Currently we are running on NS7 up-to-date. It’s only a small business, a few windows clients but a lot of machines (and data) in the LAN of the company. In 99,9% of all time everything is running as intended, no need to investigate as an admin. No way due legal circumstances to move any data in a cloud.
While moving from SME to NS I followed the good advice from Andy and installed NS in/on proxmox. In front there’s an OPNSense acting as firewall, and handling a few things for the network. The migration was not easy, finally with the help of this community and the forum, it could be done.
I’d like to test the new NS8. A few questions are coming in my mind:
Assuming I want to stay with proxmox. Does this mean, I’d have to install first i.e. Rocky, Alma or Debian? And then on top the NS8 software?
will NS8 serve the LAN if there’s no internet connection?
I tried to read as much threads as I found in the forum about the intended changes from NS7 to NS8. It’s very clear that every new move needs a learning curve. No problem with that.
Powerful web interface that simplifies common administration tasks, very easy/fast installation and a lot of pre-configured modules installable with a “single click”.
I know NS8 is in alpha state - but all I read in the forum about NS8 gives me the feeling, that as a part time sysadmin I have to spend a lot more time for NS8 as for NS7. Not only to install, configure and administer NS8, further more, at least there’s also to maintain one underlying OS (maybe two).
at this point I do have the feeling, that NS8 might not longer address small enterprises. It seems more to be an offer for companies, with an IT-department or an external IT-guy, who’s doing the whole stuff.
I’ll going to install NS8 in a VM for tests. Will try for myself to find out, if NS8 could be the future for us.
But in the end, there will be a migration path, where you backup on NS7, and install restore on NS8 (Or something similiar, that’s up to the devs to decide!), BUT: You will end up with your data, and services, running on NS8. If you want or need to run more, why not? If you prefer to stay as it is (It works), also why not.
Sure have a look at what’s coming, but don’t worry before you get to the bridge… Maybe it’s a big looking bridge, but only spanning a small chasm…
I trust our devs will handle the migration as they have in the past - eg NS6 → NS7…
Using Proxmox underneath does make the migration less of a headache…
And OPNsense will still stay my firewall, why change a winning eam?
As I see System requirements — NS8 documentation for testing with rocky it has to be >= 9.1. This leads to problems with my old horse hp compaq 7900 sff. CPU can’t sse4. Means kernel panic. I assume the same problem will pop up with alma.
Should I try debian? Or centos?
Edit: I’ll give debian a shot. Probably centos is causing the same problem
Just my thoughts, I guess it is the point where we leave the ‘all in one’ concept of the SME legacy design and philosophy.
One upon a time, ‘E-smith Server & Gateway’ was intended for area’s and small entities (e.g. K? schools too) in AUS to provide a simple ‘small business server’ based on ‘install and forget’.
I guess times change, but I hope the NS8 update system will provide some automatic assistance. But yes, Proxmox + base OS + NS8 (nodes) + Firewall
…and without any further indication of what was happening (“doesn’t work” is, well, pretty useless as a problem report), none of us have any idea of what was going on either. But there’s no reason to expect that the web UI’s users should show up in /etc/passwd.
That’s correct. I followed blindly the install instructions. It’s not a problem report, more a report of just following the instructions.
As I installed the most minimalistic debian (only ssh and system) without apache or nginx, where to investigate? Do I have to look to the logs of the debian os? Where are the logs from NS8? Still in os directory /var/log? Does NS8 have an own structure for keeping logs? Is this somewhere documented?
For now system is up and running. Next step is creating an AD, groups and users. Will report.
Yes, but we are also preparing some ready-to-use images for different virtualization platforms.
Stay tuned
Yes, but the internet connection is required during install and when installing new stuff.
Our targets are always small companies. So yes, we hope that a single server will handle almost the same stuff as a NS7 server.
The VPN is for connecting the node clusters. It’s mandatory but used only when you have two or more nodes.
The VPN is bundled inside the cluster because the system needs to handle the configuration in case of leader switch. If you use a cluster with one node, you can just completely forgive about the VPN.
Meanwhile I figured out where the logs are stored. Still a little confused because of the underlying OS logs and the logs of neth8. Well I guess, one can get used to it.
I created an AD, user and group. I also installed the mail module and roundcube. While installing the mail module there’s an issue looping in the logs:
Lot more information. As there’s no integration to the host (not possible to copy’n paste, I could take a screenshot of course), I decided to ssh to the system. I read in the install instructions the firewall is open on port 22 per default. I am able to login on the console with the given credentials for root while installing the debian host OS. I’m not able to ssh to the box. On the console systemctl status ssh shows the server is up and running. It also tells me, the user root is failing the password. No idea at this point - I’m not a debian specialist. I would assume this should just work?
Further more testing, now on beta2, still underlying debian 12 os as host in virtualbox. No letsencrypt certs.
As far as I can see, samba is running, shares, user and groups are functional. Mariadb, nginx and nextcloud seem to work. Did not test any email yet.
Syncing data from i.e. another linux machine with rsync to a samba share, seems to be very difficult. The underlying OS knows only root. The shares of course have other users (and groups). Trying to change owner and permissions does not help. Anybody with a hint? Could help to sync BIG DATA from old to new server… just in case moving data manually from old to new.
And another probably stupid question: in Neth7 backups were offered with restic, rsync and duplicity. What is the reason for changing the horses? It was simple and did the job…
This is due to how containers work, take a look at this.
You need an external rsync process that mounts the volume and does the job: it’s not easy at all.
We didn’t, we just pick the right horse for the job: restic is the only backup engine supported so far.
Making the swiss knive rsync complicated to use is in linux world a really big con. Not beeing able to easy transfer data from one linux machine to another with rsync, is a lack. Sorry to complain.
Easy backup and restore single files seems also getting complicated. Why? It’s essential to any admin to have an easy and fast process. Do I overlook something?