On Sat, Dec 22, 2018 at 11:01 PM Xboxboy Mageia <xboxboy.mageia(a)gmail.com>
thanks to the IRC guys and the apt packager I was able to get a test
install done in virtual box under debian guest OS.
Good! Feel free to drop in whenever you feel like it. The channel may not
always be active, but I'm usually monitoring activity. You're most likely
active during my nights (I'm in Europe), but I'll try to respond as early
on the day as possible.
Over the Summer (I'm in Australia) break I might
have enough time to get
stuck into installing it for production.
I have a server at my business with CENTOS as the
host, with all my other
apps running in virtual box VM's.
Ok. So, I take it your desire is to run the setup in the Debian VM? Or are
you looking at installing in a CentOS VM?
I'm looking for some help in regards to how to configure the network safely
and securely, as all other apps are currently used
internally, ie. none are
Sure. No problem. Is the server which hosts the VMs web-facing? (Hmm,
reading on, I think your point with the fixed IP is probably that it is
I would like LedgerSMB to be web facing to allow me
A: work from home at times
B: The accountant to log in and work when required (usually year end).
I have a setup like that myself too, so we can make that work :-)
Which version of LedgerSMB did you install? Do I remember that you're
I have fixed IP at the business.
I have a basic/solid understanding of linux, in terms of managing updates,
modifying config files as instructed etc. That said Mageia is my distro of
choice, but I was pulling my hair out trying to get a functioning LedgerSmb
install. But I understand, with the apt repo, running a debian base install
will be easily managed.
All advice most appreciated. I may need my hand held significantly at
first, especially in regards to networking and security.
In order to run a secure setup, there's one very important thing you need
to have: a TLS/SSL Certificate. That will help keep the password going over
the wire, secure.
Another thought that I have is: when you want to expose only LedgerSMB's
web interface to the outside world, it's probably best to set up an
extremely strict firewall/iptables setup which forwards/filters just the
one single required port. Another idea would be to set up a (reverse)
proxy: an HTTP server running on an already public VM which forwards the
traffic to an internal server unaccessible to the internet.
Many ideas. Please follow-up or join #ledgersmb!
-- Hosted accounting and ERP.
Robust and Flexible. No vendor lock-in.