Thought about it. But… Not exactly an out of the box solution. Plus putting ZFS on root with Linux is much more involved.
extide
34
No pain no gain 
Haha Nah, *BSD is cool too
maxmoon
35
Can you tell me more about the security stuff? I don’t understand what exactly does a webhoster do wrong? How exactly is it not secure to send e-mails over those cheap hosters?
Would a provider like @markwaters suggested (servermx.com) would be more secure? If yes, why? Could I send and receive e-mails without a 4096 RSA PGP key with a provider like servermx?
I don’t understand why my e-mails are my primary identity. I have changed my e-mail address a lot, because of spam or to have a more anonymous e-mail address. I just want to communicate with a lot of people (anonymously) and secure. Ok, the secure part could be a problem with my cheap hosters, but I still don’t get why it isn’t secure?
Can you please explain to me what this exactly means: “long end of life”? Even if I install a Windows 98 SE it could run the next 20 years. I seriously don’t know what this “long end of life” means and how it could help to manage a server?
Does the package manager of those operation systems have a function which allows me to update only security related stuff? What if the security leak is in apache or php? If I have to update it, how do I know if everything else will still run?
What exactly do you like on ZFS? Wasn’t it the file system which was created for 128bit systems, but we still “only” have 64bit systems? It doesn’t make sense for me, why is this file system so special?
In my opinion ZFS is the epitomy of file systems. It encompasses multiple levels of the storage system that were previously separate (e.g. RAID and File System).
ZFS makes it easy to create, destroy, copy entire “datasets” (think of them as partitions but much more flexible). It supports snapshots which freeze the file system in place and allow you to rollback the whole thing or recover just parts (i.e. files) of it. It handles the redundency (RAID) itself.
Snapshots can be sent/received remotely, making backup/restore even easier. It has copy-on-write, etc.
The biggest selling point for me though is that it’s self-healing. It checksums individual blocks on the disk to ensure data integrity and if you have copies (either mirror or parity) it can recover damaged blocks (if you don’t have a copy, it will notify you what information was lost).
That’s just a high-level overview… The perks go beyond what I’ve written.
I’m not going to delve into everything you discussed because it’s outside the scope of this forum.
Just to be clear: All email is insecure. Period. Unless you digitally encrypt each message you should assume at some point it’s sent across the Internet in plain text.
End of life is the time in which it’s supported. You could install Windows 98 SE but your machine would be compromised in a few minutes as there are no security updates for that operating system. Operating systems that have a long end of life are ones that provide security updates till their end of life date. CentOS is great for this. Debian is better now but still not quite as a good.
If your operating system’s end of life is still in the future, you’ll get the update.
maxmoon
38
This part sounds really interesting, because I was looking for a solution to roll back whole partitions or even disks without copying the whole disk (e.g. with CloneZilla). The reason for it was, that I always wanted a clean system, because almost every time I try software from the package manager, I am not able to remove everything again (completely) and with time I just pollute everything. And it might be a good thing for security reasons.
But how does it work with files? Is it just like git or does it only hold two versions of a file? The one on the disk and one temporary version?
I know the scope is outside the forum, but we have such a nice discussion here. I can rarely find such nice people in other forums. But can you suggest a forum were I can discuss those topics even more and get similar answers?
It operates at a lower level than git. Git tracks files. ZFS tracks blocks of data. If you snapshot a dataset, that snapshot takes up 0 bytes, more or less. If you add a 1 GB file, the snapshot is 1 GB. If you delete a file, it tracks that as well. It tracks everything from the point of the snapshot onward. This also means if you delete 30 GB, you don’t gain that space back; it’s needed to restore the file system to that point. But the idea is that you’d keep rolling snapshots. If you restore to a snapshot you cannot, however, restore again to a future snapshot. Once you rollback, you are rolled back. You can, though, pull individual files out of the previous snapshots using a hidden .zfs directory in each dataset’s root directory.
A large company might want to keep snapshots at 15-minutes intervals for a few days and daily snapshots for a month. So old ones are constantly getting removed and new ones created.
Snapshots are also cheap (performance wise). It takes virtually no time or CPU effort to create one.
Again, it’s also very low level so it happens quickly and works efficiently.
ZFS does need a fair bit of free space to operate well. I’ve experienced noticeable performance drops when my array got to 70% capacity. Thankfully growing the array is pretty easy by either adding new drives or slowly replacing existing ones.
ZFS will do this but that’s not its primary point. What you want is something like VirtualBox to play around in and restore the whole OS, create different branches of experimenting, etc.
e: Use the right tool for the right job.
No, sorry. I’m not hear to promote other forums and in all honesty I don’t even frequent that many. You might have to learn like the rest of us… by breaking things along the way.
fox
42
you won’t be able to solve this with snapshots, containerization for services is a much better approach.
minor point, if you snap a dataset, the snap takes near zero bytes, if you add a gig file, the snap is still 0 bytes, since the snapshot only refers to data that existed at the instant it was taken. Adding or removing subsequent files has no effect on the snapshot. However, deleting or modifying a gig of data that existed at the time of the snapshot will THEN cause the snap to ‘grow in size’ as that deleted or modified data is now only referenced by the snapshot and not the main dataset.
In essence, all a snapshot is, is the system saying "instead of deleting it, I’ll keep this uberblock, and everything it refers to, and not mark anything there free, that’s why they happen so fast.
Thanks. I was mixing snapshot size and actual used space when I was explaining that. You are of course correct.
Kierun
45
@maxmoon Read the above and understand it.
Yes, you can install only security updates and have nagios or some other piece of code check that things are not broken. You need to go and read up on basic system administration as soon as possible.
maxmoon
46
But VirtualBox isn’t the right tool either, if it’s about virtualizing the whole local operating system or even the whole hard drive. At least I thought VirtualBox is to play with other OSs to test something out or to run stuff on OSs you can’t run on your normal machine. I once had Returnil back than I used Windows and it was really useful, because you could have any virus on the machine you would like, but after a reboot everything was clean again. This for a Linux machine with a writable partition to store some permanent data and it would be the best local machine I can imagine 
Oh, come on! It’s like inventing the wheel again. I don’t even code everything I need, because it exists anywhere in some varieties and after asking people, I can use the best variety. Is it really useful to go through all this stuff again? Googling around, finding mostly those forums which are high rated, but are just crap… nowadays you can’t find good stuff by googling it.
Do you talk about docker and similar things? I thought containers are only containing specific applications and it is possible to change everything within a container and that it is just a specific configured installation of something. But is it really possible to have a fresh OS if I boot up my computer. Is it possible to apply changes if I don’t want to loose them sometimes? There are exceptions, which should be permanent.
Isn’t Nagios a little bit overpowered for a private server? If I really need to read about basic system administration, then I would be very thankful if you recommend something or a way which is more efficient than the way I’ve already gone the last years. Because in your eyes I did something wrong, if I need basic system administration skills. But maybe you meant advanced or expert administration skills 
I did and you guys are! 
Um. How do you think the people you are asking learned how to answer?
That depends on how good, or how crap, your googling skills are. it’s not like the good information has disappeared.
I saw “want’s” (with an apostrophe) and I stopped reading.
First post was really the best place to stop reading this abomination.
