4vm to nethserver


(Jookk) #1

Hello all, Im considering migration to Nethserver…
Now I have proxmox with 4 vm running on it;
Mail & authoritative dns
Openvpn
Emby-server & samba
Web server
With nethserver I ll have simplicity with lets encrypt certs (i hope)
All in one platform
Backups
But I dont know - I have also fear :smile: D

Now I have also coturn, using tls 1.3 and some .htaccess with wordpress, matomo and some other.

What do you think?

Edit:
I testing nethserver as vm.


(Rob Bosch) #2

Hi @jookk and welcome to the NethServer community.
I think NethServer can be a great replacement for all the services you currently have running. But if I may give some advice: don’t leave proxmox! Running NethServer on proxmox works just fine and gives you so much more flexibility than running NethServer on bare metal.
You already have NethServer as a VM. I would suggest to just transfer all those services you mentioned to your NethServer VM.
Maybe even introduce a 2nd NethServer VM.
Personally I have 2 instances of NethServer running on proxmox. One is doing Gateway and firewall. All other services, including AD are on a 2nd VM with NethServer.
If you run into issues, don’t hesitate to ask for help!
Have fun!


(Jookk) #3

Thank you,
One more question, I have only one nic interface (green) .
Is ips suricata and fail2ban working (blocking) correctly?

Edit:
With ns there is only one server to admin, not 5 as of now


(Rob Bosch) #4

IPS Suricata is doing a fine job, but I think this is part of the gateway functionality and you do need 2 interfaces for NEthServer (or any GW solution) to act as a gateway.
What is doing the gateway functionality now on you network? Your modem/router?
Maybe you could add another NIC to accomplish this?

If you have internet facing services IMO Fail2ban is an absolute must have. I have it running on a VPS where NethServer is configured as mail and web server. I get between 100 and 300 bans per day. Go figure how many attempts to get in I would have without Fail2ban…


(Jookk) #5

Yes, router is my gw.
Now I have fail2ban and it banning fine. So I need red nic… :kissing: