Netgear ReadyNAS 316
Links
- http://support.netgear.com/product/RN31600
- http://support.netgear.com/product/ReadyNAS-OS6
- http://www.netgear.com/business/products/storage/readynas/readynas-desktop.aspx
- http://www.readynas.com/
- X-RAID
- ReadyNAS Developer’s Corner
- ReadyNAS Downloads
- X-Raid calculator
General
Initial login: admin/password
If SSH activated, root has same pwd as admin.
Update FW Alerts:
- Email: recipient email
- Advanced settings/SMTP Server: can be 127.0.0.1 if you've installed Exim (see below)
- Advanced settings/From: sender email
- Then don't forget to "Apply" after having sent successfully a test message
(since reinstall with 6.2.2, sending test message failed but still I received the test mail...)
Certificat HTTPS
To change it, cf http://readynas.sphardy.com/2010/10/installing-ssl-certificate-on-your_7476.html
- Create directory /etc/frontview/apache/addons/
- Copy CACert root cert (PEM format) in /etc/frontview/apache/addons/root.crt
- Copy CACert intermediate cert (PEM format) in /etc/frontview/apache/addons/class3.crt
- Merge your RSA cert & key in a single PEM file and replace /etc/frontview/apache/apache.pem by yours
- Avoid frontview or fw updates to overwrite it (not sure if it could harm fw upgrade...):
chattr +i /etc/frontview/apache/apache.pem
- Create a file /etc/frontview/apache/addons/ssl.conf with
SSLCACertificateFile /etc/frontview/apache/addons/root.crt SSLCertificateChainFile /etc/frontview/apache/addons/class3.crt
- Tell Apache to reload its config
killall -HUP apache2
hosts
Complete /etc/hosts
Debian
System is a Debian Wheezy
Edit /etc/apt/sources.list and add non-free:
deb http://mirrors.kernel.org/debian wheezy main non-free apt-get update apt-get install dialog apt-get install mc screen binutils sshfs pv netcat encfs man python htop iotop p7zip p7zip-full unrar git
What is not available:
- luks? missing some support in kernel?
apt-get install exim4 bsd-mailx dpkg-reconfigure exim4-config
3. mail sent by smarthost; no local mail System mail name: yobi.be IP-addresses to listen on for incoming SMTP connections: 127.0.0.1 Other destinations for which mail is accepted: Visible domain name for local users: yobi.be IP address or host name of the outgoing smarthost: smtp.isp.xxx Keep number of DNS-queries minimal (Dial-on-Demand)? n Split configuration into small files? y Root and postmaster mail recipient: phil
Complete /etc/email-addresses
backuppc (old)
apt-get install backuppc libfile-rsyncp-perl libio-dirent-perl
Small issue because Apache is not running as the usual www-data but admin user:
chgrp admin /etc/backuppc/* chgrp admin /usr/lib/backuppc/cgi-bin/index.cgi chmod u+s /usr/lib/backuppc/cgi-bin/index.cgi
Set backuppc password:
htpasswd /etc/backuppc/htpasswd backuppc
Move pool to the big partition, preserving hard links
/etc/init.d/backuppc stop cp -a /var/lib/backuppc /home rm -rf /var/lib/backuppc ln -s /home/backuppc /var/lib/backuppc /etc/init.d/backuppc start
If you want to encrypt backup pool, you can alternatively do:
/etc/init.d/backuppc stop cp -a /var/lib/backuppc /home/backuppc.orig rm -rf /var/lib/backuppc mkdir /home/.backuppc adduser backuppc fuse mkdir /var/lib/backuppc chown backuppc.backuppc /var/lib/backuppc encfs --public /home/.backuppc /var/lib/backuppc
We need hardlinks, so use "standard" settings of encfs, no external IV chaining!
And because it will be accessed also by Apache, even if through some setuid, we need --public
su -s /bin/bash backuppc $ rsync -avH /home/backuppc.orig/ /var/lib/backuppc rm -rf /home/backuppc.orig /etc/init.d/backuppc start
If you choose encryption, it cannot start automatically anymore:
for i in /etc/rc*.d/S*backuppc; do mv $i ${i/S/K};done
update-rc.d backuppc defaults
systemctl --system daemon-reload
And from now on, use scripts to start/stop manually:
#!/bin/bash encfs --public /home/.backuppc /var/lib/backuppc && /etc/init.d/backuppc start
#!/bin/bash /etc/init.d/backuppc stop fusermount -u /var/lib/backuppc
Visit https://readynas/backuppc
Default backup of localhost /etc will fail due to some read access issues, we can ignore them by tuning the corresponding TarClientCmd and appending to it:
--ignore-failed-read
Transmission
There is a readynas app, but better to use the Debian one if you want to tune it.
apt-get install transmission-daemon /etc/init.d/transmission-daemon stop
Edit /etc/default/transmission-daemon:
ENABLE_DAEMON=0
Create /data/Transmission/info/settings.json
# cf https://trac.transmissionbt.com/wiki/EditConfigFiles "download-dir":... "incomplete-dir":... "rpc-password": "your_password", # note that it will be encrypted next time automatically
chown -R phil.users /data/Transmission/info
transmission-start.sh:
#!/bin/bash exec su -s /bin/bash phil -c "/usr/bin/transmission-daemon --config-dir /data/Transmission/info/ --logfile /data/Transmission/info/logfile --log-info"
transmission-stop.sh:
#!/bin/bash exec su -s /bin/bash phil -c "killall transmission-daemon"
If you've some transmission settings to transfer from another machine:
- settings.json is in /etc/transmission-daemon/settings.json
- other stuffs (blocklists, resume, torrents,...) is in /var/lib/transmission-daemon/info/
To fix .resume files from another location, here from /shares/.... to /data/....: file is bencoded but a few bash lines are enough
#!/bin/bash
FILE="$1"
OLDDESTSIZE=$(cat "$FILE"|cut -f6 -d:|head -n1|sed 's/destination//')
OLDDEST="/shares"
NEWDEST="/data"
NEWDESTSIZE=$(($OLDDESTSIZE-${#OLDDEST}+${#NEWDEST}))
sed -i "s#:destination[0-9]\+:${OLDDEST}#:destination${NEWDESTSIZE}:${NEWDEST}#" "$FILE"
chown phil:users "$FILE"
To run it under another user:
Edit /etc/init.d/transmission-daemon -> USER=joe, then:
chown -R joe.users /var/lib/transmission-daemon chown -R joe.users /etc/transmission-daemon systemctl --system daemon-reload /etc/init.d/transmission-daemon start
Transgui / Transmission options / Network / Incoming port <> router firewall?
Android
Maintenance
WARNING this section is for "power users", some notes after I went through some troubles with my NAS.
Don't trust anything written here, don't try anything yourself, contact Netgear support in case of problems!
In two words, my NAS started behaving strangely then refused to boot, it appeared that the cause was a faulty RAM.
Locale console
You can plug a HDMI screen and a keyboard, you'll get access to the BIOS and boot sequence
If you press the reset button (small hole on the back) and maintain it pressed while booting till "Boot Menu" appears on the LCD screen you'll reach... the boot menu. Cf http://kb.netgear.com/app/answers/detail/a_id/23005
From here, several options, use the touchpad up/down & ok to select one:
- Memory test -> runs memtest86 with some summary on the LCD but it's much more confortable with a HDMI screen plugged.
- OS reinstall. Reinstalls the firmware from the internal flash to the disks. Use the OS reinstall boot mode when the system crashes and corrupts some configuration files. OS reinstall boot mode also resets some settings on your storage system, such as Internet protocol settings and the administrator password, to defaults.
So default access is root/password
- Volume read only. Mounts a volume as read-only. Use this option when you are attempting to rescue data off a disk during a disaster recovery.
- Disk Test. Performs an offline full disk test. This process can take four hours or more, depending on the size of your disks.
Personally I prefer to run smartmontools myself, see below
- Tech support. Boots into a low-level diagnostic mode. Use the tech support boot mode only when a NETGEAR technical support representative instructs you to do so.
See below
- Factory default. WARNING: The factory default reboot process resets the storage system to factory settings, erases all data, resets all defaults, and reformats the disk to X-RAID2.
Because of my faulty RAM that corrupted my filesystems, I had to go for this last option once I've backed up all my data.
Tech mode
Is one of the special boot modes.
WARNING You're not supposed to use it yourself but, well, on Internet I could find a lot of things, including the support telnet password... So, here it is:
In that mode it boots on the image contained in the flash so this works even if the HDD are completely out of order.
It launches a telnet and some tunneling to Netgear so they can operate remotely.
Login: root / infr8ntdebug
You can display processes (ps) and kill the tunnel back to Netgear if you want more privacy.
There is a dropbear binary so you can launch a small ssh server, helpful to initiate some file transfers if needed:
dropbear