Fedora Server Edition on rented root server hardware - the example of Hetzner

Article Summary:

Installing Fedora Server on a rented remote hardware is subject to some restrictions and peculiarities that result from the placement in a remote and inaccessible data center, as well as from specific security measures taken by the providers. For other main stream distributions, there are many descriptions. For Fedora / CentOS / RHEL, information is sparse and often outdated.

This article uses Hetzner as an example to show how these special features can be implemented exclusively with Fedora resources as part of a Server installation.

Article Description:

This article is intended to be the first in a planned series of “Fedora Server Edition Use Cases”, which will be created in collaboration with other members of the Fedora Server Edition Working Group.

Planned articles, some of which are already nearly finished:

  • “Fedora Server as a modern, fully featured multi domain mail server”
    Such articles are available in large numbers for Debian and derivatives, but very rarely for Fedora.
    coming in 5 parts
    1. Requirements and system configuration
    2. Basic mail service (Postfix, Dovecot, Post Screen, SNI, auto-configuration support)
    3. Gaining trust, OpenDKIM, Dmarc, SPF
    4. Defending against spam and viruses, Amavis, ClamAV, milter
    5. Managing e-mails using Sieve
  • “Fedora Server as a hosting server”
    featuring customer manged system container to let user log in and work on their own without having to be a system user.
  • “Fedora Server as a home server and NAS replacement”
    Includes a comparison of affordable hardware platforms x86 MiniPCs and aarch64 SBCs
  • “Using Fedora as a single login server using LDAP”
1 Like

This sounds like a great series and I’m looking forward to it. The only thing I’d worry about is promoting Hetzner (or any for-profit service). Can the articles be written in such a way that they avoid using the provider’s name (even if it is “obvious” from the screenshots or it can otherwise be deduced)?

Since product placement is everywhere these days, I’m more worried about the appearance of it being an advertisement than any particular actual conflict. I think @glb’s suggestion is good.

Maybe, a footnote saying that you’re not affiliated with Hetzner and this isn’t an advertisement, or an endorsement by Fedora — it’s just the hosting company that you personally use.

1 Like

That would be possible, I think. But we lose an important bit of information, namely the information on how it works with Hetzner.

When someone “googles” for “Fedora” and “Hetzner”, they will not find this information. And that is also an important point. For “Debian” and “Hetzner” you will find lots of articles.

We would then have to find another way. Major Hayden does this on his own blog for CoreOS, just as an example. None of us run our own blog. We try to do everything with Fedora resources and Fedora infrastructure. Any idea on this?

I don’t know. As you point out, this has been done before. For example: Fedora Linux 35 is now available at Vexxhost - Fedora Magazine But the first comment to that article demonstrates what I am concerned about. I think the line has already been crossed if there ever was one, but I don’t want to turn people off to Fedora Magazine because they start seeing it as just an advertising platform. All that said, I do want to see a series of articles promoting Fedora Server. Can I just ask you to “tread lightly” with regard to mentioning the provider by name in your series? Also, I wouldn’t feel right about rejecting comments that criticize Fedora Magazine for promoting a for-profit service, so if you do that, brace yourself for a few of those sort of comments. (I will trash negative comments if they are directed at people, but I generally don’t if it is a legit complaint about some technology or service.)

Yeah, a good point. I think that’s easily doable. I can start with the problem, e.g. coping with network restrictions, in case of Hetzner their network management Hardware, which requires brouting (quite undocumented with Fedora). Working strict problem centered should avoid advertisement appearance. And the article could in a short way to Hetzner where this kind of _Network policy is in use. And then, the “not in Google” issue would be resolved.

2 Likes

This series of articles is +1 from me, given the aforementioned provisos.

1 Like

I see what you mean. The criticism that it is more advertising than technical information is difficult to refute.

In my current text, the relationship is different. It is mentioned that Hetzner uses juniper for network management and therefore all IPs that are assigned to the hardware interface have the same MAC address. This means that the usual virtual bridge not works. And then there are detailed instructions on how to configure a brouter bridge with plain Fedora ressources.

But I can create a text and we can then decide whether this is “light” enough. Or how to change it.

1 Like

Pagure ticket #325 has been opened for the first in this series.

As the series progresses we can open subsequent tickets.