# Samba & NFS File Sharing ## Reference apalrd's guide: https://www.youtube.com/watch?v=Hu3t8pcq8O0 ## Preamble To be honest, I'm not exactly sure why I'm doing this. I wanted to try setting up a Jellyfin media server with hardware transcoding - but that guide is built on this setup, so here we are. One advantage of this is that we won't need to passthrough the drives TrueNAS. Which is great for me because that is something I have not done before, and honestly the documentation and instructions are a little too much for my current un-Ritalin-ed brain. "Why no Ritalin?", no one asks. "Simple, my imaginary, neurotypical friend - sometimes the thing that helps you with your Executive Dysfunction requires Executive Function to take." I am also trusting that as I do this, more things will be revealed to me as I am playing with how this setup functions. Keep your fingers crossed - or not, I'm not the boss of you. ## Creating the Container  - Understanding Unprivlieged Containers can be a little difficult as the check-box is counter-intuitive - Unchecking the check-box makes it a privileged container (grants the container privileges) - Checking it removes the privileges - In a privileged container, the root user has access to everything - In an Unprivileged container, the root user of the container is mapped to user id of 10000, which means it won't have permissions at all within the host system  - We're using Debian Bookworm - the latest release at the time of this project  - This is really just for the OS, so it doesn't have to be particularly large. And that's also why I'm putting it on the SSD. The media files will be going onto my decade-old toshiba - so, in truth, I don't imagine that particular drive is going to last very long. But in the grand scheme of things, neither will we.  - With LXCs, this is more of a limitation - we're explicitly telling the container how many cores it is allowed to use at maximum. - With full VMs, putting 2 cores makes the machine think it is running on a dual-core machine. With LXCs, the machine knows how many cores the host has, so we are explicitly limiting it's access to resources - We're also going to have to get cool with some level of anthropomorphisation of these machines real fast. Yes, I am aware the machines don't think or know. - But what is, "to know"? Insert debate about tripartite definition of knowledge here. - Make Gettier roll in his grave.  - Similarly, we're telling the LXC just how much memory at most it is allowed to use - Since kernel memory doesn't count here, our memory usage won't be extreme  - set the static IP settings  - Going to use host settings for now - but if we decide to add Tailscale, then we are probably going to have to adjust these settings later on  - Let's go, baby  - This is an entirely unnecessary screenshot - but there is something that is just so satisfying about this. ### Some troubleshooting It looks like our DNS settings aren't working out  So we probably have to make some manual adjustments So let's take a look at the resolv.conf file  - As expected, my host's tailscale settings are mucking up the LXCs ability to communicate with any DNS server - let's fix this First thing to do is to create the pve ignore file with `touch /etc/.pve-ignore.resolv.conf`  - This will prevent the host from overwriting the resolv.conf file with it's own settings everytime the LXC starts up Then we add this sweet line to the top of the resolv.conf file  - I'm using the 1.1.1.1 cloudflare dns server - but really use whichever one you want to I guess. And now we have Domain Name resolution BABY!!  ## Installing Nala This is an entirely unnecessary step - I just enjoy using Nala over vanilla APT, so like skip this or whatever.  I mean just look at how ugly this installation process is  But now we have nala, everything will make more sense   ## Installing Cockpit We are going to be using Cockpit for it's web interface to make server management a tad easier  The instructions in the video use the backport repository of Bullseye (Deb 11) for packages that worked well for Bookworm (Deb 12) - as I am using Deb 12, I am instead going to use the backports repository for Bookworm to see how that works out. So let's add this line to the sources.list file    Honestly, look how understandable all that is  - using the -t flag to target the backports repository specifically - Cockpit, by default, will install some packags to do administration of Linux systems, like changing the host name and network settings, but we already have control of that using Proxmox so the --no-install-recommends flag helps us to not install those packages Once, we install we need to enable root login to the web interface. So we go to the disallowed-users file and comment out root   No need to restart anything, we can just proceed now. We go to the ip address and access port 9090  - Regular old certificate shenanigans And here we are!   First things first -- engage dark mode  ### Installing Necessary Modules For our purposes we need to install 1. [Cockpit Filesharing](https://github.com/45Drives/cockpit-file-sharing) 2. [Cockpit Navigator](https://github.com/45Drives/cockpit-navigator) 3. [Cockpit Identities](https://github.com/45Drives/cockpit-identities) For each of the above, we find the deb file, copy it and wget within our LXC 1. Identites - https://github.com/45Drives/cockpit-identities/releases/download/v0.1.12/cockpit-identities_0.1.12-1focal_all.deb  2. Navigator - https://github.com/45Drives/cockpit-navigator/releases/download/v0.5.10/cockpit-navigator_0.5.10-1focal_all.deb  3. Filesharing - https://github.com/45Drives/cockpit-file-sharing/releases/download/v3.3.7/cockpit-file-sharing_3.3.7-1focal_all.deb  We have all the necessary .deb files  - I removed the nala.deb install file nala install ./\*.deb to install all deb files   Once that's done we can remove the installer files with rm \*.deb On our webUI we can see the three new modules  Navigator:  Filesharing:  Identites:  ## Conclusion There are a few more things for us to do like setting up shares and users with associated permissions and whatnot. However as I am using this purely as an experimental setup, I will be doing all that during the Jellyfin setup.