This guide is WAY out of date... don't use it!

This simple little page describes step by step how I setup this server. I suppose it might help someone else setup their Mac as a server... who knows.

Things You Need

• An Apple Macintosh computer capable of running Mac OS 10.2 (Jaguar)
• Mac OS X (10.2) install CD's
• Network connection
• A domain name (I recommend Namecheap.com)
• Some time

The General Setup

You should only follow these instructions if you trust your users. I do not go out of my way restricting what my users can do because I trust them. If you are creating accounts for people you do not trust, then you will need more help than I can give. My server is setup with the following services, if you need to setup other services, then you should look elsewhere.

• Apache - setup with SSL for secure http and PHP for Squirrelmail
• Sendmail - setup to allow local and select remote clients to use IMAP, POP3/SMTP, and/or webmail
• SAMBA - setup to allow only local machines to access home directories
• SSH - for remote administration

This server is on an Earthlink DSL connection behind a Linksys BEFSR41 NAT Router/Firewall. The firewall is set to foward ports for the above services (minus SMB) to the server's local IP address. If you do not have a firewall, it is probably safe to use these instructions, but don't enable Windows File Sharing (SMB). One other peculiarity about my setup is that because I use Earthlink, Sendmail must be configured to send outgoing messages through mail.earthlink.net.

Installing the Operating System

If you are migrating from an older installation, you should first backup all user home directories as well as /var/mail and any other customized files on your machine (httpd.conf, sendmail.cf, etc.). Started off by booting from the Jaguar CD. Run the Disk Utility if you are installing on a new drive. On Beige G3's the OS must be on a partition that is entirely within the first 8GB of the drive. After partitioning, start the installer and choose "Erase and Install" under the custom options. This will provide a clean Mac OS X installation. I also suggest removing the various extra language support files unless you need them.

Configuring Things

Here's a quick overview:

• Get the machine online using the System Preferences Network pane.
• Run Software Update and install all available updates.
• Download and install any necessary drivers to get all your hardware working.
• "sudo pico /etc/hostconfig" - set your domain name, and set the MAILSERVER option to -YES-
• "sudo pico /etc/hosts" - if you are using NAT you should add the IP's and hostnames of all the machines on your local subnet here. Include a line with your domain name and your local IP address. For *nix machines you should add hostnames and IP's, for Windows machines just add the "Computer Name" and its associated IP. This step is crucial because when using Network Address Translation (NAT) all local machines will have IP addresses (of the form 192.168.*.*) that can not be resolved. Adding their local IP addresses and hostnames will allow your server to do quick and successful reverse DNS lookups on local machines.
• "sudo pico /etc/inetd.conf" - uncomment the lines for POP3 and IMAP and change the path for POP3 to /usr/sbin/ipop3d and for IMAP change the path to /usr/sbin/imapd, this will enable remote users to send and receive email using the POP3 and IMAP protocols.
• In the System Preferences Sharing Pane, check "Windows File Sharing", "Personal Web Sharing", and "Remote Login", also set your Rendezvous name and Computer name (domain name) here. If you do not have a firewall in place you can use the builtin one by enabling it in the Firewall tab. Make sure to open ports for the servers you are running (22, 25, 110, 143, 443, 993, 995).
• If you want the Mac to act as a print server you will need to uncomment the "#application/octet-stream application/vnd.cups-raw 0 -" line from /etc/cups/mime.convs and uncomment the "#application/octet-stream" line from /etc/cups/mime.types. Restart the CUPS print server with "sudo killall -1 cupsd". Configure CUPS using your web browser by connecting to "http://127.0.0.1:631/printers" or "http://<server IP>:631/printers". The administrative web page should already list your printer. Do not modify that printer, instead add another (duplicate) printer using the CUPS administrative webpage. To use the printer from Windows, use the Add Printer wizard from the Printers control panel. Select Network Printer and the "Connect to a printer on the Internet or on your intranet" option. Enter "http://<server IP>:631/printers/<printer name>" in the URL box. Click next and select the printer manufacturer and model. If the printer is not listed, download and extract the manufacturer provided drivers and click the "Have Disk" button. Note that this proceedure opens port 631 on the server and provides anonymous unencrypted printing services. Do not enable this feature unless the server and it's clients are all behind a firewall.
• Setup accounts for all users. For small groups the System Preferences Accounts pane is adequate, but for larger groups a script and "adduser" may be faster. For users that will need to access their home directories using SAMBA, you should check the "Allow user to login from Windows". The login password and SAMBA password databases are seperate and so users must run both "passwd" and "smbpasswd" when they wish to change their passwords. The Accounts pane will automatically set both passwords when the "Allow user to login from Windows" option is checked.
• Download and install the latest Mac OS X Developer Tools from Apple Developer Connection (free registration required, ~300MB d/l). This will enable you to use m4 and make/make install later on.
• Setup Sendmail using this guide. You should also go into the sendmail.cf file and add noexpn and novrfy to the PrivacyOptions line. While you are in there check to make sure that m4 properly inserted the SMARTHOST option.
• "sudo pico /etc/mail/access" - add the hostnames and/or IP addresses of the people you want to allow POP3 access to here. Use the form "IP or hostname RELAY", one per line. Might also be a good idea to add a line with the server hostname as well. When done update the access database using "sudo makemap hash /etc/mail/access < /etc/mail/access".
• "sudo pico /etc/mail/aliases" - add any email aliases to this file. When done update the alias database using "sudo newaliases".
• If you are migrating from an older setup, you should put all the files that were in your old /var/mail/ directory in your current /var/mail/. Make sure that all the files have 600 permissions ("sudo chmod 600 filename") and owner:staff ownership ("sudo chown owner:group filename"). Make sure that the owner of each mailbox file is set to the username of that user. This will restore all your users main mailbox, but custom IMAP folders will need to be restored manually by each user.
• Setup PHP using this guide.
• "sudo pico /etc/httpd/httpd.conf" - set the servername, set the DirectoryIndex directive to return not only index.html but index.php as well. Enable more detailed logging by changing the log type to "combined"* from the default of "common". You may also want to remove the Apache default website located in /Library/WebServer/Documents/ and replace it with your own website files.
• Setup SSL using this guide (replace 127.0.0.1 with your domain name). Make sure to comment out the following lines from the tutorial's supplied code:
  
  <Files ~ "\.(cgi|shtml|phtml|php3?)$">
  SSLOptions +StdEnvVars
  </Files>
  
  <Directory "/xxx/xxx/xxx/cgi-bin/>
  SSLOptions +StdEnvVars
  </Directory>
  
  
• For security reasons you should probably prevent Apache from serving up the Finder's .DS_Store files. "sudo pico -w /etc/httpd/httpd.conf" and add the following:
  
  <Files .DS_Store>
  Order allow,deny
  Deny from all
  Satisfy All
  <Files>
  
  
• If you need to setup a MySQL server then follow the instructions here.
• Download the Webmin installer from here and run it. Webmin is a great tool for configuring your server remotely via the web. It may present a security risk so only install it if you need web based administration for your server.
• Download Squirrelmail from here and install it if you want a web based email system. With SSL working properly, you can be assured that your email will remain private. Also check out the optional plugins.
• If you want spell checking in Squirrelmail to work properly you will need to download the aspell source and dictionary and compile and install them both. For the Aspell source use "sudo ./configure --enable-static --disable-shared", then "sudo make", then "sudo make install". You should add "/usr/local/bin" to your PATH declaration in /etc/csh.login and add a link to aspell using "sudo ln -s /usr/local/bin/aspell /usr/bin/aspell". For the dictionary use "sudo ./configure", then "sudo make", then "sudo make install". You will also have to change the sqspell_config.php file to reflect that you are using aspell instead of ispell.
• A handy GUI tool that may be of interest is GeekTool. GeekTool can display text files and output from text based applications directly in the desktop. It's much better than keeping a bunch of terminal windows open just to monitor error logs.
• "sudo periodic daily", "sudo periodic weekly", "sudo periodic monthly" - updates all sorts of various system files and databases. Ordinarily your machine will run these automatically, but who wants to wait a week to use the "locate" command?
• If you use the terminal to do a lot you will need to get used to using CpMac and MvMac instead of cp and mv. CpMac and MvMac are installed in the /Developer/Tools/ directory after installing the Apple Developer Tools. These two utilities allow you to copy and move files the same way the Finder does (resource fork and all). If you just cp or mv files you risk damaging them by removing metadata and their resource forks. Either put CpMac and MvMac in your path, or use "sudo ln -s /Developer/Tools/CpMac /usr/bin/CpMac" and "sudo ln -s /Developer/Tools/MvMac /usr/bin/MvMac".
• If you need to use NMAP get it here. Make sure to follow the special MacOS X instructions.
• After installing everything you may want to update your prebindings using "sudo update_prebinding -root / ". You may also want to boot from the MacOS X install CD and run the Disk Utility to repair the disk and permissions. Do not set the MacOS X Install CD as the boot device in the startup disk control panel! Instead put the CD in the drive, reboot the machine, and hold down C while the computer starts up. If you set the CD as the boot device and you do not have a bootable MacOS 9.2 partition you will have to reinstall MacOS X. This problem affects Beige G3's, I don't know if it affects newer Macs.