This post is an update of the my 2020 home NAS setup. A few things changed since then, the most important the introduction of snapraid for the media and archiving portion of the NAS.
The hardware hasn’t changed much apart from a (preventive) hard-disk replacement; my admiration and gratitude goes to HP for building a solid computer that runs flawlessly for seven years now.
Bill of materials
The hardware hasn’t changed much since the last write-up: the HP proliant microserver gen8 with four mechanical hard drives (of varying sizes) and one flash drive running with Ubuntu 18.04 LTS. I didn’t attempt an OS upgrade because everything works fine, even newer Docker software.
Goals and considerations
The original post went into great length to justify the goals and non-goals for the NAS build, since there have been a few updates I’m writing the new list down here:
|Function||The NAS serves as a network attached file system for home use; the NAS operates a few hours a day and is either off or in standby most of the time||Commodity hardware, open source software, modularity, keep it simple|
|Interoperability||Commonly used computer platforms should be able to access files on the NAS. Commodity hardware should be able to connect to the NAS.||Samba (aka Windows shares) on Ubuntu, USB, SATA. Connect LAN to Wifi router, does name resolution and time server. Access and manage with SSH.|
|Modularity||Hardware and software components should be interchangeable without redesigning the entire system||x86 PC platform, Linux, Docker|
|Control||I want to control which software is installed on the NAS and what it does||Ubuntu 18.04 LTS|
|Valuable data||Valuable data (correspondence, legal documents, memorabilia) requires a high level of protection against loss, corruption and theft. The data volume is low and justifies the extra effort.||MD RAID 1 with 4 hard drives, ext4fs with journal checksumming, periodic RAID scrubbing, manually assembled RAID, ECC RAM. Partition is encrypted with LUKS. Sign archives with par2archive.|
|Bulk data||Music and films. Partial loss is acceptable, total loss would be bad. Large data volume requires an affordable solution.||JBOD with snapraid (2 data drives, 2 parity drives) and mergerfs.|
|Noise||Noise should be low and tolerable||HDDs in standby, SSD as primary OS disk, write-mostly, lots of RAM, passive cooling|
|Cost||Use commodity hardware and free, open source software||2nd-hand commodity hardware, hard disks instead of SSDs|
|Low maintenance||Avoid time critical maintenance||ufw firewall accepting connections only from internal network, no auto-updates, limited software, Docker, not accessible from the Internet.|
|Data safety||In case of hardware loss or theft unauthorised parties shouldn’t be able to access the data||dmcrypt with key on external device|
|Low power consumption||Power consumption should be in line with the server’s function||Components in stand-by most of the time, SSD, RAID in write-mostly|
|Compact||Physical NAS dimensions should be small; no space wasted||2nd hand HP proliant microsever gen8|
The main uses of the NAS are:
- Watching videos with VLC over samba shares
- Storing backups
- Running a media server
- Donating computing power to research projects
The biggest change has been dividing the NAS into a data volume for valuable data and a data volume for bulk data, which is mainly my music and film collection and backups.
The volume for valuable data is an MD RAID 1 with 4 small-ish partitions on 4 hard drives (one partition on each hard drive). The volume is encrypted with LUKS and manually assembled with a script during boot.
The volume for bulk data consists of four large partitions on the aforementioned 4 hard drives. Snapraid  is a user-mode software RAID implementation which really shines with media archives. I prefer it over the previous RAID6 setup because:
- It optimally integrates hard drives of varying sizes
- Snapraid’s partial data availability fits my risk averseness profile better than mdraid’s all-or-nothing
- Data is available even if Snapraid fails to start
- It protects data against corruption
I run boinc, jellyfin kiwix and clamav in Docker containers mainly for the easy setup and dependency isolation.