Wednesday, August 23, 2017

How to set up an all open-source IT infrastructure from scratch

Courtesy - Bryan



Hypothetical: You need to set up the IT infrastructure (email, file sharing, etc.) for a new company. No restrictions. No legacy application support necessary. How would you do it? What would that ideal IT infrastructure look like?

I decided to sit down and think of my ideal setup — based on quite a few years of being a vice president of engineering at various companies — and document them here. Maybe you’ll find my choices useful; maybe you’ll think I’m crazy. Either way, these are good things to consider for any organization. 
Run services on your own servers 

The first thing I’m going to decide on, right up front, is to self-host as many services as I possibly can. 

Sure, there are noteworthy benefits to paying another company host and maintain your services for you (primary that you don’t have to have someone on staff to perform that function) but the drawbacks far outweigh the good points. 


Having full control over your own data — how it is stored and who it is shared with — is critical to any business (and any individual). Most of the choices I make below would also work as a remotely hosted option. But, where possible, I will focus on them being self-hosted. 

Some of the following functionality can be hosted on a single server, but I recommend breaking out key services to run on dedicated servers — possibly many, depending on your particular needs (such as an expectation of large file repositories) or large numbers of employees. 

Only open-source software 

For security and customization reasons, I will be opting to utilize only open-source and free software here. There are simply far too many drawbacks to basing a corporate infrastructure on closed source systems. 

This decision was easy and obvious for anyone who’s worked in IT for more than a few years. 

Kolab for email and calendaring 

For email, calendaring and general groupware functionality (meeting requests and the like) I opt to go with Kolab. It’s open source, and there’s a company behind it that will provide paid support as needed or desired. 

Kolab has a great web interface for all of the key functionality, but it will work just as well with almost any email and calendar clients in existence.

Owncloud or Nextcloud for file sharing/document collaboration

Since we’ll be going all open source, file sharing (and online file storage) options such as Dropbox and Google Drive are simply not an option. 

There are some features along these lines built into Kolab but not quite enough. I’d like something a little more powerful and extensible, which means running either Owncloud or Nextcloud

The two systems are very similar in many respects — not surprising because Nextcloud is forked from and run by the founder of Owncloud. Both will, in all reality, meet most file sharing/storage needs quite well. 

However, OwnCloud does contain some closed source bits focusing on larger organizations. On the flipside, NextCloud has made a public commitment to offer all features as 100% free and open source software. With that in mind, I would opt to go with NextCloud. 

As an added bonus, NextCloud handles document collaboration quite well via Collabora Online. Two birds, one stone. 

Matrix for instant messaging 

No. Using Google Hangouts is not a reasonable option for your company’s instant messaging. Neither is Skype. We need something that a) can be hosted in house, b) is open source, and c) is as secure and private as possible. 

I’ve opted to go with Matrix. Not only does it check all of those three key criteria, but it has two rather interesting features that, while may not be used, are nice to have around as options: 
  • A decentralized design. Meaning that, as the organization grows, new server instances could be added, say, for different parts of the company or different locales. 
  • The ability to bridge Matrix to other services, such as IRC, Slack, etc. This can make it much easier to integrate with external teams or communities.

Again. Maybe those your organization will never use those two features, but having them around doesn’t hurt.

Bonus points: Matrix handles video chats. Got a big, remote team? If everyone’s on Matrix, there’s no need for company-issued cell phones (or land lines). 

Linux-based OS and software for workstations

Not choosing Microsoft Windows is the first obvious decision here. The cost is to high (both in terms of up-front monetary investment and recurring costs associated with securing a closed platform). MacOS is, for the same reason, off the table. 

What specific platform I chose, at that point, comes down to what my specific needs are within the organization. Chance are I would select a Linux-based platform (either a free Linux distribution – Debian, openSUSE, Fedora, etc. – or a similar system with paid support). Support is the main reason to consider a paid, closed system anyway, so might as well get all the benefits with none of the drawbacks of a system like Windows.

Save money, increase security. No brainer. 

For applications, I’d also standardize around LibreOffice for the office suite and one of the several open-source web browsers (such as Firefox).

In short: All open source 

Clearly an all open-source workplace makes the most sense. Save money. Be more secure. More flexible. Those are all good things.

If you’re reading this and you are responsible for making IT decisions within your company, remember all of these when it comes time to renew your Microsoft Exchange license. Or it’s time to upgrade Windows. Or pay for yet another month/quarter of your video conferencing and file storage system.

Maybe my specific choices here won’t match your needs exactly, but for most of you, there are going to be open-source solutions that will.




1 comment: