OSX Lion as a Home Server Howto

In Home Server Bound I described my decisions in moving from a dedicated server to a home server, based on OSX Lion Server. Here I describe all the steps I took to make this a reality.

1. Get the Hardware

First off, get a Hackintosh. What? No! I actually read a post that suggested this. Do you really want that pain? No, you don’t. Just get a good recent Macintosh with at least a Core 2 Duo processor. A Core Duo or earlier won’t work because they won’t run Lion. And you really do want to run Lion. Even a recent Mac Mini would do. I’m using an iMac with a Core 2 Duo, 3GB of RAM and a 750GB disk. That is plenty for all but the most heavy server usage.

2. Get Lion

If you’re lucky you have Snow Leopard on your target server. In that case make sure it’s up to date and it will have the Mac App Store. Use that to purchase and install Lion and Lion Server. If you’ve already purchased Lion for another Mac, you can download it for your server for free. Otherwise it’s $30, and Lion Server will cost another $50. It’s worth it. Don’t ask for cheaper alternatives, just do it. While you’re at it download and install Lion Server Admin Tools 10.7, which is free, onto any Mac you want to use to remotely manage your server. Then use Software Update to make sure you have all the latest bits.

3. Get Your Server on the Internet

a. Get your server on your internal home network

First a word about routers. If you don’t have a router with a firewall, or if your firewall is turned off STOP RIGHT HERE. Are you kidding me? Have you seen the people out there trying to get all up in your digital grill? Go buy an Airport Extreme and set it up and don’t let me catch you out after dark again. A Time Capsule is an Airport Extreme with a backup disk included, so that works, too. Conversely, an Airport Extreme with a USB disk attached is the same as a Time Capsule. Backup is yet another issue, which we’ll discuss later.

In fact, let me go so far as to say, just get an Airport Extreme. It’s so much easier than any other router. Why do you want to punish yourself? Just get an Airport Extreme. The rest of this tutorial will assume you have an Airport Extreme equivalent.

Your server needs a hardwired IP address in your local address. My network is set up to do DHCP from 10.0.1.10 to 10.0.1.200. So I’ve given my server the address 10.0.1.202, which is outside this range. Just go into Network Settings on the server, select Using DHCP with manual address and enter the IP address 10.0.1.202.

b. Get a dynamic IP address

These days it’s really hard to get a static IP address. If you’re on DSL you might be able to add one, but it will cost you. And if you’re on cable, you’re probably out of luck unless you get a business account, which is really expensive. Fortunately, these days you can get by with a dynamic IP address, thanks to places like DynDNS and No-IP. They have free plans where they will give you a domain name (for DynDNS it ends in dyndns.org, like mysuperawesomewebsite.dyndns.org) and then route that to your dynamic IP address, whatever it happens to be.

To do this (for free) you need to install client software (DynDNS / No-IP) on some Mac in your home network. This Mac has to be on all the time so it can periodically communicate with the dynamic DNS service to update the IP address when it changes. Don’t install the client on your server yet, since you be messing with it. Put it on some other machine in your network.

Now you should be able to go into a terminal, type

    ping mysuperawesomewebsite.dyndns.org

and see your current IP address getting pinged.

c. Get your own domain name

mysuperawesomewebsite.dyndns.org might be fine for right now, but eventually you’ll want your own domain name. Go to name.com, get a user account and buy a domain name. For now, why not just get a .info domain, like mysuperawesomewebsite.info, which only costs $3.99 a year. Name.com is a great service that will handle all your DNS needs, which you’re going to need in this case. After you’ve bought your domain, click on it in your account panel and then click on DNS Record Management in the panel on the right. Then in Add DNS Record select CNAME, and in the right box (the one next to the box with ‘300’ in it) type your dynamic IP domain name (mysuperawesomewebsite.dyndns.org). It takes a few hours for these changes to be made. But when it’s done, you should be able to type

    ping mysuperawesomewebsite.info

and see your current IP address pinged just like before.

So now users can get to you from the outside. Now you need to let them in.

4. Let the Outside World In

Assuming you’ve done as I’ve said and have your machine at 10.0.1.202, then you need to open up a few ports. For now let’s open these:

  • 22 – Remote Login – SSH, so you can remotely login from a terminal
  • 25 – SMTP Mail, so clients can send mail through the server
  • 80 – Web Server
  • 993 – IMAP Mail with SSL, so clients can read their mail securely

Open Airport Utility, click on the picture of your router and click on Manual Setup. Then click on the Internet tab at the top and click on the NAT tab under that. Then click on Configure Port Mappings and click on the ‘+’ sign. Choose one of the services above. It should fill in the proper port numbers. You just need to fill in the Private IP Address. Do this for each service above. then click on Update so the changes are uploaded to your router. You should now be able to remotely login to your server.

On your server, in Preferences->Sharing, turn on Remote Login. While you’re at it, turn on Web Sharing, too. Now you should be able to go to http://mysuperawesomewebsite.info from anywhere on the internet and see the default Lion Server web page. You should also be able to go to a Terminal and type:

    ssh myusername@mysuperawesomewebsite.info

and login to your server.

5. Get Mail Going

TBD

6. Install MySQL

TBD

7. Install WordPress

TBD

8. What Else?

TBD