ZFS Small Server Configuration

Serge Y. Stroobandt

Copyright 2015–2017, licensed under Creative Commons BY-NC-SA

0. Home
1. IT
2. Servers
3. Configuration

TODO: This document requires a rewrite to reflect the Ansible configuration management currently in use.

Ansible

A single Ansible playbook is used to install the pertaining applications and to manage the configuration files on all my computers, according to their roles. This works much better than apt install scripts and offers ample opportunity for commenting. Some YAML excerpts of my playbook are shared below.

Mount script for SSHFS clients

Here is a bash script to mount the server through SSHFS on whatever client computer. It gets executed at login, in my case by specifying the script in Xubuntu’s Session and Startup → Application Autostart. However, the script can also be run manually, for example after connecting to a mobile network.

# !/usr/bin/env bash

mountpoint="/$server/$USER"

options=' -o reconnect -o cache=yes -o kernel_cache -o compression=yes -o large_read'
options+=" -o idmap=file -o uidfile=$HOME/.uidfile -o gidfile=$HOME/.gidfile -o nomap=ignore"

{ sshfs $server:/home $mountpoint -p 22 $options > /dev/null 2>&1 && echo -e '\nThe server is now mounted over LAN.\n'; } || \
{ sshfs $roam:/home $mountpoint -p 443 $options && echo -e '\nThe server is now mounted over WAN.\n'; }

The optimisation parameters are from the following article and tests. As a requisite, the administrator needs to create a /$server/$USER mount point directory for every user on the client system.

/etc/ssh/sshd_config

Nokia Asha 210

The antiquated J2ME application MidpSSH for the not so smart but beloved feature phones is still available from boostapps.com. However, recent OpenSSH versions require manually enabling potentially unsafe legacy algorithms and ciphers. Nonetheless, a privacy respecting, virtually undestructible 2.5G mobile SSH terminal with an ergonomic tactile keyboard and 1104 hours standby time on a single battery charge remains to this day hard to beat…

    ---
    - name: 'Legacy support for MidpSSH'
      blockinfile:
        path: /etc/ssh/sshd_config
        insertafter:
        block: |
          # Legacy support for MidpSSH
          KexAlgorithms +diffie-hellman-group1-sha1
          HostKeyAlgorithms +ssh-dss
          Ciphers +3des-cbc
          PubkeyAcceptedKeyTypes +ssh-dss
      notify: restart ssh

    - meta: flush_handlers

Note to myself: The Nokia Asha 210 requires MidpSSH Polling I/O and is used with the linux terminal type.

5

Keep this site on-line

This work is licensed under a Creative Commons Attribution‑NonCommercial‑ShareAlike 4.0 International License.
Other licensing available on request.

Unless otherwise stated, all originally authored software on this site is licensed under the terms of GNU GPL version 3.

This static web site has no backend database.
Hence, no personal data is collected and GDPR compliance is met.
Moreover, this domain does not set any first party cookies.

All Google ads shown on this web site are, irrespective of your location,
restricted in data processing to meet compliance with the CCPA and GDPR.
However, Google AdSense may set third party cookies for traffic analysis and
use JavaScript to obtain a unique set of browser data.
Your browser can be configured to block third party cookies.
Furthermore, installing an ad blocker like EFF's Privacy Badger
will block the JavaScript of ads.
Google's ad policies can be found here.

This page employs a server‑side script.

This page includes an open-source client-side script, written in and
transcoded by to make it run as secure JavaScript in the browser.

Static XHTML generated from Markdown by and
the make, sed and gpp commands.

math markup rendered with .
references are best read with .

Unattended CSS typesetting with .

This work is published at https://hamwaves.com/zfs.server.config/en/.

Use my OpenPGP public key to encrypt messages for:

echo c2VyZ2VAc3Ryb29iYW5kdC5jb20K |base64 -d

Last update: Tuesday, October 11, 2022.