User:Pineadmin/OpenMediaVault

From PINE64
Revision as of 03:15, 12 December 2017 by Pineadmin (talk | contribs)
Jump to navigation Jump to search

If you are dealing with confidential files transfer/sharing, please make sure your setup is secured with long and hard to guess random password or PKI keys. Make sure you use DUMMY folders/files for testing first to get yourself familiar and comfortable with the settings.


Basic Setup

1. If no output on HDMI, you need to find the IP Address with tools (e.g. netscan) (hostname: ROCK64, PINE64, PINE64SO)

2. Use the IP Address on PC browser to login to the Web Admin Pages: admin / openmediavault  (Remember to change the default password: System -> General Settings -> Web Administrator Password)

3. You may want to use Static IP for easy access in future: System -> Network -> Interfaces -> Edit or Add

4. Plug Hard Drive

5. Go to Storage -> Physical Disks -> Scan

6. Go to Storage -> File Systems -> select the Partition to mount -> Mount -> Apply

7. Access Right Management -> User -> Add (Make sure it is under "users" Group)

8. Access Right Management -> Shared Folders -> Add
    - select newly added Shared Folder -> Privileges -> tick Read/Write -> Save -> Apply


FTP

1. Go through the "Basic Setup" above

2. Services -> FTP -> Settings -> Enable -> Save -> Apply
                   -> Shares -> Add -> Apply

If you constantly hit by "Permission denied", then you may consider a less secure solution: Services -> FTP -> Settings -> Permit root login (enable)
This may happen when your hard drive is using FAT/FAT32 file system where permission cannot be set and after reboot, the default read only permission is used


SAMBA (Windows Share)

1. Go through the "Basic Setup" above

2. Services -> SMB/CIFS -> Settings -> Enable -> Save -> Apply
                        -> Shares -> Add -> Apply


NFS

1. Go through the "Basic Setup" above

2. Services -> NFS -> Settings -> Enable -> Save -> Apply
                   -> Shares -> Add -> Apply

To access from Kodi/XBMC, use "insecure" instead of "secure" on "Extra options"


Rsync Clone/Backup

You required 2 devices (e.g. 2 ROCK64, PINE64, SOPINE or etc) to Clone/Backup from master to slave or bidirectional

1. Go through the "Basic Setup" above

2. [On slave/destination device]
    Services -> Rsync -> Server -> Settings -> Enable -> Save -> Apply
                                -> Modules -> Add -> General
     - Make sure to choose correct "User"
     - Enable "Authenticate users"
     - Fill in "Hosts allow" for more security
                                                  -> User -> Add

3. Services -> Rsync -> Jobs -> Add (Type: Remote, Mode: Push, Destination server: [USER]@[HOST]::[Rsync Server Module Name])
    - for testing: select Job -> Run
    - for bidirectional Rsync: Add another Job to Pull from slave/destination device (Don't enable Delete because deleted file/folder may be copied over again)

4. Diagnostics -> System Logs


Rsync Clone/Backup (Through Internet)

You required 2 devices (e.g. 2 ROCK64, PINE64, SOPINE or etc) to Clone/Backup from master to slave or bidirectional

1. Go through the "Basic Setup" above

[IF YOU KNOW HOW TO SETUP DYNAMIC DNS ON YOUR INTERNET MODEM/ROUTER PLEASE SKIP TO #8]

2. Services -> SSH -> Permit root login (enable)  (Remember to always disable it back for security reason)

3. SSH to the device with Putty: root / openmediavault  (Remember to change the default password)

4. # apt-get install ddclient  (no-ip.com example)

Dynamic DNS service provider: other
Dynamic DNS server: dynupdate.no-ip.com
Dynamic DNS update protocol: dyndns2
Username for dynamic DNS service: <<<USERNAME/EMAIL>>>
Password for dynamic DNS service: <<<PASSWORD>>>
Re-enter password to verify: <<<PASSWORD>>>
Network interface used for dynamic DNS service: web
DynDNS fully qualified domain names: <<<CNAME>>>.ddns.net
Run ddclient on PPP connect? No
Run ddclient as daemon? Yes
Interval between ddclient runs: 300

# dpkg-reconfigure ddclient  (To Re-run configuration wizard above)

5. # vi /etc/ddclient.conf

Change: use=if, if=web
To:     use=web, web=checkip.dyndns.com, web-skip='Current IP Address'

##########
protocol=dyndns2
use=web, web=checkip.dyndns.com, web-skip='Current IP Address'
server=dynupdate.no-ip.com
login=<<<USERNAME/EMAIL>>>
password='<<<PASSWORD>>>'
<<<CNAME>>>.ddns.net
##########

6. # systemctl restart ddclient  (Restart ddclient after changed in configuration)

7. Diagnostics:

# ddclient -daemon=0 -debug -verbose -noquiet
# systemctl status ddclient

8. On your internet modem/router: Port Forward to the slave/destination device with port 873.

9. [On slave/destination device]
    Services -> Rsync -> Server -> Settings -> Enable -> Save -> Apply
                                -> Modules -> Add -> General
     - Make sure to choose correct "User"
     - Enable "Authenticate users"
     - Fill in "Hosts allow" for more security
                                                  -> User -> Add

10. Services -> Rsync -> Jobs -> Add (Type: Remote, Mode: Push, Destination server: [USER]@[<<<CNAME>>>.ddns.net]::[Rsync Server Module Name])
    - for testing: select Job -> Run
    - for bidirectional Rsync: Add another Job to Pull from slave/destination device (Don't enable Delete because deleted file/folder may be copied over again)

11. Diagnostics -> System Logs


SSH

1. Go through the "Basic Setup" above

2. Services -> SSH -> Permit root login (enable)  (Remember to always disable it back for security reason)

3. SSH to the device with Putty: root / openmediavault  (Remember to change the default password)


System Monitoring

1. Go through the "Basic Setup" above

2. System -> Monitoring -> Enable -> Save -> Apply

3. Diagnostics -> System Information -> Performance statistics


Notification

1. Go through the "Basic Setup" above

2. System -> Notification -> Settings
    - Enable
    - for GMAIL
       - SMTP server: smtp.gmail.com
       - SMTP port: 587
       - Use SSL/TLS secure connection: Enable
       - Sender email: <<<Your GMAIL Address>>>
       - Authentication required: Enable
       - Username: <<<Your GMAIL Address>>>
       - Password: <<<Your GMAIL Password>>>
       - Recipient: <<<Your Recipient Emails>>>
       - at your GMAIL account, you also need to enable: GMAIL -> Settings -> Accounts and Import -> Change account settings -> Other Google Account settings -> Sign-in & security -> Apps with account access -> Allow less secure apps: ON
    - Save -> Apply
    - use "Send a test email" for testing