Mac mini server (mid 2010) setup notes
I recently bought a unibody
Mac mini.
Because I wanted a pair of fast drives, I got the server edition. Although it's
somewhat pricier than the base version, you get a faster CPU (2.66 GHz Intel core
2 duo T8800), 4GB of RAM, and two 500GB 7200rpm drives
(
Hitachi
travelstar 7K500).
For the most part, setting it up was smooth, but a few annoying things stood out.
Firstly, snow leopard was already installed on the machine, but inexplicably, the
drives were partitioned as two separate volumes. It would have made more sense to
have shipped the mini with the drives combined in a RAID volume. Instead, I had to
repartition and reinstall snow leopard again to get a single RAID 0 volume. It took
several attempts at booting the install DVD before I figured out that the boot ROM
doesn't like keyboards that are connected via USB hubs. After plugging in my keyboard
directly into the mini, holding down "C" boots the mini from the DVD drive. (Here's
a
boot modifier list and a here's a
handy list of
mac keyboard shortcuts).
The next interesting fact about snow leopard server - the firewall config is quite
different from regular Mac OS. Rather than accessing the firewall pane in the
"Security" section of the system preferences (that's where the help points you),
you start up the "server admin" app. You enable "Firewall" as a service. The firewall
service then appears as a running service, and you can then configure that. The good
news is that this "server admin" gives you visibility into the firewall details, rather
than an unhelpful list of services/applications. You can see the rules being applied
to what I'm guessing is ipfw. Unfortunately, ipfw doesn't seem to do statefulness in
the way that I expect. For example, enabling outgoing udp packets with statefulness
should be sufficient to make traceroute work. However, it seems that ipfw isn't matching
the returning ICMP "TTL exceeded" packets against the outbound UDP state. So I had to
also enable extra incoming ICMP types before traceroute worked. Other stateful
firewalls like pf do the right thing in this regard without needing the extra ICMP rules.
The final bit of fun for the week was getting time machine to backup to a remote samba
drive. Time machine is great example of what Mac OS does very well. You normally
configure it by pointing it at a backup drive, and it works without any further
attention from you (in fact, as I'm typing, time machine is happily doing an incremental
backup in the background). However, in their wisdom, Apple doesn't support backing up
to remote drives other than time capsules or other mac machines. A bunch of people have
written up
workarounds. From these notes, it looks like you need to do:
defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1
- create a sparsebundle disk image. You can use hdiutil, but a sparsebundle created by Disk Utility worked for me.
- create a .plist that binds your machine's UUID with that backup.