Some years ago, I wrote a piece for Alastair Otter's much-missed Tectonic online magazine dealing with Free and Open source technology about how we run a full linux-based office server environment on 20w of power. That article is archived here. The response to the article was gratifying, but while I expected some discussion about the design choices and so on, many comments were about where we got our power from in the first place. I never did get around to answering those questions, but hopefully this blog should start providing some of those answers. But for the moment, I will update the details of the article. There may be more interest in people providing their own IT services these days, following all the revelations of rife government snooping excesses, made easier by large service providers gifting the snoops your personal information or being forced to do so. So while we run our own services for a variety of positive reasons, people are now seeing negative reasons to do something similar.
Helen still runs her business, Ripples Crafts, from home, and she depends on the services delivered by our own network. I have now completed my BA(Hons) degree in Scottish Cultural Studies through the University of the Highlands and Islands so no longer need the video conferencing connections that made my degree possible, but as I am developing a service offering to assist communities and other groups setting up digital archives, I also need IT services.
Assynt remains a wonderful place to live, though of course the remoteness can be a two-edged sword. Helen's blog continues to document a lot of our lives here though it is now hosted on her own virtual system rather than being bundled on top of our ISP's services, which was becoming unmanageable.
At the time of the original article, 2009, I mentioned the Via-based boards as low-power systems. This was before Intel's Atom started making inroads, and we eventually replaced our board with an Atom based mini-ITX board. To be honest, I would have preferred this to be one of AMD's low-power parts, which I think are less of a compromise than the Atom, and even have virtualisation extensions, which would come in really handy. But I am not aware of any such boards in small form factors. The server has a 1TB disk.
The way the power is fed into this is the same as before - as far as the house is concerned, it's sweet 230v 50Hz AC current, provided by pure sine wave inverters. As a power-saving measure, I run the server and the router off the same 12v power brick, which reduces the overall inefficiencies of the transformers if two were required. The services provided are similar:-
- ADSL router
- Wireless access point
- Email, including anti-spam etc - SMTP and IMAPS and email list mgmt
- File sharing
- Printer sharing
- Groupware, local cloud
- Music and Video streaming
- Weather station data collection
- Database services
- Nagios system monitoring
I still run postfix as the MTA, although I did run Exim for a while, as it's the Debian default. For some reason, I just could not wrap my head around Exim, though, and while it never let me down, I eventually went back to postfix as a system that can be simplified to your own taste. I run fairly aggressive anti-spam features, starting with postfix's ability to reject email senders which do not conform to the internet standards, such as having valid reverse DNS lookups etc. This first layer of defence catches the majority of spammers and does so quickly and with minimal processing. When I say the majority, I would estimate that 80-890% of spammers get stopped at this point. Then comes the various RBL lists which block pretty much all the others, and finally, if a spam message comes through, again, aggressive settings on spamassassin take care of the rest. It is rare to get any spam through to our inboxes, even at times spam is flowing freely on the 'net. Postfix's mailgraph remains a useful monitoring tool. Finally, for spammers or other baddies trying to get through too much, the fail2ban utility kicks in and stops access at the network level.
Dovecot remains my IMAPS server of choice.
We still use NFS for file sharing, but in this age of tablets etc we also use Owncloud against a postgresql server for file sharing and remote file access. Printer sharing is now done directly from each workstation, rather than via the server, which I would prefer, but we now have an HP all-in-one after our trusty but 8 year old Canon eventually went the way of all plastic. The built-in JetDirect from the printer is easiest to use directly.
For web services, I ran various tests, and while I used to use Lighttpd, I now use Apache for ease of use, and because I think there's not a lot in it these days when it comes to speed for all practical purposes.
Groupware remains eGroupware, but I am a little concerned about this project, as it morphs into becoming a "community" adjunct to a commercial big brother. In general I am not convinced that this co-existence of a "community" open licenced option alongside a proprietarily "extended" commercial offering is a good thing for free software. The trouble at the moment is that there is nothing like eGroupware in the Free software world. I tried the Horde as one alternative, but it's very hand-assembled, and is hard to make look good. I think if I was starting from scratch, I'd be attracted to Citadel. The reason I won't change now is that the ideal for me would be Citadel with interchangeable components, allowing me to keep postfix and dovecot, but that's not possible for their design choice. Owncloud looks interesting, but I think is again, driven by a commercial variant which attracts developer time, leaving the free software option a little uncertain of its place. So many changes have occurred which means some developments, like the music serve, have been dropped, and other changes mean keeping up with versions is not always easy.
The weather system, as I have blogged elsewhere, is now driven by WeatherView software, which is fully Free and Open Source. All my previous hand-crafted(!) scripts continue to work.
Other changes are that I now run mailman rather than majordomo for mail lists. This is an interesting free software case, as majordomo has not been updated for many years and became dependant on some aspects of perl which are now no longer available. Mailman is a much bigger beast but does the job (Citadel does mail lists built in).
So that's it. Even if you are off grid you can easily run your own services. Pretty much all of this software would run on the wonderful Raspberrypi too. In fact, with the Raspbian distribution, which is really Debian, a migration would be trivial. Doing so would knock around 10w from the total power requirement, but would, of course, be a lot less powerful. I'm happy that the compromises we make are not really noticeable from a usability point of view. And in today's climate, I'm especially happy that I am in control of my own data. All external access is encrypted, and I can even generate my own certificates for this.