Thanks to this community I’ve learned and I’m feeling inspired. I’ve loved having an NAS for the last few years, but it’s woefully under powered for what I’m using it for these days.
So I’ve ordered some basic PC parts, gonna build a basic setup using an old CPU I got lying about and try the NAS OS I saw talked about on here recently.
TrueNAS looks like a good option with only slight fears it’ll go down the well known path to the dark side like so many free options before.
In any event, I’m looking forward to adding Nextcloud and Jellyfin, to trying out Docker and generally having more control over things.
Thanks again to you all for informing and inspiring.
I’ll be back if I get questions!
Open source is certainly in a great position now but there are some things it’s just not doing that I’m frankly too dumb to do myself. For example, there’s no open source answer to appleTV. The closest thing we have is androidTV and it’s just awful.
I would love to see a TV-centric desktop environment you could run on top of any typical Linux distro. Something implementing live tiles like old windows phone had, a web app that you could access with a smartphone and use to control it like a remote, single-task interface rather than a task-juggling interface we have on normal DEs, sigh. I have a vision I cannot possibly create because that would take incredible skill that I just don’t have to make and I can’t just whine that nobody is making it for me.
Meanwhile, all my Apple stuff works together in a way I generally approve of.
I need to transition away from this at some point but there aren’t always open source solutions for this.
As a TV centric distro, there is libreelec https://libreelec.tv/ You can use it to stream media from jellyfin, plex or other streaming platforms with plugins
It runs kodi that you can also use in other distros as a package
Kodi supports hdmi-cec, which allows to use your TV remote to control kodi, the hardware needs to be compatible too though (raspberry pis are compatible) There is also a mobile app, Kore, to control kodi on local network
The UX may not be as slick as androidtv/appletv but it is customizable
I’m planning to switch my Plex setup to Jellyfin on this new platform. I tried it on my NAS and it almost cooked the very meager CPU 😮
Jellyfin is HEAVY when doing trickplay scans. But outside of that, it’s really not that demanding. I’m running on an N100 right now but I’ve run it fine on stuff as weak as a rk3399.
I quickly got pissed at synology and QNAP and just started making my own shit. Now when anything fails it’s my own damn fault and I can actually fix it. This sounds bad but it’s actually a much better experience. I learn a lot and have fun. I’m the guy who made all those G4 cube retrofit kits on Thingiverse. It’s been a great distraction for me over the years.
On the subject of containers, learn podman. That’s where everybody seems to be migrating to.
Do you have a recommendation on how to start migrating from docker compose to podman pod or podman kube? And do you know about a web ui for podman (similar to dockge or komodo)?
I haven’t learned about kubes yet. I do use and love quadlets though.
Slowly I am getting confused with all these technologies. What is quadlets if I may ask?
quadlets let you create a systemd unit file to start and manage a podman container as easily as a locally installed system service.
When my QNAP finally died on me, I decided to build a DIY NAS and did consider some of the NAS OSes, but I ultimately decided that I really just wanted a regular Linux server. I always find the built-in app stores limiting and end up manually running Docker commands anyways so I don’t feel like I ever take advantage of the OS features.
I just have an Arch box and several docker-compose files for my various self-hosting needs, and it’s all stored on top of a ZFS RaidZ-1. The ZFS array does monthly scrubs and sends me an email with the results. Sometimes keeping it simple is the best option, but YMMV.
I went with OMV on older but plenty capable hardware (Intel 4th-7th gen) because 1. I’m cheap, and 2. I could configure it how I wanted.
Glad I went that way, because I was considering “upgrading” to a Synology for a while.
I now have my OMV NAS (currently running on a very-unstressed 2014 Mac mini and a 4-bay drive enclosure), and a separate Proxmox cluster with multiple VMs that use the NAS through NFS shares. Docker-focused VMs are managed by local Dockge instances, which is incredibly handy for visualizing the stacks. Dockge instances can also link to each other, so I can log into any Dockge instance and have everything available.
I can do command line stuff just fine, but I am a visual person, so having all that info right in front of me on one page is very, very helpful.
Oh yeah. I bet you’re feeling lucky you didn’t switch to Synology given the recent drama where they’re locking features down to their branded hard drives, which we all know are just up-charged drives from regular vendors.
What drive bay enclosure are you using btw and how does it connect to your Mac mini?
Never heard of dockge. I’ll have to check it out! I’ve just been using podman and docker-compose scripts.
Drive bay I’m using is a Sabrent DS-SC4B, connected via USB3. I’m currently collecting parts for an actual tower build based on a G4560T.
Out of curiosity as an owner of a QNAP NAS, how did it go out? Any signs it was in its last legs? Now that I’ve used one, the form factor is the only thing better than most options out there when I got it.
Nowadays all QNAP, Sinology and other NAS vendors supposedly offer a lot of extra value with their cloud options, but I find them a sure way to get hacked based on the average company’s investment in security (I work in IT, it is a sad affair sometimes) combined with all the ransomware specifically targeting them due to old packages they rely on = I’ll build my next system from the ground up, even if the initial cost is higher and the result is uglier.
It was this nasty Intel clock drift bug: https://forum.qnap.com/viewtopic.php?t=157459
Support was completely unresponsive and refused to do anything. Didn’t even acknowledge the issue AFAIK. I tried to add the resistor but my copy of the NAS didn’t expose the right pins so I couldn’t even solder them on if I wanted to. Then I tried mounting my drives into another Linux machine, at which point I realized they were using some custom version of LVM that didn’t work with standard Linux. I ended up having to buy a new QNAP NAS just to retrieve my data and then I returned it.
After that, I swore off proprietary NASes. If I can’t easily retrieve data from perfectly good drives, it is an absolute no go.
If I can’t easily retrieve data from perfectly good drives, it is an absolute no go.
I’ve run the same md-raid array in three different machines (ok, I’ve added and swapped a couple drives, but still). I love that about md-raid. Pull the drives out of one system, stick them into another system with
mdadminstalled, and it recognizes the array immediately.
I have feeling I may find myself here in time, as I develop this setup more.
If you’re familiar with Linux, I highly recommend it. The flexibility is just great and you can setup whatever dashboards / management tools you need. No need to tie yourself to a specific solution IMHO.
If you’re going with Docker containers, a lot of the NAS OSes just hold you back because they don’t support all the options that Docker offers. You’ll be fighting the system if you need to do any advanced Docker configuration.
Thank you!
I’m not familiar, yet. My background is MS OS but going back as far as CLIs so I’m confident I’ll learn fast.
If you want reliability, keep your NAS as a NAS; don’t run applications on the same system. If you screw something up, you’ll have to rebuild the whole thing. Run your applications in a VM at the minimum, that way you can just blow it away and start over if it gets fucked, without touching the NAS.
I feel like containers work just as well for the “blow it away” usecase though and it doesn’t have the VM overhead.
My NASs are purely NAS, I prefer a Debian server for… Pretty much everything. But my storage only does storage, I keep those separate (even for an old PC acting as a NAS).
No matter what goes down, I can bring it back up, even with a hardware failure.
I used to do that. I had a QNAP NAS and a small Intel NUC running Arch that would host all my services. I would just mount the NAS folders via Samba into the NUC. Problem is that services can’t watch the filesystem for changes. If I add a video to my Jellyfin directory, Jellyfin won’t automatically initiate a scan.
Nowadays, I just combine them into one. Just seems simpler that way.
I just have my downloader trigger a scan at completion.
I have a few proxmox clusters going, combining it all wouldn’t be practical. This way my servers (tiny/mini/micros I’ve repurposed) stay small with decent sized ssd’s, big storage in 2 NAS’s, and a third for backups.
I would just mount the NAS folders via Samba into the NUC. Problem is that services can’t watch the filesystem for changes. If I add a video to my Jellyfin directory, Jellyfin won’t automatically initiate a scan.
That sounds like a config issue. I use NFS shares in a similar way, and Plex/*arr/etc has zero issues watching for changes.
I think it’s a samba limitation. Maybe NFS works well for that case.
What’s the self hosted guide to security when opening up ports to the public ?
Don’t
No need to worry about it if you don’t take the risk. The internet is constantly being scanned by bots.
Don’t. Use a VPN like Tailscale or Wireguard. Tailscale uses the Wireguard protocol but it’s very easy to configure, and will automatically set up a peer-to-peer mesh network for you (each node on the VPN can directly reach any other node, without having to route through a central server).
The only things that should be exposed publicly are things that absolutely need to be - for example, parts of Home Assistant need to be publicly exposed if you use the Google Assistant or Alexa integrations, since Google and Amazon need to be able to reach it.
Offtopic, but do you think it’s better to use HTTPS for non-public web services that must be accessed through ssh?
I usually use HTTPS, because a lot of web features only work over HTTPS.
You can use Let’s Encrypt DNS challenges to get real TLS certificates for internal hosts, instead of having to use your own CA or self-signed certificates.
One thing to note: the NAT traversal doesn’t always work especially for symmetric NAT. If you want reliable p2p connections I would setup IPv6
