Posts by mappo

    I pay my vpn provider for a static IPv4 address. It is implemented with OpenVPN (installed on the host with apt-get, not using the omv plugin).

    It works great, but omv's web gui is now accessible from wan which I think is an un-necessary exposure.


    1. Can I prevent this in omv's network settings?
      Ideally with a setting that only shows the gui for clients on 192.168.*.*
    2. Could it be prevented if I used the openvpn plugin instead?
    3. Is there a way to block port 80 in the openvpn cli client?
      (I know this question is out-of-scope for this forum, but I'll take my chances.)


    Do you agree with me that it is an un-necessary exposure or am I just being silly?

    I couldn't imagine a work flow requiring a backup every 10 minutes

    You're probably correct. I didn't do my research homework, and thought that rsync could do delta-copy.


    Here's my "imagined workflow" that required the short interval (and assumed delta-copy):

    1. Device 1 takes a photo.
    2. It gets picked up by Syncthing and is copied to DeviceData.
    3. 10 minutes later it's rsync:ed to Storage.
    4. Device 2 can see the photo in Plex-or-Emby-or-Kodi-or-someOther4-letter-word.


    So the idea is that devices can see photos taken recently by their peers.


    But if rsync can't delta-copy, maybe I could achieve this by giving "Kodi" access to DeviceData as well.


    What's a good alternative to rsync (with delta-copy functionality)?

    Please, review and comment on my storage-and-backup-stategy. It's still (almost) entirely on paper.


    I plan on having two shared folders:

    Shared folder "DeviceData" consists of a single SSD.

    Shared folder "Storage" consists of a couple of spinning disks in a union-fs.


    Here's the scheme and tiers:

    • Our "devices" (phones, tablets, laptops etc.) use Syncthing to back all their essential data to DeviceData.
    • DeviceData is rsynced to Storage every 10 minutes or so.
      Storage is what's used by Plex-or-Emby-or-Kodi-but-lets-not-have-that-fight-here.
    • Storage is backed up to Backblaze or Wasabi (a few times per day, maybe?)

    I have two main philosophies here:

    A: install as few apps as possible. That's why I've gone for rsync (already in OMV).

    1: Forward as few ports as possible. That's why I've gone for Syncthing - also it's pretty awesome.


    Some issues:

    Afaik, rsync can't monitor a disk/folder for changes. Rather is has to run scheduled.

    Is there a better option to backup DeviceData to Storage?

    What happens if a rsync job hasn't finished when the next one starts?


    Looking forward to reading your input and advice.

    I've tried to set up my OMV as a pure NAS. This means the only thing its running is syncthing (inside Docker which is maintained through portainer).


    My router forwards no ports. I hope this means that the web interfaces (OMV, portainer and syncthing) only are accessible from LAN. Is this correct?

    As far as I can see, syncthing is the only WAN-facing application and it's already encrypted. So no need for LetsEncrypt, right?


    Future plans:

    I want to set up a second machine with a Plex-container and some torrent-related containers. These will all be routed through a VPN-container.

    The OMV NAS will share (probably NFS) its data with this other machine, mainly for the sake of Plex.

    Am I safe now?

    I was literally walking past the monitor attached to my OMV NAS and caught the whole screen filled with (error?) messages instead of the normal login prompt:


    Lots of references to sda which is by boot device. Is it about to eat it?


    Interestingly I'm unable to log in to the web ui. I get "An error has occured" (not my spelling error) and in the details is this:

    HTML
    <html>
    <head><title>502 Bad Gateway</title></head>
    <body bgcolor="white">
    <center><h1>502 Bad Gateway</h1></center>
    <hr><center>nginx</center>
    </body>
    </html>

    Signing on via ssh works just fine.


    Is this a coincidence?


    This system was installed about two weeks ago and I've left it running with all drives connected but empty to see if it's stable before I commit to it.

    The boot device is a second-hand msata ssd attached to a sata adapter.

    If the boot device is the likely culprit, I have no problems getting a new one and start over.

    Fact 1: My server will always have exactly 5 drives installed because that's as many as the case can hold.

    Fact 2: There will be an off-site backup solution in place.


    Did I say hello, btw? Sorry. Hi! :S


    Now: What's the Best™ configuration for 5 drives? They're all 4TB WD Reds connected directly to the mainboard.


    a) All 5 in Raid6/RaidZ2

    b) 4 drives in Raid6/RaidZ2 and the 5:th as a backup. (a real back-up, not a hot spare)

    c) Same as b but with Raid10 instead.

    d) <insert Best™ idea here>


    I don't care which configuration makes it easier to add more disks (see Fact 1).

    I'm fully aware that Raid isn't a substitute for backup (see Fact 2).

    This is my first thread so I thought I'd start with the most basic question: do I need to be here? :rolleyes:


    Here's what I want: Nextcloud with data stored on raid6, and LetsEncrypt. That's it.


    I see 3 ways of doing this:


    • NC on a RPi with rsync to omv
    • NC in a docker container on omv host
    • NC on a LAMP stack with some s/w raid - no omv.
    • [Insert brilliant option here]

    Is it worth the hassle/overhead to install a nas (option 1&2)?
    One thing that could make it worthwhile is the awesome omv forum, am I right? :thumbsup: