Introduction

The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a hard drive for it's OS as normal but read only access to the photo archive.

Strawberry

To separate the photo archive from the webserver and avoid any data loss of the original photos we will store the files on a different VM and share the files by a read only NFS. All pictures will be uploaded to this other VM that has read and write access. This other host is named strawberry and has an IP address of prod.21.

Hard Drive

Strawberry has a normal HD for it's OS but it has a large additional drive from the pearpool/PoolForPear/Pdata/shared, this is listed as AllSharedFiles on datacenter->storage and has an initial size of 4TB. It is mounted at /mnt/shared. To give a plum access to photos there is a directory called photo, this is the limit of plum's sight of the files on /mnt/shared and if some other VM needs to have access to a different share we could create another share off of mnt/shared or share /mnt/shared completely.

Setup Strawberry to share /mnt/shared/photo

First we need to format the Hard disk and mount it to /mnt/shared. Run

lsblk 

or

sudo fdisk -l 

to identify the disk to mount, it will probably be "sdb" or "/dev/sdb" or some thing similar it will be the large one in any case as we are starting with 4tb. We will not be creating a new partition, just directories, so no need for that, we will format the entire drive. To format the entire drive with ext4 we use the command (obviously, use the actual drive shown by lsblk or fdisk -l)

sudo mkfs.ext4 /dev/sdb

Next we creat the mount point for /mnt/shared if it does not already exist

sudo mkdir /mnt/shared

If it does exist see if there is anything stored there and possibly move it somewhere else. but if it is empty it is ok to use as is. Now there is somewhare to mount the drive we can use the mount command

sudo mount /dev/sdb /mnt/shared

this will mount dev/sdb to the mount point /mnt/shared. To prove that it worked try

ls /mnt/shared

You should see the lost+found directory, which is created by ext4. We now need to configure /etc/fstab (for Automatic Mounting). We will need the UUID to add to /etc/fstab so run

sudo blkid /dev/sdb

and copy the UUID number. Next we need to edit fstab

sudo nano /etc/fstab

and add the line

UUID=your_uuid /mnt/shared ext4 defaults 0 2

Replace your_uuid with the value from blkid /dev/sdb.Save and exit. To verify that the fstab edits were ok use

sudo mount -a

If there is anything wrong there should be an error message. The last thing to do is to create the photo directory

sudo mkdir /mnt/shared/photo

Create an Upload user

To do any SFTP uploads we will need an user to upload photos, we will call it "photoup"

sudo adduser photoup

set permissions with

sudo chown uploader:uploader /mnt/shared/photo
sudo chmod 775 /mnt/shared/photo

make sure permissions are correct for /mnt/shared

sudo chown root:root /mnt/shared
sudo chmod 755 /mnt/shared

Configure NFS Server

We need to install the NFS server

sudo apt update && sudo apt install nfs-kernel-server

We need to export the directory by editing the exports file

/etc/exports

and add the line

/mnt/shared/photo 192.168.100.20(ro,sync,no_subtree_check)

Save and exit. Then to apply the export we do sudo exportfs -a sudo systemctl restart nfs-kernel-server

We need to edit the sshd config

/etc/ssh/sshd_config

Towards the bottom there should be a line

Subsystem       sftp    /usr/lib/openssh/sftp-server

just below that line add

Match User uploader
   ChrootDirectory /mnt/shared
   ForceCommand internal-sftp
   AllowTcpForwarding no
   X11Forwarding no

Save and exit. Now apply the config and make sure it works

sudo sshd -t
sudo systemctl restart ssh
sudo systemctl status ssh

=