Skip to content

Hardware Install

Jump to bottom
Joe edited this page Apr 27, 2023 · 18 revisions

System

Harden SSH

via https://linuxhandbook.com/ssh-hardening-tips/

  1. Create a new SSH Group for approved users: sudo groupadd -g 1022 ssh_allowed
  2. Add your primary SSH User to this group: sudo usermod -a -G ssh_allowed pi
  3. On your client, generate a private and public key: ssh-keygen -t ed25519. Use the default name. Provide a passphrase
  4. Copy the contents of your public key. SSH into the server. Paste your Public Key into ~/.ssh/authorized_keys
  5. Open SSHD Config: sudo nano /etc/ssh/sshd_config
    1. Disable empty passwords: PermitEmptyPasswords no
    2. Change default SSH ports: Port 2345
    3. Prevent root login: PermitRootLogin no
    4. Limit active sessions: MaxSessions 4
    5. Configure idle timeout interval: ClientAliveInterval 300
    6. Configure how many times it sends the alive message before disconnecting: ClientAliveCountMax 2
    7. Configure Allowed Groups: AllowGroups ssh_allowed
    8. Disable X11 Forwarding: X11Forwarding no
  6. Use the correct permissions: chmod 600 ~/.ssh/authorized_keys
  7. After the change, you will need to restart the sshd service using sudo systemctl restart ssh or rebooting.

Install MergerFS

via https://perfectmediaserver.com/installation/manual-install-ubuntu/#mergerfs

wget https://github.com/trapexit/mergerfs/releases/download/2.32.2/mergerfs_2.32.2.ubuntu-focal_amd64.deb
sudo dpkg -i mergerfs_2.32.2.ubuntu-focal_amd64.deb
apt list mergerfs

Prep for MergerFS and SnapRAID

via PMS:

We recommended /mnt/diskN because it makes the fstab entry for MergerFS simpler

  1. mkdir /mnt/parity1 # adjust this command based on your parity setup
  2. mkdir /mnt/storage # this will be the main mergerfs mountpoint

Install SnapRaid

per https://perfectmediaserver.com/installation/manual-install-ubuntu/#compile-and-install these steps assume a valid, working docker installation apt update && apt install git -y mkdir ~/tmp && cd ~/tmp git clone https://github.com/IronicBadger/docker-snapraid cd docker-snapraid chmod +x build.sh ./build.sh sudo dpkg -i build/snapraid-from-source.deb

Schedule SnapRaid

per https://perfectmediaserver.com/installation/manual-install-ubuntu/#automating-parity-calculation

Schedule I use:

crontab -e

00 01 * * * python3 /opt/snapraid-runner/snapraid-runner.py -c /opt/snapraid-runner/snapraid-runner.conf && curl -X POST -fsS --retry 3 https://hc-ping.com/123-1103-xyz-abc-123 > /home/log/snapraid-parity-scheduled.log 2>&1

New Drive

Installation

  1. Physically install the drive
  2. CLI instructions via perfectmediaserver. However, when I did this things broke. I had better luck through the Ubuntu GUI - obviously that's not always possible or ideal. Problem for another day.

Bad blocks

Initial Setup

git clone https://github.com/Spearfoot/disk-burnin-and-testing

Each drive

  1. ls -la /dev/disk/by-id
  2. Dry Run: ./disk-burnin-sh /dev/<disk mount>
  3. WARNING: Disk erasure: ./disk-burnin-sh -f -o ~Documents/burn-logs /dev/<disk mount>

Mounting via fstab

  1. ls -lA /dev/disk/by-id to get the disk's proper name
  2. Edit fstab nano /etc/fstab
  3. mount /dev/disk/by-id/<diskname> /mnt/disk<number> include the "part1" from the
  4. Refresh the mounts mount -a
  5. The drive should now be found via ls /mnt/disk<number>
  6. Confirm with df -h. The "mergerfs" File System should be mounted to /mnt/storage and should have an aggregate storage space!
Clone this wiki locally