EasyRouter:

The quick, dirty, less-than-an-hour way of setting up an ubuntu home router with an integrated file server

Notes:

This how-to outlines a very quick, very simple, and easy way to get a router with network attached storage up and running. It is not:

  • The most configurable/customizable
  • Lowest Footprint
  • Most Secure
  • ""ONCE AGAIN:"" If you are running a serious business, IT shop, the NSA, or need everything nailed down, do not use this guide.
  • Running a router, network attached storage, and other services on only one device, especially without using VMs, is not recommended by IT professionals unless you are a cheapskate or college student.

Requirements/Prerequisites:

  • Computer
    • cpu
    • ram
    • hard disk(s)
      • If you want the network attached storage part, I recommend having at least 2 dedicated hard disks of equal size for attached storage for at least RAID 1, though the more the merrier
    • 2 NICs ( This is key Wink ;) )

    • monitor
    • keyboard
    • mouse
  • Ubuntu Server install media (CD or USB)

Before you begin

Considerations

Plan out how are going to set up your machine. This is largely dependent on the number of hard drives you have. There are really lots of options here. Keep in mind that you may have to be careful if you plan on mirroring your / partition, if you don't to thing properly, your system may not boot.

Keeping with the quick, simple, and dirty nature of this how-to, these instruction will be for a 4 or 5 HD system with 2 NICs. There will be no performance tuning or advanced options addressed.

Installation

=== setup raid: ===

  • If you have your system ready, boot the server install media.
    • The process should be relatively self explanatory. Go through filling out the logical options until you get to the Disks/Partitioning dialog. Choose manual partitioning.
    • In the manual partitioning dialog, choose one disk to be your main booting disk.
      • Format with:
        • 0.5 - 5 Gigabytes of swap depending on your amount of RAM and hard drive space.
        • 5 - 10 Gigabytes of space for /
        • 7+ Gigabytes for /home
        • Remainder as Extra Storage (/media/storage may be a good mount point.)
    • Format all other disk as linux raid
      • There will now be an option at the main partitioning dialog to create RAID device.
      • Choose this option and select the appropriate RAID for your disks. If it's RAID 5 with 3 disks, then 3 devices, etc. Backup/Offline devices are not used and initialize automatically in case of drive failure.
      • The installer will ask you to reboot the installer. Do so.
      • Go through installer again until you get to partitioning.
      • This time a raid device will be listed as a disk for partitioning. Make your storage partition on it and give it a mount point such as /media/all_my_useless_files.
    • Continue with server install.
  • Once server is installed, you will boot to a command line.
    • Log in.
      • Check that your RAID exists: cd into its directory and make a file, delete it.
      • sudo mdadm -D /dev/md0 or md<whatever your RAID is ID'd as> will show you the status.

  • Your RAID is good for now.
  • NOTE: You can get much better performance by manually setting up RAID with a much larger than default chunk size. (256 or 512k instead of default 64k)

Routing the Lazy Way

  • You should have Internet access at this point via CAT-5 to your cable modem or similar setup.
  • Use aptitude to install programs:
    • sudo aptitude install xserver-xorg xorg xfce4 geany xfce4-terminal gnome-system-tools dhcp3-server ssh firestarter denyhosts 
  • Find out what device your NIC cards are called, do

    ip addr
  • Edit /etc/network/interfaces with

    sudo nano /etc/network/interfaces 
    • At this point it will only have your internet interface and loopback interface.
    • At the end add:

      auto eth1
      iface eth1 inet static
          address 192.168.0.1
          network 192.168.0.0
          netmask 255.255.255.0
          broadcast 192.168.0.255
    • replace eth1 with whichever interface you are NOT using for the internet.
    • start a GUI.

        startxfce4
    • Add a main menu to the panel, or use mouse menu. (Right click, follow the menus)
    • Open firestarter firewall.
      • On first run it will present a wizard.
        • Go through wizard. Choose correct options for internet and local network. Enable connection sharing.
          • Once complete, go to preference menu.
          • Enable DHCP server.
          • Under policy tab, righ click in allow service area. For services you want on the local network, allow service when source is LAN. For those you want to access from the internet, allow for all. If there's a port you want open, add a custom rule.
          • quit (The daemon will work in the background)
    • Restart networking.

       sudo /etc/init.d/networking restart
    • Plug in network switch or laptop to 2nd network port.
    • Confirm Internet access and Automatic DHCP address assignment.

Permissions on your media share / ssh for remote admin

  • In GUI admin menu users and groups, create a user. Call it creator or something.
  • Create a group. Call it sharers (or similar).
  • Create a user remoter. Add it to group sharers.
  • Chown your RAID drive or whatever you intend to be your shared folder
    sudo chown creator:sharers -R <directory_name>
  •  chmod -r 750 <directory>  or similar depending

  • Modify sshd_config in /etc/ssh as desired.
  • If users are in sharers group they can read/execute stuff in storage folder, others can't access. user creator can place/arrange files in shared area.
  • for ssh shares on other Ubuntu machines add a remote directory via SSH from gnome menu and use the sharers or remoters restricted login.
  • your main user can admin remotely via SSH.
  • exit X. logout. Your server is ready. Hide it in the closet next to your cable modem.
  • It's really easy to enable samba. It may (is probably) a better choice for shared folders. In fact samba may be a good choice for the local network. If you want internet side access, ssh is probably better.

EasyRouter (last edited 2011-05-16 15:53:40 by jengelh)