Skip to content
/ NAS Public

Scripts and config files for the secure Linux-based multiservice server on ZFS

License

Notifications You must be signed in to change notification settings

artiomn/NAS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Secure NAS

What is it?

This is the complete configuration for a Linux-based multiservice secure server that you can create yourself.

Features

  • A totally open source solution.
  • Big hardware selection guide and "concurrents" description. On 2018.
  • Debian-based.
  • ZFS is the only filesystem that is used. Root and boot on ZFS mirror.
  • Full-disk encryption with a native LUKS.
  • Protection against reboot. Lightweight SSH server integrated in initramfs. You can decrypt disks remotely.
  • All services communicate with user via HTTPS, even if the service does not explicitly support HTTPS.
  • HTTPS with a regular certificate signed by Let's Encrypt.
  • Certificate auto renewal.
  • One certificate for all services using reverse proxy.
  • Public-available services with CloudNS.
  • Docker-isolation between services and between services and host.
  • Most services are well-tested and stable from Linuxserver.io initiative.
  • Multiuser with one authorization provider.
  • LDAP as an authorization provider.
  • Service can use LDAP authorization even if it doesn't support LDAP native.
  • Integration between services. I.e. the media search service can use the torrent downloader to download movie.
  • Some services were patched by the author for integration with others (i.e. Nextcloud was patched for use inside iframe Organizr).

And much more...

Subsystems

NAS control

OpenMediaVault installed as a package.

Backup

Multiagent backup service. Implemented using UrBackup.

Cloud

Implemented using:

NextCloud UI

Download subsystem

Transmission UI

Version control system

Implemented using GitLab.

Gitlab UI

Books library

  • Database with automatic synchronization, based on patched Calibre. Only console. No user interaction required.
  • Calibre-web as a web-interface.

This service has an independent repository here.

Calibre-web UI

Media system

Implemented using Emby

Emby UI

LDAP server

Frontend

Organizr.

Alternatives

You can find here another services, such as SeaFile, but I don't use and support them inside NAS.

Note

This is a part of my article series on building secure NAS.
You can see a copy of the documentation in the docs directory.