[arch-general] need advices for the perfect web toolbox

Paul Gideon Dann pdgiddie at gmail.com
Mon Dec 17 05:55:38 EST 2012 

On Friday 14 Dec 2012 12:51:20 arnaud gaboury wrote:
> currently following the Sun certified web component developer course,
> I want to set up a http web server @ home to practice.
> I plan to virtualize a Arch server on my Arch box.

Personally, I wouldn't bother virtualising.  Certainly not just for playing 
around with web servers.  You could do that if you want to learn about 
virtualisation and security, though.

> I know we can talk about pro/con for hours, but I am interested in
> knowing your advices about the following apps:
> -http server : Apache or Nginx (curious to test the later)

I a big Nginx fan.  It's really light, simple to set up, and blazingly fast.  
There are some more advanced features that it lacks, but I very much doubt 
you'll need anything like that.

> -container for my servlets : Tomcat ?

If you're using Java, Tomcat or Jetty seem to be your main options.  I like 
the look of Jetty, but I have very limited Java deployment experience and 
haven't actually tried Jetty.  I have used Tomcat, though, and found it a bit 
inflexible in its configuration for the particular app I was deploying.  If 
you're going the Java route, you want to get this set up and working before 
you worry about Apache / Nginx.

> -secure ftp server : ???

OpenSSH (SFTP?)

> maybe a mail server: ???

Postfix has always served me well (forwarding on mail to root from cron jobs, 
sending out mail to users from apps, etc...)  It's pretty easy to set up, but 
there's plenty of flexibility to play with if you want to customise it.  Does 
your app need to send e-mail?

> I guess ssh will be the best way to talk to the server.

Yes, always.

> Maybe other stuffs I forgot?

If you're looking into security, think about a firewall.  It gives you some 
extra reassurance that only specific traffic is going in and out.  I like 
Shorewall.

> What is the most common and simple way to secure the whole stuff
> without loosing too much responsiveness?

What are you thinking of, here?  Arch doesn't come with any big security holes 
that anyone knows of, so it really depends on what you've installed and the 
way you've configured it.  If you want to go all-out, you could eventually 
look into AppArmor / SELinux, Tripwire, etc...  I've always felt that was 
overkill for my work, so I've never tried them.  I definitely wouldn't bother 
if you're just starting out.

Paul

More information about the arch-general mailing list