When people set up these NAS's, how are they accessing the files? NFS? SFTP?
And how are you accessing it when away from home? A VPN that you're permanently connected to? Is there a good way to do NAT hole-punching?
Syncthing kind of does what I want, in that it lets all my computers sync the same files no matter what network they're on, but it insists on always copying all the files ("syncing") whereas I just want them stored on the NAS but accessible everywhere.
Nextcloud kind of does what I want but when I tried it before it struck me as flaky and unreliable, and seemed to do a load of stuff I don't want or need.
- On mine I use NFS and SMB which covers most possible clients.
- I use an ssh bastion that I expose via Tailscale to connect to mine remotely. So a VPN but it's wireguard based so it's not too intrusive. I have a gig up, though, YMMV.
- My NAS has 28TB of space. I'm still working on backup strategy. So far it just has my Dropbox and some ephemera I don't care about losing on it.
- Regarding other services: I use Dropbox pretty extensively but these days 2TB just isn't very much. Plus it gets cranky because I have more than 500,000 files in it.
This is my personal setup but I think it's a bit different for everyone.
glinet routers are amazing, but their file sharing lacks authentication sadly (well, mine does, at least). So anyone getting access to you network also gets access to your files.
It's mostly fine, until one of you devices gets compromised. Then it's not fine at all anymore.
Wow! What kind of data are you generating that 2TB ‘just isn’t very much’? (Video editing?) All my personal files take up around 10GB in my Google Drive.
One example: If you take picture with a decent camera in raw format, your storage gets filled ridiculously fast. A short travel with a mere 200 pictures can easily be like 25M*200=5G. Another example: if you're doing any kind of AI training (especially picture based), the training materials can easily amount to many terrabytes.
Google takeout of my personal pictures from Google photos takes 600gb+ alone. And I'm not avid picture taker (that's the archive since 2000s, I did upload a lot of my old dslr photos to google photos when it was unlimited). I guess if people make more personal videos, they will use more space easily
Synology does all that.
I run two one at home one at the office, my only complaint is that it’s a bit “idiot proof”… both other times the web based GUIi is great. Also has free software that punches through NAT and dynamic IPs works great (quickconnect.to)
I use sftp, media server, primarily
I second that wholeheartedly, and I also run two 19" Synology NAS units, one at home and one at the office. All smooth sailing so far.
A colleague uses a QNAP instead, which he claims is better price/storage ratio at the expense of lesser software usability, and I'm okay paying a bit more of my own money (at home) as well as taxpayers' money (at work) on better usability, because it will likely pay off by saving time in the long run, as I currently don't have a dedicated sysadmin in my team.
The only question mark to date was when installing with non-Synology (enterprise SSD) drives I got a warning that mine were not "vendor sourced" devices, and decided not to take any risk and replace all drives with "original" Synology ones just because I can. This may be just disinformation from Synology to make their own customers nervous, and it reminds me of the "only HP toner in HP laser printers" discussion, but it would have been a distraction to investigate further, and my time is more valuable than simply replacing all drives.
Syncthing for a small collection of files I want available from all my machines - commonly used documents, photos, stuff I want quickly backed up or synced automatically.
Samba for my long term mostly-read rarely-write storage with larger files, ISOs, etc.
Same here. I have wireguard vpn for the few times i need it to tunnel my traffic through home or need to access larger files not sync’ed with syncthing.
My nas is a Synology. Vpn is also used so that i can continue sending timemachine backups back home when i’m traveling.
I usually just use SMB shares within my LAN. It serves my modest needs. I have used WebDAV or FTP in the past. Depends on the specific use. Away from home, VPN is essential. Too risky to just forward ports these days.
An easy solution for the VPN part would be Zerotier / Tailscale. IIRC Zerotier uses chacha20 for encryption which is faster than AES, especially for a power-strapped SBC.
For added security I limit my home ssh access to a handful of trusted IPs including my cloud VM. Then I set up an ssh tunnel from my hotel through the cloud VM to home. The cloud VM never sees my password / key
Its worth keeping this (from their readme) in mind though:
> However, at present SSHFS does not have any active, regular contributors, and there are a number of known issues (see the bugtracker).
Not that it is unusable or anything, it is still in widespread use, but I'd guess many assume it to be part of openssh and maintained with it, when it isn't.
An interesting alternative might be https://rclone.org/, which can speak SFTP and can mount all (of the many) protocols it speaks.
I used samba, it's supported everywhere. I also served files with HTTP server which might be convenient way for some use-cases. I also generated simple HTML-s with <video> which allowed me to easily view movies on my TV without all that nonsense.
My router has public IP so I didn't have any problems reaching it from the outside, so any VPN could work. Another approach is to rent some cheap VPS and use it as a bastion VPN server, connecting both home network and roadwarrior laptop.
No idea about any "integrated" solutions, I prefer simple solutions, so I just used ordinary RHEL with ordinary apache, etc.
Also I use SonicWall VPN to connect to my house to be in the network so it covers most of it. I also use Synology QuickConnect if I need to use the browser without VPN which also covers most urgent needs. Haven't failed me over a decade and my NAS also syncs with Synology C2 cloud which is also another peace of mind. I know it might sound unsafe a little having files stored on the cloud but it is what it is.
I won't play with half-baked library dependent homebrew solutions which cost way more time and cause headache more than commercial solutions. I won't open ports and forget them later either.
Seafile + Samba + OpenVPN is my stack. I use Seafile for a dropbox style file sync on my devices, and Samba for direct access. OpenVPN for remote access on all devices. Works quite well.
I’d replace OpenVPN with WireGuard at this point - WireGuard is a lot faster and the client software is pretty good. All of my Apple devices are set up to use VPN 100% of the time automatically if I’m not on home WiFi.
When you install WireGuard client, there's "On Demand" option there that you can enable. That option has two additional settings - it can turn WireGuard only for a particular list of SSIDs, or it can _not_ turn it on for a particular list of SSIDs. So you just add the SSID of your home WiFi to the list for which WireGuard will not be turned on. On macOS client there is an identical option. This works really well.
Tailscale works perfectly for remote access, I do "backups" with rsync over VPN nightly to an offsite location.
Syncthing over Tailscale is running smoothly too, it doesn't matter where my machines move, they find each other using the same internal address every time.
I have a (completely overkill) Ubiquiti Dream Wall that lets me VPN in using WireGuard. I do have a Raspberry Pi that runs (among other stuff) a script to ping a service on hosted server that keeps a dns entry updated in case my IP address changes, although that's rare.
I built the service to keep the dns entry updated myself, so I'm sure it's not as secure as it could be, but it only accepts pings via https and it only works if the body of the POST contains a guid that is mapped to the dns entry I want it to update.
IIRC they have improved the free plan over time, and even mailed users suggesting the relaxed limits might enable moving from paid to free tier [1].
I barely use my tailnet now, might have more of a case for it later, but they are near the top of my "wishing you success but please don't get acquired by a company that will ruin it" list.
Depending on the make and model - I've got a Synology NAS box and can't recommend them enough.
RAID support, NFS/SFTP/Samba support, a nice Web UI to set up access and configure sharing, and even the ability to enable sharing outside your own NAT.
Depends on what you need. I have a NAS with syncthing, and it's a combination.
- I use a lot of different folders within syncthing, and different machines have different combinations to save space where they aren't needed; the NAS has all of them.
- on the LAN, sshfs is a resilient-but-slower alternative to NFS. If I reboot my NAS, sshfs doesn't care & reconnects without complaint...last time I tried to use it, NFS locked up the entire client.
- zerotier + sshfs is workable-but-slow in remote scenarios
Note I'm mostly trying to write code remotely. If you're trying to watch videos....uh, good luck.
And how are you accessing it when away from home? A VPN that you're permanently connected to? Is there a good way to do NAT hole-punching?
Syncthing kind of does what I want, in that it lets all my computers sync the same files no matter what network they're on, but it insists on always copying all the files ("syncing") whereas I just want them stored on the NAS but accessible everywhere.
Nextcloud kind of does what I want but when I tried it before it struck me as flaky and unreliable, and seemed to do a load of stuff I don't want or need.