I'm building a security-intensive (stores credit card numbers, etc) using Python and Django with UWSGI (written in C), NGINX, and PIL (Python Imaging Library). I'm trying to work my way up in the Ubuntu world to be less of an ignoramus, so I just bought the Official Ubuntu Server Book. Just reading this book isn't going to make me even an amateur level server admin compared to the peeps on here though, so I have to ask:
Which flavor of Ubuntu would be an optimal route to go down with the above requirements, and more importantly, why? I've read good things about Hardy, but I know not the reasons why it's "good".
Basically I would use the latest LTS release for a server, as of writing that would be 10.04 (Lucid Lynx). The reason is quite simple! On a server you properly want to use a system that doesn't need to be upgraded in a few months.
There is no reason to use Hardy Heron for a new server, it is currently two years old and will be abandoned in a year.
Ubuntu is released every six months and they are abandoned after eighteen months, except the LTS version that are released every other year and are kept alive for three years.
EDIT: Server versions of LTS is kept alive for five years.
Hardy 8.04 and Lucid 10.04 are both Long-Term Support (LTS) releases and will be supported for quite a while.
Both are getting updates and security fixes until 2013 and 2015 respectively. Contrary to answer by Source Lab, LTS server editions are maintained for 5 years.
Hardy has python 2.5 as default whereas lucid has 2.6 as default. If not all of your dependencies are proven to be reliable with 2.6 I would recommend sticking with Hardy for now.
Disclaimer: I deploy Django sites on "current" releases, not LTS. I'm sure I don't do everything perfectly but here's my opinion on the matter.
There's a lot of faith in LTS releases but the rules/benefits don't quite apply to Python stacks.
I say this because keeping your python stack bound to a repository with its own updates can mean disaster when it comes to dist-upgrading. Versions jump so far that it's a lot harder to track down things have have been both deprecated and deleted from Django before you've seen the first deprecation notice.
You'll also get ferociously very fed up with the version of Django that comes with Lucid after a time. It won't support the production-ready features Django will have then so you'll want to install from outside the repositories.
It lets you keep multiple, fairly static virtual environment python stacks around. This means you can have a websites on old versions of things, other websites on other versions in another stack, test updates on new stacks, etc. It's a powerful concept but you need to keep on top of the versions as you don't have a package manager holding your hand for security updates.
http://www.saltycrane.com/blog/2009/05/notes-using-pip-and-virtualenv-django/
If you're looking for the best of both worlds, use the latest versions. Before you upgrade to the next level, dump an image, copy to a local virtual machine, boot it up, upgrade packages, test your sites and fix anything that needs fixing. You have to spend some time keeping things stable at package level and you have to maintain your code occasionally...
As far as "flavor" goes, you want the server install, not desktop.
ubuntu-desktop
includes a whole load of flange you just don't want on a production server.You can also get a "minimal" install which has barely anything on it. I've started from both but I had to install the
ubuntu-standard
package to be comfortable. This turns it into a basicubuntu-server
install.Install an LTS version of Ubuntu Server (current LTS is 10.04) and install it. That will give you a base on which you can install various server software, for example:
to install a mail server ready-to-use stack You can list all tasks using