RoE | Wiki

User Tools

Site Tools

Trace:
servers:nextpvr

This is an old revision of the document!

Table of Contents

Information

  • NextPVR 1)
  • :!: This is all TODO

Prerequisites

Dependencies

wget -O '/tmp/nextpvr-helper.deb' 'https://nextpvr.com/nextpvr-helper.deb' && sudo dpkg --install '/tmp/nextpvr-helper.deb'
sudo apt install -f && rm '/tmp/nextpvr-helper.deb' && sync

Firewall

  • 21/tcp is FTP
/usr/lib/firewalld/services/ftp.xml
sudo firewall-cmd --permanent --add-service='ftp' && sudo firewall-cmd --reload

SELinux

sudo setsebool -P 'allow_ftpd_anon_write=1'

Service

sudo systemctl enable 'vsftpd' --now

Settings

General

  • :!: Change local_root depending on how the drive gets mounted 2)
sudo -e '/etc/vsftpd/vsftpd.conf' && sudo systemctl restart 'vsftpd'
# Custom
local_root=/var/ftp/nas1/espionage724

Encryption Support

Generate Certs

  • Country: US
  • State: PA
  • Locality: Charleroi
  • Org Name: Realm of Espionage
  • Org Unit: NAS
  • YOUR Name: x
  • Email: x
sudo openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout '/etc/ssl/certs/vsftpd.pem' -out '/etc/ssl/certs/vsftpd.pem' && sudo chmod '600' '/etc/ssl/certs/vsftpd.pem'

Enable Encryption

  • :!: ssl_ciphers can be set to HIGH or any supported OpenSSL cipher, but the higher the cipher, the higher the performance hit 3)
sudo -e '/etc/vsftpd.conf'
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=YES

ssl_ciphers=AES128-SHA
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_private_key_file=/etc/ssl/certs/vsftpd.pem

fstab

PARTUUID

  • Expects the NAS drive to be GPT
sudo blkid

fstab

  • :!: Change the x in PARTLABEL=
  • :!: This expects 1 drive each with a XFS partition
sudo mkdir -p '/var/ftp/nas1' && sudo -e '/etc/fstab'
# NAS
PARTUUID=x /var/ftp/nas1 xfs rw,relatime,attr2,inode64,noquota 0 2
sudo mount --all

Permissions

Files

  • :!: Verify the group name with the groups command 4)
sudo chown -R 'espionage724':'espionage724' '/var/ftp/nas'* && sync

SELinux

sudo semanage fcontext --deleteall "/var/ftp/nas1(/.*)?"
sudo semanage fcontext --add --type 'public_content_rw_t' "/var/ftp/nas1(/.*)?"
sudo restorecon -R -v '/var/ftp/nas1' && sync
1)
https://www.nextpvr.com/
2)
somehow ended up as nas2 in one install
3)
specifically on Oak with a Phenom II X4, HIGH caps around 60-70MB/s, whereas AES128-SHA is 70-80MB/s, and no encryption is 100-110MB/s
4)
in openSUSE it's users and Ubuntu is the username typically
/var/www/wiki/data/attic/servers/nextpvr.1571765551.txt.gz ยท Last modified: 2019/10/22 13:32 by Sean Rhone