BUILD Encrypted File server + Plex

[Dord]

Hey guys,

I am preparing my first build, and would be running an encrypted file server serving roughly 6 separate users (friends & family) as well as plex to stream media content on my home network (content sometimes stored remotely). The idea is also to have something that could last a bit and fairly silent.

I have been reading up and looking at some builds to inspire me, here is what I came up with:

Proc: i3-6100 - $110
Mobo: Supermicro X11SSL-cF- $270 (Not sure what the -B at the end of the model number means though, if anyone knows..)
Ram: 2x8gb supported DDR4 - $150 (I also found that Kingtson one, cheaper but not on Supermicro's supported list, what should I do?)
Case: Fractal Node 804 - $70
Power supply: Seasonic G-550 - $55 (Overkill, but cheaper than the 450w somehow)
SSD: Patriot Torch 60GB - $35 (never heard of it, but cheap & good amazon reviews)
Storage: 6x2TB WD Red - $90x6=$540 (I will buy from various retailers, and plan on going RAID-Z2)
CPU Fan: Noctua NH-D9L - $55 (I want to keep it cool and silent)

Anything you would do different? Any tips based on my needs? Anything you would add?

Thanks for your help! :)

 

[nojohnny101]

I'm on my phone so I'll keep this short.

I have the node 804 and if I had to do it again, I would pick a different case. It is a well built case and all but getting to the drives and identifying serial numbers is not the easiest (went through this recently). Although to be fair this could have mitigated if I would have noted the location of the drives in the chassis before installing them.

Also if you are going to be streaming things through plex, the CPU might be inadequate. Although (I'm sure as you have found out through your research) that this largely depends on what format your media is in and what you will using to primarily play your media.

Sorry for the limited response. Good luck.

 

[golfleep]

I'm pretty new to FreeNAS, having just completed my first build a month ago, but I wanted to let you know that I'm very happy with the x11SSL-CF. You'll need to flash the onboard LSI3008 to IT mode. I agree with your choice of CPU, I started with a pentium g4400 to test things out with, and soon maxed that out with Plex and a VM for crashplan, and then decided to jump to a xeon 1230v5, which seems a bit overkill in retrospect. The i3 seems like a good balance between cost and performance.

 

[SweetAndLow]

What is the SSD for? No need for a CPU cooler, the stock one does just fine and pretty darn quiet. Those larger coolers are great for over clocking but you are not doing that.

Sent from my Nexus 5X using Tapatalk

 

[Dord]

I'm on my phone so I'll keep this short.

Thanks for the Node 804 advice, I surprisingly struggled to find a case that I like, and I planned on writing down the internal organization of the case along with serial numbers anyway, since I read that this was a best practise. So I will keep looking a bit but might stick with the Node 804 if I don't find anything else as appealing to me.

Regarding the CPU, Plex recommends a 2000 Passmark score for each device you're going to transcode to in 1080p. A piece of information I forgot to share is that I plan on streaming to only one device for now. There might be a second device in a year or so (but probably not), and it should be a pretty thin/never happening user case when they'd stream at the same time anyway. I looked at a couple Xeons but it would raise the tab by $100-200 to reach a 7500 score (for the E3-1220) against 5500 for the i3. So I figured let's start with the i3, it should even allow streaming to 2 devices and if the need for more arise in the future I will upgrade the CPU, but on paper my reasoning was that it should be plenty for my limited needs. Now that you have the background details, please let me know if I overlooked something and if you still think I should up the CPU.

I'm pretty new to FreeNAS, having just completed my first build a month ago, but I wanted to let you know that I'm very happy with the x11SSL-CF. You'll need to flash the onboard LSI3008 to IT mode. I agree with your choice of CPU, I started with a pentium g4400 to test things out with, and soon maxed that out with Plex and a VM for crashplan, and then decided to jump to a xeon 1230v5, which seems a bit overkill in retrospect. The i3 seems like a good balance between cost and performance.

Thanks for the feedback! This was somewhat my reasoning too.

What is the SSD for? No need for a CPU cooler, the stock one does just fine and pretty darn quiet. Those larger coolers are great for over clocking but you are not doing that.

The SSD is to run the OS, I am not too keen on having a thumbdrive sticking out, SSD being more afforable nowadays I figured I would go that route.
Thanks for the tip on the cooler, I will follow your advice and go with the stock one for now, and I can still add the Noctua if I run into issues in the future.

I appreciate you taking the time to help me out, thanks guys!

 

[SweetAndLow]

My only other suggestion is to practice using encryption or don't bother using it at all. I see so many lost pools from encryption that I can tell you it's not worth it. Unless there is a law saying you have to use it because of customer data I wouldn't bother. If you have some important files just use a separate program to encrypt those files like truecrypt.

Sent from my Nexus 5X using Tapatalk

 

[pirateghost]

I am not too keen on having a thumbdrive sticking out,

Your motherboard you have selected has a USB port directly on the motherboard.

and if you didn't have that, there are things like these: https://www.amazon.com/dp/B002GNU2V6/?tag=ozlp-20

I always find it weird when that is the reasoning behind not using USB.

 

[Dord]

Your motherboard you have selected has a USB port directly on the motherboard.

and if you didn't have that, there are things like these: https://www.amazon.com/dp/B002GNU2V6/?tag=ozlp-20

I always find it weird when that is the reasoning behind not using USB.

Good to know thanks.

But otherwise the price point for a 32gb thumbdrive is maybe 5 bucks cheaper than an entry level SSD with better performance than USB 2.0. Also an SSD plugged in would be much more steady than a usb flash drive. (Earthquake? Nukes?)

Unless I am missing something I just don't see what the pros of USB are.

 

[pirateghost]

Good to know thanks.

But otherwise the price point for a 32gb thumbdrive is maybe 5 bucks cheaper than an entry level SSD with better performance than USB 2.0. Also an SSD plugged in would be much more steady than a usb flash drive. (Earthquake? Nukes?)

Unless I am missing something I just don't see what the pros of USB are.

The main pro being that you don't waste a valuable SATA port...That's huge for some systems.

 

[tvsjr]

Where encryption is concerned, please reference the following: https://xkcd.com/538/

Barring a legal requirement for data encryption at rest...
If the attacker has physical access to the device, you lose.
If the attacker can legally compel you to produce the password, you lose.
If the attacker attacks the system over the network, encryption at rest doesn't matter.

Encryption at rest primarily addresses two things - physical loss/theft of the system and improper sanitization prior to disposal. And it adds significant complexity, processing overhead, and risk. Make sure you really need it before you go through the pain.

 

[Arwen]

I agree with not using encryption. If you go ahead, pay special attention to test replacing disks. If
you won't test replacing disks, then have multiple, reliable backups and be prepared to use them.
(And not complain to us about loosing your pool due to encryption and disk replacement.)

All that said, new features are coming in the next year or so to OpenZFS, (used by the parent OS
in FreeNAS, which is FreeBSD). One of which is dataset encryption. Meaning you can have some
datasets, (file systems), that are encrypted, and some that are not.

 

[Dord]

Thanks for the encryption advises. Doesn't seem worth the trouble to me, I might set up a container or two when needed for extra sensitive files, but won't bother encrypting the whole thing.

 

[nojohnny101]

Thanks for the Node 804 advice, I surprisingly struggled to find a case that I like, and I planned on writing down the internal organization of the case along with serial numbers anyway, since I read that this was a best practise. So I will keep looking a bit but might stick with the Node 804 if I don't find anything else as appealing to me.

That sounds reasonable, the Node 804 isn't a bad case, you'll be happy with it. Plenty of room to work in it, which I love.

Regarding the CPU, Plex recommends a 2000 Passmark score for each device you're going to transcode to in 1080p. A piece of information I forgot to share is that I plan on streaming to only one device for now. There might be a second device in a year or so (but probably not), and it should be a pretty thin/never happening user case when they'd stream at the same time anyway. I looked at a couple Xeons but it would raise the tab by $100-200 to reach a 7500 score (for the E3-1220) against 5500 for the i3. So I figured let's start with the i3, it should even allow streaming to 2 devices and if the need for more arise in the future I will upgrade the CPU, but on paper my reasoning was that it should be plenty for my limited needs. Now that you have the background details, please let me know if I overlooked something and if you still think I should up the CPU.

Sound logic. Sounds like you have given some thought to your future needs and are planning appropriately. Sounds like you'll be fine with the i3 then.

@pirateghost makes some good points. to sum up some of the popular opinions on here on why....
one would use USB drive(s) to run OS
- cheaper
- frees up sata ports
- take up a lot less space (low profile ones of course, like sandisk cz33)

one would use SSD to run OS
- requires only one SSD (generally recommended to run a pair of USB drives (mirrored) as they are not as reliable)
- faster boot and upgrade times
- last longer/more reliable

I'm running a pair of mirrored USB drives on my boxes. You'll be fine either way. Just make sure you implement a script to backup the config file every so often so you have that when you need to restore. If you have the config file, it really is trivial to get the OS back up and running with all your settings if anything should happen.