The first home server I set up was built using parts from multiple old computers. I threw in two HDD’s for my first RAID setup, then installed Ubuntu 12.04 LTS. The main purpose for my server is to host a file cloud. *Seafile is my favorite software for private cloud storage.* Knowing nothing about network security means it wasn’t long before the server was infiltrated with a Postfix (mail server) spammer. Last week one of the drives failed and I decided it’s time to start from scratch and follow some security guides this time. I also upgraded to a real server distribution, meaning I have no GUI to work with, only a command prompt. Here I’ll do an overview of the steps I took to get the server set up and syncing files between my computers.
- Download Ubuntu. My server is old and 32-bit so I needed to grab a non-standard release (ubuntu-14.04.1-server-i386.iso) from http://releases.ubuntu.com/14.04/. If your server computer is 64-bit then the normal Ubuntu downloads page should have what you want.
- Burn Ubuntu .iso to a disk or usb drive. I prefer using disks so I can keep a permanent collection of operating systems. When on Windows, I like using ImgBurn to create OS disks. If you’re on Ubuntu, it’s easy as right clicking the .iso file and selecting “Burn to Disk”.
- Install Ubuntu. The install process is pretty simple so just follow along with it. When installing Linux distros, I just look up any option I don’t understand yet.
Now boot up the server and the rest is all setup.
Almost every command for setting up the server requires superuser privilege. To save myself from typing ‘sudo‘ over and over, I log into root with sudo su. If you don’t feel comfortable logged in as root, just use ‘sudo’ before each of the following commands.
- First step of course is updating software.
1apt-get update && apt-get upgrade && apt-get dist-upgrade
- Now install a firewall and activate it. Might as well open the ports now that we will need for the Seafile sync service.
123456apt-get install ufwufw enableufw allow 8000/tcpufw allow 8082/tcpufw allow 10001/tcpufw allow 12001/tcp
- Next I followed Matt Brock’s nice guide on Security Hardening Ubuntu Server 14.04. I skipped the steps related to Apache because I won’t be serving any websites from this server for now.
- Install and configure Fail2Ban. The Ubuntu community guide on Fail2Ban works great for this.
1apt-get install fail2ban
- As I found out before, it’s very important to harden an email service like Postfix. It’s a commonly installed program on servers and many people want to use your computer to send spam. When we installed Fail2Ban, it automatically installed Postfix to email reports. I followed this Postfix Hardening Guide on AskUbuntu.com.
- Configure Logwatch. Again I used an Ubuntu community guide.
- The last and most important step for my setup, is to install Seafile. At this point you’ll probably want to exit the superuser login. It’s just too easy to put the Seafile installation in the wrong home folder.
- Go to the download page and find the server link for your system. For my 32-bit Linux system, the correct download is 3.1.6 32bit. Right click the link and hit Copy link address.
- Now I can download it on the server using the wget command. Don’t forget to change this link to the current version for your computer!
- After downloading the Seafile server, read the manual and follow the instructions. I went with the simplest setup, which is using the SQLite database. The walkthrough is thorough and clear so no extra explanation is needed from me.
After going through all of these steps, I now have my server set up how I want it. Just download the Seafile client on any of your computers and you’ll be syncing files in no time.
If you have any questions at all please feel free to ask. I’m still learning, so if you ask about something I don’t know yet we can learn about it together! Thanks for reading and I hope my server experiences have proven useful to you. Have a happy day!