I am a nomad, which means I change location a lot, and thus I need to travel light. The only thing I need for working is my laptop and an Internet connection, so virtually I can work from anywhere in the world, and that’s actually what I am doing. But there is a drawback when everything which is valuable to me (work files, personal pictures…) is in only one place: my laptop, which is in my backpack. If I lose my bag (or if it gets snatched, which is likely to happen here in the Philippines), I lose EVERYTHING and it’ll be very hard to recover from this.
Of course, one solution is that notorious “cloud”, where you store all of your data in a remote location, somewhere in the Internet. Yes but, you are giving your personal/work data to a third-party company (being accessible to third-party people you don’t know, and thus don’t trust). And even though they might be honest, you’re never sure this company is not going to close, or to get hacked. I am the cautious (paranoid?) type of guy, I like my data to be safely stored in a place where no people can access it but me, like “physically” can’t even access it.
Some years ago, laptops were not so popular yet, and we all used to be on desktop computers. That way, we rarely lose our computer, since it’s securely staying in our home and never going out. That’s a model that I like. I believe my data are way more safe in a computer located in my house rather than in the house of somebody else (i.e a storage service in the Cloud). So yes, I store my files and backups in a desktop computer that I access remotely, and I sync with it every day. Actually, whether the server that stores your data is your own server or belongs to a Cloud service company, what’s the difference? And you can actually achieve to host your own personal cloud quite easily. There are drawbacks, but I value security more than those.
The drawbacks compared with a Cloud service
- connectivity might not be as stable, and bandwidth might be slower (it will depend on your ISP, it might be better or worse)
- you need to set it up yourself
- you need to buy the hardware beforehand (big amount at once, compared to a monthly smaller fee)
- you might not have a fancy interface (will all depend on you, if a shell/FTP client is not fancy enough for you, develop your own…)
- in case of emergency (power outage, earthquake, meteorite…) you need to be there physically to restore your NAS (or have someone there to do it for you)
On the other hand, the advantages are
- you own your data, you and only you
- if you want to dump all your data at once, it’s just there on your hard-drive, at home (no need to wait days downloading everything). You take your hard-drive and walk away, as simple as it
- you are not subject to the shutdown of any third-party company
- nobody can access your data without your knowledge / permission (other companies, governmental agencies)
- your NAS server can be multi purpose. I use it also as a VPN (having a French IP address allows me to watch French TV channels even though I’m abroad) and SVN
How I set up my home-based NAS for a nomad usage
I will write this tutorial based on what I did for myself, my own personal home-based NAS. Here is what I have:
- one HP Proliant Microserver 2011 (around 300-400 USD)
- four internal hard drives 500Gb for storage only (around 100 USD per drive). They must be 5400 rpm (no need to be fast if it’s just for storage, and it’s less noisy)
- one USB stick 8Gb for the OS (10 USD)
- the needed cables (ethernet, CPL…) depending on the needs
So it’s still an investment of around 800 USD (600 euros) that I need to do beforehand, but I think it worths it definitely, and it can last for years. I chose to use the HP Proliant Microserver because of its small size, low energy consumption and low noise. But you could as well use any other desktop computer, an old computer that costs not even 50 USD will do.
Installing my home-based NAS
Then, I made the decision to install the OS on the USB stick (there is an internal USB port in the HP Proliant Microserver, but it could be plugged outside also) so my hard drives will be used for storage only. I chose to install Linux Debian, because it’s a distribution that I know pretty well, it’s light and I don’t need much more for this usage (the Netinstall for tiny CDs and USB sticks will do).
There, you can choose to encrypt your hard drives or not. Because I was in a hurry, I still hadn’t encrypted my drives, but I intend to do it soon, the next time I have my computer in hands. You can also choose to do some RAID, in case you fear one of the drives fails. Then, it’s up to you how you manage the drives, your folders and your files… I usually have one drive for my movies, one for the music, one for work and one for backups.
To access my files, I prefer using SSH (I need to install openssh on my distro). Because I never trust the network, I recommend to encrypt every communication between your laptop and your home-based NAS. SSH is a software of choice for this, of course. Then, you can even use an FTP client to access to your files via the SSH protocol (Filezila, Transmit), or mount a network drive (Macfuse). But at least, communication is secured.
Accessing my home-based NAS
Of course, since you’re accessing your NAS from outside the house, you need a way to find it. Most of the ISPs will give you a dynamic IP address (and it’s better that way), so I am using a dynDNS host (that my hosting company is offering for free) and I set a cronjob to automatically update this DNS entry in case it has changed. Actually, doing so, I can even ask someone to change the location of my server to another house, plug it in, and the DNS will be automatically updated and I can still access it again, without even doing any maintenance physically on the server. To that purpose, I am using the script provided by my hosting company (OVH) that you can find here (sorry, it’s French).
Also, I needed to add a NAT rule to my home router so that port 22 (SSH) will be forwarded to my NAS. To access my files, I only use SSH (because it’s secure) and I mount a disk on my desktop using MacFuse, or sometimes I use my FTP client (Transmit). It works like a charm.
Backing up my files
Because I travel to places where the Internet connection can be slow (or non-existent) I keep a copy of my important files on my laptop, but I want it to be securely backed up to my home-based NAS every day. For that purpose, I am simply using rsync. It’s old but bullet proof, it works like a charm, and it’s using SSH. Because rsync is incremental backup, it just calculates the modifications since the last backup you did, and will just upload the needed bytes, not more not less. It’s what makes it so efficient. You can choose to backup your whole system, but I find it kind of big and long process, so instead I am just backing up the important folders on my laptop (work related, passwords, mails) and even my pictures. The process takes a couple of minutes every night if I don’t add new pictures, otherwise it can take up to one or two hours (depending on the number of pictures…), and I live in a country where the Internet is pretty slow (Philippines).
At least I know that if I lose everything while travelling (if I end up naked and all my stuff has been stolen), I still have a backup of the most important files there, on my home-based NAS, that nobody can touch. I can still retrieve these files whenever I like. Here is a sample of the script I run every night on my laptop for backing up my stuff.
# alias for rsync command
alias rsync2="rsync --verbose --progress --stats --compress --rsh=/usr/bin/ssh --recursive --times --perms --links --delete"
# sync my sites' source code
echo "Backing up Sites"
rsync2 /Users/cyril/Sites cyril@$HOST:backup/
# sync my pictures
echo "Backing up Pictures"
rsync2 /Users/cyril/Pictures/Photos cyril@$HOST:backup/Pictures/
rsync2 /Users/cyril/Pictures/Photo\ Booth cyril@$HOST:backup/Pictures/
# sync my documents
echo "Backing up Documents"
rsync2 /Users/cyril/Documents cyril@$HOST:backup/
So here it is, roughly everything I did to achieve my home-based NAS / backup service / cloud drive, which is 100% (ok let’s say 99%, risk zero doesn’t exist) secure, since the only way to get my data is to force me to reveal my passcode or to force the place where I left my NAS (secret location). And even though they break in my house, if my hard drives are encrypted, they will never read my data…
I am thinking of making it more secure soon by implementing a backup solution to a second home-based NAS, located in a different place. And these two servers would sync everyday, using SSH, just in case one of them gets compromised…
So what do you think of my set up? If you are a frequent traveller, do you also have such a thing to secure your data, or do you rely more on third-parties? I’m very eager to hear your opinion about it.