The last few years of using my QNAPs have been great. QNAP isn’t perfect but it is a good, quiet, Linux-ish platform for serving up files. Since some of my family are buying their own, I thought I would document some of the settings I commonly change:<\/p>\n
On top of this I configure my own key-based (passwordless) VPN, and then setup individual backup jobs in the backup station. I describe how to set up password-less VPN in a previous post<\/a>. Each job connects to my backup QNAP over the VPN. I enable encryption, and also have the job apply custom permissions (be sure Advanced Permissions is enabled on the other QNAP!). I have each job auto-sync on a schedule. <\/p>\n Note: I don’t use RTRR, even though it seems cool, because it doesn’t fit my workflow – i don’t want the QNAP auto-sycning live, as it would eat up too much bandwidth – im ok with a nightly sync. Plus I have no idea what RTRR uses as a protocol – and I am doubtful whatever it is really is superior to rsync (not that I am incredulous, but if it is QNAP sure is keeping it a secret).<\/p>\n Note2: On the destination QNAP I go into the Backup station and enable the rsync server – but only the middle checkbox (you dont need to enable the one that makes you enter a username and password). Once enabled, you can create a user, or just use admin, then on the source QNAP just use that users credentials to enable the rsync. <\/p>\n Note3: I don’t use myqnapcloud. It is a nice service, but since I have my own VPN I can access my QNAPs just as if I were at home. <\/p>\n Note4: In terms of extra apps I get by with simply installing the HDStation and the CodexPack to enable HW-accelerated transcoding. I also use virtualization station so I can run a few “real” linux VMs on the QNAP. I’ve been very interested in container station, but as yet havent got it to work.<\/p>\n Note5: Be sure you run nessus, or nmap, to get a good profile of any vulerabilities on your QNAP. I found a few ports, like 631, that absolutely did not need to be open; in some cases I found a service that was configured but that I didn’t need, so i shut it down. Sadly in the ipp (631) case, I could find no way to shut it down.<\/p>\n Note6: If you want to do your own version of qsync, I just setup password-less logins from all the sync “sources”, then create a directory (or set of directories) I want to sync. I wrote a single script to sync these folders, something like:<\/p>\n You can put this script, call it backupMac.sh (or whatever), in your \/local\/path\/syncToNas to be sure your script, and your local files, are synced. Your crontab would then just be something like:<\/p>\n Of course this only works on Mac and Linux; for windows maybe you go ahead and use qsync.<\/p>\n","protected":false},"excerpt":{"rendered":" The last few years of using my QNAPs have been great. QNAP isn’t perfect but it is a good, quiet, Linux-ish platform for serving up files. Since some of my family are buying their own, I thought I would document some of the settings I commonly change: General: I force HTTPS (its silly and unsecure … Continue reading Good Settings for QNAP<\/span> \r\n#!\/bin\/bash\r\n# Backup docs\r\nrsync -auvhP \/local\/path\/syncToNas\/* admin@qnap1:\/share\/CE_CACHEDEV2_DATA\/DocShare\/mac\r\n# Backup passwords\r\nrsync -auvhP \/local\/path\/.password-store admin@qnap1:\/share\/CE_CACHEDEV2_DATA\/DocShare\/passwords\/\r\n<\/pre>\n
\r\n* * * * * \/local\/path\/syncToNas\/backupMac.sh 2>&1 > \/dev\/null\r\n<\/pre>\n