mameau%CWD%:> █
OFFLINE
$ cat article_0x02.txt
Terramaster F4-210 NAS experiences (2021-09)          version 0x02 -- @sairukau

===============================================================================
Changelog
===============================================================================
v0x02  Added info on the correct extended NFS support
v0x01  Initial document, frustrating device


===============================================================================
Expected Use cases
===============================================================================
- NFS Access, multiple permissions per share by host
- NB: Already have a QNAP TS-431P so trying to migration some volumes, this
      dictates some requirements in 1:1 for config

===============================================================================
Hardware
===============================================================================
NAS 
- Terramaster F42-210

Drives
- 3x4TB shucked Seagate Expansion Desktop Drives
  - Model: STxxDM005 (3 platter drive)

Networking
- LAN
- Static IP

===============================================================================
First Impressions (some comparison with QNAP product)
===============================================================================
Unit
 Looks cheap, considering i paid a similar amount for the QNAP it doesn't hold
 its own, caddys feel like they could have been 3d printed and are flimsy

Web Interface
 Much nicer presentation than the QNAP device, not as much functionality

===============================================================================
Installation
===============================================================================
Out of the gate the frustration starts here, doco says 'install our app to find
out the ip of the device'

On first boot the device is in initialization mode, before it can be used you
will need to upload the .ins file (or do an online init) to do this we
first need to find the device on the network, the doco doesn't mention if it 
will have a static or dynamic ip, so off to nmap to see if we can discover it

my internal net is 192.168.0.0, scan yours as appropriate

$ nmap 192.168.0.0/23

The device once found with have port 80 and 22 open, you can hit port 80 and 
get the init page which will step you through a wizard warning all data on the 
drives will be lost (ok for me in this instance) and will required the
aforementioned .ins files

You will need to download this .ins file from their site, you do not get a disc
nor usb with one on there already for offline setup

The main admin account setup requires an email, for an (off inet) device this 
is dumb and while it offers an option to skip it, the options didn't work,
assume its harvesting your email so you a throw away one/alias

You should be asked at some point about device names and the like, you will not
be asked to setup networking at this point tho, so you will be stuck with the
dhcp assigned ip until the device is fully installed, i just cant remember when
in the process device names and the like were asked because i was already well 
annoyed at this point in time

Upload the *.ins file when prompted, it will report it takes around 10m to 
install, i am on TOS 4.2.15-2107141517

If like me you get to 50% and it stalls well past the 10m mark, ssh in
as root, the ciphers offered by the ssh implementation in init mode are old so
setup a custom config entry or provide the below as appropriate -o option to 
ssh.

{{{
 Host tosins
 HostName 192.168.0.108
 Port 22
 User root
 KexAlgorithms=diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
}}}

ssh into the device as root with password Admin123

According to a forum post from support terramaster support it should be safe to
reboot the device, it should restart in init mode

See https://forum.terra-master.com/en/viewtopic.php?t=840

I just checked ps that nothing was still running from /etc/tos/scripts then 
rebooted the device

The device came back fully installed and started a wizard to configure the 
pools and volumes, this actual setup was presented well and was simple enough I
chose a raid 5 setup for my use case and disc numbers

raid sync started for this setup and stated it would take 1001m

from the admin ui i was then able to configure a static ip for the unit and 
assign what i needed it at

the ssh requirements change post intallation, root is not permitted regardless 
of what forum posts state, the ciphers are now at a reasonable level so the 
init ssh config is no longer required and it is listening on a custom port, for
me that was 9222

to that end i considered the installation was complete

===============================================================================
Config
===============================================================================
File Services
- Only NFS is enabled

===============================================================================
Access
===============================================================================
Post installation root ssh access is not enabled, su - is also broken, you can
confirm the password for root is the same as admin with {{{ cat /etc/shadow }}}
the hashes will match between the users

ssh in as admin and run {{{ sudo -i }}} to escalate to root

===============================================================================
Migration
===============================================================================
The NFS ui configation is severly lacking in functionality, you can only set 
one permission level, cannot device squash nor anon uid/gid

I want to use r/w perms based on host with a world readable perm this can't be
done through the interface

solution is to leverage the exports.d directory as per exportfs(8)

ssh into the nas

{{{

# mkdir /etc/exports.d
# touch /etc/exports.d/custom.exports

}}}

Add your export requirements to custom.export and restart the nfs service

{{{

# service nfs restart

}}}

confirm your exports

{{{

# exportfs -s

}}}

now migrating data to my volumes with rsync


===============================================================================
Customisations
===============================================================================


===============================================================================
Performance
===============================================================================a