Configuration LaCie-CloudBox
Jump to navigation
Jump to search
Install
- Network share available at
smb://lacie-cloudbox/
. - Cloudbox dashboard available at http://lacie-cloudbox.local.
- setup smtp access (
smtp.scarlet.be
, port 25) - IP Configuration — fixed IP address 172.19.100.98
- Enable the netbackup-share (port 873, encrypted port 22)
- Create user beq06659, with private share.
MAC | 00:d0:4b:96:34:32 |
IP | 172.19.100.98 |
hostname | lacie-cloudbox |
Rooting
See /shares/Family/tmp/lacie-nas-rooting.txt.
Git
To enable git, we must:
- Enable git logging in /etc/passwd.
- Enable git ssh logging in /etc/ssh/sshd_config
Git needs a lot of memory when compressing its database (occurs at each fetch
!). To limit this, run as root:
git config --system pack.windowmemory 128m
git config --system pack.packsizelimit 1g
git config --system pack.threads 1
git config --system core.bigFileThreshold 16m
Then as user git, in all relevant projects (typically those with big files)
cd ~/git/minecraft_nosaves.git
git config --local core.bigFileThreshold 10m
rsync
We do via user git, so:
- Set
/bin/bash
as shell for user git in /etc/passwd - Set
PermitUserEnvironment yes
in /etc/ssh/sshd_config - Create file /shares/git/.ssh/environment to add rsync into path:
PATH=/opt/bin:/opt/sbin:/bin:/usr/bin:/sbin:/usr/sbin
Startup script
Create the file /opt/etc/init.d/S80config (chmod 755):
#! /bin/sh
# Enable /bin/bash as shell for user git to also allow rsync + git in ssh login
sed -ri '/^git/{s_/home_/shares/git_; s_/bin/false_/bin/bash_}' /etc/passwd
# sed -ri '/^git/{s_/home_/shares/git_; s_/bin/false_/opt/bin/git-shell_}' /etc/passwd
# Change permission for /shares/git or sshd will complain (or add 'StrictModes off to /etc/ssh/ssh_config)
chmod go-w /shares/git
# Configure sshd
if ! grep -q git /etc/ssh/sshd_config; then
# Enable ssh login with user git
sed -ri '/^AllowUsers/s/$/ git/;$aMatch User git' /etc/ssh/sshd_config
# Enable user environment for user git (in order to set PATH)
sed -ri $'/^PermitRootLogin/{a PermitUserEnvironment yes\n}' /etc/ssh/sshd_config
# Restart sshd
ngc --restart sshd
fi
# Add git to path
if ! grep -q /opt/bin /etc/environment; then echo "PATH=/opt/bin:/opt/sbin" >> /etc/environment; fi
# Add extra addresses to /etc/hosts
if ! grep -q "###hosts.inc###" /etc/hosts; then cat /opt/etc/hosts.inc >> /etc/hosts; fi
Create the hosts include file /opt/etc/hosts.inc:
# ###hosts.inc### additional hosts for lacie-cloudbox
172.19.3.1 local.gateway # Static
172.19.3.2 manticore # Static?
172.19.100.1 gryphon
172.19.100.2 minimoy # DHCP Static 00:24:54:02:98:8d
172.19.100.3 unicorn # obsolete
172.19.100.4 beqleunxp1nb103 # obsolete
172.19.100.5 nxl67002ux # obsolete
172.19.100.6 griffin # DHCP Static 68:b5:99:f2:4d:99
172.19.100.7 lambada # obsolete
172.19.100.8 reddragon
172.19.100.9 leviathan # obsolete
172.19.100.10 nxl67063 # obsolete
172.19.100.11 mandala # DHCP Static 00:1b:24:fa:a2:9b
172.19.100.12 nxl67002 # obsolete
172.19.100.13 nxl67063ux # obsolete
172.19.100.14 nxl67170ux # DHCP Static b8:ca:3a:cc:07:bf
172.19.100.15 pc-112-597 # DHCP Static b8:ca:3a:93:91:27
172.19.100.16 zyratastic
172.19.100.17 graphicdaemon
172.19.100.18 xbmcbuntu # DHCP Static 00:01:2e:4e:46:05 00:01:2e:4e:46:06
172.19.100.19 zavcxl0005 # DHCP Static 48:0f:cf:27:ad:ad
# 172.19.100.98 lacie-cloudbox # Static
172.19.100.99 mnemosyne # Static
172.19.100.102 minimoy-wlan # DHCP Static 00:26:5e:37:83:ea
172.19.100.105 nxl67002ux-wlan # DHCP Static
172.19.100.106 griffin-wlan # DHCP Static 00:24:d7:7d:4e:94
172.19.100.107 apple-pi # Static
172.19.100.111 mandala-wlan # DHCP Static 00:1d:92:13:d2:7d
172.19.100.114 nxl67170ux-wlan # DHCP Static 84:3a:4b:22:0d:0c
172.19.100.116 zyratastic-wlan
172.19.100.118 xbmcbuntu-wlan # DHCP Static 0c:d2:92:54:c1:53
172.19.100.119 zavcxl0005-wlan # DHCP Static ac:fd:ce:40:c5:31
172.19.100.120 galaxy
- family
- Mount with
sudo mount //lacie-cloudbox/beq06659 /mnt/any -o noperm,iocharset=utf8,sec=ntlm,username=public,password=
- beq06659
- Mount with
sudo mount //lacie-cloudbox/beq06659 /mnt/any -o noperm,iocharset=utf8,sec=ntlm,username=beq06659
Backup
- Backup done with deja-dup, which use duplicity as back-end
- Duplicity can't access samba share. Instead mount samba share locally, and use file:///smb/lacie-cloudbox/sharename instead. Note the triple slash.
- View available backup:
duplicity collection-status file:///smb/lacie-cloudbox/beq06659
- List file in current backup
duplicity list-current-files file:///smb/lacie-cloudbox/beq06659
Metadata information is stored in ~/.cache/duplicity. Attention, it seems this can grow quite large.
Backup Mnemosyne
We use unison.
/root/.unison/default.prf (<file name="default.prf" tag="source">download</file>)
# Unison default preferences file
# Fastcheck - by default false on windows machine, and true on Unix machine.
# When true, uses modification date + file size as inone number. Otherwise do a full scan
fastcheck = true
# If any new preferences are added by Unison (e.g. 'ignore'
# preferences added via the graphical UI), then store them in the
# default profile file
addprefsto = default.prf
# Ignore file permissions (necessary on samba/CIFS fs)
# perms = 0
# Make sure that both roots are mounted
mountpoint = .
# Common Ignore specification
ignore = Name System Volume Information
/root/.unison/musics.prf (<file name="musics.prf" tag="source">download</file>)
# Common include
include default.prf
root = /shares/Family/musics
root = ssh://root@mnemosyne//volume1/musics
# Where to find unison on remote server
servercmd = /opt/bin/unison
# don't ask for non-conflicting changes
auto = true
# We *MUST* sync permissions because unison defaults would prevent access to files/folders
# via samba shares (since unison runs as root)
# perms = 0
/root/.unison/archives.prf (<file name="archives.prf" tag="source">download</file>)
# Common include
include default.prf
root = /shares/Family/archives
root = ssh://root@mnemosyne//volume1/archives
# Where to find unison on remote server
servercmd = /opt/bin/unison
# don't ask for non-conflicting changes
auto = true
# We *MUST* sync permissions because unison defaults would prevent access to files/folders
# via samba shares (since unison runs as root)
# perms = 0
DHCP Server
- DHCP daemon configuration: /opt/etc/dhcpd.conf
- View current lease:
cat /opt/etc/dhcpd.leases
To do
- Current backup only includes files that are readable by user beq06659. It should include all files.
- Exclude some unnecessary folders. Organize these folders to ease future backup.
- Backup / filesystem (at least /etc, /usr/local)
- Backup solutions
- deja-dup
- Need one setup for each pc
- No centralized management. Backup job could happen all at the same time. Same files between pc are stored multiple times.
- Easy to setup
- How to backup root filesystem?
- duplicity
- backuppc
- How to install?
- Will the NAS have enough memory?
- bacula
- Package readily available in OptWare
- rsnapshot
See question on bacula/backuppc/rsnapshot at http://serverfault.com/questions/282228/bacula-vs-backuppc
- Rooting NAS and install new app
- TBC
Troubleshoot
- sshd
- See log at /var/log/messages
- Check sshd config /etc/ssh/sshd_config:
- Make sure user is authorized:
AllowUsers root netbackup git
- If user home is on /shares mount, then disable
StrictModes
- If user home is on /shares mount, then disable
StrictModes no
- Enable user environment
PermitUserEnvironment yes
- then
env > ~/.ssh/environment vi ~/.ssh/environment # Remove useless variables
- Edit /etc/passwd:
git:x:503:100:None:/shares/git:/opt/bin/git-shell
- Restart sshd:
ngc --restart sshd
- git
- Check that environment is ok [1]
ssh git@lacie-cloudbox "which git-upload-pack"
- ntp
- Box loses regularly time synchronization, which then affects backuppc
- Workaround: log into https://lacie-cloudbox/, and reset ntp (uncheck / check ntp server).