Choosing Your Machines

These playbooks set up two machines. Typically, the mail and web server is in the cloud while backups are done by a machine that you physically control (old PC in a corner). It doesn't take much horsepower. I ran this setup for five years with a $5/mo cloud machine and a Raspberry Pi Zero on a shelf.

Mail and Web Server

A mail and web server needs a public IP address with connectivity to all ports. There are two ways to get this: your own hardware with a business class ISP connection, or someone else's hardware provided as a Virtual Private Server (VPS) in the cloud. Residential ISP connections have a semi-dynamic IP address and block port 25, so they are not usable for a mail server.

There are many VPS providers. In the USA, Linode (founded 2003), Amazon EC2 (launched 2006), Microsoft Azure (launched 2010), DigitalOcean (founded 2011), or Vultr (founded 2014) are popular choices. Amazon and Microsoft charge for CPU, memory, disk, and network separately, while the others have bundled packages at various prices.

To deter spammers, most VPS providers block outgoing email traffic on new accounts. They will open the ports on request but you'll usually need to set up proper DNS and then open a support ticket to let them know that you are running a mail server.

For a simple mail host and static web site, a small (1GB nanode, t3.micro, Av2 A1, 1GB droplet) host is fine. You might need something bigger if you add other services, or a database-heavy dynamic website like Wordpress. You can usually migrate to a larger instance later on.

I use Linode and have found them to be well-run and simple. If you choose them, it would be nice if you signed up using my referral code. They give me few bucks off my bill if you stick around for three months.

Once you have a machine, verify that the IP address is not on a spam blacklists. That would be the internet equivalent of like getting a telephone number that used to belong to a deadbeat. Some cloud providers have had more problems than others in keeping their networks clean. Many sites like https://www.dnsbl.info can check dozens of lists at once.

Backup Server and NAS

The backup machine should be something under your physical control, often an old machine in your basement. It connects to other machines to fetch backups and send outgoing status mail. Nothing on the internet needs to find it, so it can live happily behind a residential ISP connection.

Literally anything that runs Linux will work fine, as long as it has some disk space for the backup data. For personal email and some system files, even a good-sized USB key is probably sufficient. The playbooks define a backup_server and a nas group. The first only does backups, while the second also installs ZFS, Samba for file sharing, and a media server.

The playbooks assume that you are using a fresh machine. If you use a NAS appliance or FreeNAS, the bacula-director role should be fairly self-contained, but other roles are likely to interfere with the existing machine config. FreeNAS advertizes a Bacula plugin, so you might be able to use this role as the starting point to configure that.

When are building a new machine or adding disks, be sure to do adequate burn-in testing to find any problems before you put it into service!