Building NAS System With OpenMediaVault - Giani
Building NAS System With OpenMediaVault - Giani
Building NAS System With OpenMediaVault - Giani
48 and Specific
Hardware
Introduction
NAS Unit (Network Attached Storage) is a device connected to a network, whose function is
to store and share files. Distinguished from an external disk, because it is a server, then with
dedicated Hardware and Operating System and with the possibility of implementing various
technologies such as RAID, Multimedia server, automated backups, control permissions to
users, FTP secure (FTPES) server, etc. ..
NAS units can be purchased in the market values from about 100,00 euros (no disks included)
as exemplified in Article available here, or can be built from scratch using computer hardware
and a specific OS, the which may or may not be free.
As currently some users have obsolete hardware that is "neat" without use, it is a good
opportunity to build a NAS unit that can be used to test or even for use.
Table of Contents
Conclusion
As in any system, the higher requirements of hardware, the higher the performance of the
Unit. Processor with a frequency of 2 GHz and 512 MB of RAM are sufficient to implement
the NAS that will develop but it will work slowly.
Regarding the disks, we need at least two. One to install the OS and another for file storage.
In this case we use 1 2,5" SATA Hard Disk for the OS and two 3,5" IDE Hard Disks for data
storage
The hardware we used for this work, consists of the following components::
Motherboard - Asrock P4i65G FSB 800 MHz, with 2 SATA-I Ports (1,5 Gbps).
Allows boot from USB stick (attention - some old motherboards don't allow it). The
motherboard does not allow RAID (see end note);
RAM - 2 GB DDR-400 Dual Channel;
Graphics Card - OnBoard (serve any graphics card, even if it has low requirements);
Network Card - TP-Link TG3269 Gigabit, IDE;
PSU - Nox AT-500P12P (500W);
Primary disk (For Install Operating System) 2,5" Fujitsu MHV2160BT Sata II 200
GB.
Data Discs (RAID-1) - 2 x 3,5" Western Digital IDE 320 GB;
The system was mounted in a Box Zalman Z11;
You need a monitor and a keyboard just for the installation of the Operating System;
Notes:
If you will use a RAID system, do not worry if the motherboard allows it or not.
OpenMediaVault has its own RAID System.
You should install the largest amount of RAM possible. The greater amount of RAM
the higher system performance;
In this test we used one 200 GB Disk for the OS installation because it was what we
had available. For the OS installation is required 2 GB. Should be taken space to
install other additional supplements (plugins, for example) and updates of the system .
A disk of 30 GB will be enough. If you install the OS in an SSD it will improve the
speed of system on startup and the operations with the OS.
You can not install the OS on a USB Device. The operating system must be installed
on a Hard Disk or SSD (IDE or SATA)
If your motherboard does not have onboard Gigabit network, it is advisable to install a
Gigabit Network card because it will substantially improve the speed of data transfer
on network.
There are several free operating systems implementing a NAS unit, for example:
OpenMediaVault - http://www.openmediavault.org;
FreeNas - http://www.freenas.org;
Nas4Free - http://www.nas4free.org;
OpenFiler - http://www.openfiler.com;
In this case we use the OpenMediaVault, which will allow sharing / access to systems
based on Windows, Linux and MAC OS.
2 - OpenMediavault Download
Let's Start creating the server with the hardware setup and OS installation. You will need to
consider whether the motherboard allows booting from a USB stick or via CD / DVD and if
your CPU is 32-bit or 64-bit.
Obviously you need to connect to Hardware to your Network by connecting one end of the
network cable to the network interface card and the other to the Router.
After all hardware is properly connected, do the Download of OpenMediaVault in:
http://sourceforge.net/projects/openmediavault/files/0.5.48/
In this case being the Pentium IV is an 32-bit CPU, let's make the Download version of the
files for 32-bit.
The file to create a CD / DVD (can be a cd because the iso is 264 MB) for the OS installation
to a hard disk, called openmediavault_0.5.48_i386.iso, ie, is an image of a CD.
To create a bootable CD or DVD (can be a CD because the "iso" is 264 MB) from the image
above, you need specific software for burning CD / DVD from an image.
To do that there is many free software available. We will use CDBurnerXP, which can
Download from the link: http://cdburnerxp.se/en/download.
The recording is very simple, just enter the environment of that software, select the
openmediavault_0.5.48_i386.iso file (double tap the left mouse button), check if the
Recording Unit is selected, put the CD / DVD recording drive and select Burn.
2nd - Make sure that the device has been detected (2). In this case the device is formatted in
NTFS. Change it to FAT32 (3 and 4)
3rd - Select the file type you will use. In that case, select ISO Image (5 and 6).
6th - The boot device is created when appears in the lower left corner the word "Done" (9).
Following this confirmation appears (do not close before) you can close the application by
selecting Close (10).
The operating system that underlies the OpenMediaVault is Debian Linux. In Hardware we
used, the operating system takes about 1 minute and 22 seconds to boot. But in a Virtual
Machine installed on a computer with CPU of 8 cores and 16 GB of RAM, the boot time
was 20 seconds.The ideal is to have a SSD to install the operating system. Obviously, when
higher the hardware settings, the faster the startup and operation of the NAS system.
The disc dedicated to the Operating System will not be a disk to store data, ie can only be
used for that purpose. For Install the operating system you will need to create a boot device as
mentioned in point 2 above.
After having prepared the boot device (CD / DVD or USB Disk Pen with engraved operating
system), place the holder in the reading device and connect the hardware that will devote to
NAS.
You need instruct the system to boot from the boot device. Normally you have to select one of
the function keys, F8, F10, F11, F12 or another, according to the manual of the motherboard.
See the manual which BBS or Boot Menu key, or when the system starts, this is indicated on
the startup screen. See examples in the image below.
If the motherboard does not have the BBS / Boot Menu, enter the Bios Motherboard (usually
Del, Esc or F2) and in the Boot Settings menu make the CD or USB Pen Disk as first device
to boot. In this case, after installing the operating system, remove the CD / DVD or USB Pen
Disk drive and repeat the previous operation to make the disk as the first boot device.
After the boot device is properly configured as the first boot device, rebooting after installing
the OS starts. The dialog boxes that appear may only be manipulated via the keyboard, or
10
when installing the OS the mouse is disabled. You will have to use the arrow
keys, the Tab key and the Enter key.
After a few moments (which will be longer or shorter depending on the hardware you are
using) the first dialog box will appear. Select Install (1) and press Enter. Wait until the
installation starts (not immediate). Note at the bottom of the countdown (2) to the start of the
selected option.
The first option refers to the selection of the language you want during installation. With the
directional keys on the keyboard, select the desired language give Enter. Note that this will
not be the language of the interface. In my case I'm in Portugal.
11
Next, it will select the country where you are. Select the Country with the arrow keys and
press Enter.
The next step is to select the keyboard language. Select the keyboard language and
give Enter.
12
Then we enter the stage of configuring Network. First we set the name that will appear on the
Web. Put a name that you like. Then press the Tab key and with the arrow keys
select Continue and press Enter.
If you are on a network with Domain, put the domain in the field that appears. If you have a
home network, keep the name displayed (local) and select Continue.
13
The next step is to put a password for "superuser" root. Put a password and select Continue.
Here is the definition of the zone in which it lies. Select your Time Zone and press Enter.
14
Next, we need to create the partition where we will install the Operating System. Select the
disk where you will install the OS and give Enter.
The system will create the necessary partitions to install the operating system. Select Yes and
press Enter.
15
The next step is to configure the Package Manager. It aims to select a server close to the time
zone selected for possible updates. Check if the country is correct and give Enter.
Select the desired server or let the system select and give Enter.
16
If your Internet connection uses a proxy, put it in the space provided. Otherwise leave blank
and press Enter.
The last step is a warning that the installation of the Operating System is finished. Remove the
CD / DVD or USB key, select Continue and press Enter.
17
And voila! As you can see it was very easy to install OpenMediaVault!
After restarting the system, the following screen will appear:
Suppose we enable FTP on the NAS. To do this, we need to open the port 21 of the
router so that traffic can pass;;
To open the door in the Router, you must refer to that IP that door will be opened. If
we put the IP 192.168.175.10, while the NAS is on the FTP will work because the
router does not change the IP;
Imagine now that we turn off the NAS and connect another device to the network.
There is a strong probability that the previous IP be assigned to that device;
Continuing in the field of probable hypotheses, imagine that we turn on the NAS
again. The Router will assign you another IP, eg 192.168.175.8;
Let us now try to transfer files via FTP. Logically it will give error because the door is
not open to the last IP assigned to the NAS, but for the previous (192.168.175.10).
Hence the importance of "telling the Router" that particular IP address is dedicated to a
particular device, so that it does not assign to another.
18
Before we define the IP address for the NAS unit, we will frame the context weaving some
considerations on how the equipment is identified on a network
The devices are identified on a Network via two addresses - Mac Address and IP
Address:
o MAC Address (Media Access Control Address) - The MAC address is a
physical address that is associated with a particular network device is
composed of six sets of two numbers in hexadecimal (numbers 0-9 and letters
A through F). This address is unique, not (theoretically) there are two equal. If
there are two identical MAC addresses on the same network, will conflict. The
MAC Address is recorded in a particular chip in each device. If for any reason
the said chip is corrupt and the MAC address becomes unavailable, you can
not connect the device to the network.
o IP Address (Internet Protocol Address) - The IP address is a logical address
that is assigned to a given MAC address each time you connect to a particular
network. While the MAC identifies your device to the DHCP, the IP address
will identify the device on the network. Also the IP address is unique, with no
duplication (the same network). The IP address is assigned by a DHCP
(Dynamic Host Configuration Protocol) server, which is usually built into the
Router. The IP can be fixed (the same address for a particular MAC) or
dynamic (determined MAC may get a different address each time you connect
to the network).
We thus conclude that to assign a fixed IP address to the NAS unit, we need to know the
MAC address of the Network Card Mainboard, whether the said Board Onboard or not.
Normally if the Network Card Onboard there is a label somewhere on the motherboard that
indicates the MAC said. If the plate is offboard (coupled in a PCI slot or PCI-Express), the
MAC address is shown on the box or on a plate own label.
The easiest way to get the MAC address form is to enter the administration console of the
router. In our case it is the Router TP-Link TL-WDR3600. If your router is different, look for
the DHCP menu. In this case, the DHCP menu there is a submenu DHCP Clients List,
indicating which devices are connected (this time) in the network, indicating the Name, Mac
Address., IP address and the IP is fixed or not.
19
In the previous figure we can state that the device with the IP address 192.168.175.10 is the
number 4, whose MAC Address is 08-5D-60-02-F6-7F, then this is the Mac Address of the
NAS which has been created.
Let's get back to the crux of the matter is that assigning a fixed address to the NAS unit, ie
actually assign a fixed IP address to the network card connected on Motherboard (whether on
board, is onboard).
We assign to the Unit In that we created, the IP address 192.168.175.11
Between the management console Router and browse to the location where Lan Setup, or
Local Network, or DHCP, for example and follow the steps in the following figure.
20
Probably you need to restart the Router. If necessary restart the Router. After the router has
restarted, you need to restart the NAS.
Could shut down the power on button of the NAS Box (via hardware), but this action has
not been set.
Thus, you will need to restart the system through the console at the command line. Let's put
the login "root" and the password that was defined in the previous paragraph.
Then type reboot and press Enter. The unit will restart.
21
As you can see, after restarting the Unit assumed previously defined in the IP Router.
22
Linux is a great OS but, in my opinion, has a big problem that is to find reliable sources to
solve problems that arise.
Therefore, after the well configured and functional system, "do not touch" this console, just
because "he read in a forum" to settle the "XPTO" functionality (command sudo apt-get ...)
will add a feature that any think "cool".
From this point, you can disconnect peripherals (mouse, keyboard, monitor) it will not
be necessary.
But question: How do I know if the unit will be ripped off or disconnect?
The OpenMediaVault emits "beeps" when it starts and when it shuts down. It is convenient to
have a "Beep / Speaker" on the Motherboard to perceive these sounds. Listen to the respective
sounds by selecting the following links.
Starting the OpenMediaVault Full - Can Access to the NAS or the Console
The OpenMediaVault will terminate
The speackers have the following appearance and are attached directly to the motherboard.
23
24
As already concluded, the Unit In is a computer with a dedicated and specific operating
system. As such, you need to Log in to Terminate (can not cut the chain)
a) To Switching on the unit simply connect the NAS hardware On / Off button. The system
will proceed to start-up operations. The start will be much faster when larger the Hardware
settings.
b) To end / Shutdown the NAS unit, you can use the same button. The unit will perform
closure operations and automatically shut off the current. But first you need to configure the
option in OpenMediaVault.
Some users sees "software failure" and may think there is a problem with the system, but this
is not correct. If the console is not active (unused) for 5 minutes, the session is automatically
terminated. Just select any area of the browser with the left mouse button, which is shown to
access the login (login and password)
Continuing with the explanation, the OpenMediaVault has many options that allow access
through various Operating systems and needs of individuals and companies. Since the goal of
this article is to provide a first contact with the OpenMediaVault we will use functionality that
most common users need.
In this context we set the following general objectives for this work:
25
Make the necessary settings for the correct connection and access to the Network;
Put 2 discs in RAID-1 for automatic backup of files
Create folders;
Configure Sharing on Network in Windows and Linux environment;
Define users with different permissions;
Configure FTP access, in normal mose and secure mode;
Configure an FTP Client software;
Configure a Media Server (MiniDlna);
Configure a Cloud Server (Own Cloud);
Suggest hardware to mount a NAS Unit
Note: We will not sequentially analyze each item of the management console. Let's create a
setup sequence, which in my opinion is the most correct.
Previously we assign a fixed IP to the NAS unit. Let's use that address to access the
administration console on a computer. In the address bar of the browser enter the address that
you set earlier. In our case is 192.168.175.11;
After inserting the IP address and press the Enter key we need to select the interface language,
and autenticate the access with an username and password.
1st - Select Interface Language
2nd - Username: admin
3rd - Password: openmediavault
26
In a network the date and time are to be synchronized. If a Host (host is any client connected
to the network device - PC, Printer, etc., ) have a different date and time of the equipment
connected to the network, may cause conflicts such as failures in access.
In this context, all equipment connected to the network (servers, clients, etc.) have to be
synchronized with a "Time Server" or NTP (Network Time Protocol).
In my case, I use the server of Legal Time in Portugal and I have all the equipment
synchronized by that NTP server.
The entity responsible for Legal Time in Portugal is Lisbon Astronomical Observatory of
Lisbon University. According to the said entity, the addresses of the NTP server are:
ntp02.oal.ul.pt or ntp04.oal.ul.pt.
Let's synchronize the NAS with ntp02.oal.ul.pt. Select System / Date & Time and proceed as
shown in the picture.
27
I recall that all the equipment in the network should be synchronized with the same NTP
server.
Note: In OpenMediaVault, most of the settings that require make a Save (4) and Apply (5). If
you do not select the Apply item, the configuration is not assumed.
We have changed the password management, which allows us to better secure access. Then
synchronize the NAS with a time server, which allows you to consolidate the transmission
network.
I think it is important at this stage to make updates of OpenMediaVault. The operation is very
easy. Simply select System / Manager Updates.
In this case if there are five updates. Select and install the updates. Follow the steps in Fig.
28
Note: Updates will be terminated when the word "Done" (5) appears in the installation
window. Reload (7) is required to "clean up the page". Until the installation is finished, you
should not leave this area.
29
Another action that I believe must be done at this stage is to update the plugins. The
OpenMedia vault has a number of plug-ins available in the interface but there are more. In our
case we need the MiniDLNA, which is not included. Let's make downloading a file that
updates extra plugins. Download the file at the following address:
http://omv-extras.org/simple/index.php?id=how-to-install-omv-extras-plugin
Select the location indicated in the figure and save the file openmediavaultomvextrasorg_0.6.22.1_all.deb on your computer.
30
Let's install the plugins we need. According to the goals we set earlier, we need a media
server (MiniDLNA), an Cloud Server, an FTP nd a service that shares the NAS Unit in
networks environment with Windows and / or Linux .
The plugins available / Installed in the system, will appear in the Services area. We found that
we have a FTP Service and an service for sharing on Windows / Linux (SMB / CIFS). But we
do not have any service of DLNA or Cloud.
31
We have to search for plugins, if there are services that we lack. If you access the System /
Plugins, you will see who has the Cloud Server available to install (3 - OwnCloud), but has
no Media Server / DLNA. But you have the plugin package whose uplodad we made earlier
(4 - openmediavault-omvextrasorg 0.6.22.1).
We'll start by installing the package os plugins that mentioned earlier. Follow the steps in the
following Figure.
32
You can see that the plugin is installed correctly. If you access the plugins tab you will see
that has a "visa" (3), which indicates that it is installed and ready to use. It has also added a
new item in System (4 - OMV-Extras.org) which gives access to new features.
33
Before proceeding to the next phase, select the Check button for the system update the
plugins.
Now we can install the Media Server (MiniDlna) and the Coud Server (OwnCloud). Select
openmediavualt-minidlna 0.5.9 and openmediavault-owncloud 0.5.8 checking the
respective boxes. Then select Install.
34
The installation of these plugins, gave rise to new services - DLNA (MiniDLNA) and
OwnCloud.
35
1.6 - Certificates
36
After completing these actions, the OpenMediaVault created a digital certificate that we will
use later.
Let's use the previously created certificate to establish a secure connection (https) to access
the Administration console. The first action you need to perform is to open port 443 in the
Router to the IP 192.168.175.11
The goal of secure connection is to encrypt the connection. In Router we are using, the door
opening is performed as follows:
After opening the door said, let's set up the secure connection. Go to System / General
Settings / Web Administration. Follow Figure.
37
Ignore the error message and select the "refresh" of the browser.
Ignore the warning. This happens because the system (in this case Chrome) does not
recognize us as an entity that can generate certificates. Ignore the situation and select Proceed
anyway.
Note: an SSL certificate can be obtained in two ways: purchased from an entity with CA
certification or generated by an application (as is the case). The generated certificate is selfsigned and is not trusted by some entities / applications.
The fact that the certificate be considered untrusted, does not prevent its operation, ie, the
links remain encrypted.
38
If you select the lock, you can confirm that the connection is secure / encrypted.
After selecting Proceed anyway, put the User name (admin) and password to access the
console.
1.8 - Configure Hardware power switch to turn NAS Unit Off
Let instruct OpenMediaVault to shutdown when you press the power button os the hardware
Go to System / Power Management / Settings. Follow the figure.
From this moment, you can turn off the NAS by pressing the power button of the hardware.
39
To conclude this first part concerning the general settings on the NAS, we analyze how to turn
On / Off / Restart the Unit of the NAS. In the upper right side of the corner to the language
selection, is an icon that gives access to that.
Logout - log off the current user. The NAS unit continues to operate;
Reboot - restart the NAS unit;
Shutdown - closes the NAS unit and disconnect the hardware;
You can disconnect the NAS Unit by pressing the power button after making the
aforementioned configuration (1.8);
Tun on - press the power button hardware.
Let's define a scenario that will allow following the sequence of create Users, Groups, and
Shares. Suppose the owner of a NAS unit intends to make a share with three friends, which
lets you see the contents of the drive and run files denying them permission to write to the
NAS.
Regarding OpenMediaVault, "write" means to download, upload or modify files or delete
them. In this context, if a user is unable to "write files" is prevented from performing in any of
the transactions referred to above reality.
In summary, we will create the following users:
40
Let's start with creating User owner NAS. For now it does not matter what permissions it will
have, as will be defined later. Follow Fig.
Let's create the remaining 3 users exemplifying with amsantos User. You must create the rest
of the some way. Again select User / Add / Add, as before. Follow Fig.
41
Do not forget to Save and Apply and confirm the box that prevents the user from changing
the password is checked
After creating all users you will have a list of them in the place of creation. You can make
changes to Edit or Delete the user to select.
In this case, we create only one group calling it friends. The creation of the group is similar to
that done previously, with the difference of having to select groups instead of Users. Follow
the steps in the image below.
42
If you return to the list of users, you will see that the group was added to each.
Note: You can create many combinations using permissions users and groups. In this
demonstration, we created a group just for demonstration but we will not use it
This phase refers to formatting disks for later create folders for each user and consequent
sharing. Start by selecting the Storage / Physical Disks tab to confirm that the system
recognized the discs.
43
Linux disks are identified with the letters SD (SCSI Device - though not all drives are SCSI)
followed by the letter that begins "A", which identifies the first Disk that the system detected.
In this case the disk that has the operating system is sda (200GB). This disc is dedicated
exclusively to all the tasks of the OS, including extra applications that are installed.
The sdb and sdc, disks are the disks for file storage. In this case are two discs of the same
brand and the same capacity (300 GB).
44
As you can see the discs are "healthy" (On column Monitor, state green on each discs) and
temperatures are at an acceptable value.
Note: it is not required to create a RAID system. If you do not want to create a RAID go
to the next point (3.3).
The OpenMediaVault accepts the following storage systems:
Raid 0 Linear - Need 2 discs - "Merge" the two disks in a single partition;
Raid 0 Stripe - Need 2 Discs - Same as above because the system "joins" the two
drives and divides the data into segments (stripes). The data is sequentially written to a
disc or the other. Has the advantage of making the read / write faster. The
Inconvenient is if one disk fails all data will be lost, with no chance of recovery.
Raid 1 (Mirror) - Need at least 2 disks - A disc becomes a "mirror" each other ie
what is written on a disk is accurately written in the other. The system will show a
single disc. Its Inconvenient be slower than the last system (RAID-0). The big
advantage is if a disk fails the data is intact on the other, ie, are fully recoverable. It is
a good system for data backup.
Raid 5 - Need 3 or more disks - one disk stores parity. If one of the disks becomes
damaged parity is used to reconstitute the contents. In the case of RAID 5, the parity is
distributed across all disks offering greater performance at higher fault tolerance.
Raid 6 - Similar to above but using the double of parity bits.
Raid 10 - Need at least 4 disks - uses four hard drives to create a combination of
RAID levels 0 and 1 forming a RAID-0 array of two RAID-1 redundant.
45
In this case, we set the objective that we would use the Storage System RAID-1 because it
allows to have a second disc which is a Data Backup. The system will only display a single
disk, as we will check. To set the desired, follow Figure.
As you can see, the system created a RAID-1 system, in which a disk is visible and the other
hidden. The hidden drive is an exact copy of the disk visible.
46
We informed the system as we wanted to use the discs. The next step is to create the system
files, ie, how the data will be organized. When interpreting File System for a particular disk,
the operating system knows how to decode the data stored and read them or burn them. In this
case we'll use the File System EXT4. Follow Figure
47
To end the disc management, we need mount the disk. Access to Storage / File Systems and
select the disk you created earlier. Follow Fig.
From this moment the disk for file storage is functional. We recall that in reality are "Discs"
because there are two. All operations were performed on two disks simultaneously.
We have the disk (or disks) functional but currently is not fulfilling the mission for which it
was created. Ie, can not send / share files.
We could totally share the disk but would also be shared from system files. Creating folders is
the best solution for this case. To "complicate" a bit this issue, we will create the following
folders with the following permissions:
JoseCrispim Folder
o User crispim Permissions - Read and Write
o Remaining Users Permissions - Without access
AntonioSantos Folder
o User amsantos Permissions - Read and Write
o User crispim Permissions - Read and Write
o Remaining Users Permissions - Read
FernandoMatos Folder
o User fjpmatos Permissions - Read and Write
o User crispim Permissions - Read and Write
o Remaining Users Permissions - Read
JoseSousa Folder
o User jmsousa Permissions - Read and Write
o User crispim Permissions - Read and Write
o Remaining Users Permissions - Read
48
GeneralSharing Folder
o All Users Permissions - Read and Write
Then we set up the Privileges and the ACL (Access Control Lists). Put the same vestments
on Privileges and ACL.
In the case the ACL of JoseCrispim Folder will be the following figure.
49
50
Then we create the folder AntonioSantos. In this case, users amsantos and crispim have full
access (read and write) to the folder, but other users can only see your content. Follow the
sequence of the previous figure by changing the fields to get the following result:
51
52
53
To end this phase we will create the GeneralSharing folder with permissions read / write to
everyone.
54
After creating all the folders, the list of shared folders is as follows:
55
The folders that we created are not accessible. To be able to access folders via LAN, we need
to share them. We need to activate the service (SMB/CIFS) that shares data for
Networking on Windows and Linux Operating Systems. Follow Fig.
If your Workgroup has a different name, change it in the field indicated in 4 (Workgroup).
After this action, you can check that the NAS Unit appears in your Local Network, although it
has any accessible folder.
Then we will indicate which folders will appear in the sharing. Let's exemplify sharing
JoseCrispim folder.
56
Proceed identically to share the remaining folders. After all shared folders, the listing will be:
57
To finish this part, we will check if everything is functional and well configured.
Check if the Service SMB / CIFS is functional - Select the Windows Network and check
out the shortcut to the NAS Unit (NasTeste) appears
The NasTeste device is presented. Thus, the Service SMB / CIFS is functional.
Let's test the Shares of crispim user (access to everything) and fjpmatos user (restricted
access).
1 - crispim User Test
58
The system is showing the shared folders appearing that sharing is well made. Try to open
each folder (I recall that crispim user has access to all folders). If the system prevent the
opening of any, then the problem is in the permissions. Review the ACL (3.5) permissions.
We will test if the system allows you to read (or execute) and write (copy / cut / delete). Let's
open the CrispimShare folder, create a folder named Videos and put a video file in the
folder. Then run the file.
59
The system allowed the user to create a folder and put a file in it (ie allows read and write).
As this user has the same permissions on all the folders, let's copy the Video folder created for
other users.
60
The system allowed to copy the Videos folder to the personal folders for all users.In this
context the privileges / ACL settings are correctly made to the user crispim.
2 - fjpmatos User Test
61
Let us test the user folder (FernandoMatosShare). Let us test the user folder
(FernandoMatosSare). Let's create a new folder named Music and put in it a music file.
The System allowed the user to create a folder and copy a file. Permissions / privileges / ACL
are correct and functional. Let's try to open the folder CrispimShare.
62
The system blocks access and prompts for credentials (username / password) to access the
folder.
Let's open the folder JoseSousaShare and read the video that is in the respective folder.
The system allowed the user fjpmatos opens the personal folder of jmsousa (JoseSousaShare)
and read its contents.
It also allows the user fjpmatos to copy the file from the folder JoseSousaShare. But the
reverse does not, ie the user has read permissions (can red and copy files from it) but not
63
writable (can not send files to the folder JoseSousaShare). If the user fjpmatos tries to copy
the Music folder to the JoseSousaShare the system will prevent this.
But if the user tries to send the Music folder to the folder GeneralSharing, the system will
permit to do this.
After the tests we have performed with fjpmatos user, we conclude the following:
He can read and write in their personal folder (FernandoMatosShare). He can create
folders and can read, copy, move and delete files;
He can not access the folder CrispimShare;
He can access to AntonioSantosShare and JoseSousaShare folders and read your
content. He can also copy (download) the contents of such folders. But he can not
upload content to these folders;
He can access to the GeneralSharing folder and he can read and write in it.
In this context, fjpmatos user permissions are correctly made. If you test with other users you
should get identical results.
The FTP (File Transfer Protocol) is a protocol for transferring files (. File transfer is between
a computer called "client" (which requests the service) and a server (which offers the service 64
in this case the NAS Unit). The user can select which files you want to send or receive it from
the server if it is allowed to.
The data transfer can be done through a browser or through client software. We will address
both cases. The advantage of the NAS Unit is to establish secure permissions (encrypted),
inhibiting or allowing actions to the user. The permissions we covered previously, are valid
for FTP access.
The first action that we will make is to open the doors of the Router. Depending on the
console of each router, the form of the effect will be the same as what we present. As
mentioned above, we use the Router TP-Link TL-WDR3600.
You may wonder if opening ports in Router can be an insecurity on the Net, but in reality it is
not so. As we open doors specifically for an IP (NAS - 192.168.175.11) only and only
authorized access to that IP will be valid.
We need to open the following ports:
21 and 22- Connections to FTP (with and without certificate, ie, unencrypted and
encrypted)
49150 to 49154 - To use passive FTP - we opened five doors because we are using 5
users. If you have more users should open more doors.
65
Access to a particular server is always carried out through an IP address, either directly or
indirectly:
The direct way is when you put the IP address in the browser (http://253.124.3.23, for
example).
The indirect way is wen you put an address "with words" in the Browser. In this case,
the call is routed to a DNS server, which will assign the address entered regarding the
IP address. For example, when we type http://www.google.pt, the DNS server will
assign the address 173.194.41.215 which will allow access to the respective server.
In our case, we have a dynamic IP address provided by our ISP, which is for example
217.113.129.5. If we want to access the NAS unit via FTP, we would have to enter
66
User needs to hire the DDNS service to an entity that makes it available (free or not);
It supplied an access address;
When the user types the address above, this will access the DDNS server;
The DDNS server "refreshes" the IP Internet of the user, ie "will see" if the Internet IP
changed and forwards the user to the correct address;
The address given is something like luis_fernando.noip.me, where "luis_fernando" is
the name that the user has defined and "noip.me" the address of the DDNS server .
Creating an account and respective configuration varies depending on the server that provides
the service. There are several free DDNS servers. In this case we will create an account on
NoIP.
Acess to the link http://www.noip.com/. In the upper right corner select Sign In and in the
dialog box that opens select Create an Account.
Place a username, an valid e-mail and a password (3). Put a name that will give the domain
(can not have spaces or accents) and select free domain (4). In this case, the domain will be
nas-teste.ddns.net
At the end of the page select Free Sign Up (5).
67
You will receive an email confirmation. Select the link for the account to be activated it.
Depending on the activity you will have with the DDNS, you will receive a message with
some frequency sent by the server said (noip) with the objective of updating the account. You
need to follow the link that appears on the appropriate e-mail, otherwise the account
will be canceled.
68
Aps ter criado um conta no servidor de DDNS, vamos direcionar o Router para a referida.
No Router que estamos a utilizar, procedemos da seguinte forma:
To recap, we open the necessary ports in Router and created a domain to a Dynamic DNS
Server, so we can access the NAS from an external connection for FTP. Let's configure the
activation of the FTP in OpenMediaVault.
1st General Settings - Change the settings marked in Figure
69
70
Do the same for the other folders. The final result is given in the following listing.
The next step is to configure the FTP access secure / encrypted, (FTPES). Follow Fig.
To test the sharing you will need to access the FTP server. There are three ways of doing this:
1 - Through the Browser - putting the ftp address in the address bar.
71
3 - Through Client Software - there are different FTP client software. See our article on the
subject, here.
Let's test the shares have performed as above, using the logins jjrcrispim and amsantos.
4.5.1 - Acesso FTP com o utilizador jjrcrispim
The user has permission to access, read and write in all folders - if you open each folder
you can copy files, delete, make downloading and uploading. FTP is functional for the user
crispim.
72
Is correct, because the JoseCrispim folder does not appear in the sharing.
2 - Full permissions on AntonioSantos Folder - Open AntonioSantos folder and videos
folder.
2.1 - File Download - Holding down the left mouse button, drag and drop the video file to
your desktop.
74
The system allowed to do download and upload files and logically allow all other operations
(delete, rename, create folder, etc.).
3 - Permission to read and download on the folders AntonioSantos, FernandoMatos, e
JoseSousa. The upload isn't allowed.
3.1 - Permission to read and download on the folder JoseSousa - Open JoseSousa and
Videos Folders and download the file to your desktop.
75
The system does not allowed the download of a file to JoseSousa folder.
If you do the same tests with the remaining folders and user, you will get identical results.
76
You can access the FTP in a secure manner through the Windows Explorer. Just Enter the
address "FPES".
You can not access the FTP in a secure manner through the browser (unless the browser
permits it).
Let's test the FTP access secure / encrypted using a client application - FileZilla.
We begin by setting up access. Put in the server the domain you created in noip (nasteste.ddns.net); in Protocol select FTP - File Transfer Protocol and Encryption select Require
explicit FTP over TLS.
Let's start the test with crispim user. Open FileZilla and type or select the following:
77
78
As you can see, the user has accessed all the folders on the NAS. Repeat tests performed
previously. You can transfer files to and from the NAS. On top blue bar is the address to
access the NAS. Once the starting address for FTPES indicates that the connection is
encrypted.
79
Let's test with jmsousa user. I recall that the user has read access to all folders and write
access to folders JoseCousa and GeneralSharingl. O utilzador no tem acesso Pasta
JoseCrispim
The user has access to the folders mentioned above but JoseCrispim folder is hidden (is
correct because the user hasn't access to that). If you repeat the tests done before you get the
same results.
80
We conclude that access / sharing by secure FTP is properly configured and functional.
Let requiring that all accesses are made via FTP in a secure manner. Follow the image.
From this moment, only be allowed access to FTP into safe mode. Let's test that allows access
in Nornmal / Plain FTP:
81
Access was not granted and the server gave the answer: "550 SSL / TLS required on the
control channel - Could not connect to server". If you access it in safe mode it allows (as we
have seen previously).
The OpenMediaVault has a feature that allows the creation of a DLNA compatible media
server. Let's start with the concept of DLNA.
DLNA is a standard and simultaneously an organization. As an organization, is an association
of companies that establish guidelines based on existing technological standards. The goal is
to ensure interoperability between electronic devices connected in a home network, so that
they can exchange multimedia files between them using the said network. For example, the
user can access and play media files stored on a computer, through a TV, tablet, smartphone,
among others, provided such devices are connected to the same network and have DLNA
certification.
82
At this time, the OpenMediaVault allows two media servers. One of them, MiniDLNA, has
been installed at the beginning and is ready to be configured.
Let's do as before to create the said folder and give full permissions to all users. To create the
Multimedia folder, follow Figure.
Then we will define the privileges and the ACL (full access to all users)
83
84
We need the folder is visible on the LAN, so that DLNA compatible devices have access to
the server. So that the folder is visible on the LAN, we'll share it on the appropriate service
(SMB / CIFS).
To complete this phase, we will create three subfolders - Images, Musics and Videos. To do
it, on your desktop go to your Local Area Network, open the MediaShare folder and create the
folders listed.
85
Take the opportunity to put some image, music and video files in their respective folders.
Next, let's add the folder defined to accommodate the Multimedia files.
86
And you're done! It was very easy to put the media server to work.
We will test the work done in a very simple way. If you open the folder for your local
network (in Windows environment) the Media Server will have to be included.
If you open the NasTeste Media Server, this will have to list the contents of the Multimedia
folder that you created earlier.
87
As you can see, the files that were placed in the Multimedia folder and in the respective
subfolders, have been recognized. The music files were shown with their original name, but
they are correct.
We conclude that the Media Server is functional. Any DLNA compatible device, will be able
to access files.
6 - Cloud Server
The "Cloud" is a network of devices that provide services jointly. It is a metaphor used to
describe the Internet, which is nothing more than a network where many services run.
Therefore, cloud computing is a type of Internet-based computing (with servers, storage and
applications) where different services can be used by an organization over the Internet.
The OpenMediaVault allows building a server "cloud" through the plugin OwnCloud which
initially already have installed. Such "cloud server" allows access and transfer files
(multimedia, office, pdf, etc.) which can be synced and accessed on computers with
permission. The interface is as follows.
88
Make sure you have port 443 open (work done in Section 1.7). Let's configure that server.
Let's create a specific folder like we already have performed previously, giving full
permissions to all users. Follow Fig.
89
As you saw earlier, configure any service in OpenMediaVault is quite easy. Configure
OwnCloud is also very easy. Follow Fig.
90
We will not share folder in the LAN because it is not necessary. But if you want you can do
so by following the previous examples.
From this moment you have the Cloud server connected. To access it use the address of
DDNS (Dynamic DNS) previously created followed by owncloud - https://nastest.ddns.net/owncloud - Please note that you must start with HTTPS, as we defined in
section 1.7.
The first access to the Cloud Server is done through the Browser with the Administrator
password. Therefore, enter in the Username: admin and the password you set for the
administrator and uncheck the "remember" box.
91
When a user first opens the console through the browser, the possibility of downloading
software synchronization is presented. You must now download because the application will
be useful in section that follows (6.4).
Continuing to explore the console, you will see that the left side panel has folders that give
access to files, music, etc. For now are empty because nothing has yet been sent.
In the upper left corner, has access to some settings. For example, you can see which users are
logged into the system, this because at the moment you entered the system as Administrator.
If you enter the system with another user will only have available the Personal and Logout
options.
92
As an Administrator you can define the space that each user may have to host files. In the
same panel (top left) has access to generic server settings in Admin. Leave everything as is
and exit the console by selecting Logout from the dropdown menu in the upper left corner.
To synchronize files between your computer and the server cloud, you need to use specific
software, which is displayed when you first open the Web console. Could download for
Desktop in Windows, MAC and Linux environment, or devices with the Android operating
system (smartphones, for example).
Before we execute the application downloaded have performed previously, we will create a
folder on our computer to put the files you intend to make available in the "cloud". In my
opinion, it is preferable to be in a specific folder, but if you want you can sync the folders you
want.
93
After creating such folder, install the application by selecting the downloaded previously file
you made - ownCloud-1.6.2.3463-setup.
Installation is normal for any application. Just select the file and follow the instructions.
Follow the image.
94
95
3rd - Enter the username and password - Let's try to crispim user - username:crispim
Passowrd: 12345
4th - Local Folder (on Desktop) - select the folder you created earlier
96
For ownCloud start with Windows and start the sync, select with the right mouse button on
the icon in the taskbar. Follow Fig.
97
Let's test the cloud server with user crispim because it was what we put in earlier definitions.
In Cloud folder that was created on the Desktop, we placed 7 files - one image, one music,
one video, one of the notepad (txt) Office Word docx), 1 PDF and 1 LibreOffice.
98
Let's open the console with the user crispim. I recall that earlier there were no files in the
"cloud".
99
Files placed on your computer, appeared in the "cloud". If you select "Music" or "Pictures"
the server will show only the respective files.
the OwnCloud also allows you to read files with extension pdf, txt and all generated by
LibreOffice (eg odt). It isn't possible to read files generated by Microsoft Office (must be
download from cloud server to desktop)
In this case only the user that has access to the files. These may be shared with other users of
the Cloud. Follow Fig.
100
Note: when you select the Share icon, has no chance of selecting a user (probably an error on
the application). Sets, for example the letter "a", displays the users who have this letter in
their name (as shown in the figure). To share, simply select the user and the file is shared
immediately. Still has a chance to warn the user by e-mail, as the following figure.
Let's check if the user amsantos has the file we previously shared.
101
In this simulation we used old hardware we have for testing. We can build a NAS unit with
new hardware, but may question: "what advantage, if any NAS unit for sale for about 100.00
Euros"
The cheapest NAS unit on the market costs about 100.00 Euros without disks. If you purchase
two 2 TB drives (about 170.00 Euros), the NAS unit will cost a total of about 270.00 Euros.
We have carried out an article about that, which is available aqui.
That has a motherboard which are integrated in one Processor (Single Core) at 800 MHz, 128
MB RAM, 128 MB of flash chip (where the operating system is installed) and allows two
SATA-II disks (ie if placing SATA-III disks, it will work on SATA-II).
Se adquirir o hardware necessrio para montar uma Unidade de NAS, you'll spend about
250.00 Euros (excluding value discs).
What is the advantage of one and the other?
The first is significantly cheaper, but the user will be limited to the standards of the
manufacturer. He can not install a new operating system, he can not change the hardware and
if a hardware component fails, the NAS unit stops working, except that it sends to the
manufacturer for repair (whose value will be much higher than the value acquisition of the
new product).
The second is 100% more expensive, but have characteristics far superior hardware and
component replacement is facilitated.
102
In another article we presented two options for hardware to mount a NAS unit. However as
happened about a year, we will again present two hypotheses: one Motherboard with
integrated CPU and one without embedded processor. The remaining components are the
same.
Hardware options that I will present, constitute a personal opinion. I relied on medium /
high performance, becauseif you put hardware with a lower performance is better not to
mount a NAS unit and buy the standars. The choice of AMD is a technical and personal
matter (usually all my systems are AMD for many years).
Note: The values presented are from August 2014 They were surveyed in reference
retailers in Portugal;
103
104
If you compare these systems with those that are sold in the market, you will see that a NAS
unit that costs about 400.00 Euros, have much lower hardware settings in relation to the
solution presented in Option 1.
Conclusion
With this test we achieved the goals initially set. In my perspective, the OpenMediaVault is
one of the best OS to build a NAS unit, very easy to use without the need for complicated,
stable and fast settings, although this depends largely on the hardware where it is installed.
In this paper we addressed the features that the average user / household is more likely to use,
but this Operating System has many features to wider users.
I have followed the evolution of this Operating System and I note that many of the bugs that
existed have been progressively corrected, which indicates that there is a community that
continues to improve it.
I hope this work be helpful for someone. If someone wants to send suggestions or corrections,
I appreciate that they do so on my forum
105