4mo ago

Looking for help/guidance on how to setup a server for a business

Hi. Some friends of mine are starting a business and they want to setup a server to host a simple "contact" website, run an e-mail service (about 10 accounts for now but with possibilities of expanding it to support more) and to store and remote access documents.

Im a computer savvy person so they asked me for help, but dont know much about self-hosting so I come here asking you:

What kind of hardware do they need and would be best? What OS and other software is required and recomended?
How to set it up/configure it? Im partial to foss but if there are good propietary options they are acceptable too. And last: What do we have to watch out for or avoid.

Also, space is a bit of an issue, I was thinking they could use something small like an intel nuc but Im worried that hardware would be underpowered for their needs.

I have been googling for stuff myself but I get overwhelmed by the ammount of information and some contradicting opinions so I appreciate your recomendations and guidance. Im not asking you to give me a full tutorial, although I would appreciate it too, but just to be pointed in the right direction to avoid, as much as possible, spending money and time on things they might not really need or might not perform as well.

Thanks in advance.

49 comments

So don't take this as rude, but if none of you have experience running email for a business, you're probably better off contracting that part out.
It's a lot of work to get working, keep working, and is prone to exploding for no particular reason so if this is a business-critical component, it's worth the $20 a month to get it hosted where making your email actually deliver to people's inbox is someone else's problem.
Same for the business website: if it being down is going to cost money, a simple static page like that is hostable for literally free with cloudflare or netlify or any of a couple of other providers, and that's probably what I'd do. (And, frankly, is what I do with a lot of stuff I host.)
As for storing and accessing remote documents, if you pay for gsuite or office365, you'll get that included in the price, so like uh, that might be the best way to go.
I know this is literally not what you asked, but....
- It sucks, but as someone who hosts their own services and supports business clients: If they have a budget, Office365 all the way. Does it suck paying money to M$? Oh hell yeah. But it's a 'cost of doing business'. Don't screw around if they can afford it, just go O365 :(
  
  I understand the ease from an admin POV, but besides locking users into a third party, corporate suite, everything UX about Office365 sucks balls.
  
  Will look into it. Thanks!
- Agreed. For businesses, spend the couple bucks to have Microsoft or whoever put their huge resources behind keeping you online. It's a lot better than having the server with all your services go down when you're expecting an important email.
  
  That seems to be the consensus. Thanks!
- So don't take this as rude I know this is literally not what you asked, but...
  No no no, this is the exact reason I asked. I honestly thought selfhosting would be better and easier once its all set up. Thank you very much.
  As far as I know the website is not an indispensable part of the business but its not a static page either. Its gonna be like a landing page to (hype up the business), some catalogue pages to show their products, and a page with contact info (maybe also an "about us" page. Its mainly to look more professional and to have a bit of an internet presence. What would you recommend for that? Either selfhosted or commercial solution.
  Thanks again.
  
  I'm going to get downvoted to hell for this but uh, I usually tell clients Squarespace is what they want these days.
  Self-hosting something like Wordpress or Ghost or Drupal or Joomla or whatever CMS you care to name costs time: you have to patch it, back it up, and do a lot of babysitting to keep it up and secure and running. It's very much not a ship-and-forget - really, nothing selfhosting is.
  I'm very firmly of the opinion that small business people should be focused on their business, not their email or website or whatever, because any time you spend fighting your tech stack is time you could have been actually making money. It's all a cost, it just depends if you value $20 a month or your time more.
  If I had someone come to me asking to setup this stuff for their business, I'd absolutely tell them to use gSuite for email, file sharing, documents, and such and Squarespace for the website and then not worry about shit, because they're both reliable and do what they say on the tin.
  
  Just btw, your requirements for the website would work just fine on a static site. A static site just means the server only serves the website and nothing else. No DBs or anything like that.
- Everything in this reply is correct.
  To add; You can't run a business' infrastructure from recommendations on a forum, most especially email. There's a ton you'd need to learn about hardware, networking, DNS, email services (as in daemons that run ontl the server), and interoperability between your services and whoever is being communicated with (including RBL and other elements of sender reputation). If you're not a full-time admin, even attempting to recommend an on-prem solution (of any kind/complexity) is an incredibly bad idea.
  Source: I'm an admin for a living, specializing in internet facing systems and their security.
  Source addendum: I have been offered a shitload of money to set up and maintain an in-house email system (in their case; setting up a mass email system akin to Sendgrid or AWS SES), and spent a significant amount of time describing to the offering party why it's a terrible idea and they don't want to deal with it. I know that in your case you're talking about simple business email accounts, but it's a comparable level of bullshit (just on a different scale).
- and email can be hosted sooo cheap these times. My ionos contract just to have my own domain costs me maybe 10€ per month.

Seek someone with professional experience. Also you don't want to host your own email server. Use the cloud for this as it is way simpler and doesn't have the same issues.
!sysadmin@lemmy.world
- Even C/selfhosted fears self hosted email servers lmao
  
  Not fear but you need to have the respect it deserves.
- We, selfhosters and sysadmins alike, need to change our tune around the position of "do not self host email." It only serves to keep email in the grip of big tech. Yes it is difficult and someone without any experience shouldn't start there but it is definitely manageable and not nearly as hard as it is made out to be.
  There are multiple email "distributions" nowadays making the software stack set up and maintenance effectively an exercise in running a regular Linux distro upgrade. Mailinabox and mailcow to name two off the top of my head.
  The DNS records are relatively straightforward to set up and validate with these mail distros, they basically tell you what to put and provide ways of validating you did what they said you should. There are also many ways to test that you set them up properly by having a service validate them via email you send to the testing service, e.g. mail-tester.com and dmarctester.com, finally DMARC has a report function builtin so you can get regular delivery reports that come directly from the servers that are choosing what to do with your email giving you a clear signal when there are problems.
  You don't have to jump into hard mode around a clean IP either you can offload that for a nominal fee to an email service provider if you don't want to try your luck, e.g. MXroute.com has a one time fee for multiple domains.
  Yes email is convulted and confusing at times and scary to host given how essential it is but I'd encourage anyone with the time and desire to do it.
  
  Self hosting email is a huge pain. I wouldn't personally recommend it. In many ways it sucks but that's the world we live in.
  
  I have been hosting my mail server for over 10 years. You need to study dkim, dmark and all the other stuff, but it can be done indeed and its not scary at all.
- Thanks

Others have already mentioned about the challenges on the software/management side, but you also need to take into consideration hardware failures, power outages, network outages, acceptable downtime and so on. So, even if you could technically shoehorn all of that into a raspberry pi and run it on a windowsill, and I suppose it would run pretty well, you'll risk losing all of the data if someone spills some coffee on the thing.
So, if you really insist doing this on your own hardware and maintenance (and want to do it properly), you'd be looking (at least):
2 servers for reundancy, preferably 3rd one laying around for a quick swap
Pretty decent UPS setup, again multiple units for reundancy
Routers, network hardware, internet uplinks and everything at least duplicated and configured correctly to keep things running
A separate backup solution, on at least two different physical locations, so a few more servers and their network, power and other stuff taken care of
Monitoring, alerting system in case of failures, someone being on-call for 24/7
And likely a ton of other stuff I can't think of right now. So, 10k for hardware, two physical locations and maintenance personnel available all the time. Or you can buy a website hosting (VPS even if you like) for few bucks a month and email service for a 10/month (give or take) and have the services running, backed up and taken care of for far longer than your own hardware lifetime is for a lot cheaper than that hardware alone.
- 2 servers for reundancy, preferably 3rd one laying around for a quick swap
  Overkill for a small startup. We sell to medical practices and they get (at most) a small tower server from HPE (ML30). Backup servers can either be a small 2 bay NAS or a microserver depending on the needs
  Pretty decent UPS setup, again multiple units for reundancy
  If they can afford that. Most are already good by just using a decent online UPS.
  Routers, network hardware, internet uplinks and everything at least duplicated and configured correctly to keep things running
  Not a multi million company.
  Routers: BS.
  Network: Maybe 2x 16 port switches but too much overhead. 1x 48 Port if you really need that.
  Internet uplinks: If you have a satellite office and need the S2S-VPN to be constantly up.
  Btw: You didnt mention a duplicated phone line ;P
  A separate backup solution, on at least two different physical locations, so a few more servers and their network, power and other stuff taken care of
  Again overkill.
  Backup on the server with something to a 2-Bay NAS and a secondary job with rotating external USB disks to take or somewhere external with you.
  Monitoring, alerting system in case of failures, someone being on-call for 24/7
  Monitoring: Yep
  Alerting: Done by monitoring in the best circumstance
  On-call 24/7: As this is a small company: LOL
  
  You missed the (and doing it properly) part. Could you do it on his setup? sure. Could you do it on your setup recommendations? Sure. Could you do it on a little raspberry pi? Probably. A industry standard best practice for backup is 3-2-1. Do all companies follow industry best practices? Heavens no. Redundancy is great, it may save you from calling someone at triple rates for after hours support only to find your one 48 port switch failed. It's all about what risk you are willing to take on any of this.
- I had thought about redundancy and backups but I wasnt aware of how much it would require. Thanks!
  
  It depends. I've ran small websites and other services on a old laptop at home. It can be done. But you need to realize the risks that come with it. If the thing I'm running for fun goes down. someone might be slightly annoyed that the thing isn't accessible all the time, but it doesn't harm anyones business. And if someones livelihood is depending on the thing then the stakes are a lot higher and you need to take suitable precautions.
  You could of course offload the whole hardware side to amazon/hetzner/microsoft/whoever and run your services on leased hardware which simplifies things a lot, but you still run into a problem where you need to meet more or less arbitary specs for an email server so that Microsoft or Google even accept what you're sending, you need to have monitoring and staff available to keep things running all the time, plan for backups and other disaster recovery and so on. So it's "a bit" more than just 'apt install dovecot postfix apache2' on a Debian box.

Wholeheartedly agree with everyone else on the email. I’ve worked IT in a range of different sized businesses. The hardest one to date was the super paranoid place that insisted on hosting email. It’s an absolute pain to maintain and can be an unnecessary security risk for a few bucks!
- What we usually do is using an SMTP relay.
  Plus points on having a spam protection service included and in front of the mail server.
- Thanks!

They set up a business. They do business. They should ask someone to do this whose business it is. Not you. They are taking advantage of you.
You will certainly and 100% ruin your friendship with them.
Keeping a server secure is an ordeal for a professional - especially when it comes to using it as a business server.
Doing E-Mail yourself, especially in a professional capacity, is a god damn nightmare and even most professionals refuse to do it and rather pay someone who handle it. For a reason.
The usecase you mentioned does not require a server. It can easily be done via a web hosting provider. Unless there is something shaddy going on and you/they are afraid of storing that stuff with a provider. But for what you mention here you need a simple web hosting provider for 5 bucks a month.
Actually doing that yourself is far more complicated than you imagine here. It's not just the server. How do you get a connection with a static IPv4 to host your services? Actually preferably multiple static IPs? Are you considering a CloudFlare tunnel? How do you plan redundancy if that connection craps out? Or the server kicks the bucket. Or power goes out? This alone costs FAR more than the money you pay for a cheap webhoster or even a VPS. (Which you don't need,imho)
For the love of god or whoever: Don't do that. You will be liable/responsible to them (at least from their point of view) if their IP is on Googlemails blacklist and now "that one important client mail did not arrive in time". Or if the cheap residential DSL craps out and their very important site is just having the sale of their life?
I am absolutely for self-hosting things, don't get me wrong. I selfhost basically everything (but no mail...that is a shitshow), mostly on FOSS. But don't start with someone else's business if you start doing this. Selfhost a few easy things. Get a Mini PC and proxmox, selfhost within your home network, then expand slowly.

I recommend that any business that needs infrastructure hire an admin, even if only an occasional contractor. Especially if they want to "keep it simple".
It sounds like they're just being cheap and asking their "computer friend" to provide free labor. There's a reason people who do this kind of thing make a lot of money; Its a pain to set up, and it's a pain to keep it running withiut being insecure or losing data due to [insert critical issue here].

You don't have the knowledge or experience to do this for a business. This is different than a personal cloud. You will be blamed when things don't work.
Don't touch this with a 10ft pole.
If you want to help, find commercial services that offer this and suggest those.

For email and calendar I'D probably look into proton. For other software tools i would start with services people like that you don't have to manage other than be like the admin and as you go try and find alternatives and self host your own and teat it out. Maybe even something like digital ocean where you can just spin up a droplet that's presetup for you and learn more and more until you're comfortable to transition other people to it
- Thanks, I've looked into proton, seems like a good option for mail. Digitalocean I dont really understand it but it seems more oriented towards software developement. No?
  
  Digital Ocean basically lets you run something called a droplet in the cloud. It’s a general purpose server more or less. Put nginx on it, start the server process, configure the DNS rules, and congrats you have a site that says hello world.
  A droplet is similar to an EC2 on Amazon Web Services. I found DOCN to be cheaper than AWS when I hosted my site there. I was going to also suggest proton and DOCN might work for your use case. You get the redundancy and uptime without needing to use your own hardware, electricity, or bandwidth.

they want to setup a server to host a simple “contact” website
Not sure what sort of uptime/reliability your friends are expecting out of a self hosted solution but for something like that you wouldn't need much processing power, even a Raspberry Pi can host a simple website. Not sure what to recommend offhand but there are definitely vendors in that space that sell simple DIY "contact us" form software, or I guess if you wanted to roll your own that's an option too. I'd be more concerned about keeping it locked down/secure.
Keep in mind for the internet your friends would likely need business class internet with multiple static IPs so you can give your little DIY box its own public IP address. Many (most?) residential internet service providers do not allow self hosting websites on their network and they'd be dynamic IP anyway though you could work around that somewhat with dynamic DNS since you're going to need to purchase a domain name and point it to somewhere anyway.
run an e-mail service (about 10 accounts for now but with possibilities of expanding it to support more)
Like others said you really don't want to go that route unless you're well versed in that area. It would be annoying for a business especially a new one, those emails will likely keep going into other provider's spam folders for a good period of time. All the big mainstream email providers are notorious for not trusting new email domains / new IP addresses.
Seems easier to just go to Google Workspace / Microsoft 365 / whatever other provider you like to use, presumably the business has a business use case for reliable email among other things.
Bonus: Those cloud services can easily host simple contact forms for you so maybe that's your all in one solution. Look into Google Forms and similar.
and to store and remote access documents.
That sounds like the above commercial cloud solutions again :)
But sure technically you could go through the extra step hosting that yourself. Depends on how the business wants to use/access this stuff, it's really a question for them. Could be as simple as a Windows server with RDP (if they're Windows people & just want to log into something "windows" to browse/open files) or maybe multi-user Linux with VNC (the geeks might like, maybe not so much the general Windows/Mac users). Or if you're trying to do something web oriented maybe something like Nextcloud if you want to do all this in a web browser.
You should triple check what exactly they are expecting when it comes to remote access documents... you really don't want to spend the time setting up something that they totally weren't expecting and end up hating.
- Many (most?) residential internet service providers do not allow self hosting websites on their network and they'd be dynamic IP anyway though you could work around that somewhat with dynamic DNS since you're going to need to purchase a domain name and point it to somewhere anyway.
  That's what I already do.
  cloudflare-ddns, own domain and done. Except for reliability at night where the ISP reboots my DSL connection at 4am.
- Thanks.
  I dont think website uptime is a vital issue since it is basically just advertising, catalogue, and then links to their emails and phone numbers but it wont handle any type of sales or orders and I think its the only part that they can realistically self-host. Im aware of the static IP and bandwith issues, still, we have to look into the costs of that.
  For the rest, Im looking into comercial options right now. Whats your opinion on proton for e-mail? (If you have any)

I have been looking.at the same thing. Basically alternatives to Google Workplace or MSFT 365.
https://lemmy.ml/post/21772726. I think most people are using a hosting providers email and web hosting and then maybe running Nextcloud and other apps themselves though there are some providers who are doing integrated email and Nextcloud.
There are things like coopcloud.tech and yunohost.org that appear to be trying to provide.out of the box self hosting 'recipies' Im just starting to look at yunohost but just for me / the family. - Id personally love to meet people and work through using these together as I am not an expert. It would seem that these might be the 'killer app' for self hosted alternative cloud services but Im not sure and they might not be quite mature enough. I have know knowledge of the admin overhead.
Google and MSFTs free for non-profits mean that clubs/small charities end up using those two anyway.
coopcloud.tech
- Sorry that should be coopcloud.tech
  
  You can edit comments
  
  Thanks. Will look into those, they seem like a promising alternative.

Put them on M365 or Google Workspace. Do not buy a server.

49 comments