HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part VI

This part is also optional. The Samba is shared with Windows desktops that files stored in the Samba will be infected by virus. To prevent this, you should install the ClamAV, the open source anti-virus program for Linux that kills Windows virus.

ClamAV

Edit /etc/apt/sources.list and append the following lines at the end of the file :
sudo nano /etc/apt/sources.list

# ClamAV PPA
deb http://ppa.launchpad.net/ubuntu-clamav/ubuntu hardy main
deb-src http://ppa.launchpad.net/ubuntu-clamav/ubuntu hardy main

sudo apt-get update
sudo apt-get install clamav clamav-daemon arj unzoo lha unrar

Make sure clamav-daemon is running :
ps ax | grep clamd

If not :
sudo /etc/init.d/clamav-daemon start
sudo /etc/init.d/clamav-freshclam start

Scan and kill virus if found at 03:00am on every day :
sudo crontab -e

0 3 * * * clamscan -r -i –remove /home > /home/samiux/scan.txt

Remember to configure the ClamAV’s 15 threads to 3 or less in order to reduce the consumption of CPU resources but the con is that it take a longer time to complete the virus scan of the whole system :
sudo dpkg-reconfigure clamav-base

Remarks : The current version of ClamAV at the time of this writing cannot scan RAR files. It is a bug and it will be fixed later.

Advertisements

HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part V

This part is optional. The web server with PHP and MySQL is already running. Now, we are going to fine tune the Apache and PHP to make it running as faster as possible. The kernel can also be optimized too.

Apache

sudo apt-get install libapache2-mod-bw libapache2-mod-fastcgi

sudo a2enmod deflate
sudo /etc/init.d/apache2 force-reload

Edit the file /etc/apache2/conf.d/deflate.conf :
sudo nano /etc/apache2/conf.d/deflate.conf

<IfModule mod_deflate.c>
DeflateCompressionLevel 6
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/atom_xml
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-httpd-php
AddOutputFilterByType DEFLATE application/x-httpd-fastphp
AddOutputFilterByType DEFLATE application/x-httpd-eruby
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE application/postscript
<IfModule mod_headers.c>
Header append Vary User-Agent
</IfModule>
</IfModule>

Edit /etc/apache2/apache2.conf :
sudo nano /etc/apache2/apache2.conf

Then change the value as the following :
ServerSignature Off
ServerTokens Prod

Updated for Ubuntu 9.04 :
sudo nano /etc/apache2/conf.d/security

Then change the value as the following :
ServerSignature Off
ServerTokens Prod

Edit /etc/apache2/sites-available/default :
sudo nano /etc/apache2/sites-available/default

Then change the value as the following at /var/www section :
Options -Indexes FollowSymLinks

Restart your Apache server :
sudo /etc/init.d/apache2 restart

PHP
To accelerate PHP, you need Zend but I will show you how to use eAccelerator.

Download the eAccelerator :
wget http://bart.eaccelerator.net/source/0.9.5.3/eaccelerator-0.9.5.3.tar.bz2
tar xvf eaccelerator-0.9.5.3.tar.bz2

sudo apt-get install build-essential php5-dev

cd eaccelerator-0.9.5.3
phpize
./configure
make
sudo make install

sudo mkdir /tmp/eaccelerator
sudo chmod 0777 /tmp/eaccelerator

Add the following lines at the end of /etc/php5/apache2/php.ini :

extension="eaccelerator.so"
; shm_size default is 16, you may change to 64 or 128 depends on your RAM
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

Still at the php.ini file or enter the following command to go there.
sudo nano /etc/php5/apache2/php.ini

Locate Display_errors = On and change it to “Off”.
Display_errors = Off

Restart the Apache :
sudo /etc/init.d/apache2 restart

Kernel

Please refer to my blog “Performance-tunning” at https://samiux.wordpress.com/2008/06/12/performance-tunning/ for details.

HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part IV

Your Samba server and vsFTPd server are running smoothly. Now, we are discussing the installation of remote BitTorrent feature.

You can access your remote BitTorrent server anywhere at anytime. The server requires Apache, PHP and MySQL. They have been installed when you install your Ubuntu Server that selecting the LAMP option.

BitTorrent

sudo apt-get install torrentflux bittornado

You will asked for MySQL root password, it is the same as the one when you install the Ubuntu Server. TorrentFlux Administration password to be entered in the same as the MySQL and Ubuntu user password in my case. (for easy remembering).

Run the TorrentFlux server at your desktop computer with Firefox :
http://your_server_ip/torrentflux

Enter the Log in name as “root” and the password as what you had entered during the installation (TorrentFlux Administration password).

You can replace the “your_server_ip” with your domain name or the IP that provided by your ISP (or say, the real IP).

Updated on 2008-AUG-13 :
Someone complained that the Torrentflux with Bittornado eats a lot of CPU resources. I confirmed that it is. I am looking for an alternative solution – BitTornado (backend) and Torrentflux-b4rt (front end). The title for the tutorial is at HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part IV (a).

HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part III

Now, your Samba file server is up and working. It is high time to configure the vsFTP server. Anonymous users can download your file from your FTP server but they cannot upload and change anything in it. Local users can access their local home directories (read and write) by using FTP client, e.g. Filezilla or gFTP.

vsFTP

Edit the file at /etc/vsftpd.conf :
sudo nano /etc/vsftpd.conf

Uncomment and change the following lines (removes the “#”in front of the entry) :
anonymous_enable=YES
local_enable=YES
write_enable=YES
data_connection_timeout=120
chroot_local_user=YES

If you are behind a router or firewall, you need to add the following lines at the end of the file :
pasv_enable=YES
pasv_promiscuous=YES
pasv_min_port=50000
pasv_max_port=50100
pasv_address=192.168.0.15

Change the ports 50000-50100 at your desire and add this port range to the router’s port forwarding section or virtual server section. The pasv_address should be the IP address of your server (yours may different from me).

Remember to forward port 20 and 21 out at your router.

Anonymous users can download files from /home/ftp and you can put some files there for them to download.

To restart your vsFTPd :
sudo /etc/init.d/vsftpd restart

HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part II

Here comes the software installation. The first thing is to install the operating system – Ubuntu 8.04.1 Server Edition. The installation is quiet straight forward and you should choose LAMP, OpenSSH and Samba (Print server is optional) during the installation. Use a more complicate but easy to remember password as the user password and MySQL password. I use same password for them. Please write it down and you will need it later and forever.

Once installed, you can install vsFTPd and Fail2Ban. BitTorrent feature will be discuss later.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install vsftpd fail2ban

Samba
The Samba is already installed and you are required to configure it to make it work. I will make the Samba working in this way : Every user has it owned home directory and every user can access to a public directory for sharing document and files.

sudo nano /etc/samba/smb.conf

To add the following lines to the [global] section :
# If you need to access Big5 filename, it is required; otherwise it is optional.
dos charset = cp950

To add the following lines to the [global] section also :
hosts allow = 127.0.0.1 192.168.0.0/24 192.168.10.0/24
hosts deny = 0.0.0.0/0

At Authentication part, uncomment the “; security = user” to read as “security = user

Go to [homes] section and add the following lines to it :
[homes]
comment = Home Directories
path = /home/%S
browseable = yes
read only = no
create mask = 0664
directory mask = 0664
valid users = %S

Add the following lines to the end of the file :
[public]
comment = Share to all
path = /home/public
browseable = yes
read only = no
create mask = 0664
directory mask = 0664
valid users = samiux,john,mary
admin users = samiux

To reload the configuration of your Samba server :
sudo /etc/init.d/samba reload

where “admin users = samiux”may be different from you.

Then made a “public” directory at /home :
sudo mkdir /home/public
chgrp users /home/public
chmod 0777 -R /home/public

Now, create normal users as Samba users. Only the users exist in the server can use the Samba.

sudo adduser john
sudo adduser mary

You can access the Samba at Windows system in this way :

Go to your home directory :
\\192.168.0.15\samiux

Go to the public directory :
\\192.168.0.15\public

* your IP address may be different from me

Beware that all home user directories and public directory are writable. Users can add or delete files therein. The home directory owners cannot read and writable another home user directories.

By the way, you can also access the Samba file server on your Ubuntu desktop.

We will discuss how to configure vsFTPd in next part.

HOWTO : Home made NAS server with Ubuntu 8.04.1 – Part I

There are many NAS for home users in the market, such as Synology, Qnap, LinkStation and etc. They are not in good performance and not cheap in price. However, they are good in less power consumption. It is because I owned not only one brand of such products at home now.

Recently, I bought a VIA PC-1 PC2500E motherboard, which has VIA C7-D 1.5GHz CPU on board. It is cheap in price and use less power too. The maximum amount of RAM is 2 GB.

Testing it with Ubuntu 8.04.1 Desktop version for a while, I am very satisfied with the performance of the CPU, although it is not quiet fast indeed. I decided to build a home made NAS server with remote BitTorrent function.

Hardware
Motherboard – VIA PC-1 PC2500E with VIA C7-D 1.5GHz CPU
RAM – 2 X 1GB DDR2 667MHz (maximum)
Hard drive – 300GB Seagate SATA (The motherboard treats it as ATA drive)
Router – Planet WRT-401E (wired) (optional)

Software
Operating system – Ubuntu 8.04.1 Server Edition
File server – Samba
FTP server – vsFTPd
Remote access – OpenSSH
Web Server – Apache, PHP and MySQL
Remote BitTorrent – TorrentFlux (front-end) and BitTornado (back-end)
Security software – Fail2Ban

The performance of the Samba is quiet good and it can stream the video clips. You can remote control the server with OpenSSH and also can remote the BitTorrent anywhere.

I do not choose the GUI interface for server maintenance as it is not required after the server has been set up. I use command line mode indeed.

The server needs some fine tune for better performance and I will tell you how. The installation of the softwares is in Part II.