RoE | Wiki

User Tools

Site Tools

Trace:
servers:nextpvr

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Last revisionBoth sides next revision
servers:nextpvr [2019/10/22 13:32] – [Dependencies] Sean Rhoneservers:nextpvr [2019/11/15 17:02] Sean Rhone
Line 18: Line 18:
   sudo apt install -f && rm '/tmp/nextpvr-helper.deb' && sync   sudo apt install -f && rm '/tmp/nextpvr-helper.deb' && sync
  
-====== Firewall ======+====== Quick Notes ======
  
-  * 21/tcp is FTP+libdvbv5-0 dtv-scan-tables
  
-  /usr/lib/firewalld/services/ftp.xml +https://forums.nextpvr.com/showthread.php?tid=59576&pid=528633#pid528633
- +
-  sudo firewall-cmd --permanent --add-service='ftp' && sudo firewall-cmd --reload +
- +
-====== SELinux ====== +
- +
-**** +
- +
-  sudo setsebool -P 'allow_ftpd_anon_write=1' +
- +
-====== Service ====== +
- +
-**** +
- +
-  sudo systemctl enable 'vsftpd' --now +
- +
-====== Settings ====== +
- +
-===== General ===== +
- +
-  * :!Change ''local_root'' depending on how the drive gets mounted ((somehow ended up as ''nas2'' in one install)) +
- +
-  sudo -e '/etc/vsftpd/vsftpd.conf' && sudo systemctl restart 'vsftpd' +
- +
-<code> +
-# Custom +
-local_root=/var/ftp/nas1/espionage724</code> +
- +
-===== Encryption Support ===== +
- +
-==== Generate Certs ==== +
- +
-  * Country: US +
-  * State: PA +
-  * Locality: Charleroi +
-  * Org Name: Realm of Espionage +
-  * Org Unit: NAS +
-  * YOUR Name: x +
-  * Email: x +
- +
-  sudo openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout '/etc/ssl/certs/vsftpd.pem' -out '/etc/ssl/certs/vsftpd.pem' && sudo chmod '600' '/etc/ssl/certs/vsftpd.pem' +
- +
-==== Enable Encryption ==== +
- +
-  * :!: ''ssl_ciphers'' can be set to ''HIGH'' or any supported OpenSSL cipher, but the higher the cipher, the higher the performance hit ((specifically on Oak with a Phenom II X4, ''HIGH'' caps around 60-70MB/s, whereas ''AES128-SHA'' is 70-80MB/s, and no encryption is 100-110MB/s)) +
- +
-  sudo -e '/etc/vsftpd.conf' +
- +
-  ssl_enable=YES +
-  allow_anon_ssl=NO +
-  force_local_data_ssl=YES +
-  force_local_logins_ssl=YES +
-  require_ssl_reuse=YES +
-   +
-  ssl_ciphers=AES128-SHA +
-  ssl_tlsv1=YES +
-  ssl_sslv2=NO +
-  ssl_sslv3=NO +
-   +
-  rsa_cert_file=/etc/ssl/certs/vsftpd.pem +
-  rsa_private_key_file=/etc/ssl/certs/vsftpd.pem +
- +
-====== fstab ====== +
- +
-===== PARTUUID ===== +
- +
-  * Expects the NAS drive to be GPT +
- +
-  sudo blkid +
- +
-===== fstab ===== +
- +
-  * :!: Change the ''x'' in ''PARTLABEL='' +
-  * :!: This expects 1 drive each with a XFS partition +
- +
-  sudo mkdir -p '/var/ftp/nas1' && sudo -e '/etc/fstab' +
- +
-<code> +
-NAS +
-PARTUUID=x /var/ftp/nas1 xfs rw,relatime,attr2,inode64,noquota 0 2</code> +
- +
-  sudo mount --all +
- +
-====== Permissions ====== +
- +
-===== Files ===== +
- +
-  * :!: Verify the group name with the ''groups'' command ((in openSUSE it's ''users'' and Ubuntu is the username typically)) +
- +
-  sudo chown -R 'espionage724':'espionage724' '/var/ftp/nas'* && sync +
- +
-===== SELinux ===== +
- +
-  sudo semanage fcontext --deleteall "/var/ftp/nas1(/.*)?" +
- +
-  sudo semanage fcontext --add --type 'public_content_rw_t' "/var/ftp/nas1(/.*)?" +
- +
-  sudo restorecon -R -v '/var/ftp/nas1' && sync+