Monday, March 9, 2015

Creating a Minimalist CentOS Home Server

It's about time I wrote this, so here we go. I built a little NAS/home server over Christmas time a few months ago. It's based on a FM2 3.5Ghz dual core, a mATX Gigabyte board with eight Sata3 ports, and currently has three 4TB hard drives. I've been jumping between what OS to run on it for a while: first it had Arch, then some Debian, FreeBSD and now here we are at CentOS.

Why? Arch was stable but for fear of things going bad (Arch is not meant to be a server), I switched to Debian which had consistent issues with full network bandwidth causing the Ethernet driver to crash. I had high hopes for BSD then realized they dont support XFS anymore which means I couldn't mount my data drives. So here goes CentOS.

While this is meant for CentOS, most commands are similar and software names are the same, so it can be used as reference for other systems.


Obviously, the first thing you'll need is a computer, but I guess the installer files are good too. They can be found here on the CentOS site. I used the minimal build found on the bottom left of the page. Unless you like living in the stone age, there is no point to using a CD or DVD, so grab a USB stick and use this Win32DiskImage utility to write the image to a USB stick.

Also, you'll need some time. The install only took a few minutes, but the majority of the time will be spent on configuring and installing software after the install of CentOS.


This is pretty straight forward. There are not many options, so no changes are really needed. Fill out all the forms and be sure to create a user account along with a root user.



SSH may be blocked by the default firewall service firewalld. Simply run the folowing to open the ports:
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload


The data drives need to be mounted on system start-up. This is done with fstab which is located at /etc/fstab. Using the following command I found the UUIDs of my data drives:

I then created mount points in /mnt and added the following lines to the fstab:
UUID=fbea912f-7a10-4e86-b5ed-32db97a36778       /mnt/4TB.1              xfs     defaults        0 2
UUID=72430954-62c2-4b71-97e7-3aad660b30c5       /mnt/4TB.2              xfs     defaults        0 2
UUID=c6a421e9-a9df-4ccb-8f6a-3794ecc12c4b       /mnt/4TB.3              xfs     defaults        0 2

Samba Shares

Next we need to share these drives with the network. Only Windows machines will be accessing it, so Samba file sharing is used.
yum install samba samba-client

Next, open the config file:
nano /etc/samba/smb.conf

You'll probably want to change the workgroup and server strings. Then find the Share Definitions section near the bottom and add something like so:
comment = description
path = /path/to/directory
guest ok = no
browseable = yes
writable = yes

Next, we need to set the selinux context so the data hard drives to be used remotely and set permissions(otherwise they just don't show up remotely). Also, SELinux can be disabled in /etc/selinux/config if you don't want to deal with it.
chcon -R -t samba_share_t /mnt/4TB.*
chmod -R 777 /mnt/4TB.*

Next the samba user needs to be created.
smbpasswd -a username

Then make the samba server start on bootup:
systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

Finally, allow it through the firewall:
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload

While this samba configuration isn't very complex, it is simple and provides all the functionality I need.

Plex Media Server

Go to the Plex downloads page here and get the latest link for the CentOS rpm package. Then run:
yum install wget
wget {link to rpm from above}
yum localinstall {package from previous line}

Next we need to fix issues with selinux and the firewall again.
nano /usr/lib/firewalld/services/plexmediaserver.xml

and paste in the following:
<?xml version="1.0" encoding="utf-8"?>
<service version="1.0">
  <description>Plex TV Media Server</description>
  <port port="1900" protocol="udp"/>
  <port port="5353" protocol="udp"/>
  <port port="32400" protocol="tcp"/>
  <port port="32410" protocol="udp"/>
  <port port="32412" protocol="udp"/>
  <port port="32413" protocol="udp"/>
  <port port="32414" protocol="udp"/>
  <port port="32469" protocol="tcp"/>

Then add the service and reload the firewall:
firewall-cmd --permanent --zone=public --add-service=plexmediaserver
firewall-cmd --reload

At this point I was tired of dealing with selinux, so I just disabled it. This makes the chcon command in the samba setup irrelevant. Do this by editing /etc/selinux/config and setting selinux to disabled.
nano /etc/selinux/config

Finally, enable and start the Plex service:
systemctl enable plexmediaserver
systemctl start plexmediaserver

FTP Server

In this case i'll be using VSFTPD, which is a nice lightweight server: perfect for my uses. Install it and then start the service:
yum install vsftpd

Next edit the config and set the options below:
nano /etc/vsftpd/vsftpd.conf


We also need to change SELinux and the firewall again. 
setsebool -P ftp_home_dir on
firewall-cmd --permanent --zone=public --add-service=ftp
firewall-cmd --reload

Finally, enable the service:
systemctl enable vsftpd
systemctl start vsftpd

FTP Client

Since this is a headless server, a regular gui ftp client wont do. rather than using the default ftp terminal client, i'll be using lftp. It's available in the yum repository:
yum install lftp

lftp downloads content to the directory it is executed from, so change to the downloads directory first. Start lftp like so
lftp ftp://username@Your.Server.ip

You can then navigate your server's file directory using the usual linux cd command. Using the following commands you can download single files and directories with n being the number of simultaneous connections. 
pget -n 5 FileName
mirror --use-pget-n=5 DirectoryName

It also has a queue feature. Simply add queue before the previous commands and it adds the files to the queue. Enter queue stop before adding any files to prevent immediate downloading. queue -d  to clear the queue. Use  job -v  to list the current download and queue to view the queue. To stop transfers enter kill or kill 1 where 1 is the queue number.

lftp can run in the background so downloads can be started via a ssh session without having to maintain the connection. To re-open the lftp session simply type pgrep lftp in your Linux shell and then start lftp and enter attach {PID from pgrep}

X server and qbittorrent

The qbittorrent graphical torrent client is used because it was the only client that supported rss feeds which I use through showrss for auto downloading. This is sloppy because its mainly here for my future reference.....

Install the X server and configure:
yum groupinstall "X Window System"
yum groupinstall "Fonts"
yum install xorg-x11-font-utils.x86_64 xorg-x11-fonts-100dpi.noarch xorg-x11-fonts-75dpi.noarch xorg-x11-fonts-Type1.noarch xorg-x11-xauth.x86_64 libX11.x86_64 dbus-x11.x86_64 xorg-x11-server-utils.x86_64 xorg-x11-xkb-utils.x86_64 xterm xorg-x11-xinit xorg-x11-font-utils xorg-x11-fonts-Type1 libX11-common xorg-x11-xauth libX11 dbus-x11 xorg-x11-server-utils xorg-x11-xkb-util
X -configure
copy the new config from root to /etc/X11/xorg.conf

edit /etc/systemd/system/\@tty1.service and change
ExecStart=-/sbin/agetty  –noclear %I $TERM
ExecStart=-/sbin/agetty --autologin <USER> --noclear %I $TERM

autostart X
edit  ~/.bash_profile and add the following at the end:
if [[ ! $DISPLAY && $XDG_VTNR -eq 1 ]]; then
 exec xinit -- /usr/bin/X -config xorg.conf

get TWM from centos 6 repositort and install
rpm -ivh --nodeps xorg-x11-twm-1.0.3-5.1.el6.x86_64.rpm

install the EPEL repository for qbittorrent
rpm -ivh epel-release-latest-7.noarch.rpm
yum install qbittorrent

make a graphical service for qbittorrent in /etc/systemd/system/qbittorrent.service
Description=Start qbittorrent

ExecStop=/usr/bin/pkill -f 'qbittorrent'


install tigervnc-server with yum

make /etc/systemd/system/x0vncserver.service
Description=Remote desktop service (VNC)

ExecStart=/usr/bin/sh -c '/usr/bin/x0vncserver -display :0 -rfbport 5900 -passwordfile /home/foo/.vnc/passwd
ExecStop=/usr/bin/pkill -f 'vnc'


create as /etc/systemd/system/
Description=Xsession running

enable the qbittorrent and vnc services

edit sudoers file and add this to the end
foo ALL=(ALL) NOPASSWD: /usr/bin/systemctl --no-block start

edit /home/foo/.xinitrc and add the following to the file
sudo /usr/bin/systemctl --no-block start

Now go in and setup qbittorrent. Set the webui to a different port (as 80 doesnt seem to work) and forward it in the firewall (see below). It is then accessible at server_ip:WEBUI_PORT

If HTTPS is desired, do:

mkdir ~/.config/qBittorrent/ssl
cd ~/.config/qBittorrent/ssl
openssl req -new -x509 -nodes -out server.crt -keyout server.key

Then enable https in the qbittorrent settings and select the generated files from above command. webui is then found at https://server_ip:WEBUI_PORT

Set the torrent port and forward that as well. Both of these then need to be forwarded in your router. Port checkers are useful here. use ipleak to check your ip is properly setup ;)

Go to the View menu in qbittorrent and enable the RSS Reader. Add the a feed with the new subscription button. click rss downloader, add a rule, ensure all fields are blank and select the previously added feed.

Of course, firewall exceptions need to be added.
firewall-cmd --permanent --zone=public --add-port=5900/tcp
firewall-cmd --permanent --zone=public --add-port=WEBUI_PORT/tcp
firewall-cmd --permanent --zone=public --add-port=TORRENT_PORT/tcp
firewall-cmd --reload


Perhaps the most vital part to this is Filebot: a program which automatically runs after a downlaod is complete, renames it, and finally puts it in a nice organized directory where the Plex Server can addit to the library. Automatically. It's awesome. Paired with a RSS feed with the latest media in rTorrent, this is amazing. 

Filebot requires Java 8 so get that from oracle and install it:
wget <the linux x64 rpm from link above>

yum localinstall <above rpm>

Next grab the Filebot portable package
mkdir ~/scripts/filebot
cd ~/scripts/filebot


7za -x

Add the following to the Run external program on torrent completion box in qbittorrent download settings. Note the gmail option uses an app password, not your actual password.  Also you need a plex token.
/home/foo/scripts/filebot/ -script fn:amc --output "/media/root/location" --log-file /home/foo/scripts/filebot/amc.log --action duplicate --conflict override -non-strict --def excludeList=/home/foo/scripts/filebot/amc.excludes plex= gmail=user:apppassword "seriesFormat=/tv/save/location/{n}/Season {s}/{n} - {sxe} - {t}" "animeFormat=/anime/save/location/{n}/{n} - {e} - {t}" "movieFormat=/movie/save/location/{n} ({y})" "musicFormat=/music/save/location/{n}/{n} - {t}" unsorted=y music=y artwork=y "ut_dir=%F" "ut_kind=multi" "ut_title=%N" "ut_label=%L"


So, there we go. Everything I need in a basic home NAS.

1 comment:

  1. Really miss ya, Jordan. You were really doing some interesting projects and I wish I had your savvy! If this is your last post, I wish you well!!!