Webserver install - Part 1 - Basic install - Debian Lenny

Submitted by admin on Sat, 01/29/2011 - 20:18

The concept:

This server will be the base for my web, mail, ftp and who knows whatever services. The primary concept is that this machine will be placed into the wild, as a hosted web server, no firewalls before it. This setup is for a lab environment but you could calculate the values for a realistic implementations according to your needs. It is very important at the partitioning section.

So, I have created a "debian base" virtual machine with 256 MB RAM and about 4 GB HDD and one network interface card. I have downloaded the Debian CD1 from the debian repository (http://www.debian.org/CD/) and booted it. At first I did not connect the network card to a network (or just disable the DHCP) because I want to demonstrate the idealistic situation where the machine is not connected to the internet until it is basically secure at least with some iptables rules.

Basic install steps

From the boot menu choose "Install".

ITFanatic.com

Choose your preferred language.

ITFanatic.com

Choose the location of your server.

ITFanatic.com

Select your keyboard layout.

ITFanatic.com

Because the network cable is not connected, or there are no DHCP servers in the network it won't find any IP for itself. Doesn't matter, we will configure it later.

ITFanatic.com

Choose to leave the network unconfigured.

ITFanatic.com

Set the hostname for your server. Mine will be "debsrv".

ITFanatic.com

Partitioning

There are different concepts around partitioning, I will try to explain the ideal world solution but of course this is just a suggestion and you can be less strict if you want.

My opinion is that LVM should be used because I like the option of dynamic storage handling.

There are some baselines on the debian homepage which should be followed at the planning phase:

Any directory tree which a user has write permissions to, such as e.g. /home, /tmp and /var/tmp/, should be on a separate partition. This reduces the risk of filling up your "/" mount point and rendering the system unusable.
Any partition which can fluctuate, e.g. /var (especially /var/log) should also be on a separate partition
Downloaded packages (the apt cache) are stored in /var/cache/apt/archives.
Any partition where you want to install non-distribution software should be on a separate partition. Usually this is /opt or /usr/local. If these are separate partitions, they will not be erased if you reinstall Debian itself.
Try to move static data to its own partition, and then mount that partition read-only. Better yet, put the data on read-only media.
tune2fs is your friend

So these are the official suggestions and I made my own partitioning scheme based on a real world www, mail, ftp, dns server.

As I am building a test lab now, I just use the following configuration:

One physical volume:

/boot 250MB ro,nosuid,nodev

The rest of the disk is formatted as LVM and partitioned like the followings:

swap 512 MB
/home 200 MB rw,nosuid,nodev,exec,auto,nouser,async
/tmp 100 MB rw,noexec,nosuid,nodev
/var 1200 MB rw,nosuid,nodev
/var/www 200 MB rw,noexec,nosuid,nodev,noatime
/var/vmail 100 MB rw,noexec,nosuid,nodev,noatime
/var/log 300 MB rw,noexec,nosuid,nodev
/usr 500 MB defaults,nodev
/ 800 MB defaults

LVM could be configured from the same "GUI" as the standard disks after the lvm partition is created. The physical partition is necessary for the boot partititon and should be formatted EXT2 or EXT3.

ITFanatic.com