So I wanted to buy a NAS that can act as a time capsule for Apple computers and run a proper Linux at the same time. I also wanted to be able to run the occasional Windows or Linux VM and I wanted to have a lot of storage. As I knew the thing was going to be in our coworking space, it also needed to have disk encryption.
Here’s how I built this for just under €500.00 using standard components and free open source software.
Selecting the hardware components
The N36L (which I bought) comes with a single 250GB hard drive which obviously did not meet my “a lot of storage” requirement. So I bought 4 identical Seagate Barracuda Green 2000GB SATA drives which would add another €229.92 to the bill if you bought them today. I am not an expert in hard drives, but the Seagate Barracuda brand was familiar and “Green” sounds good as well.
If you don’t want your new server to host virtual machines at some point, you can probably get out your credit card and check out right now. If you’re like me though, you’d add another 2 bars of 4GB Kingston ValueRAM PC3-10667U CL9 (DDR3-1333) to your cart. The two of them together are just €44.24, so it’s no big deal anyways.
All components together will set you off €484.06. The rest is based on open source software (Debian mostly) which is free as in beer. More about that after the break.
I won’t explain how to actually assemble the components. Please read the manuals if you’ve never installed RAM or a hard drive. It’s pretty easy anyways. The HP even comes with screws and a sort of screw driver which can both be found in the inner side of the hard drive door.
Installing the base system
Now, I want my servers to run a proper operating system, so I went for Debian. You can most probably use Ubuntu or CentOS and get the same results. It’s just a matter of taste, I guess. To get things going, I downloaded a small image from debian.org, put it on a USB drive and booted up the HP.
For the most part, the installation is pretty straight forward. You can set up everything from within the Debian installer. There are a couple of small gotchas to consider though:
- You’re going to need a very small (1MB should be largely enough) primary partition at the beginning of all disks. In order to handle the large 2TB disks, Debian is going to use GPT which in turn relies on that tiny partition.
- We’re going to encrypt the entire drive in order for your box to be really secure. As far as I know, Debian cannot boot from an encrypted partition, so you’ll need a small partition for the
/bootfilesystem. Personally, I’ve put that one on a RAID1 array, so I don’t need to worry about rebooting the machine in case of a disk failure.
- I remember having had a hard time booting from disk for the first time. For some reason, I had to set the proper boot device in the BIOS to make things work. Your mileage may vary.
- The HP has an on-board RAID controller. Usually, I am more comfortable with things I can fully control, so I went for software RAID which is built-in in Debian. Things might be a bit more performant using the hardware controller and you might still get the same level of robustness and security. I just didn’t use it, so keep that in mind when reading my instructions.
Step by Step
So, basically, here’s what you need to do to get your Debian up and running on your new box:
- On each drive, create the small (~ 1MB) GPT partition and flag it
- Again on each drive, create another slightly larger (~100MB) partition and flag it
- Then, still on each drive, create a large (~2TB) partition taking up all the remaining space and flag it
- Now, set up a RAID1 using the four smaller 100MB partitions, should be called
- Then, set up a RAID5 using the four large 2TB partitions, should be called
- Next, set up a crypted partition on top of the RAID5 (
/dev/md1), should be called
- I recommend using LVM, so next, set up a physical volume on the crypted partition (
md1_crypt) using up all its space.
- Now, create a number of logical volumes. I’d recommend to set up one each for the usual suspects
/optat least, but again, your mileage may vary. The nice thing about LVM is that you can add and change logical volumes at any time.
- Finally set the moint point of
/bootto your RAID1 (
/dev/md0) and continue the installation. I’ll leave the package selection entirely up to you. Usually, I like to install a bare minimum during setup and get more stuff as I need it later on.
- If everything went well, your new HP should boot up a couple of minutes later, asking for the password for your crypted disk and present you with the initial login prompt.
- I usually start by installing
sudowhich enables me to do everything else from my own workstation. But you can continue the setup in your closet or wherever your HP sits, no problem.
Disclaimer: The following is based on a great article by Chris Boot. I read it there first.
Enabling Time Machine support is actually much easier than I first thought and it doesn’t even require serious hacking, compiling or even using non-standard repositories if you’re on Debian. Here’s what you have to do:
- If you plan on using Time Machine with Lion, you’ll need a newer version of
netatalkthan is currently available in Debian Squeeze, so you’ll have to add Wheezy to your
/etc/apt/sources.list. Edit the file and add the following lines at the bottom:
# testing deb http://ftp2.de.debian.org/debian/ wheezy main deb-src http://ftp2.de.debian.org/debian/ wheezy main deb http://security.debian.org/ wheezy/updates main deb-src http://security.debian.org/ wheezy/updates main
- Also create a file called
/etc/apt/preferences.d/00pinningand add the following lines:
Package: * Pin: release a=stable Pin-Priority: 700 Package: * Pin: release a=testing Pin-Priority: 650
- Get Netatalk and Avahi using apt:
apt-get update ; apt-get install -t wheezy netatalk avahi-daemon
- In order to export a share using Netatalk, edit
/etc/netatalk/AppleVolumes.defaultand add a line that reads
/srv/timemachine "Time Machine" options:tmand be sure to create
/srv/timemachineor change it to something you want to use as a location for your shared folder.
- Next, edit the file
- -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so -savepassword -nodebug -iconat the bottom. It will configure netatalk to use the authentication methods required by Lion and some other stuff I found useful.
- Now, doing a
/etc/init.d/netatalk restartis actually already enough to export the folder using AFP ready for Time Machine goodness.
- However, if you’re an Apple user you probably want to see your new server in the finder instead of just accessing it via its IP address. Enter Avahi. Create the file
/etc/avahi/services/afpd.serviceand paste the following code:
<?xml version="1.0" standalone='no'?><!--*-nxml-*--> <!DOCTYPE service-group SYSTEM "avahi-service.dtd"> <service-group> <name replace-wildcards="yes">%h</name> <service> <type>_afpovertcp._tcp</type> <port>548</port> </service> <service> <type>_device-info._tcp</type> <port>0</port> <txt-record>model=Xserve</txt-record> </service> <service> <type>_adisk._tcp</type> <port>9</port> <txt-record>sys=waMA=YOUR-MAC-ADDRESS,adVF=0x100</txt-record> <txt-record>dk0=adVF=0x83,adVN=Time Machine</txt-record> </service> </service-group>
Be sure to replace
YOUR-MAC-ADDRESSwith the actual MAC address of your HP box and to use the same string for
Time Machineas you used in
And that’s it. Your Mac computers should start seeing your HP box and you should be able to use it as a time capsule for your wireless backups.
Please note: I wrote this guide a couple of weeks after I set this up at the LAUNCH/CO office. So most stuff is from memory. If you find any mistakes or happen to get stuck somewhere in the process, please leave a comment and I’ll try to help.
Update: You may have noticed that your shiny new DIY time capsule has stopped working since you upgraded your Macs to Lion. This blog post looks promising – I will check it out and update this post as soon as I find the time.
Update 2: If you have set up your N36L using these instructions before August 13th, 2011, your box won’t work with OS X Lion. I have just upgraded the instructions to use the latest version of
netatalk. You should be able to make Time Machine support work again by following the new AFP and Apple Time Machine instructions adapting your existing config.
Update 3: After almost exactly 3 years running 24×7, two of the Barracuda drives failed at nearly the same time, rendering the RAID 5 unaccessible and losing all data. Fortunately, the machine was only used for backups, so no big deal. @meineerde recommended a Backblaze article that has some nice statistically relevant insight. Turns out, the Barracudas were a bad choice. Also, ordering them all from the same supplier probably meant receiving drives from the same production batch which again increases the chance of them dying at the same time. So now we’re replacing the drives with 4 Western Digital WD20EFRX Red 2TB, ordered from 4 different Amazon merchants. Next update hopefully coming in 3+ years 🙂 (N.b. the price for the 4 WD’s was €366 – which is significantly more than the initial 4 drives I bought)