I’m planning to upgrade my home server and need some advice on storage options. I already researched quite a bit and heard so many conflicting opinions and tips.
Sadly, even after asking all those questions to GPT and browsing countless forums, I’m really not sure what I should go with, and need some personal recommendations, experience and tips.
What I want:
- More storage: Right now, I only have 1 TB, which is just the internal SSD of my thin client. This amount of storage will not be sufficient for personal data anymore in the near future, and it already isn’t for my movies.
- Splitting the data: I want to use the internal drive just for stuff that actively runs, like the host OS, configs and Docker container data. Those are in one single directory and will be backed up manually from time to time. It wouldn’t matter that much if they get lost, since I didn’t customize a lot and mostly used defaults for everything. The personal data (documents, photos, logs), backups and movies should each get their own partition (or subvolume).
- Encryption at rest: The personal data are right now unencrypted, and I feel very unwell with that. They definitely have to get encrypted at rest, so that somebody with physical access can’t just plug it in and see all my sensitive data in plain text. Backups are already encrypted as is. And for the rest, like movies, astrophotography projects (huge files!), and the host, I absolutely don’t care.
- Extendability: If I notice one day that my storage gets insufficient, I want to just plug in another drive and extend my current space.
- Redundancy: At least for the most important data, a hard drive failure shouldn’t be a mess. I back them up regularly on an external drive (with Borg) and sometimes manually by just copying the files plainly. Right now, the problem is, if the single drive fails, which it might do, it would be very annoying. I wouldn’t loose many data, since they all get synced to my devices and I then can just copy them, and I have two offline backups available just in case, but it would still cause quite some headache.
So, here are my questions:
Best option for adding storage
My Mini-PC sadly has no additional ports for more SATA drives. The only option I see is using the 4 USB 3.0 ports on the backside. And there are a few possibilities how I can do that.
- Option 1: just using “classic” external drives. With that, I could add up to 4 drives. One major drawback of that is the price. Disks with more than 1 TB are very expensive, so I would hit my limit with 4 TB if I don’t want to spend a fortune. Also, I’m not sure about the energy supply and stability of the connection. If one drive fails, a big portion of my data is lost too. I can also transform them into a RAID setup, which would half my already limited storage space even more, and then the space wouldn’t be enough or extendable anymore. And of course, it would just look very janky too…
- Option 2: The same as above, but with USB hubs. That way, I theoretically could add up to 20 drives, when I have a hub with 5 slots. That would of course be a very suboptimal thing, because I highly doubt that the single USB port can handle the power demand and information speed/ integrity with that huge amount of drives. In reality, I of course wouldn’t add that many. Maybe only two per hub, and then set them up as RAID. That would make 4x2 drives.
- And, option 3: Buy a specialized hard drive bay, like this simpler one with two slots or this more expensive one for 4 drives and active cooling. With those, I can just plug in up to 4 drives per bay, and then connect those via USB. The drives get their power not from the USB port, but from their own power supply. Also, they get cooled (either passively via the case if I choose one that fits only two drives, or actively with a cooling fan) and there are options to enable different storage modes, for example a built in RAID. That would make the setup quite a bit simpler, but I’m not sure if I would loose control of formatting the drives how I want them to be if they get managed by the bay.
What would you recommend?
File system
File system type
I will probably choose BTRFS if that is possible. I thought about ZFS too, but since it isn’t included by default, and BTRFS does everything I want, I will probably go with BTRFS. It would give me the option for subvolumes, some of which are encrypted, compression, deduplication, RAID or merged drives, and seems to be future proof without any disadvantages. My host OS (Debian) is installed with Ext4, because it came like that by default, and is fine for me. But for storage, something else than Ext4 seems to be the superior choice.
Encryption
Encrypting drives with LUKS is relatively straight forward. Are there simple ways to do that, other than via CLI? Do Cockpit, CasaOS or other web interface tools support that? Something similar to Gnomes’ Disk Utility for example, where setting that up is just a few clicks.
How can I unlock the drives automatically when certain conditions are met, e.g. when the server is connected to the home network, or by adding a TPM chip onto the mainboard? Unlocking the volume every time the server reboots would be very annoying.
That of course would compromize the security aspect quite a bit, but it doesn’t have to be super secure. Just secure enough, that if a malicious actor (e.g. angry Ex-GF, police raid, someone breaking in, etc.) can’t see all my photos by just plugging the drive in. For my threat model, everything that takes more than 15 minutes of guessing unlock options is more than enough. I could even choose “Password123” as password, and that would be fine.
I just want the files to be accessible after unlocking, so the “Encrypt after upload”-option that Nextcloud has or Cryptomator for example isn’t an option.
RAID?
From what I’ve read, RAID is a quite controversial topic. Some people say it’s not necessary, and some say that one should never live without. I know that it is NOT a backup solution and does not replace proper 3-2-1-backups.
Thing is, I can’t assess how often drives fail, and I would loose half of my available storage, which is limited, especially by $$$. For now, I would only add 1 or max 2 TB, and then upgrade later when I really need it. And for that, having to pay 150€ or 400€ is a huge difference.
Hi OP, I am in a similar situation as you were so I wonder which solution you chose at the end and if you are happy with it?
I chose to continue with my current setup until I get the time and motivation to upgrade.
I will build a new server from scratch. For that, I bought an used mainboard for a few bucks, which has 6 SATA slots.
Buy external drives. Don’t run them in RAID, use one to store backups and plug it in once or twice a week to copy data to it.
The secret to RAID is that it doesn’t buy you data protection, it buys you uptime to access data while a device in the array is failed. This is most valuable to businesses that can’t afford the downtime that recovery from a backup incurs. The most paranoid RAID will still fail sooner or later, due to hardware or software failure, and as a home user with a limited budget you’re far better off having one offline backup that you can use to recover data from once that happens.
Backup only data you can’t afford to lose (eg: don’t backup downloaded data that can be replaced easily, like a game or movie collection) and your backups will be much more manageably sized and you won’t need to spend as much on your backup drive. If a backup disk is too much for your budget you can always exploit cloud backup plans, backblaze PC backup has no limit on the size of your backups and only charges something like ~$60/yr.
Edit: It’s also worth thinking about what kind of data you’re storing and splitting that data across multiple devices if possible. If you’re storing bulk data where performance isn’t critical, like backups from other machines or a movie collection, you can pay a much lower price by buying a hard drive instead of flash. Even if only some of your data requires fast flash you can still use a cheaper HDD to store bulk data and buy a smaller flash drive for performance sensitive tasks. When I build NAS I split my data two pools, one bulk pool of HDDs and one much smaller fast pool comprised of flash storage. Put performance critical data on flash, put bulk storage on HDDs, this will allow you to spend less on bulk and still have fast storage performance for tasks that require it. A 512GB or 1TB SSD alongside a 4TB, 6TB or 8TB HDD is significantly cheaper than spending on a 4TB or 8TB SSD.
Shop eBay for refurbished storage, it’ll be significantly cheaper than spending on brand new drives.
Love the effort you’ve put into this question. You’ve clearly done some quality research and thinking.
When I asked myself this same question a couple of years ago, I ended up just buying a second hand Synology NAS to use alongside my mini-pc. That would meet your criteria, and avoids the (I’m not sure what magnitude) reliability risk of using disks connected over USB. It’s more proprietary than I’d like, but it’s battle tested and reliable for me.
https://www.linuxserver.io/blog/2017-06-24-the-perfect-media-server-2017
I did perfect media server It’s got mergerfs for splitting data and using disks in various sizes .and snapraid for a level of redundancy. Tho raid isn’t backup.
That said I’m now running this setup on a n100 machine with a qnap tl-800c jbod USB c box.
Works great for downloads / Plex and home server needs.
The b100 chip isn’t amazing… Don’t get me wrong but it works really well for Plex.
Hope this all makes sense. I’m on mobile with out my glasses. Lol
Drives connected to usb have an unstable connection in my experience, this is very annoying and gets worse with hubs.
RAIDs reduce the time a system is offline and reduce data loss, if a drive fails and you can afford to wait for the new disk and the backup to restore, and have regular backups that ensure no important data gets lost (though remember the data added between backups may be lost) then you don’t need a RAID.
I don’t use RAIDs cause if my disk fails then I can stomach the 2-4 days it takes to buy a new one and restore the backup
Very important: use S.M.A.R.T and a filesystem with checksums to make sure you’re not backing up corrupted data and know to get a new one
For encryption at rest you may want to look at clevis and tang, though you need a server in your home network for this to work. The client (with clevis) then decrypts the disk at boot if it can reach the server (tang). The server can’t decrypt the data without the client secret and the client can’t decrypt it without the server public key.
Don’t know what your server could be though, maybe a router with custom firmware?
You should also look into cloud storage/rclone, that way you can automate your backups more and reduce the need for manual intervention.
I use rclone and restic to automatically backup my servers daily which takes a few seconds most of the time due to them being incremental backups.
Oh man, what a mess. It is just not worth it if you’re only adding 1 or 2 TB. Also you don’t say what kind of data you want to store on this system. If it’s media files (static once written) that can simplify things.
I’d say don’t mess with external drives at all. Your simplest path is upgrade your 1TB internal SSD to 2TB or 4TB. Those aren’t too expensive, and you get SSD storage. Yes you may as well use LUKS unless you want to get fancier. I have some thoughts about key management but haven’t implemented them in practice, so talk about that would be theoretical.
RAID is for when you have data that changes, like databases where you frequently add rows or do updates, so you are up to date if a drive crashes just after an update. It also lets you keep the system running while you hot swap the crashed drive. If you don’t mind taking your storage offline while you restore from a backup, and you don’t mind having to recreate the most recent data, you don’t need RAID.
I simply keep my static stuff and backups on a Hetzner StorageBox, encrypted with Borg Backup. That eliminates all the hassles of RAID, buying hardware and keeping it at home, etc. I can remote mount it (read only) with sshfs with all cryptography happening on the client side (in practice I don’t do that very often). There’s no need to use an encrypted file system on the server, or for the server to ever see plaintext. Of course StorageBox is not self hosted, but you could do something similar with a bare iron storage server. Anyway I think it’s difficult to beat this for economy until you have tens or maybe 100’s of TB of data.