Sharing folders/files over internet

    • OMV 4.x
    • Sharing folders/files over internet

      Hello,

      I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
      Now I like to share some files with a friend, is there a safe easy way to accomplish that?

      kr.,
      Patrick

      Maybe I didn't search well, but I couldn't find the answer on the forum
    • The easiest way I can think of is to make a user account for him/her and then give him access via your VPN.
      Another potential option would be to use Emby, as that can be accessed via your external IP address, but it would require that you get the paid for version to allow files to be downloaded. It might not run all that well on your hardware in docker though.
      OMV 4.x Gigabyte Z270N-WiFi, i7-6700K@3GHz, 16GB DDR4-3000, 4x 4TB Toshiba N300, 1x 60GB Corsair GT SSD
    • Frepke wrote:

      Now I like to share some files with a friend, is there a safe easy way to accomplish that?
      I would allow access through VPN and use exactly the same filesharing daemon you already use. If it's Samba then use Samba for remote connections too (reason: encoding hassles and representation of filesystem metadata). More info: forum.openmediavault.org/index.php/Thread/19270
    • Frepke wrote:

      Hello,

      I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
      Now I like to share some files with a friend, is there a safe easy way to accomplish that?

      kr.,
      Patrick

      Maybe I didn't search well, but I couldn't find the answer on the forum

      Perhaps an old school ftp or sftp. They always do the job for me.
      Does docker matter?
      I'm not an expert. I'm just a tourist here.

      - ODROID-HC1 (Samsung Exynos5422, 2GB LPDDR3 RAM, Gigabit Ethernet)
      - Sandisk Ultra 16GB A1 "SDSQUAR-016G-GN6" (btrfs)
      - Samsung SpinPoint M8 1TB (ext4)
      - OMV 4.1.11 / ARMBIAN 5.60 + Kernel 4.14.69
    • Frepke wrote:

      Thanks @TheLostSwede, @tkaiser and @Mr.Grape,

      VPN access it's gonna be.
      And running Docker was just info for when this info was useful :)


      kr.,
      Patrick

      VPN here will only do one layer. You still need another layer to share files. And I'm not really convinced if smb / nfs pushed over the internet is the best idea.


      The second issue is also what kind of vpn it is. Private, commercial with its own IP, free / commercial with one IP per exit node on many users.
      If this is a shared IP without port forwarding, you may have a problem with providing services to the world.

      If you are pushing your entire traffic over the VPN, make sure you are able to route the appropriate ports to your IP.

      Unless I misunderstood you ...
      You have hc1 connected by vpn to the home router, or is your router connected to vpn somewhere in the world? In the case of the first option I do not see much sense if this is a private lan. If the second option, then as I wrote above.

      If you intend to share something, your friend must be able to get to you.

      I still think that ftps would be a good solution. But you can also use a web server. Full options, the question of what suits you best.
      I'm not an expert. I'm just a tourist here.

      - ODROID-HC1 (Samsung Exynos5422, 2GB LPDDR3 RAM, Gigabit Ethernet)
      - Sandisk Ultra 16GB A1 "SDSQUAR-016G-GN6" (btrfs)
      - Samsung SpinPoint M8 1TB (ext4)
      - OMV 4.1.11 / ARMBIAN 5.60 + Kernel 4.14.69
    • Mr.Grape wrote:

      And I'm not really convinced if smb / nfs pushed over the internet is the best idea

      SMB and NFS performance 'over the internet' is horribly low due to high round-trip times. But it's still the very same problem: setup fileserver to be accessed via internet - NFS?

      TL;DR: When you access your data with different filesharing daemons in parallel you have a great chance to mess two things up:

      • Encodings (ever dealt with UTF-8 vs. UTF-16 vs. some stupid ancient 'codepage' idea some anachronistic daemons still have? Ever looked into Unicode normalization forms?)
      • Metadata representation


      Of course I know it's totally useless to repeat this here since average NAS users will ignore these issues forever (even when they realize that something's wrong they don't get the root cause).

      But if someone uses already Samba and this daemon has stored the data on the NAS then I would also use the very same daemon to give access to remote users. At least if not only plain ASCII is used and no metadata has ever been stored (highly unlikely).
    • tkaiser wrote:

      Mr.Grape wrote:

      And I'm not really convinced if smb / nfs pushed over the internet is the best idea
      SMB and NFS performance 'over the internet' is horribly low due to high round-trip times. But it's still the very same problem: setup fileserver to be accessed via internet - NFS?

      TL;DR: When you access your data with different filesharing daemons in parallel you have a great chance to mess two things up:

      • Encodings (ever dealt with UTF-8 vs. UTF-16 vs. some stupid ancient 'codepage' idea some anachronistic daemons still have? Ever looked into Unicode normalization forms?)
      • Metadata representation


      Of course I know it's totally useless to repeat this here since average NAS users will ignore these issues forever (even when they realize that something's wrong they don't get the root cause).

      But if someone uses already Samba and this daemon has stored the data on the NAS then I would also use the very same daemon to give access to remote users. At least if not only plain ASCII is used and no metadata has ever been stored (highly unlikely).

      I had to deal with nfs over the internet many years ago, on a unique weak uplink. Terrible experience, especially because someone came up with such an idea on production.


      Using one demon is a beautiful thing. The problem is that it would be perfect in a perfect world. And the realities are sometimes more brutal. Sometimes, despite the sincere desire, the situation requires dirty work.


      And if we are talking about OP's situation then I personally do not know if he uses smb or ... he will decide what is best for him.
      I'm not an expert. I'm just a tourist here.

      - ODROID-HC1 (Samsung Exynos5422, 2GB LPDDR3 RAM, Gigabit Ethernet)
      - Sandisk Ultra 16GB A1 "SDSQUAR-016G-GN6" (btrfs)
      - Samsung SpinPoint M8 1TB (ext4)
      - OMV 4.1.11 / ARMBIAN 5.60 + Kernel 4.14.69
    • Frepke wrote:

      Hello,

      I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
      Now I like to share some files with a friend, is there a safe easy way to accomplish that?

      kr.,
      Patrick

      Maybe I didn't search well, but I couldn't find the answer on the forum
      What kind of router/VPN do you have? I have ASUS RT-AC58U, which hosts OpenVPN server.
      That router can serve VPN connection to multiple clients, so it's easiest to just create different account for second/third/n person, send them .ovpn config and allow them to connect to your local network.
    • raven66 wrote:

      it's easiest to just create different account for second/third/n person, send them .ovpn config and allow them to connect to your local network.
      And the most important detail is how to setup OpenVPN so that performance doesn't suck too much when used with LAN protocols: setup fileserver to be accessed via internet - NFS?
    • Mr.Grape wrote:

      Frepke wrote:

      Thanks @TheLostSwede, @tkaiser and @Mr.Grape,

      VPN access it's gonna be.
      And running Docker was just info for when this info was useful :)


      kr.,
      Patrick
      VPN here will only do one layer. You still need another layer to share files. And I'm not really convinced if smb / nfs pushed over the internet is the best idea.


      The second issue is also what kind of vpn it is. Private, commercial with its own IP, free / commercial with one IP per exit node on many users.
      If this is a shared IP without port forwarding, you may have a problem with providing services to the world.

      If you are pushing your entire traffic over the VPN, make sure you are able to route the appropriate ports to your IP.

      Unless I misunderstood you ...
      You have hc1 connected by vpn to the home router, or is your router connected to vpn somewhere in the world? In the case of the first option I do not see much sense if this is a private lan. If the second option, then as I wrote above.

      If you intend to share something, your friend must be able to get to you.

      I still think that ftps would be a good solution. But you can also use a web server. Full options, the question of what suits you best.
      On my router runs a VPN client, and the HC1 uses this tunnel. I can setup a server in the router or on the HC1 to reach my homenetwork from internet with this vpn connection.

      @tkaiser normally I use FTP for transferring data to the NAS.

      kr.,
      Patrick

      The post was edited 1 time, last by tkaiser: Fixed quoting levels ().

    • Frepke wrote:

      @tkaiser normally I use FTP for transferring data to the NAS
      Ok, then please forget about me mentioning Samba.

      Disclaimer: I'm a network and server guy and for me only protocols are an option where clients can directly open stuff on the server (requires locking) so no FTP used anywhere. If you use FTP then anything I wrote is irrelevant (since this protocol from IT stone age doesn't care about anything that has happened within the last decades)
    • tkaiser wrote:

      Frepke wrote:

      @tkaiser normally I use FTP for transferring data to the NAS
      Ok, then please forget about me mentioning Samba.
      Disclaimer: I'm a network and server guy and for me only protocols are an option where clients can directly open stuff on the server (requires locking) so no FTP used anywhere. If you use FTP then anything I wrote is irrelevant (since this protocol from IT stone age doesn't care about anything that has happened within the last decades)

      :/ okay, and sometimes I use AFP :)
    • tkaiser wrote:

      Disclaimer: I'm a network and server guy and for me only protocols are an option where clients can directly open stuff on the server (requires locking) so no FTP used anywhere. If you use FTP then anything I wrote is irrelevant (since this protocol from IT stone age doesn't care about anything that has happened within the last decades)
      FTP is a stone age, it agrees. But when I have to stick a nail into the board, sometimes I just use a simple tool like a hammer. :)


      What would you recommend for sharing files with the upload option for many users over the internet?
      Pushing smb / nfs is hardly a solution imho.
      A web server with the right piece of code, just as the number of services in modern times is done?
      I'm not an expert. I'm just a tourist here.

      - ODROID-HC1 (Samsung Exynos5422, 2GB LPDDR3 RAM, Gigabit Ethernet)
      - Sandisk Ultra 16GB A1 "SDSQUAR-016G-GN6" (btrfs)
      - Samsung SpinPoint M8 1TB (ext4)
      - OMV 4.1.11 / ARMBIAN 5.60 + Kernel 4.14.69
    • Frepke wrote:

      Hello,

      I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
      Now I like to share some files with a friend, is there a safe easy way to accomplish that?

      kr.,
      Patrick

      Maybe I didn't search well, but I couldn't find the answer on the forum
      Can you be more specific about what you mean by "share files with a friend"? You'll get briefer and more focused answers.
      OMV 4.x - ASRock Rack C2550D4I - 16GB ECC - Silverstone DS380
    • gderf wrote:

      Frepke wrote:

      Hello,

      I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
      Now I like to share some files with a friend, is there a safe easy way to accomplish that?

      kr.,
      Patrick

      Maybe I didn't search well, but I couldn't find the answer on the forum
      Can you be more specific about what you mean by "share files with a friend"? You'll get briefer and more focused answers.
      It can be all kind of files (small and large).
      Normally I use WeTransfer for this, but I've to upload it and mail a link to him.
      It's easier when he can browse on my nas and download the files he need.

      But I think a VPN connection is a good solution.


      kr.,
      Patrick
    • Frepke wrote:

      On my router runs a VPN client, and the HC1 uses this tunnel. I can setup a server in the router or on the HC1 to reach my homenetwork from internet with this vpn connection.

      @tkaiser normally I use FTP for transferring data to the NAS.
      That's good. If your friend can easily touch any port on your NAS.
      If ftp is out of the question as @tkaiser explained. And samba on the internet is ... you said you did not use it.


      First, let us define what you want to achieve. A friend has only to download files from you or upload them too?
      If only download then you can share it with the web server and directory index + ssl + basic auth. I know I know the Stone Age, but I host several TBs for a group of 30 users since 2008 and it works ok. I personally apply the KISS rule in my life.

      Alternatively, you can host nextcloud, owncloud or pydio or a whole bunch of other.
      I'm not an expert. I'm just a tourist here.

      - ODROID-HC1 (Samsung Exynos5422, 2GB LPDDR3 RAM, Gigabit Ethernet)
      - Sandisk Ultra 16GB A1 "SDSQUAR-016G-GN6" (btrfs)
      - Samsung SpinPoint M8 1TB (ext4)
      - OMV 4.1.11 / ARMBIAN 5.60 + Kernel 4.14.69
    • gderf wrote:

      A VPN solution is going to complicate things highly if all you need to do is allow simple file transfer. For secure file transfer all you need is sftp connected directly to your machine.

      Mr.Grape wrote:

      Frepke wrote:

      On my router runs a VPN client, and the HC1 uses this tunnel. I can setup a server in the router or on the HC1 to reach my homenetwork from internet with this vpn connection.

      @tkaiser normally I use FTP for transferring data to the NAS.
      That's good. If your friend can easily touch any port on your NAS.If ftp is out of the question as @tkaiser explained. And samba on the internet is ... you said you did not use it.


      First, let us define what you want to achieve. A friend has only to download files from you or upload them too?
      If only download then you can share it with the web server and directory index + ssl + basic auth. I know I know the Stone Age, but I host several TBs for a group of 30 users since 2008 and it works ok. I personally apply the KISS rule in my life.

      Alternatively, you can host nextcloud, owncloud or pydio or a whole bunch of other.

      The most files I want to share is plc related stuff, some programs and tools and some movies from problems or commissioning machines.
      It's not that special but he always want to look into some file when I'm not at home. So it's easier for me that he can access the files when he needs them.
      My nas contains also personal stuff which is not meant for everyone on the internet.
      I can grant access to this user for only one folder and my personal stuff is safe (he doesn't have the knowledge to hack into my system). But it's not the intention that the nas is accessible to everyone on the internet.

      I don't know if SFTP is the way to go, but I've a good feeling with the vpn solution.


      kr.,
      Patrick