Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create a FreeNAS cloud storage solution that is open to the internet. #947

Closed
MatthewCroughan opened this issue Oct 15, 2018 · 9 comments

Comments

Projects
None yet
3 participants
@MatthewCroughan
Copy link
Contributor

commented Oct 15, 2018

I have set up a FreeNAS machine with 4TB x 2 ZFS mirrored drives + a 120GB nvme SSD for cache and other things we might want to run in jails/containers. its IP is 10.0.32.23.

The prime use case for this machine is local network storage, but an incredibly useful application for this machine would be to set up nextcloud so that people at DoES can have access to 4TB of encrypted storage from elsewhere in the world. This replaces the reliance on a service like Dropbox and gives us quite a lot of high quality, mirrored capacity for free. Though in order to do this, permission is required from @johnmckerrell and others to instruct Baltic Broadband to open ports for this machine.

For now this machine is going to be used to archive and store video footage from #927, but I would love to be able to use it as cloud storage.

The plan is to expand the storage every 2-3 months with an extra 4TB drive. £20/month which I'll personally see to. Adding redundancy over time is of utmost importance.

@johnmckerrell

This comment has been minimized.

Copy link
Member

commented Oct 15, 2018

@MatthewCroughan

This comment has been minimized.

Copy link
Contributor Author

commented Oct 15, 2018

@johnmckerrell https://nextcloud.com/blog/encryption-in-nextcloud/ all kinds. It's per file. Though I think this is not enabled by default, which may be a detractor. You have to explicitly enable encryption on folders, I do believe. Perhaps there is a setting to make everything you do encrypted, which will be what I do for the majority of my data on this machine.

Users can activate the Nextcloud End to End encryption feature for one or more folders. The content of each of these folders will be fully hidden from the server, including file names and directory structure.

The Nextcloud Server Side Encryption feature provides secure storage of data by encrypting each file with a unique file key before it is stored. File keys are encrypted, in turn, either by a server wide key (default for feature and performance reasons) or a per-user key. Server Side Encryption provides protection for data on external storage as the files are encrypted before they are sent to storage and the keys never leave the Nextcloud server.

@ajlennon

This comment has been minimized.

Copy link
Contributor

commented Oct 15, 2018

Sounds great. What are the risks to people with computer systems in DoES?

@ajlennon

This comment has been minimized.

Copy link
Contributor

commented Oct 15, 2018

Would it make sense to put this in a separate sandboxed pseudo-DMZ alongside a separate guest network as in #937?

@MatthewCroughan

This comment has been minimized.

Copy link
Contributor Author

commented Oct 15, 2018

@ajlennon Indeed it would, that's exactly what I'm requesting. @mattwilsondotuk suggested this be a priority for these kinds of requests in the future, would be a good way of demoing it.

@MatthewCroughan

This comment has been minimized.

Copy link
Contributor Author

commented Oct 16, 2018

There's now a test Nextcloud instance on 10.0.32.57 that you can register on with a quota of 10GB. @johnmckerrell

@MatthewCroughan

This comment has been minimized.

Copy link
Contributor Author

commented Oct 21, 2018

I've tunnelled out and provided this, go test it out. https://nextcloud.matthewcroughan.co.uk
Data will not be lost on this installation, but uptime is not guaranteed until we have a front-facing service. Have fun 👍

@ajlennon

This comment has been minimized.

Copy link
Contributor

commented Mar 5, 2019

Can we close this @MatthewCroughan ?

@MatthewCroughan

This comment has been minimized.

Copy link
Contributor Author

commented Mar 13, 2019

@ajlennon I've opened up a new issue with a more general title. #1074

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.