Tags:







Self-hosting For Fun And Profit
April 12, 2006 4:17 PM   RSS feed for this thread Subscribe

Thanks to your earlier help, I have successfully ported my C# project over to the Mac. I have also ordered a new DSL line with a static IP from bway.net. What do I need to know in order to host my website, accessible via my TLD, on a PowerPC Mac mini running OS X 10.4? How can I be my own DNS and mail server? Without overshadowing that question, would it be smarter to think in terms of DynDNS for external DNS/mail services?
posted by thejoshu to computers & internet (16 comments total) 2 users marked this as a favorite
You need to have two static IPs. Once you have those (if you can get them), post back and I'll give you explicit instructions on exactly what to do.
posted by Malor at 4:33 PM on April 12, 2006


Well, actually, that's only true for if you truly want to host EVERYTHING. If you want to let a registrar be your DNS server, but then you host your own mail and website, you can get away with one static IP.
posted by Malor at 4:34 PM on April 12, 2006


Disadvantages of running your own SMTP server and DNS server on your DSL line:

1. Your SMTP server could be used as a spam relay unless you configure it properly.
2. Mail you send through your SMTP server will be more likely to be marked as spam simply because its on a DSL connection (though it might help if you have a business class connection)
3. Less than prompt e-mail delivery if you are having network problems.
4. Part of your bandwidth will be eaten up with spam.
5. DNS service for your entire domain (including machines hosted elsewhere) may be slow/flakey depending on the reliability of your connection

On the other hand, it'll be a learning experience, and you can mitigate some of the issues I list.

1. Send outgoing mail via your ISPs mailserver, rather than your own (ie use your mailserver only for incoming mail).

2. Set your DNS server up as the master and use a 3rd party DNS server as the slaves (they probably call it 2ndary DNS service), but list the IP#s of the hosted DNS servers with your domain registrar. This way you make DNS updats on your own server they propagate to the hosted servers, which service DNS requests for hostnames in your domain.

So, those are some of the design issues to keep in mind. I don't have any specific resources on configuring DNS and mail on MacOS 10.4.
posted by Good Brain at 4:40 PM on April 12, 2006


You should check out Nerd Vittles. It covers a ton of territory for the Mac mini. Tutorials abound.
posted by cramer at 4:45 PM on April 12, 2006


Ack, somehow I missed that you have a static ip. I'm going to assume you can get two.

First, you have to register the domain you want. During that creation process, you create two nameservers, with two of the static IPs you have. They can actually end up pointing to the sane machine, mind you, but the requirement is that you have 'two' nameservers, thus two IP addresses. (it's definitely better to do it on two, but that's more complex.)

Then, you'll have to configure BIND to host your domain. You'll need to build a text file with your data in it. I can send you a sample of what I use, if that would be helpful to you... it's pretty intimidating at first. Keep in mind that there are whole books written on BIND, and it's not really meant for amateurs.

Then, assuming you're running a firewall, you'll have to open port 53, both TCP and UDP, and forward it to your Mini. Once you've done that, test that it works from outside. You'll need an MX record for your mailserver, and you'll want a www.domain.com pointed at your Mini.

Next, you'll have to configure a mail server to host your domain. Postfix is the Mac default, and it's a good choice. It's one of the easier mail solutions out there, but I wouldn't call it 'easy' in absolute terms.

Once you have it running, open/forward port 25, TCP, to your Mini.

Next, you'll have to configure Apache to answer for your domain; you'll want to do name-based virtual hosting. There's also a lot to know about Apache. It's not monumentally difficult to put up a webserver, but to do one WELL is pretty tough. There are many, many Apache books out there, which should tell you something.

Once that's running, you open/forward TCP port 80.

If you've never done any of this before, you can expect to spend many hours, possibly days, on each step. This question is really too complex for just a simple AxMe, which is why my first two answers were so short.... if you can't get statics, then all the rest of this wouldn't be necessary.

********
Ok, that's a basic answer. What I would RECOMMEND doing is hosting DNS and mail with a registrar... Namecheap is a good choice. Have them handle all the mail crap. You just run your webserver locally, and put a WWW entry in their system aimed at your Mini. That's how you do it with one static IP, and for someone who's just starting, it'll be tremendously easier. You're only dealing with one service, Apache, instead of three. And, if your DSL line goes down for whatever reason, the registrar is still there to accumulate your mail for you.

BTW, I strongly recommend using WhoisGuard at Namecheap to hide your contact info. The spam sent to domain owners is vast and annoying; if you WhoisGuard it, you can just change the forwarding email address anytime, and all the spam goes away.
posted by Malor at 4:49 PM on April 12, 2006


You absolutely do not need to have two IP addresses. I've self hosted all of my services since 1999. On a single IP address. I cannot fathom why you would need two for your purposes.

Beginning last year I kept DNS and mail elsewhere -- DNS via the free and awesome EveryDNS and mail on another one of my servers in a different physical location. That redundancy is really very helpful.

I'm gradually moving all of my services over to DreamHost right now, though -- I'm tired of hosting my own stuff, and hosting has gotten cheap. But that's neither here nor there.
posted by waldo at 7:19 PM on April 12, 2006


The rules of DNS registration say that to run a domain yourself, you have to have two nameservers. Nameservers are differentiated by IP address. You have to have two uniques to host a domain. They may end up pointed at the same computer -- metafilter's was done that way for awhile, which is part of why it was unstable -- but you have to at least LOOK like you have two servers.

This has been true since the dawn of commercial DNS registrations, and I'm not aware that the rule has ever been changed. Were you hosting your own DNS, too? Did you have someone serving as a backup nameserver for you?
posted by Malor at 7:50 PM on April 12, 2006


Definitely let your registrar run your DNS. They have a better data center and better connectivity than you do.
posted by kindall at 9:37 PM on April 12, 2006


It's beginning to seem like using GoDaddy (the tragedy that is Bob Parsons aside, this is what I'm working with) for DNS & mail is the cleanest idea for this project. GoDaddy affords total DNS control, but I'm not entirely sure how to set it up. I want www & ftp to forward to my new IP address, leaving all mail services to point to the various GoDaddy subdomains they currently point to.

So let's see if I have this correct. I leave the @ "A" record set as the GoDaddy IP, so the MX records can still call it. But I add a new A record, mydomain.com, pointing to my new static IP? and then I tell the www & ftp cnames to point to mydomain.com?
posted by thejoshu at 10:23 PM on April 12, 2006


It makes little sense to hold to 1990 regulations (that aren't followed) to have redundant DNS service for something that would likely be unreachable should the single server, also running the end-goal application services like WWW and FTP, be unavailable. If you want to be pedantic, you can also point out it's not a TLD, it's a second-level domain.

That said, it is correct, and way back when domains were $100+ per two years minimum, they checked things like this and if your .org was really a nonprofit, etc.

Running your own email and DNS servers on a DSL line has got to be one of the least-bang-for-the-buck exercises you can attempt, and you can always do this for a secondary domain or sub-network should you just want to learn. You wouldn't even need to have an externally visible/registered domain, since you can do whatever you want on your own private IP space within the home. You may not even have low ports open to incoming traffic depending on the TOS.

If you're going to do it, BIND is probably not the best choice, as djbdns and other smaller projects are much easier to learn for a first attempt.
posted by kcm at 12:09 AM on April 13, 2006


thejoshu: I sent you the complex answer in email. The simple answer is just to add a line (roughly):

www IN A 1.2.3.4

List your IP address where 1.2.3.4 is, obviously.

This will point www.yourdomain.com at your Mini. Unless you want to host your own mail and DNS, that's all you need to do.
posted by Malor at 12:16 AM on April 13, 2006


again, if you want to be pedantic about things, you'd give the A record to the actual name of the machine and CNAME www/ftp/* to it. :)
posted by kcm at 12:25 AM on April 13, 2006


OK, what I ended up doing (using GoDaddy's interface) was changing the @ 'A' record to my new IP address, and then changing the two MX records from @ to the IP address that @ formerly pointed to. The domain works great this morning (yay!) but it would appear that setting up GoDaddy e-mail accounts never gets past the pending setup: validating MX record stage. Any ideas?
posted by thejoshu at 9:41 AM on April 13, 2006


(Fixed - the MX record hosts needed to stay as @. My guess is that they point at the domain, and not at the IP?)
posted by thejoshu at 10:07 AM on April 13, 2006


Normally they'll point at a name:

example.com IN MX 10 mail.example.com.

... which requires an A record for mail.example.com.

I haven't seen MX records pointing to @ before, but if it works, it must be ok. :)
posted by Malor at 4:56 PM on April 13, 2006


In GoDaddy's DNS manager, @ is just shorthand for the domain name by itself, with no hostname. So, if you registered example.com, and set the MX to point to @, it would just be pointing to example.com, which hopefully you gave an A record. (In fact I think it give you one by default, you just have to edit it to point to the right place.)
posted by kindall at 11:49 PM on April 14, 2006


« Older What would be a cool/interesti...   |   My Sony w600i jumped 2 feet of... Newer »
This thread is closed to new comments.