication works.

The Advanced Install doesn't set up any services. Therefore doesn't create breakage. I then enabled the DNS server and configured it*.

< aside >(When I blythly mention 'configure it' I really mean try to work out how the head of the person that created the GUI works, what mind altering substance he/she was on when creating this tool before giving up and searching for a how-to - which is here where Antonio Rocco says:

"You should now be logged into Server Admin. Select the Server name and select Settings and select Services. Enable the DNS Service. This should now be available under the server name in the left hand pane. Select DNS and Select Zones. You should see nothing in the zones. Select Add Primary Zone. As soon as you do this Server Admin will 'helpfully' autofill the top window with a zone name and a Reverse Pointer Setting. These will be defaulted to example.com and ns 10.0.0.1. Select the Zone as well as clicking the disclosure triangle to reveal the Named Server Record (ns). Start with the zone first and edit example.com to read mybusiness.com. The Fully Qualified tick box should be ticked and grayed out. In the Server field, edit the server name to read server. Don't click save yet! Next select the ns record and edit the server name to read server and the IP address to read 172.16.16.254. Now click Save. As soon as you do this the Reverse Pointer field should autofill itself with the relevant information based on what you have already keyed in. Select Settings and key in the Forwarders field your ISP's DNS Server Addresses."

If you are following along at home, you can delete the helpfully(?) provided 10.0.0.in-addr.arpa. zone (unless, of course, you are using the 10.0.0.255 network - in which case it could be useful).)< /aside >

I set up a zone file for our domain, and a zone file for the reverse lookups. Set the forwarders to point to the router, set the network config to resolve DNS from the just set up DNS server and voila!:

leather:~ liam$ sudo changeip -checkhostname
Password:

Primary address = 192.168.1.250

Current HostName = leather.example.com
DNS HostName = leather.example.com

The names match. There is nothing to change.


So now to set up mail, backups (aka Time Machine), file sharing, calendaring etc. The hard one will be getting Gallery up and running.

Not really complaining - if I was doing this on Solaris or Debian or Red Hat or SUSE it would have been easier initially, because I have a lot more familiarity with those platforms. That said, once I found out about the GUI quirks for the DNS service it was a pretty nifty way to set up zone files - and not shoot my self with the syntactic mistake bullet.

Things I really don't like about Apple Server thus far:
  • The remote config tools are limited
  • Had to run Network Preferences to set the DNS servers - I am sure there is a CLI way of doing it, but editing resolv.conf isn't the way.
    There is a way:
    Viewing or Changing DNS Servers
    To view and modify DNS settings, use the serversetup tool.
    To view DNS servers for port en0:
    $ serversetup -getDefaultDNSServer (devicename|"portname")
    To change DNS servers for port en0:
    $ sudo serversetup -setDefaultDNSServer (devicename|"portname") server1
    [server2] [...]
  • Software update hasn't worked well for me from Server Admin - so have Remote Desktop'ed in to run the updates.
  • Standard Install, which is the one that should be the no-brainer for a home or small office stand alone server gets tripped up far too easily and breaks extensively if your DNS isn't perfect. "DNS isn't perfect' describes a large number of sites.
  • Would be nice to find a way to gracefully get the server on it's feet with the borked DNS, then fix the DNS. That is, I'd like the option to tell the install what the DNS will be like when it's all fixed, and for the install to complete while trusting me that what I am telling it is correct, and that the DNS will soon match what I am telling it. As it stands it would be hard to build this in a lab environment then move to production.
Posted by at No comments:

Learning is good, right?

Learning is good, right?

Working on replacing our Debian based mail/file/web server with Apple Server 10.5.

Part of the reason for doing so is to learn new things... Have installed it twice so far, and at least another one to go. Another reason is to lower power consumption.... will be running it on a Mac Mini :-)

Gotta work out Kerberos, which most likely means I can't be so laissez-faire about our DNS setup. Which may, in turn mean that we might want more static IP addresses, which means more on-going $$$$ to the ISP. So trying to work out a way to avoid that without having a partly borked setup, and without painting myself into some corner.

As part of the project I'm also replacing the router/firewall with pfsense.

Because one might as well replace 100% of one's IT infrastructure as 10%, right?

A geek Sunday.... reading manuals.
Posted by at No comments:
Subscribe to: Posts (Atom)