FreeNAS + offsite Owncloud backup. (Proof of concept build before project signoff.)

[Oxygen IT]

HI All,

I did a quick browse but couldn't find anything on what I would like to do.

I'm wanting to have a client's data backup to FreeNAS (encrypted (hopefully?) ; ZFS ; dual 4TB SG IronWolf ; SSD cache ; SSD for OS & Samsung FIT USB for backup boot drive) , which will *not* be client facing. Archived, offline, cold storage will also be implemented.

I'd then like this data to be copied daily to a private, offsite Owncloud instance, running in a data center. Ideally I'd like to also have the data copy to another cloud like OneDrive / Dropbox etc.

If this possible? Anything I need to be aware of? During this, a PFS firewall will be implemented. I'll post on their forums once the above is confirmed, to see if it can be uploaded over a VPN (doubtful) but I think Webdav might save the day.

Thanx!

 

[danb35]

I'm wanting to have a client's data backup to FreeNAS (encrypted (hopefully?)

Encryption would ideally be handled through the backup software on the client's end, that way the client doesn't need to trust your security. You can alternatively encrypt the pool.

SSD cache

Why?

I'd then like this data to be copied daily to a private, offsite Owncloud instance

Set up a cloud sync task using webDAV, that should cover this requirement. Although if it's a private instance, setting up Owncloud for this seems like overkill--just rsync to the target.

Ideally I'd like to also have the data copy to another cloud like OneDrive / Dropbox etc.

Cloud Sync supports both of these providers too.

see if it can be uploaded over a VPN (doubtful)

Don't see why this would be doubtful.

 

[Oxygen IT]

Encryption would ideally be handled through the backup software on the client's end, that way the client doesn't need to trust your security. You can alternatively encrypt the pool.

- Sorry, I should've elaborated. I plan to encrypt the disks, so if either fail and need to be RMA'ed, I don't' have to worry about the data being accessed by unauthorised parties.

Why?
- Speed. SSD's are cheap enough. PLanning to use 2x Samsung 860 Pro's for basic redundancy & a 860 Evo for cache.

Set up a cloud sync task using webDAV, that should cover this requirement. Although if it's a private instance, setting up Owncloud for this seems like overkill--just rsync to the target.
- Thanx.

Cloud Sync supports both of these providers too.
- Thanx.

Don't see why this would be doubtful.
- Purely due to my lack of knowledge as to how I'd setup a VPN between the onsite FreeNAS & the private OwnCloud instance.

 

[danb35]

Sure, SSDs are cheap, but speed of what? If this box is going to be (exclusively) a backup target, there aren't going to be a lot of reads, so a read cache doesn't do anything for you. And backup isn't typically done with sync writes, so a SLOG device won't do anything. I appreciate overkill as much as the next guy, but it just seems like a waste in this case. And it seems that most FreeNAS newbies have very incomplete (at best) understandings of what cache/log devices actually do.

As to the VPN, set up your pfSense box as a VPN server (of whatever flavor of VPN you prefer to run), configure your Owncloud instance to connect to it, then set up the cloud sync task using the VPN IP address of the Owncloud instance. ZeroTier would be much simpler, but FreeNAS' implementation of ZeroTier is half-baked at best, and the devs have no interest in improving it.

 

[Oxygen IT]

Sure, SSDs are cheap, but speed of what? If this box is going to be (exclusively) a backup target, there aren't going to be a lot of reads, so a read cache doesn't do anything for you. And backup isn't typically done with sync writes, so a SLOG device won't do anything. I appreciate overkill as much as the next guy, but it just seems like a waste in this case. And it seems that most FreeNAS newbies have very incomplete (at best) understandings of what cache/log devices actually do.
- You make a very good point re it only being a backup target & the cache drive then being null. Guess I'm getting ahead of myself in excitement for implementation & taking this client from the storage age of IT, ( ZERO backups until last week) to something modern & reliable.

As to the VPN, set up your pfSense box as a VPN server (of whatever flavor of VPN you prefer to run), configure your Owncloud instance to connect to it, then set up the cloud sync task using the VPN IP address of the Owncloud instance. ZeroTier would be much simpler, but FreeNAS' implementation of ZeroTier is half-baked at best, and the devs have no interest in improving it
- .Thanx, really appreciate all the input & advice!