AE EP#38 Qnap TS-212 NAS Teardown & Debian Installation

Hrhr christmas was early this year and I got myself some little Network attached storage (NAS). It is a qnap TS-212, so it has 2 disk-bays and I paid about 160 € on amazon. (The 1-bay version is here).
For disks I chose 2 Western Digital WD20EURS 2 TB interne Festplatte (6,5 cm (3,5 Zoll), 5400rpm, 64MB Cache, SATA) for their low power consumption and reduced noise level.
Enjoy the teardown:

Again, sorry guys, there will be no more parts to this video. I actually recorded ~4 hours of video. 4 very LONG, BORING hours. Instead i write these things down. For the first part I mostly followed this instruction. Thank you Martin Michlmayr! (I’ll have ha copy if his page ever goes down;)

All right? Lets go! Once you backed up the Flash partition and wgetet (lol) you can ssh into the device.
ssh installer@
Password is install

This would be the assigned IP-address after you booted up with disconnected network (or with no DHCP server present in your network). You can also use the DHCP page of your router to get its assigned IP of course.
Expert mode crashed on my try, so I started standard installation.
I set up the two 2TB hard drives partly as raid 1, partly as plain disk (no JBOD or any fancy stuff like that ;). My original plan failed due to the installer not recognizing my usb drives space (showed only 256 MB instead of 1GB Bug?) so I went and gave the system some raid1 on the hard drive.

the disk setup looks like this:

>>partition 1: 20 GB space reserved for raid /dev/sda1
>>partition 1: 500 GB space reserved for raid /dev/sda2
>>partition 1: 1,5 TB space ext4 /dev/sda3

>>partition 1: 20 GB space reserved for raid /dev/sdb1
>>partition 1: 500 GB space reserved for raid /dev/sdb2
>>partition 1: 1,5 TB space ext4 /dev/sdb3

After running Debian’s raid setup (inside the installer it looks somewhat like this:

>>partition 1: 20 GB space reserved for raid /dev/sda1
>>partition 1: 500 GB space reserved for raid /dev/sda2
>>partition 1: 1,5 TB space ext4 /dev/sda3

>>partition 1: 20 GB space reserved for raid /dev/sdb1
>>partition 1: 500 GB space reserved for raid /dev/sdb2
>>partition 1: 1,5 TB space ext4 /dev/sdb3

20GB raid1 /dev/sda1 and dev/sdb1
no spares and 2 drives

500GB raid1 /dev/sda2 and dev/sdb2
no spares and 2 drives

After that installation should be smooth, just be sure to select ssh server when the package selection comes up.

Now let’s generate us some rsa key for passwordless log-in. on your pc type:

# ssh-keygen -t rsa

you can choose if you safe them into your ~/.ssh/id_rsa or somewhere else. I chose to put it in a folder named qnap-TS-212 (everything concerning this device goes there).
We get two files keyname and
Use scp to get the pub file to your server (erebus will be my NAS’ Name):

# scp root@
# mv erebus erebus.key #just to make things clear ;)

You will need your root password from Debian setup. This will put the pub key to root’s home on the server.
Ssh into the NAS:

# ssh root@

# cd /root
# mkdir .ssh
# mv erebus.key .ssh/authorized_keys
# chmod 700 .ssh
# chmod 600 .ssh/authorized_keys

Now log out…
…and back in:

# ssh root@ -i erebus.key

Nice, now lets set up the hostname and network:

# nano etc/hostname and change to name of your desire (strg-x to quit y to save)
# nano etc/hosts
# #mine looks like this: localhost erebus erebus #that domain stuff broke the workings with windows xp :DD

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

I’m changing the network to static now coz’ the installer crashed on doing it in it.
To get networking to static Lets change /etc/network/interfaces to something like this:
WARNING YOU CAN LOCK YOURSELF OUT HERE!! visit for recovery information!

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static

The easy way is to reboot you can also type (in one line!):

ifdown eth0 && ifup eth0

You can add $NASNAME to your /etc/hosts file to replace the IP on connecting: erebus
Now let’s set us up some encrypted folder on the /dev/md1 partition:

# useradd claudio
# useradd isabell
# useradd guest
# passwd claudio
# passwd isabell
# passwd guest

# mount /dev/md1 /mnt
# apt-get install ecryptfs
# mkdir -m 700 /mnt/.secure #actual encrypted file system
# mkdir -m 500 /mnt/secure #mount folder, unwriteable when ecfs not mounted
# chown claudio:claudio /mnt/.secure && # chown claudio:claudio /mnt/secure

# mount -t ecryptfs /mnt/.secure /mnt/secure

Before we add the share lets get us a swap-file. Type this on /
dd if=/dev/zero of=swap bs=1M count=512
This will prompt you some questions, write down what you answered, we will ned that in the next step:
Edit /etc/fstab to the following example:

# /etc/fstab: static file system information.
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
# proc /proc proc defaults 0 0
# / was on /dev/md0 during installation
UUID=b729436e-426a-476f-9d0a-ee10a5c6164b / ext4 errors=remount-ro 0 1

/dev/md1 /srv/md1 ext4 errors=remount-ro 0 1
/dev/sda3 /srv/S1 ext4 errors=remount-ro 0 1
/dev/sdb3 /srv/S2 ext4 errors=remount-ro 0 1

/srv/md1/.secure /srv/md1/secure ecryptfs noauto,users,ecryptfs_sig=1f5d64d72507df5f,ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecrypfs_unlink_sigs 0 0

/swap swap swap defaults 0 0

This adds all partitions and a swap file on next boot or if you type mount -a.
Finally it’s time to get the samba server going (I really don’t like it, it seems to always break somehow 🙁 but you gotta use what we have…):

apt-get install samba
smbpasswd claudio
smbpasswd isabell
smbpasswd guest

Since there are about 1000 better or worse samba how-to’s out there I’ll just post my configuration, test changes with testparam.

workgroup = STRANGENET
server string = %h server
map to guest = Bad User
obey pam restrictions = Yes
guest account = guest
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Entersnews*spassword:* %nn *Retypesnews*spassword:* %nn *passwordsupdatedssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
smb ports = 139 455
dns proxy = No
panic action = /usr/share/samba/panic-action %d
valid users = %S
create mask = 0700
directory mask = 0700

comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

comment = Printer Drivers
path = /var/lib/samba/printers

path = /srv/md1/secure
valid users = claudio
read only = No

path = /srv/md1/important
valid users = claudio
read only = No

path = /srv/S1/claudio
valid users = claudio
read only = No

path = /srv/S1/isabell
valid users = isabell
read only = No

path = /srv/S1/guest
valid users = isabell, claudio, guest
read only = No

path = /srv/S2/AE
valid users = claudio
read only = No

path = /srv/S2/Media
valid users = isabell, claudio
read only = No

At last run:
/etc/init.d/samba restart
Okay thats it! Sorry, there is no part 2 or 3 video. My footage just sucked too hard.
your AE

15 thoughts on “AE EP#38 Qnap TS-212 NAS Teardown & Debian Installation

  1. auf dem ts-219p macht debian + ceph auch spass 😉
    aber das bissl emhr ram brauchste dann schon wenn du mehr von den dinger hast macht es um so mehr spass!

    • Ja klar, aber der 100er wars ma dann net wert, da lag der Mediamarkt Prospekt daneben mit ner xbox ums selbe Geld, das hab ich dann net gschafft 😀

  2. aber nicht das UFD teil nehmen sondern das ohne sandisk jat auch so ein kleines 🙂 zur not macht sich auch gut in nem netbook als speicher extension 😀

    oder an so manchem rechner als boot option mit images drauf

    • ich glaub das kommt an den raspi, der zu dem hoster in graz kommt, die schrauben raspis ins rack for free 😀 Zwecks rekursion kommt da dann mein git fürn raspi drauf *hrhr*

  3. meine 2 raspi’s fühlen sich bei edis sehr wohl einer hat die “b” variante hat einen 64gb usb stick drann das auch bissl speicher da ist für hosting dinge 🙂

  4. Hi Claudio,

    Great project, and I hope you got your QNAP server running Debian.

    I’m a long time fan of QNAP (have had almost all QNAPs, from 1 disk units upto 12 disk units, great stuff)

    But now a (stupid) question here:

    WHY does a person wants Debian on a QNAP unit?
    Apart from the fact that it’s CLI only (no problem for me, use that every day), I wonder what advantages installing Debian has over the standard FW…

    And apart from that: does it run stable enough?

    Would be great to hear your comments….


    Robbert / PA3BKL
    PS: I really want to make a asterisk telephony server with my QNAP TS-409 Pro Turbo…

    • Hi Robbert,

      Yeah its running great.

      No, not a stupid question:
      Short answer: because I can!
      Long answer(s): First, Its a great learning experience. No such thing as putting new firmware on a headless device ]:>. It is my first time running GNU/Linux on something other than x86/x86-64 in a production enviroment.
      Also it puts you not only in the drivers seat, it makes you the mechanic as well. If I want to put a git repository on my NAS I can, I could ask qnap to make a firmware update with git as well, but they won’t put it in if I’m one of the very few requesting it. Thats just market and I’m cool with that as long as they don’t prevent me from doing my thing.
      I can compile stuff and run software never intended to run on it – this is important to me, surely not to everyone.

      Running your own OS on your NAS is /not/ for everyone, especially if you just expect it to work. It takes time and thought and some reasonable amount of experience installing and running Linux.

      And yes it runs like a charm, nor crashes, no errors in the syslog 🙂

      Claudio / (callsign is on the way)
      PS: cool! keep me posted on that please!

Leave a Reply

Your email address will not be published. Required fields are marked *

To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Anti-spam image