Sharing folders/files over internet

  • Hello,


    I've OMV4 running on a HC1 (docker installed) which is connected to internet over a VPN tunnel (running on my router).
    Now I like to share some files with a friend, is there a safe easy way to accomplish that?


    kr.,
    Patrick


    Maybe I didn't search well, but I couldn't find the answer on the forum

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

  • The easiest way I can think of is to make a user account for him/her and then give him access via your VPN.
    Another potential option would be to use Emby, as that can be accessed via your external IP address, but it would require that you get the paid for version to allow files to be downloaded. It might not run all that well on your hardware in docker though.

    OMV 4.x, Gigabyte Z270N-WiFi, i7-6700K@3GHz, 16GB DDR4-3000, 4x 4TB Toshiba N300, 1x 60GB Corsair GT SSD (OS drive), 10Gbps Aquantia Ethernet

  • Now I like to share some files with a friend, is there a safe easy way to accomplish that?

    I would allow access through VPN and use exactly the same filesharing daemon you already use. If it's Samba then use Samba for remote connections too (reason: encoding hassles and representation of filesystem metadata). More info: https://forum.openmediavault.org/index.php/Thread/19270

  • And I'm not really convinced if smb / nfs pushed over the internet is the best idea


    SMB and NFS performance 'over the internet' is horribly low due to high round-trip times. But it's still the very same problem: setup fileserver to be accessed via internet - NFS?


    TL;DR: When you access your data with different filesharing daemons in parallel you have a great chance to mess two things up:


    • Encodings (ever dealt with UTF-8 vs. UTF-16 vs. some stupid ancient 'codepage' idea some anachronistic daemons still have? Ever looked into Unicode normalization forms?)
    • Metadata representation


    Of course I know it's totally useless to repeat this here since average NAS users will ignore these issues forever (even when they realize that something's wrong they don't get the root cause).


    But if someone uses already Samba and this daemon has stored the data on the NAS then I would also use the very same daemon to give access to remote users. At least if not only plain ASCII is used and no metadata has ever been stored (highly unlikely).

  • What kind of router/VPN do you have? I have ASUS RT-AC58U, which hosts OpenVPN server.
    That router can serve VPN connection to multiple clients, so it's easiest to just create different account for second/third/n person, send them .ovpn config and allow them to connect to your local network.

  • it's easiest to just create different account for second/third/n person, send them .ovpn config and allow them to connect to your local network.

    And the most important detail is how to setup OpenVPN so that performance doesn't suck too much when used with LAN protocols: setup fileserver to be accessed via internet - NFS?

  • On my router runs a VPN client, and the HC1 uses this tunnel. I can setup a server in the router or on the HC1 to reach my homenetwork from internet with this vpn connection.


    @tkaiser normally I use FTP for transferring data to the NAS.


    kr.,
    Patrick

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

    Edited once, last by tkaiser: Fixed quoting levels ().

  • @tkaiser normally I use FTP for transferring data to the NAS

    Ok, then please forget about me mentioning Samba.


    Disclaimer: I'm a network and server guy and for me only protocols are an option where clients can directly open stuff on the server (requires locking) so no FTP used anywhere. If you use FTP then anything I wrote is irrelevant (since this protocol from IT stone age doesn't care about anything that has happened within the last decades)

  • Ok, then please forget about me mentioning Samba.
    Disclaimer: I'm a network and server guy and for me only protocols are an option where clients can directly open stuff on the server (requires locking) so no FTP used anywhere. If you use FTP then anything I wrote is irrelevant (since this protocol from IT stone age doesn't care about anything that has happened within the last decades)


    :/ okay, and sometimes I use AFP :)

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

  • Can you be more specific about what you mean by "share files with a friend"? You'll get briefer and more focused answers.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • Can you be more specific about what you mean by "share files with a friend"? You'll get briefer and more focused answers.

    It can be all kind of files (small and large).
    Normally I use WeTransfer for this, but I've to upload it and mail a link to him.
    It's easier when he can browse on my nas and download the files he need.


    But I think a VPN connection is a good solution.



    kr.,
    Patrick

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

  • A VPN solution is going to complicate things highly if all you need to do is allow simple file transfer. For secure file transfer all you need is sftp connected directly to your machine.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • A VPN solution is going to complicate things highly if all you need to do is allow simple file transfer. For secure file transfer all you need is sftp connected directly to your machine.



    The most files I want to share is plc related stuff, some programs and tools and some movies from problems or commissioning machines.
    It's not that special but he always want to look into some file when I'm not at home. So it's easier for me that he can access the files when he needs them.
    My nas contains also personal stuff which is not meant for everyone on the internet.
    I can grant access to this user for only one folder and my personal stuff is safe (he doesn't have the knowledge to hack into my system). But it's not the intention that the nas is accessible to everyone on the internet.


    I don't know if SFTP is the way to go, but I've a good feeling with the vpn solution.



    kr.,
    Patrick

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

  • If you know what sftp is, tell me how it does not meet your needs.

    Hello gderf,


    Sorry, I don't have that knowledge :(
    I believe SFTP is safe for the transfered files, but I want protect my nas to be accessible for everyone on the internet. I hoped there was a simple solution for this. But you guys, have that much knowledge and asking questions I can't answer. It's clear to me now that the "simple" question I thought I asked has a much more complicated answer as I hoped for.


    kr.,
    Patrick

    Hewlett-Packard HP t620 Quad Core TC (AMD GX-415GA SOC | 6GB)
    omv 5.5.1-1 (Usul) | 64 bit | 5.4 proxmox kernel | omvextrasorg 5.3.3

    Edited once, last by Frepke ().

  • I believe SFTP is safe for the transfered files, but I want protect my nas to be accessible for everyone on the internet

    SFTP is basically SSH. So following 'best practices' for SSH you'll achieve the same for SFTP (e.g. binding sshd to a non standard port or using public key authentication).

  • sometimes I use AFP

    Good luck. macOS uses UTF-8 decomposed while the rest of the world followed Windows who use UTF-8 precomposed. Using anachronistic/ancient protocols that do not take care about server and client encodings (like FTP/FTPS or SFTP or NFS prior to v4) you'll automagically run into an encoding mess or try to use filename conventions from 50 years ago (plain ASCII, avoiding special characters and umlauts and stuff)

  • Hello gderf,
    Sorry, I don't have that knowledge :(
    I believe SFTP is safe for the transfered files, but I want protect my nas to be accessible for everyone on the internet. I hoped there was a simple solution for this. But you guys, have that much knowledge and asking questions I can't answer. It's clear to me now that the "simple" question I thought I asked has a much more complicated answer as I hoped for.


    kr.,
    Patrick

    A little friendly advice, if you'll take it. You shouldn't dismiss things that you know nothing about, especially things that are very straight forward and meet your needs exactly.


    I have been running a chroot'd (jailed) sftp server continuously here on Linux since 2001. There's even an OMV plugin for it. As for the users who need to access your files, all they need is Filezilla, but there are other choices.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!