Differences

This shows you the differences between two versions of the page.

--- esxi:xpenology [2020/04/25 15:28]
derek
+++ esxi:xpenology [2024/09/22 19:51] (current)
@@ Line 8: / Line 8: @@
     * Change ''DiskIdxMap=0C SataPortMap=1'' to ''DiskIdxMap=0C0001 SataPortMap=11'' in the set sata_args line in grub.cfg (This limits the two esxi sata controllers to one disk each)
     * Add another sata controller
-    * Add a small (20GB? depending on which/how many packages one wants) drive
+    * Add a 20GB drive (size depending on which/how many packages one wants)
+    * Add a USB3 controller
+    * Add the UPS as a USB device
   * Follow https://xpenology.com/forum/topic/13061-tutorial-install-dsm-62-on-esxi-67
   * Create a Storage Pool for the small ESXI virtual drive
@@ Line 15: / Line 17: @@
   * Create a BTRFS volume on the second storage pool
   * Follow https://xpenology.com/forum/topic/12391-nvme-optimization-baremetal-to-esxi-report
-  * Install all packages to the ext4 NVMe volume for speed
+  * (Install all packages to the ext4 NVMe volume for speed)
   * Install the open-vm-tools package
-  * Set up ''File Services''
+  *
-  * Set up ''Notifications''
+  * ''Control Panel'':
-  * Add Users
+    * ''Notifications'':
+      * FIXME: setup email
+    * ''File Services'':
+      * ''SMB'' > ''Advanced Settings'':
+        * ''Allow symbolic links within shared folders''
+        * ''Allow symbolic links across shared folders''
+        * Disable ''Apply default UNIX permissions'' (It sets 744/755 instead of 777 for permissions)
+        * FIXME
+    * ''Shared Folder'':
+      * Always use the same compression setting for all the shares, preferably enabled (See [[#Notes]])
+      * FIXME
+    * ''Group'':
+      * ''Create'' the following groups:
+        * ''people'' with access to the shares that all the non-Application user accounts should have access to, and the other options left as default
+        * ''family'' with access to shares restricted to family and the other options left as default
+        * ''limited'' with the options left as default, except denying access to all applications
+    * ''User'':
+      * ''Create user'' for all the desired people and Applications/VMs that need access
+      * People:
+          * Enter their first name as the user name
+          * Optionally ''Send a notification email'' and enter the user's email address
+          * Enter a temporary password to be given to the user and will be required to be changed when the user first logs on
+        * Add the user to ''people'' and any other desired groups
+        * Assign any permissions to individual shares that aren't defined by the groups already
+      * Applications:
+        * Temporarily disable ''Force users to change password after the administrator resets the password'' under ''Advanced'' while making these accounts
+          * Use the application/use name as the user name
+          * Add a description describing the planned use of the account
+          * Use a [[https://www.lastpass.com/password-generator|Password Generator]] to generate a random password, remember to save this temporarily until it has been entered into the app
+          * Deselect ''Send a notification email''
+          * Enable ''Disallow the user to change account password''
+        * Add the user to the limited group
+        * Assign any permissions required for the application
+      * Re-enable ''Force users to change password after the administrator resets the password'' under ''Advanced''
+    * ''Security'':
+      * ''Security'' > ''Trusted Proxies'' > ''Add'' > Enter the IP address of the Caddy reverse proxy server
   *
   * Enable and change SSH port to 50001
+  *
   * FIXME: Add other stuff...
   * Shut down and create a snapshot in ESXI then start the VM again
+  * Set up symlinks (See [[#Notes]]):
+    * Connect to the VM using SSH on port 50001
+    * Check which volume the shares are on
+    * Create the symlinks to ''Video'' and ''Music'' in the ''Downloads'' share
+    * ''ln -s /volume1/Video /volume1/Downloads/''
+    * ''ln -s /volume1/Music /volume1/Downloads/''
 ====Update====
@@ Line 43: / Line 88: @@
     * Click on each of the packages if you want to check the changelogs
     * Either click ''Update All'' or ''Update'' each package individually
+====Notes====
+Moving/Copying between shares that have different file compression settings will not use the quick reflink move/copy, but instead will have to re-write the file even though it is on the same volume. Therefore, if shares are likely to have files copied between them it is recommended to ensure they both have compression enabled or disabled. Since the performance cost is minor, I would recommend keeping it enabled for all shares unless you know a share will almost entirely contain already compressed files and isn't likely to transfer between shares.
+Transfers between shared folders even on the same server is slow because it transfers through the client over the network; this is an issue for things like video downloading and transferring to the video share automatically.
+SMB server-side-copy is only for within a share. NFS 4.2 and Linux kernel 5.5 support NFS server-side-copy between shares/severs, though even Debian 10 doesn't use kernel 5 yet. Even then, I'm unsure whether it supports reflink moves/copies.
+The solution I am choosing is to use symlinks with SMB. This requires enabling ''Allow symbolic links within shared folders'' and ''Allow symbolic links across shared folders''. And I'll only be using SMB until the NFS server-side-copy is widely supported.

Guides

User Tools

Site Tools

Differences

Page Tools