Posts by luxflow

    @nasty_vibrations
    first, if you have public ip and ISP (your internet provider) doesn't block your port,
    anyone can access your seafile regardless of your listening port(80,81..82)
    you can test what ports are open in your computer with https://pentest-tools.com/netw…-port-scanner-online-nmap
    you can also block your port by using iptables
    checkout network -> firewall


    second, letsencrpyt require 80 port open to receive cert whenever you certificate (1 time per 3 month)
    after that you can use ANY port for https with that cert


    lastly, why are you blocking 80 port?
    if I were you, I only open /.well-know/acme-challenge for 80 port
    and make anything else redirect to 443(https)


    and I'm very busy these day so I maybe cannot answer more detail

    yes, there is no gui for disk passthrough in proxmox, but it is quite easy to add
    for raid, proxmox dosen't support officially sw raid or fake raid(intel raid, cheap raid controller)
    but you can use that raid by installing `mdadm`

    http://pve.proxmox.com/wiki/Physical_disk_to_kvm
    I think it will works but I didn't tried with USB connected drive


    if you use UnionFS, try snapraid for redundancy
    and try omv-rsnapshot, to take periodically snapshot. so when something is wrong (that means you delete something wrong, get virus in your hdd) you can restore since it is snapshot and not backup it dosen't require hdd space unless you write many things after snapshot was taken (hard link)

    I don't what you want to do with that machine. what you curious about
    so I cannot give you detail, I used very short time of ESXI
    for me PROXMOX is more convinent than ESXI
    but there is no gui setup for pcie passthrough, there is wiki for that


    Below is my opinion for OMV on Proxmox


    if you want to run NAS and data should be kept very safely
    I recommend ECC memory


    if you use ZFS
    do not use virtio disk (neither entire disk nor disk image)
    why? because ZFS need direct access to hdd disk so as I know it is not 100% safe method due to zfs cache policy
    best method is passthorugh entire PCIe HBA controller such as 9211-8i
    I cannot confirm about SATA multiplier


    if you don't use ZFS
    for example, you use sw raid
    as I know, it is safe to use entire disk passthrough


    you can also passthrough GPU
    so you can make windows desktop (can play 3d game)

    I give you wrong information
    omv-nginx support reverse proxy
    it is very simple and easy
    just install omv-nginx and


    set Name-based -> set server name whatever you want


    putting Extra options


    location ^~ / {
    proxy_pass http://localhost:<next cloud port>;
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_read_timeout 1d;
    }

    [Notes]
    these are some notes which are leanred from previous build

    • I abandon idea running KVM on OMV, instead running OMV on KVM (Proxmox)
      Because there is no fancy web interface for KVM (I tried webvirtmgr, kimchi, ..)
      I don't like ESXI since it is hardware dependent, fancy stuff is not free and it is proprietary so I cannot change anything
      I think that Proxmox is best for home user in managing VM snapshot, creating VM and Sharing VM with other people
    • linux raid + omv-rsnapshot -> omv-zfs
      zfs is little more safer becuase it handle bitrot
      zfs gives more flexibility for me than raid since I can expand pool
      Also chnaging non ECC RAM to ECC RAM add more safer
    • abandon L version(low-power) cpu, don't use if your computer is almost in idle

    [HW]

    • MSI C236M - 100$, skylake, C236M, xeon board, ECC
    • D2607-A11 - 40$, HBA chip that can be crossflashed to 9211-8i (cheapest I can find)

      • but I don't assign this card for VM, currently there is bug in zfs on linux that cannot handle hard disk spin down
        So, I use HBA card for VM host, and passthrough intel sata controller to VM(OMV)
    • E3-1245 V5 - 370$
    • DDR4 32GB ECC - 230$

    total 740$


    sell previous system

    • 35$ for mainboard
    • 240$ for cpu
    • 120$ for ddr3 memory (for 24GB)

    total 395$


    skylake saves 10W but HBA chip draw 10W, so power is 40W same as previous system
    so, pay for 345$ for Increasing 1Ghz Base Cpu frequency , DDR4 ECC, HBA, +8GB


    [SW]

    • omv-zfs
    • omv-letsencrypt + omv-nginx + ddclient (these are my recommended combination)
    • omv-openvpn
    • zfs-auto-snapshot for daily snapshot



    [Usage]

    • windows desktop (intel intergrated gpu passthroug) based on proxmox
      so, it act as windows desktop also omv fileserver, without additional external gpu
    • file server (ZFS, daily snapshot) based on OMV
    • irc server (thelounge) based on OMV
    • tvheadend (tv recording) based on OMV
      tvheadend autorecording rocks
    • plex server with chromecast

    @roccur did you try this command?

    Bash
    apt-get autoremove debian-zfs libnvpair1 libuutil1 libzfs2 libzpool2 zfsutils spl-dkms zfs-dkms openmediavault-zfs

    before installing new omv-zfs?


    It seems you use old version of zfs (0.6.5.7)


    After completely remove all zfs related things (include plugins) with above command, try install again

    If I install erasmus and omv-ZFS, which Kernel will I receive and ZOL version as default?

    omv-zfs doesn't depend on kernel but depends on dkms-zfs
    dkms is kind of a automatic building system, so
    Whenever you install kernel header (linux-headers-amd64) or install new dkms pakcage (for example dkms-zfs)
    It build all dkms module(including dkms-zfs) for kernel headers


    For example if you have a header for backports kernel (you can get with below command)
    apt-get install -t jessie-backports linux-headers-amd64
    You will get dkms for backports kernel (currently 4.7)


    You can freely choose your kernel, anytime you want

    omv-zfs is uploaded in repo
    ==========


    3.0.4 released


    what's new?

    • Refactor code
      it is not important for end-user
    • Change dependencies (4.7 kernel is now supported)
      if you're upgrading from old openmediavault-zfs, shuold have to remove previous package following command
      Code
      apt-get autoremove debian-zfs libnvpair1 libuutil1 libzfs2 libzpool2 zfsutils spl-dkms zfs-dkms openmediavault-zfs
    • Add mountpoint properties for filesystem
      Do not change mountpoint which has omv share
    • Fix rename filesystem
    • Fix Filesystem size information ( hoppel118 reported this issue)


    As soon as @ryecoaaron upload omv-omvextrasorg 3.4 and omv-zfs 3.0.4 to bintray
    It can be downloaded

    certbot still won't install with apt-get install certbot unless you pin all the packages it needs.

    As I know, pinning package should be done before installing plugin, so it should be handled like this right?
    https://github.com/OpenMediaVa…ault/mkconf/omvextras#L65
    If so, it looks bad, so I think changing certbot to letsencrypt.sh is better idea


    For backport repo, Is there way drop pininning priority for firmware? or Is there way to use backport repo without install backport kernel? I'm sorry but I have no idea how it should be handled, do you have any idea?


    I'm also planning to use dkms-zfs which is in backport repo for omv-zfs plugin
    so backport repo problem should be handled anyway

    The plugin previously didn't depend on certbot
    but it used certbot that is cloned from https://github.com/letsencrypt/letsencrypt.git
    (it seems this git repo is renamed as certbot)
    Debian package version is 100% compatible with git version without any modification in omv-letsencrpyt plugin
    I thought it would be better to use debian package rather than manual clone from git, so I changed it


    For backport repo, I didn't know fact that backport repo is not automatically added after installing omv-extras plugin
    So it is my mistake
    IMHO, either package is in backport repo or non-backport repo, using official debian packages are better idea then using other extras repo, or git following reason
    1. both backport and non-backport are official debian repo, thus they are well managed
    2. if package are in both backport and non-backport, by default non-backport one is installed
    so no need to worry about breaking things that previously work well
    So I think backport repo should be enabled by default without installing backport kernel
    @ryecoaaron what do you think about it?


    For changing other letsencrypt client, I'm not sure what is best way
    I'm not sure how many platform certbot is dependent on
    but I think it depends on most platform (arm,x86,mips) because most of python package (if this is wrong please correct me)
    If 30 packages are too many, using this one is good idea (actually it is debian package for git link that @nasty_vibrations point to) although someone have to edit command according to new package in omv-letsencrypt

    Do you use any kind of virtaulization? Which "spindown mode" (Advanced Power Management) do you use? My hdds were configured the following way:

    I'm using omv on baremetal (no virtualization),
    spindown mode APM,ACM = disable, only spindown time is set to 30 minutes
    hdds are conntected to motherboard sata ports


    I will consider UI improve in `edit properties`
    and also thanks for reporting file systems view bug
    Maybe fixed future release, but since it is not critical, I cannot confirm when to release