My personal file server on a Cubox from SolidRun using Arch Linux
For my file server I have the following requirements:
- it should consume as less as possible electricity
- it should be very silent, means no active cooling
- the operation system should use OpenSSH
Thus, for the hardware I have decided to use a Cubox from SolidRun because it has a very good value for money. Notice that I use the first revision of the Cubox and not the Cubox-i serie. For the operation system I use Arch Linux because it is more up-to-date then the Debian or Ubuntu distribution.
Installation
Download the latest version of Arch Linux for the Marvell ARMv7 platform from the official site. Next, plug your MicroSD into your computer and find out which drive (/dev/sdx) it is
df -ahClear your disk and create one ext3 partition.
mkfs.ext3 /dev/sdx1Know mount it and extract Arch Linux onto your MicroSD partition
mkdir /media/arch
mount /dev/sdx1 /media/arch
tar -xzvf ArchLinuxARM-cubox-latest.tar.gz -C /media/arch
umount /media/arch
rm -rf /media/archThe default login is user root with password root.
Configuration
Now lets configure some basic stuff, like date and time, DHCP, etc.
Network
Create the /etc/systemd/network/eth0.network file so that it resembles the example below. Be sure to change the IP addresses to reflect the values shown under the “Remote Access” tab of the Linode Manager.
for DHCP
[Match]
Name=eth0
[Network]
DHCP=bothfor fixed IP
[Match]
Name=eth0
[Network]
Address=10.0.1.2/24
Gateway=10.0.1.1Restart systemd-networkd. To do so, run this command:
systemctl restart systemd-networkdClientid
If you are on a network with DHCPv4 that filters Client IDs based on MAC addresses, you may need to change the following line in /etc/dhcpcd.conf:
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 Client ID as per RFC4361.
duidto:
# Use the hardware address of the interface for the Client ID (DHCPv4).
clientidElse, you may not obtain a lease since the DHCP server may not read your DHCPv6-style Client ID correctly. See RFC 4361 for more information.
To automatically start the DCHP daemon at start up you have to enable it.
systemctl enable dhcpcdSystem Upgrade
pacman -SyuBad experience with vi
If you have bad experience or strange behaviour with the standard vi simply install vim.
pacman -S vim-minimalLocale and Date/Time
Change your timezone to the one your are living at. All time zones can be found in the folder /etc/timezones.
# To check the current zone defined for the system:
timedatectl status
# To list available zones:
timedatectl list-timezones
# To change your time zone:
timedatectl set-timezone Europe/ZurichAlso do not forget to change your locale
localectl status
ls /usr/share/i18n/locales
localectl set-locale LANG=de_CH.UTF-8Samba
For internal file sharing you could use Samba. Tips and tricks can be found on Arch Linux Samba site
pacman -S sambaYour can restart the service using the follwing
systemctl enable smbd.service
systemctl enable nmbd.serviceCreate a new samba group
groupadd sambashareand add user to it
# add user to the samba grup
pdbedit -a -u samba_user
# changing samba password
smbpasswd samba_userAdding a user to the samba group
usermod -a -G sambashare unix_user_nameOn my Cubox I use the following configuration (/etc/samba/smb.conf):
[global]
workgroup = iocast
server string = file server
# Share-level security: Each share in the workgroup has one or more passwords associated with it. Anyone who knows a valid password for the share can access it.
# User-level security: Each share in the workgroup is configured to allow access from certain users. With each initial tree connection, the Samba server verifies users and their passwords to allow them access to the share.
# Server-level security: This is the same as user-level security, except that the Samba server uses another server to validate users and their passwords before granting access to the share.
# Domain-level security: Samba becomes a member of a Windows NT domain and uses one of the domain's domain controllers—either the PDC or a BDC—to perform authentication. Once authenticated, the user is given a special token that allows her access to any share with appropriate access rights. With this token, the domain controller will not have to revalidate the user's password each time she attempts to access another share within the domain. The domain controller can be a Windows NT/2000 PDC or BDC, or Samba acting as a Windows NT PDC.
security = user
map to guest = bad user
create mask = 0775
force create mode = 0775
directory mask = 02775
force directory mode = 02775
force group = sambashare
[share_1]
comment = data disk
path = /storage/data/
public = no
writable = yes
guest ok = no
valid users = user1 user2
write list = user1
read list = user2
[share_1_backup]
comment = data disk backup
path = /storage/backup/
public = no
writable = no
guest ok = no
valid users = user1
write list = user1
[share_2]
comment = data disk1
path = /storage/data1/
public = no
writable = yes
guest ok = no
valid users = user1 user2
write list = user1 user2
[share_2_backup]
comment = data disk1 backup
path = /storage/backup1/
public = no
writable = no
guest ok = no
valid users = user1 user2
write list = user1 user2
[scans]
comment = documents from scanner
path = /storage/scans/
guest ok = yes
guest account = user1
available = yes
browsable = yes
public = yes
writable = yesDisks management
To automatically mount disks on startup, you need to add them to the /etc/fstab configuration file. Also use the option nofail to not report any error if the disk is absent. For more information read the manual on Arch Linux
Run lsblk -f or ls -l /dev/disk/by-uuid to list the partitions / disks. Edit the /etc/fstab and prefix the values in the UUID column with UUID=:
# <file system> <dir> <type> <options> <dump> <pass>
UUID=54940062-befb-4127-b1fc-15584cd4c2ea /storage/data/ ext4 nofail,rw,relatime,data=ordered 0 0
UUID=e786913c-ee77-4e04-a0d6-1b70b2b4ff69 /storage/backup/ ext4 nofail,rw,relatime,data=ordered 0 0
UUID=92e833e1-ecc4-4cd3-9874-969867eb5848 /storage/data1/ ext4 nofail,rw,relatime,data=ordered 0 0
UUID=b5a1514e-6a87-4ea5-a3ce-a592a41abecc /storage/backup1/ ext4 nofail,rw,relatime,data=ordered 0 0Dynamic DNS
If you use afraid.org as your dynamic DNS service you can get an example cron entry from the Dynamic DNS menu entry. It look likes the following
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
3,8,13,18,23,28,33,38,43,48,53,58 * * * * sleep 37 ; wget -O - http://freedns.afraid.org/dynamic/update.php?key= >> /tmp/freedns_pasithee_mooo_com.log 2>&1 &On Arch Linux you need to do the following changes to use it with systemd/Timers (see here). First we need to create a new timer vim /etc/systemd/system/afraid.org.timer and add the following lines
[Unit]
Description=timer for service afraid.org.timer
Requires=network-online.target
Requires=network.target
After=dhcpcd.service
[Timer]
OnCalendar=*:3,8,13,18,23,28,33,38,43,48,53,58
[Install]
WantedBy=multi-user.targetThen create a service file of the same name /etc/systemd/system/afraid.org.service and add the following lines
[Unit]
Description=service for afraid.org for pasithee.mooo.com
[Service]
Type=simple
ExecStart=/usr/bin/curl -k http://freedns.afraid.org/dynamic/update.php?key= >> /tmp/freedns_pasithee_mooo_com.log 2>&1Now you can test the service.
# test service
systemctl start afraid.org.service
systemctl stop afraid.org.serviceAs soon as it works you can enable the timer
systemctl enable afraid.org.timer
systemctl start afraid.org.timer