Homemade NAS

The midpoint of my everything

Posted by z on July 31, 2022

Back then when i bought my flat i tought a lot about the computer infrastructure i wish to build there. I had extravagant plans and expectations which i later dropped or rationalized. At the end it turned out better than expected, if you are interested, lets check the results together.


To be able to work from home i need a moderately fast internet connection, and as optical fiber network is available, i selected this as backbone for my infra. I have a 150 MBit connection, nothing fancy, but i don’t need more and it is cheap (less than 10 USD/Mo). Future update is possible.


Router

I got a Sagemcom F@st 5655v2 ONT which is an optical network terminal, a router and a WLAN AP in one box. It is black and got plenty green LEDs (it is not possible to switch them off). Sadly the Sagemcom doesn’t lets me to redefine the DNS address, that would allow me to use AdGuard… AFAIK i can’t use an own ONT, so if i want to use a different router, i have to bridge it with the Sagemcom. Maybe in the future…

The Sagemcom provides 2,4 and 5GHz WLAN, and got some GBit ports, i don’t recall how many. All my devices connected to this router/AP, some with CAT6, some through the air.


NAS

Some years ago my laptop just died and while i was looking for a new one, i concluded i already have an external display, a usb mouse and a keyboard so i could buy a desktop computer instead a laptop. At that time i was using exclusively laptops in work and at home, so it was fresh idea. I definetely did not wanted to buy a chunky box, so i was looking at the NUC and the SFF sized computers. They are basically simply laptop hardware in a box, mostly with an external power brick.

I have found a cheap Lenovo TinkCentre Tiny m710q computer, it had everything i wanted, a recent and powerful (back then) CPU, extensibility, small form factor. So i bought it, and it turned out to be one of the most reliable Haiku computer. Everything worked pretty well with it, and i used it as a main system for a year or so.

But then i moved and in the new flat where i didn’t had place for the ThinkCentre, so I switched back to my good old Lenovo T440s laptop running Haiku. The ThinkCentre was lying around unused, so i decided to use it as a NAS.

It is a pretty powerful little machine:

My machine have 1 NVME slot, but the 9xx series have 2. Still, if i want to extend it further i can add an NGFF/M.2 SATA SSD using an adapter in the WLAN card slot. I have an adapter and tested this, it works, but i have no need for more drives currently, i am not hoarding.

So the machine got everything to be a proper little NAS… It is black and have green and red LEDs.


The NAS SW

For NAS software i have selected TrueNAS Core, because if i can’t avoid use *nixes, then t should be at least something BSD/MIT licensed.

TrueNAS WebUI

The machine currently runs TrueNAS 13.0-U1.1, it boots from the 2 (RAID1, eg. mirrored) USB drive, and manages/shares the SSDs (RAID1, again) and also runs some other services. Obviously it uses ZFS file syste, which cares about data integrity, compression, deduplication, and much more! TrueNAS also cares about the S.M.A.R.T data and can send warnings via email.

TrueNAS - pool management

Lets look deeper into that.


File share

The NAS have a web-admin surface, a webpage where you can painlessly set up/admin/manage the NAS. The TrueNAS shares the storage through SMB as this is the lowest common dominator protocol, so every device on my net can access the shared files. The NAS is also accessible through SSH. This allows not just shell access, but i can also mount the shares on my Haiku laptop with SSHFS, and access the files as they were local.

On my Haiku machine i have the following in my bash profile:

function sshfs() {
	# Check if userlandfs-server already running
	var=`ps | grep userlandfs_server | grep -v grep`
	if [ -n "$var" ]; then
		echo "UserlandFS Server already running, reusing it."
	else
		echo "Starting UserlandFS Server"
		/system/servers/userlandfs_server sshfs &
		sleep 2
	fi

	# check if the volume already mounted
	var2=`df | grep userlandfs | grep "$1"`
	if [ -n "$var2" ]; then
		echo "It is already mounted."
	else
		echo "Mounting $1"
		mkdir -p /"$1"
		mount -t userlandfs -o 'sshfs '${2}'@'${3}':'${4}'' /"$1"
	fi
}

function nas() {
	name="NAS"
	user="szilard"
	host="192.168.1.71"
	remote_path="./.."

	sshfs $name $user $host $remote_path
}

SSHFS mounted in Haiku

(Oh, that 49TB would be nice, but it is just a bug somewhere…)

So if i want to access the NAS, i can run the nas command and it pops up in the drive list. Neat. Of course this also relies on key based auth.

So with this the storage became accessible not just in windows, nix and Haiku, but also in iOS and Android, and even using BlackBerry devices :)


Media

For managing my media I use Plex, however i could live with something simpler. I will possibly reconsider this decision later. Plex runs in a iocage jail, and it have access only to my media folder, but only read-only. I can access Plex webUI through web-browsers and watch videos or photos, listen music or my audio-books, it remembers where i left, etc. The webUI works well even in Haiku.

While Plex Premium would allow me to access my content from aboard (eg. aways from home), i don’t use it as i can always access it through VPN. Plex also provides DLNA so my TV finds it and i can browse and play the media with this, but lately i started to use the Plex app on my TV instead.

Plex distributes some own content also (somewhat like Netflix), but i disabled it, i don’t watch any media from that channel.

Plex webui in Haiku


Download

For downloading files, i have Transmission installed. Transmission is a bittorrent client, it is headless, so it doesn’t have a gui, but it provides a web-gui, and every desktop GUI client can connect to the server through RPC and act as a GUI, so i can even manage it from my phone sitting in a cafe. But mostly i don’t use any UI at all, as i have configured Transmission to watch a folder on my NAS: if i place any .torrent file there, Transmission will automatically download it. Transmission runs in a jail and have access only to specific folders.


AdBlock

I have AdGuard installed in a cage, it is a DNS based ad-blocker, it maintains a list about domains from where advertisements gets distributed. It act as a DNS server, so you have to either set it up as a DNS on your router to get it automatically enabled on every device or you have to manually set up on your devices. As i told, Sagemcom doesn’t allows it to me to redefine the DNS server, therefore i had to set it up manually on my devices.

AdGuard webadmin


VPN

I always wanted to be able to access my NAS from outside, but i don’t want to make it accessible from the web-side, a VPN can solve this problem. I use Tailscale, which lets me create a mesh based network containing all of my devices which then can communicate through an encrypted channel. On the NAS the tailscale daemon runs in a jail. As i configured it as a “tailscale subnet router” my portable devices can see into my home LAN and access the services and shares through the same IP as they were on the local network. All of this works beautifully.

Tailscale daemon on the NAS


Blog

The website you are currently reading is a static blog (eg. no dynamic content, only static html webpages) generated by Jekyll. I made a jail for this, i can access it from any of my device thanks to Tailscale, i just neeed to write the content using markdown and upload the images onto my NAS. If i am done, Jekyll can generate the website and upload the result to the webserver.

Tailscale daemon on the NAS


Other stuff

I also have a sandbox or a playground jail, where i can install whatever i just need without affecting anything else. If i break something, i just throw away the jail and create a new one.

That’s basically it.