Hello there, I’m new and totally dig Mail-in-a-Box very much!
Self-employed here in Auckland, NZ, providing smaller businesses complete solutions. That’s where I believe your product could become immensely useful. Currently, in a research phase.
I am uncertain if this is the right channel, but I will give it a try with this question:
While configuring Mail-in-a-Box on a single, small Linux web server, is there a recipe how to run a Node.js backend + frontend on the side without conflicting each other?
Goal is to offer them email + caldav + contact solutions while running their own online presence on the same server without having to “dockerize too much”.
I understand Mail-in-a-Box Setup Guide does not recommend this and suggests configuring relaying on the other web server. Still, I’m very curious if this can be somehow avoided with a solution / recipe if possible as, running multiple boxes for a small business is too much.
I don’t think they will conflict, but you would probably have to use the existing NGINX to proxy web requests on port 443 to the NODE.js backend.
But I still wouldn’t do it for security reasons. If you get a zeroday through some nodejs module, and someone can get access to your server, in the worst case they could get to your contacts, emails etc. If you really want to run everything on a single box, I would recommend to install a hypervisor and run MiaB and the NodeJS application in separate VMs. Or maybe you could run the node.js app in an unprivileged LXC container, to achieve at least some isolation from the host system.
I would think that cloudron.io might be a better fit for you here. It supports email server features equivalent to MIAB but also allows you to install apps such as web-servers in separate docker containers. It manages all of the container set ups etc for you.
MIAB is intended to be installed as stand-alone on a server. I agree with the other poster here that trying to serve web sites (other than the static sites which are already available) could open up some security risks.
Myself, I use MIAB for my ‘production’ email requirements. I’m using cloudron.io for provisioning some other services but don’t currently use the email components. I have experimented with email on cloudron in the past and it worked fine, uses Postfix, etc.
Thanks @miabuser. Two more questions if you don’t mind?
Pretend I modify existing NGINX configuration, laid out by MiaB, and add an extra block to proxy web requests, wouldn’t that conflict with future updates from MiaB? Is MiaB still able to make NGINX modifications when the MiaB installer sees customizations made by me?
Hypervisor + Server resources
Like Docker? Well, wouldn’t they slow down server (performance) when it’s already a minimal Linux server with little RAM and disk space left? (another reason I’m looking for such a recipe).
@latinhypercube thank for the pointer to cloudron.io, interesting. I’ve checked out their demo and will definitely bookmark this for later when the opportunity arises.
Although the price is too high, $180 USD per year, when it comes to providing web solutions for small businesses, like a self-employed hairdresser for example. For them, it’s about cutting fixed costs wherever possible.
I could be wrong, but afaik, it should be possible to add another server block, without having it be overwritten after an upgrade of MiaB. But I can’t give you any instructions on how to do it, because I’ve never tried running other things on MiaB myself. In the worst case, you could write a bash script that reapplies your changes after an upgrade.
If you’re running it on a VPS, virtualization is of course not really an option. And even if you could start a VM on your VPS, which is already a VM itself, the performance would most likely be very poor. VPSs are usually not optimized for nested virtualization. Containers on the other hand, do not generate much overhead in terms of CPU usage or memory. But as @sendalert already said, the applications that are running in these containers do of course use resources. This also applies for cloudron.io, or any similar tools. The more applications and services are running on a server, the more compute power and memory is required.
So if you, for example, have a VPS with 1GB RAM, you would probably have to upgrade it to at least 2GB anyways. Instead of doing that, you’d rather get an additional smaller VPS. This shouldn’t make that much of a difference in price, and you’d have everything neatly separated.
Also, MiaB is an appliance and should be treated as such. Imho it’s not worth tinkering with it to save a few bucks. Especially if this is supposed to be a productive environment for your business. If you loose your emails, it will probably cost you more than you could have ever saved by running everything on a single server. You also don’t want extended downtime, especially as a service provider where probably a large portion of the communication with your clients is going through this server.
Excellent points @miabuser. Thanks for your thoughts. I forgot about nested virtualization.
I think I will try with a bare-metal solution using 1 GB RAM first (still researching solutions). If it poses a problem, I’ll slowly increase until it works and charge the customer with a few more bucks.