NASA build. 6x HDD, internal UPS in small 11 litres aluminium case

  • To be continued for sure.


    MB: Seeed Studio Odyssey X86J4105864. $218 USD

    - Intel® Celeron® J4105, Quad-Core 1.5-2.5GHZ

    - 8 GB RAM, soldered on, max for this CPU

    - 64 GB eMMC for OS, soldered on

    - Dual-Band Frequency 2.5GHz/5GHz WiFi/ Bluetooth 5.0

    - Dual intel Gigabit Ethernet

    - Integrated Arduino Coprocessor ATSAMD21 ARM® Cortex®-M0+

    - Raspberry Pi 40-Pin Compatible

    - 2 x M.2 PCIe (B Key and M Key)


    SATA:

    - M.2 to 2x SATA card (M.2 to 5x SATA card also bought)


    Case:

    - Jonsbo U1 Plus Silver Mini ITX Case w/Tempered Glass

    - 2x ICYDOCK 3 Bays SCSI U160 Disk Array Module. $10 each, backplane removed.

    - 5 Inch Touch Display for Raspberry pi 3. $35. Will be mounted behind tempered glass side panel.


    Power: AC adapter -> DFRobot -> Regulator -> drives and MB

    - DFRobot DFR0580. Power Manager For 12V Lead-Acid Battery

    - AC adapter 24V/4.5A inside the case

    - DC-DC regulator 9-18V to 12V/12A

    - Power Sonic PS1220 12V 2.5AMP SLA Lead Acid Battery. About 15 mins run time with 6x HDD. I will use embedded Arduino to shut down the OS if battery goes below 10V.

  • I suggest for more security, store the keyfile somewhere remote and load it at boot. I use 2 NAS in 2 different locations, the opposite keyfile for encryption lies on the other NAS.


    Using this TPM or a local keyfile encrypts the device and/or the drive as long as the TPM is present. without VPN or the keyfile reachable, the NAS contains garbage.

    Chaos is found in greatest abundance wherever order is being sought.
    It always defeats order, because it is better organized.
    Terry Pratchett

  • I use 2 NAS in 2 different locations, the opposite keyfile for encryption lies on the other NAS.

    Interesting, very! I dont have second NAS, lol. Is your OS partition encrypted too?


    My points against remote keyfile:

    - system needs to come live by itself after power outage.

    - OS must be encrypted and keyfile for OS drive needs to be local to auto boot.

    - OS drive keyfile shoud be hard to access, hence TPM.


    If OS is secured, it is safe to store data drives keyfile there. If not, whats the point of encrypting at all?

    Btw, my steps for data drives.

  • The M.2 to 5x SATA card overheated on heavy disk ops, so I put a heat sink on JMB585 chip. Its custom cut for size and I drilled two holes in the floor to tie it. Ahh, and there is foam sticked to card bottom, PCB is very thin, it adds support when plugging SATA cables in.


    The errors were crazy, disk was remounted as read only, but snapraid continued writing on data2 :))


    The card I used is IO Crest SI-ADA40141 JMB585 is surprisingly fast.

  • johnlocke

    Hat das Label OMV 5.x hinzugefügt.
  • Cockpit SSL certs


    Code
    systemctl stop cockpit
    cp /etc/letsencrypt/live/host.domain.com/fullchain.pem /etc/cockpit/ws-certs.d/host.domain.com.crt
    cat /etc/letsencrypt/live/host.domain.com/privkey.pem >> /etc/cockpit/ws-certs.d/host.domain.com.crt
    remotectl certificate  # check what cert will be used
         # certificate: /etc/cockpit/ws-certs.d/host.domain.com.crt
    systemctl start cockpit
    tail -f  /var/log/syslog | grep cockpit

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!