Looking for help/guidance on how to setup a server for a business
Hi. Some friends of mine are starting a business and they want to setup a server to host a simple "contact" website, run an e-mail service (about 10 accounts for now but with possibilities of expanding it to support more) and to store and remote access documents.
Im a computer savvy person so they asked me for help, but dont know much about self-hosting so I come here asking you:
What kind of hardware do they need and would be best?
What OS and other software is required and recomended?
How to set it up/configure it? Im partial to foss but if there are good propietary options they are acceptable too.
And last: What do we have to watch out for or avoid.
Also, space is a bit of an issue, I was thinking they could use something small like an intel nuc but Im worried that hardware would be underpowered for their needs.
I have been googling for stuff myself but I get overwhelmed by the ammount of information and some contradicting opinions so I appreciate your recomendations and guidance. Im not asking you to give me a full tutorial, although I would appreciate it too, but just to be pointed in the right direction to avoid, as much as possible, spending money and time on things they might not really need or might not perform as well.
Others have already mentioned about the challenges on the software/management side, but you also need to take into consideration hardware failures, power outages, network outages, acceptable downtime and so on. So, even if you could technically shoehorn all of that into a raspberry pi and run it on a windowsill, and I suppose it would run pretty well, you'll risk losing all of the data if someone spills some coffee on the thing.
So, if you really insist doing this on your own hardware and maintenance (and want to do it properly), you'd be looking (at least):
2 servers for reundancy, preferably 3rd one laying around for a quick swap
Pretty decent UPS setup, again multiple units for reundancy
Routers, network hardware, internet uplinks and everything at least duplicated and configured correctly to keep things running
A separate backup solution, on at least two different physical locations, so a few more servers and their network, power and other stuff taken care of
Monitoring, alerting system in case of failures, someone being on-call for 24/7
And likely a ton of other stuff I can't think of right now. So, 10k for hardware, two physical locations and maintenance personnel available all the time. Or you can buy a website hosting (VPS even if you like) for few bucks a month and email service for a 10/month (give or take) and have the services running, backed up and taken care of for far longer than your own hardware lifetime is for a lot cheaper than that hardware alone.
2 servers for reundancy, preferably 3rd one laying around for a quick swap
Overkill for a small startup. We sell to medical practices and they get (at most) a small tower server from HPE (ML30). Backup servers can either be a small 2 bay NAS or a microserver depending on the needs
Pretty decent UPS setup, again multiple units for reundancy
If they can afford that. Most are already good by just using a decent online UPS.
Routers, network hardware, internet uplinks and everything at least duplicated and configured correctly to keep things running
Not a multi million company.
Routers: BS.
Network: Maybe 2x 16 port switches but too much overhead. 1x 48 Port if you really need that.
Internet uplinks: If you have a satellite office and need the S2S-VPN to be constantly up.
Btw: You didnt mention a duplicated phone line ;P
A separate backup solution, on at least two different physical locations, so a few more servers and their network, power and other stuff taken care of
Again overkill.
Backup on the server with something to a 2-Bay NAS and a secondary job with rotating external USB disks to take or somewhere external with you.
Monitoring, alerting system in case of failures, someone being on-call for 24/7
Monitoring: Yep
Alerting: Done by monitoring in the best circumstance
On-call 24/7: As this is a small company: LOL
You missed the (and doing it properly) part. Could you do it on his setup? sure. Could you do it on your setup recommendations? Sure. Could you do it on a little raspberry pi? Probably. A industry standard best practice for backup is 3-2-1. Do all companies follow industry best practices? Heavens no. Redundancy is great, it may save you from calling someone at triple rates for after hours support only to find your one 48 port switch failed. It's all about what risk you are willing to take on any of this.
It depends. I've ran small websites and other services on a old laptop at home. It can be done. But you need to realize the risks that come with it. If the thing I'm running for fun goes down. someone might be slightly annoyed that the thing isn't accessible all the time, but it doesn't harm anyones business. And if someones livelihood is depending on the thing then the stakes are a lot higher and you need to take suitable precautions.
You could of course offload the whole hardware side to amazon/hetzner/microsoft/whoever and run your services on leased hardware which simplifies things a lot, but you still run into a problem where you need to meet more or less arbitary specs for an email server so that Microsoft or Google even accept what you're sending, you need to have monitoring and staff available to keep things running all the time, plan for backups and other disaster recovery and so on. So it's "a bit" more than just 'apt install dovecot postfix apache2' on a Debian box.