JUST RELEASED: Visit the Incredible PBX WikiToday we begin our five-part series on building a full-featured Internet hosting server with a Mac mini. If you’ve followed our previous advice and are considering a move to a hosting provider for your web sites, then this series will show you how to build the perfect staging server, a place to experiment with new code before moving it to a production environment. Over a year ago, we undertook a similar project on the Windows XP platform. The difference in performance, security, and ease of deployment on the Mac platform is the difference in night and day so you’re in for a treat! For those unable to afford the move to a hosting provider at this time, you can use a Mac mini as your host for the time being. Functionally, there’s nothing a hosting provider would give you that can’t be replicated for free on the Mac mini. Other than bandwidth and slightly better performance, the Mac mini will provide an almost identical hosting environment to what you’d be using with a commercial hosting provider. In fact, we recommend installing application versions which match what most reputable hosting providers use, and we will do that here. If you later decide to make the move to a hosting provider, everything you’ve built on your Mac mini can be transferred with ease. Listed below are the pieces we’ll be putting into place over the next week or so to complete our ISP-In-A-Box project:
Our focus today will be on the hardware and web server software you’ll need for this project, and then we’ll get the Apache Web Server up and running to host your first two web sites. Luckily for you, Apple has made this project incredibly easy … and cheap. You’ll need a Mac mini which includes Mac OS X and FreeBSD ($499). Like Linux, FreeBSD is another UNIX derivative so most of the rock-solid Internet applications available for Linux have also been ported to FreeBSD. And, also like Linux, most of these applications are free at least for non-commercial use. Unlike Microsoft where security has been an afterthought and Linux where you have to track down patches and dependencies yourself, Apple takes security seriously and automatically notifies you when patches become necessary to keep your machine safe and secure. One button click and an admin password, and you’re up to date with the latest fixes and enhancements. If you’re serious about having web applications accessible from the Internet, there really are no sane options other than the Mac platform or contracting out your web hosting. Then again, perhaps you need another full-time job in which case Linux or Windows servers will gladly suck up every free minute of your day.
Hardware. Since the Mac mini only has one RAM slot and because Apple has made Mac mini hardware upgrades difficult (but not impossible), you may want to consider at least bumping the machine up to 512MB ($75) when you initially order it. This will almost double the performance of the box for applications such as those we’re going to be deploying. Extra RAM is particularly important once we get all of the ISP functions (shown above) running simultaneously. The other option that’s too inexpensive to pass up is increasing the hard disk size from 40GB to 80GB. For $50, you’ll never be sorry. If $499 is your absolute budget, then fine. Everything outlined here will chug along on a $499 Mac mini. If you can scrape together another $125, you’ll have a much more capable system down the road when you really start exercising the server capabilities of the Mac OS X platform.
Unlike Microsoft, which cripples Windows XP Home Edition by not including a web server, Apple has taken just the opposite approach with Mac OS X, the operating system which is included with your Mac mini. Because Mac OS X is built on top of the FreeBSD platform, Apple has included most of the FreeBSD development tools in its software distribution. Enabling the Apache Web Server on your Mac mini may just be the easiest thing you ever do on the computer. Click on the upper left corner of your display and then choose System Preferences. When the System Preferences window appears, click on the Sharing folder under Internet & Network options. Under the Services tab, place a check mark in the box beside Personal Web Sharing. If the system won’t let you select this option, click the Lock and enter your administrator password. If you want people on the Internet or your local network to be able to access your web site, you also need to enable Personal Web Sharing under the Firewall tab. You do have your firewall enabled, don’t you? If not, do it now! Once you complete these steps, open your web browser and enter localhost as the destination address to find. You should see the Test Page for the Apache web server with the Apache logo. Congratulations! You’re now a webmaster.
Actually, your Mac mini is now hosting at least two different web sites. The main web site which is accessible at localhost, 127.0.0.1, or your Internet IP address is the one we’ve already accessed. If you open a Finder window and select your local drive icon, this will move you to the root directory. Then choose Library, Webserver, and Documents to move to the directory where HTML pages for your main web server are stored. The default web page is index.html or index.html.en if you’re supporting multiple languages and English is your computer’s native tongue. There’s also a web site for each user account on your Mac. Documents for these sites are stored in the Sites folder of your home directory. You can access this web site at the following address: http://localhost/~yourname where yourname is the account name you set up when you first turned on your Mac. When you access this site, Apple even provides instructions for building your first web page. Your personal web page can be accessed from the Internet with an address such as http://nnn.nnn.nnn.nnn/~yourname where nnn.nnn.nnn.nnn represents the IP address provided by your ISP.
Finally, you’re probably whining because most folks don’t access web sites with an IP number and most ISP’s assign dynamic IP addresses which are always changing. Right you are to complain, on both counts! Here’s what you need. First download DNSupdate and install it on your Mac. This software regularly talks to a DNS server to tell it what your current IP address is. Next, set yourself up a dynamic DNS name on DynDNS.org. Once you complete both these steps, people can access your web site on your home network using a domain name just like mine. Using a web browser, type in wmundyhome.dyndns.org to see how it actually works.
Tomorrow we’ll get your email server up and running on the Mac mini with about the same amount of effort it took to activate Apache. Until then, here’s hoping you enjoy your first day as a webmaster. Click here to read the rest of the articles in this series.
Exactly what I’d like to do. Looking forward to your instructions. Thanks!
How does one get remote access into the box? What happens if I’m at the office and my box needs to be administered? Can you ssh into it? get in via a serial-usb adapter?
[WM: Here’s a whole list of alternatives for remote access.]
I’ve been working with Postfix since 1998, back when it was still called VMailer, and before Wietse officially announced it. It doesn’t do POP3 or IMAP. For that, you’d need to have a different package, such as UW-IMAP, Courier-IMAP, or Cyrus. UW-IMAP is the simplest to install and administer, but the least scalable. Cyrus is the most scalable, but also requires the most work to install and administer. Courier-IMAP falls between these two extremes in both areas.
Secondly, MacOS X has a Mach microkernel, with a userland derived primarily from FreeBSD, but also including components from other *BSD implementations. This is not the same thing as saying that MacOS X includes FreeBSD, or is built on top of it. This is a subtle but important difference, since many *nix applications will run out of the box on MacOS X, because they don’t delve deep into the kernel or the filesystem. However, other applications that do dig down deep will need quite a bit of work to be ported to MacOS X.
[WM: I didn’t get into a lot of detail on POP3 and IMAP because I don’t think it’s a good idea for most folks. The Postfix Enabler uses the UW-IMAP package, I think, for POP3 and IMAP services.]
Forgive this newbie and his ignorance.
I think most everyone wants their website to have a unique address and if I read correctly the way you have this set up you can’t have a unique address such as http://www.thisismyaddress.com
To do this one would have to use the CustomDNS option and not the DNSupdate, or do you have to use the DNSupdate in conjunction with CustomDNS?
thanks for any help you can provide!
[WM: I’ll cover this next Monday. It’s pretty easy… and cheap!]
ISP = Internet Service Provider…
Is it possible to set set up dynDNS.org to run several web sites? Also, what if the computer is behind a firewall (Gateway/Router)? Do I have to turn on a DMZ or run port forwarding on the router?
[WM: Sure you can run mutliple web sites with dyndns. You only need to make a few changes in the Apache config file or install WebMin and do it from there (I’m going to cover it in the next few days/weeks if you want to wait. You don’t have to put your Mac on the DMZ port of your router. You just tell the router to forward port 80 traffic to the IP address of your Mac.(I’m also going to cover this in the next couple days so stay tuned.]
I like the mac mini but just wanted to take issue with this "Then again, perhaps you need another full-time job in which case Linux or Windows servers will gladly suck up every free minute of your day."
You should check out ClarkConnect if you think administrating a Linux server is difficult. You could have an old x86 box up and running in 30 minutes doing everything you have the mac mini doing and for a hell of a lot cheaper.
But in fairness doing it on the mini is cool. But just saying I wouldn’t waste my mac mini like that 😉
[WM: Yeah. I’ve used ClarkConnect for many years and SMEserver, too. I like both of them. They’re great server products, but not for folks just getting their feet wet with a server. You also need a pretty extensive Linux background to add much of anything to either type of box because both companies go out of their way to try to get you to use their paid-for stuff. And then there are the security patches. Unless you buy the commercial versions, it’s up to you to track down the updates and get them installed. And both of them are built on old versions of RedHat Linux that are no longer supported by RedHat which might make some think twice about going this route. But, you’re right, if you have an old x86 box lying around and you know what you’re doing, either of these server platforms would work great.]
[You’re absolutely right. You have to enable Personal Web Sharing under the Firewall tab. We covered this in our Network Security article, but thanks for reinforcing it. As for why you can’t shut off port 80 while the web server is running, keep in mind that the firewall is protecting the service port on your server from everybody, not just folks on the Internet. If you want to use your server on your local area network without having to worry about firewalls, then you need to turn off the Mac’s firewall and install a hardware-based firewall/router between your LAN and your Internet connection (NOT recommended).]
For some interesting perspectives on using the Mac mini as your web server, check out this thread.
I came across your blog about a month ago. Your articles have provided me with many evenings of intellectual challenge and enjoyment. I am sure that many other readers share in this opinion.
I am looking forward to the future chapters.
JM, San Diego, CA
[WM: Since I’m obviously not in it for the money, I have to tell you that the greatest reward anyone could ever receive from a blog is appreciative readers. Thanks.]
Is there any bandwidth issues with running a server under a mediacom internet connection?
Just to offer an alternative to what seems to be a common meme – the FreeBSD faction seems to have capitalized on the visibility of the use of FreeBSD in Mac OS X. But if you look at some of the man pages:
cd /usr/share/man
grep -r -i netbsd *
it appears to match with the below excerpt from the Evolution of Darwin page that states much of the userland comes from NetBSD, not FreeBSD: http://developer.apple.com/darwin/history.html
DARWIN’S ROOTS
The Darwin team is indebted to a diverse collection of open source projects, including the following:
– Mach, which was originally developed by Project Mach at Carnegie-Mellon University, and later enhanced by the Open Software Foundation (now The Open Group).
– 4.4BSD-Lite2, originated in UC Berkeley’s Computer Systems Research Group and developed by a large number of contributors:
* FreeBSD, the primary reference platform for Darwin’s BSD kernel development.
* NetBSD, the upstream source for a significant portion of Darwin’s user-space commands and tools.
* OpenBSD, with its focus on robustness and security and its integrated cryptography, provides OpenSSH for secure remote access.
Hi, I read through this tutorial. Downloaded DNSupdate, set up a user and host. Plugged in the information from the DynDNS.org account info. I set up a Dynamic DNS name there. DNSupdate says everything is ok. If I type localhost in my browser, it works fine. But when i type my dns.or domain name which is ‘cbarcala.homeip.net’, it says cannot find server. Im on Verizon DSL, using ppp settings. The ip of the machine is what the dns.org account shows. i enabled persona web sharing, firewall and that is selected there as well. Not sure what else is could be? any ideas?
[WM: Are you inside your firewall when you try to access your site using the dyndns domain name? If so, some NAT routers won’t let you go out and back in so try accessing your site from your neighbor’s house. If it still doesn’t work, here are two possible reasons. Some ISP’s block Port 80 (HTTP) access to machines inside their network. The easiest way to test where the problem is would be to plug your web server (BRIEFLY) into your DSL modem and see if anyone else can get to your web page. If not, it’s the port 80 problem. You can search our site for port 80, and there are some ways to solve this. If your site is accessible, then there’s an incorrect setting on your router/firewall. Good luck. ]
Problem solved. I found out that the problem was not an Apache issue but a Gallery 2 one. Resolved by the kind folks on the G2 forums.
I am running a web server on a mac mini for a few thousand users. For some reason, the web server stops serving up web pages now. It worked well for a long time. But now, it stops working about once a day now. I’m required to restart the computer to get the website working again. Have you experienced this problem?
Interesting article. However, I’d say that your statement ‘Microsoft cripples Windows by not including a web server’ gives readers a biased perspective on the issue. Apple was able to include a web server in standard installs easily because of Mac OS X’s history as a UNIX-based OS. Apache and many of the other services that run on OS X were almost shoe-ins due to the userland commonalities between it and other *nix OSes. Your remark makes it sound as though Microsoft could have easily included a web server with XP, which isn’t really true, unless they made IIS a standard part of every install. Also, running a web server introduces additional security risks which IMHO are not worthwhile for the majority of users.
Also, on many Linux distributions security patches are avilable in a very user friendly way, or via a single command line function. Linux is not as easy to use as a Mac all the time, but updates, especially in teh more user-friendly distros, are fairly painless in my experience.
Otherwise I found this article interesting. But please keep in mind that while Macs are generally well designed and good for certian applications, they have faults too.
[WM: The issue in this article was web server software, not security and not a Mac vs. Windows debate. I purchased the second IBM PC sold in Atlanta. I’ve been in the business since DOS 1.0 and have installed and supported thousands of Windows machines over the years. Your suggestion that Microsoft couldn’t include a web server for technical reasons is mistaken. It was purely a marketing decision. Their Personal Web Server, a trimmed down IIS, was a part of virtually every Windows OS going back to Windows 95. The fact that Apache runs fine under Windows XP pretty well documents that a web server has no problems with the OS. So we stand by our statement that Microsoft intentionally crippled Windows XP by not including a web server.]
Hi – great article! your article was a lifesaver when the Linux server went down at my office and while waiting for the technician to be scheduled I got my mac mini setup and run the one most important web site.
One thing I’d like to ask – anyone else notice that DNS update is slow in updating – or not working at all? I had to do the bulk update from dyndns.org instead because it was too slow. (haven’t updated yet as of this writing when I deliberately tested it) Anyone know howto tweak it to update faster?
Great article, I learnt alot, thanks! Incidentally, is it possible that I run a mail server off the mac mini as well, as in having my own name@domain.com? I want to have multiple emails, for memebers in my family – thanks
So I installed Drupal on my Mac Mini. It works great and is a fantastic tool.
I have a couple of websites online that I do for fun so I decided to stop paying the monthly fee to host them since they make me no money.
The problem is that after using the wonderful Drupal sitemap module to submit my site to Google, I am getting a "General HTTP error" from Google. Upon further inspection, I have discovered that Google does not index private IP addresses:
"IP in excluded range – The IP address is in a private address space, reserved for local use (for instance 127.0.0.1). See RFC 1918 for information on private IP ranges."
Does anyone have any idea how I could bypass that? After all the work I went through to set up MySQL, PHP and configure Apache on my mac, this is a real deal breaker. I am REALLY not looking forward to setting up my site on a real host just because Google won’t index it.
My domain is http://www.hiphopco-op.com.
Please help.
I totally agree with what you’re saying. I wish more people felt this way and took the time to express themselves. Keep up the great work.
Andrea Jasperson