Choosing Your Machines
These playbooks set up two machines. Typically, the mail and web server is in the cloud while backups are done by a machine that you physically control (old PC in a corner). I have run the setup with a $5/mo cloud machine and a Raspberry Pi Zero on a shelf.
Mail and Web Server
A mail and web server needs a public IP address with connectivity to all ports. There are two ways to get this: your own hardware with a business class ISP connection, or someone else's hardware provided as a Virtual Private Server (VPS) in the cloud. Residential ISP connections have a semi-dynamic IP address and block port 25, so they are unusable for a mail server.
There are many VPS providers. In the USA, Linode (founded 2003), Amazon EC2 (launched 2006), Microsoft Azure (launched 2010), DigitalOcean (founded 2011), or Vultr (founded 2014) are popular choices. Amazon and Microsoft charge for CPU, memory, disk, and network separately, while the others have bundled packages at various prices.
To deter spammers, most VPS providers block outgoing email traffic on new accounts. They will open the ports on request but you'll usually need to set up proper DNS and then open a support ticket to let them know that you are running a mail server.
For a simple mail host and static web site, a small (1GB nanode, t3.micro, Av2 A1, 1GB droplet) host is fine. You might need something bigger if you add other services, or a database-heavy dynamic website like Wordpress. You can usually migrate to a larger instance later on.
I use Linode and have found them to be well run and simple. If you choose them, it would be nice if you signed up using my referral code. They give me few bucks off my bill if you stick around for three months.
In any case, once you allocate a machine, verify that the IP address is not on any of the spam blacklists. That would be the internet equivalent of like getting a telephone number that used to belong to a deadbeat. Some cloud providers have had more problems than others in keeping their networks clean. Many sites like https://www.dnsbl.info can check dozens of lists at once.
Backup Server
The backup machine should be something under your physical control, usually an old machine in your basement. It connects to other machines to fetch backups and send outgoing status mail. Nothing on the internet needs to find it, so it can live happily behind a residential ISP connection.
Literally anything that runs Linux will work fine, as long as it has some disk space for the backup data. For personal email and some system files, even a good-sized USB key is probably sufficient.
The playbooks assume that you are using a fresh machine. If you
use a NAS that is already running other things,
the bacula-director
role should be fairly self-contained,
but the common
and mailnull
roles might
interfere with existing things on the machine. I see that FreeNAS
advertizes a Bacula plugin, so you might be able to use this role as
the starting point to configure that.
Copyright © 2020-2023 David Loffredo, licensed under CC BY-SA 4.0.