bluGill

My NAS is behind a firewall and doesn’t normally run the types of things you would compromise. (no web browser). They need to break many things at the same time to compromise it. I’m not saying it would be impossible to compromise my NAS, but is is very unlikely just because of how difficult it is. If I’m target of a state level attack I’m sunk anyway.

though offline backups are always a good idea. However they by definition need several days to restore (if they take less than that they are too easy for an attacker to target)

I put all my data on a NAS with non-writable snapshots so hackers cannot destroy my data.

Just remember any backup is better than nothing. Even if the backup is done wrong (this includes untested!) odds are you can read it and extract at least some data, it just may take a lot of time. Backups that are done right just mean that when (not if!) your computers break you are quickly back up and running.

There are several reasons to backup data only and not the full system. First you may be unable to find a computer exactly/enough like the one that broke, and so the old system backup won’t even run. Second, even if you can find an identical enough system, do you want to, or maybe it is time to upgrade anyway - there are pros and cons of arm (raspberry pi) vs x86 servers (there are other obscure options you might want but those are the main ones), and you may want to switch anyway since you have. Third, odds are some of the services need to be upgraded and so you may as well use this forced computer time to apply the upgrade. Last, you may change how many servers you have, should you split services to different computers, or maybe consolidate the services on the system that died to some other server you already have.

The only advantage of a full system backup is when they work they are the fastest way to get going again.

Go to local “art in the park”, music nights, and other such local events and listen to the band playing. Unless you live in a very rural area there is likely many many bands playing someplace every day around you. When you hear something you life find the band and ask how to get their music. If they sell CDs buy one - buy one even if you only accept the music but don’t like it just to support the idea that CDs are not dead.

I’m not stopping you. However make sure you understand what you want to do and why it isn’t recommended in general. It looks like an interesting project that I hope to read about sometime (hopefully not as a you sunk to the bottom of the ocean)

Because too often people are asking for a solution to the wrong problem. I can tell how to setup a car to drive from the Hawaii to Iceland, but odds are that is not your actual goal. (most often the correct answer is fly to iceland and rent a car, or perhaps just public transit in iceland. You can also put your car on a ship. It is possible to modify a car to drive on the ocean if that is really what you want to do)

Celsius is defined at the arbitrary standard pressure, different pressure values change how water acts (this is very noticeable at 100C - boiling). Kelvin steps are defined from Celsius. Even the speed of light which is constant is still defined in terms of an arbitrary time unit.

Go slow. measure 4 times. most rooms don’t need a jack so put APs where it is easy to ge wires and that will feed the other rooms.

Installed grocy on a server and magic mirror on a pi. Now we can track all the daily tasks of life which makes my wife happy

Static, hand coded html. You can be as pretty as you want to be. A good learning exercise and since it is all static it will be fast and won’t have more security issues.

That means you haven’t make them large enough yet.

Good luck getting people to care, but it is in the end your best counter.

Long term boycottes are the best thing - IF you can get large numbers to follow. Large enough that management schools are forced to teach about how ever real reform won’t be enough to save you from bad actions.

ZFS even if only one server is much better than most people have. If your ZFS replication is to a different building you have done pretty good. However as others have pointed out there are limits. Those servers costs you a couple bucks/month in electric (where I live my electric is 100% wind, but most of you should read CO2). You have to buy both servers, and hard drives will crash regularly.

There are a lot of trade offs, but cold storage backups are often much cheaper in the long run than the backup zfs server. And those cold backups are a lot easier to put into multiple different locations.

It is a pain to figure out how to give everyone the same user id. I only have a couple computers at home. I’ve never figured out how to make LDAP work (including laptops which might not have network access when I’m on the road). Worse some systems start with userid 1000, some 1001. NFS is a real mess - but I use it because I haven’t found anything better for unix.

on life support thay haven’t pulled the plug yet but it is coming. They are not updating anything not urgent and so new hardware support is dead as are jails to do useful things. I’m probably moving to xigmanas in the near future.

I know, I like BSD. However because core isn’t a supported version of FreeBSD I cannot update the other things I run on my NAS. I’m more worried about an attack on those out of date services than I am about the few issues that have been fixed

only the most basic security. It is out of date according to the pkg system and so jails cannot be updated-

At least you get updates. I’m running TruNAS core which isn’t updated anymore, and I have some jails doing things so I can’t migrate to scale easially.

The good news is this still works despite no updates it does everything it used to. There is almost zero reason to update any working NAS if it is behind a firewall.

The bad news is those jails are doing useful things and because I’m out of date I can’t update what is in them. Some of those services have new versions that add new features that I really really want.

I have ordered (should arrive tomorrow) a N100 which I’m going to manually migrate the useful services to one at a time. Once that is doing I’ll probably switch to XigmaNAS so I can stick with FreeBSD. (I’ve always preferred FreeBSD). That will leave my NAS as just file storage for a while, though depending on how I like XigmaNAS I might or might not run services on that.

Odds are strongly against a 2 drive failure at your scale, though it does happen. I set my NAS up about 8 years ago, with 6 drives with raid-6 (well zfs’s version) and in that time two drives have failed years apart. When you get two hundreds of drives total in your operation you will see a dual drive failure.

Though you still really should have backups of everything you care about. Even though odds are in your favor someone reading this will lose data in their life on their NAS system.

One of each. There is a small chance that drives made in the same factory will fail at exactly the same time for the same reason when used in RAID 1. While this probably won’t happen (if it does it would be in the first month and you will hear about others with the same failures), why risk it. Besides you want hard drive makers to stay in business - all hard drives will crash in the future, the only question is when.

I didn’t take my advice for a RAID I built years ago. I just placed the order (one hour ago) to replace a WD red with a Seagate. God only knows when the next drive will fail. I’ve overall been fine, but I only have one disk redundancy in my zfs system until Thursday.