Is going to be cockpit based?
This could be an idea.
Not really, but I’m not excluding it 
I agree on this!
Who knows 
As a new contributor and someone who is searching for the ideal SME solution for New Zealand clients, I would like to encourage your development work. You have many things just right. It’s a clean fast and easy to maintain environment.
Microsoft removed ISA Firewall from their SBS platform years ago because the general belief was that this does not belong on the same machine as the Domain Controller, or any other internal server for that matter. I agree. PFsense on a machine at the edge of the network serves me well.
For everything else, most certainly. The weakness I see is still the Exchange replacement. In my search for the best solution I am leaning to NethServer as AD Controller but having to run Windows Server 2019 with Exchange Server 2019 as a member server just to handle mail well. For me, THAT is where the focus needs to be.
NethServer is touted as a SBS replacement. Do that well, drop the firewall.
2 Likes
Hello Graham
For one client, a doctors practice, I’m using virtualization on Proxmox, NethServer is running as AD, File, Print, NextCloud, Zabbix Monitoring.
The doctors application is running on a Windows 2019 Server, virtualized.
Exchange functionality is provided here with a Linux LXC (Linux Container) with 6 GB RAM allocated and running Kerio, a full replacment for Exchange, including Web-Access.
Besides the not very open source PFsense, you might want to have a look at OPNsense, a (better) fork of PFsense. PFsenses mentality is $$$, not open source. OPNsense has a more modern GUI and includes more than you expect! I wouldn’t touch PFsense with a long pole!
I do not use the built in firewall for my clients (Almost all use OPNsense), but two friends have it running as home server, one uses the NethServer firewall. His real firewall died somewhere between Xmas and New Year 1.5 years ago, and getting replacements in that period was difficult. So a quick help to allow Internet at home has stayed and still works.
BTW, all my other clients use NethServer as SBS replacement, WITH Mail, Calendar, Adressbooks and more!
Most of my clients do not want “Cloud”, indeed for certain businesses (financial) it’s illegal in Switzerland.
My 2 cents
Andy
2 Likes
Reading this kind of comments gives only one resolution: I have four years to retire all NethServer 7 systems and transfer their workload back to CentOS 8 servers running same services individually. There are more and more SME companies willing to do some investing on PRIVATE IT infra after they have learnetd Corporate Dominance issues during COVID-19.
I have a choise; most of the SME do not have. I just put more servers in our private cloud and go back to services model as it was before. I have been with Linux and open source since 1996 and running our family business exclusively on RedHat, CentOS and Fedora since 2000 ( the year last Windog server was retired and converted to Scientific Linux [at that time] )
Going along the Debian way is the easy way to give up for Windows converts.
Sad, sad, sad…
…addition:
Trying to be monolithic on-sever-for-everything is the old Window$ way. Take the steps on Linux/Unix and master one segment exeptionally well. OPNsense for office and IPFire are better Firewalls and designed to do just that. Nethserve should be SME businesses SBS first and if possible SME web application platform second.
2 Likes
This thread makes me rebember the magic black guy Natking Coll with this famous song:
Siempre que te pregunto
Que cuándo cómo y dónde
Tú siempre me respondes
Quizás, quizás, quizásA sí pasan los días
Y yo desesperado
Y tú, tú, tú, contestando
Quizás, quizás, quizás,Estás perdiendo el tiempo
Pensando, pensando
Por lo que más tú quieras
Hasta cuando, hasta cuandoY así pasan los días
Y yo desesperado
Y tú, tú contestando
Quizás, quizás, quizás
The link for the video: https://youtu.be/rDGgUGBD-90
1 Like
Why do you think that this means you can’t use FirewallD with iptables if you need to? You can switch the setting back to iptables if you wanted to. As for shorewall, it’s in Fedora EPEL for CentOS/RHEL 8.
Why is SCL so important here over Application Streams?
Of course you can, but I’m not sure the switch will worth the effort.
Because we have multiple versions of the same software running on the same machine.
I disagree. In the current world of virtualization, I’d prefer to have all services on the same platform. Not necessarily on the same instance.
This could mean to have a NethServer Gateway server doing routing, VLANs, firewall and IDS. Have a NethServer accountprovider doing Samba4AD accounting and have a NethServer for filesharing, printsharing, and many more other services. Even split up those services over several instances. This can be done on different physical servers or on a single server or cluster running a type 1 virtualization layer like Proxmox.
So please keep the Gateway functionality so we can keep a complete set of services with NethServer.
2 Likes
Ball is not into Nethserver development, but in finding a shorewall replacement.
Nethesis forked IPCop several years ago, and now is using the same CentoOS base plus some other tools to deliver gateway and server features, sometimes integrated in single installation, sometime as separate.
Some of the “application features” on the gateway are quite smart, but considered unsafe from security junkies of other projects (which are lacking of multi wan feature… still not wishing to deliver that).
Nevertheless… Gateway features seems less interesting for the project which is much more server oriented (mind the name) than gateway. Also, a lot of “less smart” features are delivered by “inexpensive” boxes, instead that a power-greed computer, which are quite hard to compete in performance to price ratio, for SMBs.
So… if a shorewall replacement won’t appear, maybe nethesis will consider to fork the third project after IPCop and SMEserver.
1 Like
I just switched off my home nethserver mainly because of the energy consumption (roughy 55Wh, old core 2 duo) and tried to replace it with a rapsberry pi running raspbian… and docker.
I have now seven containers running smoothly that were a breeze to configure : much, much easier that what I was used to when trying to install them directly on my NS server. Node-Red, Homebridge, Grafana, InfluxDB, qbittorrent, Plex… All those apps were deployed within minutes and without the hassle of handling dependencies, rights, conflicts, obscure configurations, …
I miss NS, but it baffled me how those docker containers were efficient and easy to deploy.
I’m not an expert of anything, just a wannabe syasdmin, but I believe NS 8 should take the pill and go for a containerised way of distributing modules, wether home made or coming from the outside. I may miss something (actually that’s pretty sure), but I don’t want to miss the occasion to tell you about my own experience and needs.
1 Like
@pagaille, you realize NethServer has the option to run containers too using portainer? Sure, the base is heavier on resources. If you are looking for a rpi grade of appliance, you can’t expect to run the current NS install with all bells and whistles very smoothly. If the rpi is all you need, then NS isn’t your solution. For every job there is a tool to use for. Don’t try to add a nail in a board with a sledgehammer.
Also, don’t try to drill a 50mm wide hole in a 30cm thick reinforced concrete floor using a dremel.
Maybe you are right to start using containers more often. It would be kind of nice to have a ‘containerstore’ in servermanager, although portainer probably can access docker store.
1 step further would be having Kubernetes or another orchestrator available.
1 Like
Well… sincerely i won’t use NethServer for containers. It’s not its purpose. End of the OT.
1 Like
IMO that is not off topic. This topic is a discussion on what we want or need from a Server distribution that aims at SOHO, Small and Medium Enterprises, and (yes I am biased) schools.
And we need as much input from as many as people as possible.
So please elaborate. I can imagine containers are used 1 layer up, or on the same layer as NethServer, when using proxmox, and let proxmox manage the containers. Or on even larger scale where a tool like K8s or docker-swarm kick in.
We might have a reasonable clear view on where NethServer at this moment fits in for which usecases, but we also can’t close our eyes from the immensely fast developments.
I think the discussion should be about where NethServer fits in the (near) future. Is that still an ‘on-premesis server’ that can deal with most services? Are (part of) the services moving to datacenters (hate to call it ‘cloud’)?
I don’t see companies leave their offices any time soon, although remote work is taking a huge leap now due to Covid-19. And until there are still people working in a certain location, there will be a need for services close by, preferably as close as in the same building to avoid lag and bandwidth problems.
In rural regions, where a stable internet connection is not guaranteed or even obvious, a server that can provide all services without depending on a fast and stable internet connection is a huge plus.
IMO NethServer has a role in exactly that scenario.
So, please shoot and add your opinions. Let us discuss this (IMO) very important topic about the future of this project.
5 Likes
I joined this community as it appeared that nethserver fits best, when I was evaluating which distribution would fit best to replace our old systems in our small company, and I am very happy with my choice.
What I would love to see in the main repo is some integration of a webconference solution for more than 4 concurrent participants, be it a stable package for jisti-meet or a high performance backend powered talk app inside nextcloud.
2 Likes
@Elleni you call, we deliver… well, almost. We are VERY busy getting Matrix-synapse with several bridges available on NethServer. Currently Element is already available and we are busy getting Jitsi-meet bridged with Matrix-synapse.
I am currently installing a complete conferencing set on a NethServer VPS so we can use it for our annual community meeting during Fosdem, first weekend of februari 2021. The event is taking place online this year due to Covid. More to follow on this in a separate topic.
But please stay on topic in this thread. It is important we chime in all and just say what we think is best for NethServer or for our own needs, what is more or less the same because NethServer is not helped when people abandon the project because it doesn’t fit their needs anymore.
6 Likes
Hi Rob,
Very interesting. That should be great for giving a course on NS, isn’t it ?
Michel-André
I’ll try: i simply won’t use a spoon to open a can.
If a Hypervisor is needed, i will use it. If a container approach is needed, i will use it.
Currently, NethServer is neither both of that. And i think is quite useless and out of focus put above NethServer the whole stack of containers or hypervisor, only to have “only one server”.
It were proposed a module for managing KVM virtualization above NethServer, but AFAIK is not available any more, even if KVM is already available as support on CentOS.
NethServer can do a lot of things, currently “one man band” installation for a office or a small company, but the real “core” of nethserver is the template management.
All the functionalities are coming from well known packages of linux (postfix, samba, dovecot, sieve, squid, dhcpd, dnsmasq, shorewall), free version of projects/products (nTOP, NextCloud, Mattermost) and a stack of tools for using other products (FreePBX for accessing and managing asterisk).
Don’t get me wrong, it’s a hell of job to keep pieces together, but when a piece will fall (shorewall) unless a new and… sufficiently easy piece to integrate will be considered, the feature will fall, expecially if there will be not updates or support from the customers.
Customers wants solutions; well, containers or hypervisor on top if NethServer IMVHO is calling for problems, not solutions.
NethServer 8 will substitute modules with containers? As already stated before, some modules are perfect for becaming containers (webtop, unifi management , MatterMost, even Asterisk), some others not.
And also: who’s willing to have a server without IPv6 management and support, as next generation?
No. CentOS is already supporting it not an answer, CentOS supports IPv6 at least since 6.x (don’t know even if 5.x had it). I mean… IPv6 was available in Windows XP buddies. The demonified and use like a scarecrow from most of sensed users of this community.
4 Likes