在ubuntu服务器搭建 NAS

SMB协议搭建NAS

通过webmini使用samba可视化搭建nas

磁盘挂载

df -h
sudo pvdisplay  # 查看物理卷信息
sudo vgdisplay  # 查看卷组信息
sudo lvdisplay  # 查看逻辑卷信息
sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
sudo resize2fs /dev/ubuntu-vg/ubuntu-l
df -h /dev/ubuntu-vg/ubuntu-lv
sudo lvdisplay /dev/ubuntu-vg/ubuntu-lv

webmin

Webmin 是一个功能强大的 Web 系统管理工具，提供了丰富的图形化界面，可以配置 Linux 服务器的各个方面

install

wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc
sudo echo "deb http://download.webmin.com/download/repository sarge contrib" | sudo tee /etc/apt/sources.list.d/webmin.list
sudo apt update
sudo apt install webmin

proxy

# sudo vim ~/.bashrc

export http_proxy=http://192.168.10.65:7890
export https_proxy=https://192.168.10.65:7890
export no_proxy="localhost,127.0.0.1,*.local"
export all_proxy=socks5://192.168.10.65:7890 # 如果是 socks 代理

samba

install

1 2	sudo apt update sudo apt install samba

config

1	sudo vim /etc/samba/smb.conf

workgroup = WORKGROUP        # 设置工作组名称，通常为 WORKGROUP
server string = %h server    # 设置服务器描述
netbios name = nas-server    # 设置服务器 NetBIOS 名称
security = user              # 设置安全模式为用户认证
map to guest = bad user      # 拒绝匿名用户访问


[shared]                       # 设置共享名称
path = /mnt/nas                # 设置共享目录路径
valid users = user1,user2       # 设置允许访问的用户列表
read only = no                 # 允许读写访问
browseable = yes               # 允许在网络中浏览
guest ok = no                 # 禁止匿名访问
force user = root              # 用 root 身份操作
create mask = 0777             # 创建文件的权限
directory mask = 0777           # 创建目录的权限

服务重启

1	sudo systemctl restart smbd

samba完整配置文件

#

#======================= Global Settings =======================

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = zgxmt

# server string is the equivalent of the NT Description field
server string = %h server (Samba, Ubuntu)

netbios name = nas

security = user

map to guest = bad user

log file = /var/log/samba/log.%m

# Cap the size of the individual log files (in KiB).
max log size = 1000

# We want Samba to only log to /var/log/samba/log.{smbd,nmbd}.
# Append syslog@1 if you want important messages to be sent to syslog too.
logging = file

# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d

server role = standalone server

obey pam restrictions = yes

# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
unix password sync = yes

# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for
# sending the correct chat script for the passwd program in Debian Sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
pam password change = yes

# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
map to guest = bad user


[printers]
comment = All Printers
browseable = no
path = /var/tmp
printable = yes
guest ok = no
read only = no
create mask = 0700

# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = no
guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# You may need to replace 'lpadmin' with the name of the group your
# admin users are members of.
# Please note that you also need to set appropriate Unix permissions
# to the drivers directory for these users to have write rights in it
;   write list = root, @lpadmin

[shared]

path = /home/nas

valid users = nas,root

# 设置允许访问的用户列表
read only = no
# 允许读写访问
browseable = yes
           # 允许在网络中浏览
           guest ok = no
           # 禁止匿名访问
           force user = root
           # 用 root 身份操作
           create mask = 0777
# 创建文件的权限
directory mask = 0777
# 创建目录的权限

samba 用户创建

sudo useradd -m -s /bin/bash nas
sudo passwd nas
sudo smbpasswd -a nas
sudo pdbedit -L # 验证用户

解除win组策略限制

在windows 无法登录时解除组策略限制

1	Set-SmbClientConfiguration -RequireSecuritySignature $false

通过脚本批量挂载磁盘

第三方库安装与配置

# Debian/Ubuntu
sudo apt install mergerfs

# RHEL/CentOS
sudo yum install epel-release
sudo yum install mergerfs

磁盘分区初始化

#!/bin/bash
for dev in /dev/sd{a..v}; do
  echo "正在处理 $dev"
  sudo parted -s $dev mklabel gpt
  sudo parted -s $dev mkpart primary 0% 100%
  sudo mkfs.ext4 -L "${dev##*/}" "${dev}1"
done

磁盘挂载

#!/bin/bash
# 文件名：storage_pool_final.sh
# 功能：自动化初始化磁盘、创建分区、格式化挂载、配置mergerfs存储池

# --------------------------
# 配置参数（按需修改）
# --------------------------
MOUNT_ROOT="/mnt/all_disks"         # 存储池根目录
MOUNT_DIR="$MOUNT_ROOT/mounts"      # 单个磁盘挂载目录
SHARED_DIR="$MOUNT_ROOT/shared"     # 合并存储目录
MIN_FREE_SPACE="20G"                # 最小保留空间
LOG_FILE="/var/log/storage_pool.log" # 日志文件路径

# --------------------------
# 初始化日志系统
# --------------------------
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' EXIT
exec > >(tee -a "$LOG_FILE") 2>&1

# --------------------------
# 预检模块
# --------------------------
check_prerequisites() {
    # 检查root权限
    [[ $EUID -ne 0 ]] && echo "错误：必须使用sudo运行脚本" && exit 1

    # 检查必要工具
    declare -A REQUIRED_TOOLS=(
        ["parted"]="分区工具"
        ["mkfs.ext4"]="格式化工具"
        ["mergerfs"]="存储合并工具"
    )
    for tool in "${!REQUIRED_TOOLS[@]}"; do
        if ! command -v $tool &> /dev/null; then
            echo "错误：缺少依赖 ${REQUIRED_TOOLS[$tool]} ($tool)"
            exit 1
        fi
    done

    # 创建目录结构
    mkdir -p "$MOUNT_DIR" "$SHARED_DIR"
    chmod 1777 "$SHARED_DIR"
}

# --------------------------
# 安全设备过滤
# --------------------------
get_data_disks() {
    lsblk -lp -o NAME,SIZE,TYPE,MOUNTPOINT | awk '
        BEGIN {IGNORECASE=1}
        $3 == "disk" &&
        $4 == "" &&
        $2 ~ /3\.6T/ &&
        $1 !~ /sdaw/ {  # 排除系统盘sdaw
            print $1
        }'
}

# --------------------------
# 磁盘初始化
# --------------------------
init_disk() {
    local dev=$1
    echo "===== 初始化磁盘 $dev ====="

    # 创建GPT分区表
    if ! parted -s "$dev" mklabel gpt; then
        echo "错误：无法创建GPT分区表"
        return 1
    fi

    # 创建主分区
    if ! parted -s "$dev" mkpart primary 0% 100%; then
        echo "错误：无法创建分区"
        return 1
    fi

    # 格式化分区为ext4
    local partition="${dev}1"
    if ! mkfs.ext4 -q -L "DATA_${dev##*/}" "$partition"; then
        echo "错误：格式化失败"
        return 1
    fi

    echo "√ 初始化完成：$dev → $partition"
}

# --------------------------
# 挂载管理
# --------------------------
mount_partition() {
    local partition=$1
    # 获取UUID
    local uuid=$(blkid -s UUID -o value "$partition")
    [[ -z "$uuid" ]] && return 1

    # 创建挂载点
    local mount_point="$MOUNT_DIR/$uuid"
    mkdir -p "$mount_point"

    # 写入fstab（幂等操作）
    if ! grep -q "UUID=$uuid" /etc/fstab; then
        echo "UUID=$uuid $mount_point ext4 defaults,nofail,noatime 0 0" >> /etc/fstab
    fi

    # 执行挂载
    if mount -v "$mount_point"; then
        echo "√ 挂载成功：$partition → $mount_point"
    else
        sed -i "\|UUID=$uuid|d" /etc/fstab
        rmdir "$mount_point"
        return 1
    fi
}

# --------------------------
# mergerfs配置
# --------------------------
configure_mergerfs() {
    # 生成挂载点列表
    local mount_points=($(ls -d "$MOUNT_DIR"/* 2>/dev/null))
    if [[ ${#mount_points[@]} -eq 0 ]]; then
        echo "错误：没有可用的挂载点！"
        exit 1
    fi

    # 生成fstab条目
    local mergerfs_entry="${mount_points[@]/%/\\:} $SHARED_DIR fuse.mergerfs defaults,allow_other,category.create=epmfs,minfreespace=$MIN_FREE_SPACE,fsname=StoragePool 0 0"

    # 清理旧配置
    sed -i '\|fuse.mergerfs|d' /etc/fstab

    # 写入新配置
    echo "$mergerfs_entry" >> /etc/fstab

    # 应用挂载
    if mount -av; then
        echo "√ mergerfs配置成功"
        df -hT "$SHARED_DIR"
    else
        echo "× mergerfs挂载失败"
        exit 1
    fi
}

# --------------------------
# 主程序流程
# --------------------------
main() {
    check_prerequisites

    # 处理所有数据磁盘
    while read -r dev; do
        # 初始化磁盘
        if ! init_disk "$dev"; then
            echo "× 磁盘初始化失败：$dev"
            continue
        fi

        # 挂载分区
        partition="${dev}1"
        if ! mount_partition "$partition"; then
            echo "× 分区挂载失败：$partition"
            continue
        fi
    done < <(get_data_disks)

    # 配置mergerfs
    configure_mergerfs
}

# --------------------------
# 执行入口
# --------------------------
main "$@"

./mount.sh``` 运行


### 磁盘大小查看

```shell
lsblk -b -o SIZE | grep -v "loop" | grep -v "rom"  | grep -v "SIZE" | awk '{sum+=$1} END {print sum}' | numfmt --to=iec-i --suffix=B --padding=7```

验证

1	df -hT /mnt/all_disks/shared

卸载磁盘重新加载

1
2
3

sudo umount -a
sudo systemctl daemon-reload
df -h

最终验证

步骤 1：验证 mergerfs 配置

# 查看 /etc/fstab 中是否有 mergerfs 条目
cat /etc/fstab | grep "fuse.mergerfs"

# 预期应输出类似：
# /mnt/all_disks/mounts/* /mnt/all_disks/shared fuse.mergerfs defaults,allow_other,... 0 0

步骤 2：手动触发挂载

# 卸载错误挂载
sudo umount -l /mnt/all_disks/shared

# 重新挂载所有设备
sudo mount -av

步骤 3：检查 mergerfs 挂载状态

# 查看 mergerfs 是否生效
mount | grep "mergerfs"

# 预期输出应包含：
# StoragePool on /mnt/all_disks/shared type fuse.mergerfs (...)

步骤 4：修复配置问题

若上述步骤无效，执行以下操作：

清理旧配置


# 删除无效的 mergerfs 条目
sudo sed -i '\|fuse.mergerfs|d' /etc/fstab

# 确保所有磁盘已正确挂载到 mounts/ 子目录
ls -l /mnt/all_disks/mounts

重新生成 mergerfs 配置


# 获取所有挂载点路径
MOUNT_PATHS=$(ls -d /mnt/all_disks/mounts/* | tr '\n' ':')

# 写入新的 mergerfs 配置
echo "${MOUNT_PATHS%:} /mnt/all_disks/shared fuse.mergerfs defaults,allow_other,category.create=epmfs,minfreespace=20G,fsname=StoragePool 0 0" | sudo tee -a /etc/fstab

# 应用配置
sudo mount -av

步骤 5：验证最终状态

# 检查存储池容量
df -hT /mnt/all_disks/shared

# 预期输出示例：
#Filesystem      Type           Size  Used Avail Use% Mounted on
#StoragePool     fuse.mergerfs  7.2T  3.6T  3.6T  50% /mnt/all_disks/shared

NAS异常重启错误排除

脚本如下

#!/bin/bash
# 文件名：check_reboot_logs.sh
# 功能：自动收集和分析系统重启相关日志

# 检查 root 权限
if [ "$EUID" -ne 0 ]; then
  echo "请使用 sudo 或 root 权限运行此脚本"
  exit 1
fi

# 定义日志保存目录
LOG_DIR="/var/log/reboot_investigation_$(date +%Y%m%d%H%M%S)"
mkdir -p "$LOG_DIR"

# 收集基础系统信息
{
  echo "======= 系统基本信息 ======="
  lsb_release -a
  uname -a
  uptime
  echo ""
} > "$LOG_DIR/system_info.txt"

# 收集最近重启记录
{
  echo "======= 最近 5 次重启记录 ======="
  last reboot | head -n 5
  echo ""
} > "$LOG_DIR/reboot_history.txt"

# 收集内核日志中的异常信息
{
  echo "======= 内核日志关键事件 ======="
  journalctl -k --since "1 week ago" | grep -Ei \
  -e "oom" \
  -e "panic" \
  -e "segfault" \
  -e "hard reset" \
  -e "kernel bug" \
  -e "rcu stall"
  echo ""
} > "$LOG_DIR/kernel_events.txt"

# 收集系统日志中的崩溃记录
{
  echo "======= 系统服务崩溃记录 ======="
  journalctl -b -1 --since "1 week ago" | grep -Ei \
  -e "crash" \
  -e "failed" \
  -e "segmentation fault" \
  -e "core dumped" \
  -e "out of memory"
  echo ""
} > "$LOG_DIR/service_crashes.txt"

# 收集硬件相关日志
{
  echo "======= 硬件错误/警告 ======="
  dmesg -T | grep -Ei \
  -e "error" \
  -e "warning" \
  -e "temperature" \
  -e "overheat" \
  -e "corrected error" \
  -e "mce"
  echo ""
} > "$LOG_DIR/hardware_issues.txt"

# 收集自动更新记录
{
  echo "======= 自动更新记录 ======="
  grep -h -E "apt|unattended" /var/log/apt/* /var/log/unattended-upgrades/* 2>/dev/null
  echo ""
} > "$LOG_DIR/auto_updates.txt"

# 收集内存使用历史
{
  echo "======= 内存使用统计 ======="
  sar -r -s "$(date -d '1 week ago' +%H:%M:%S)" | tail -n +3
  echo ""
} > "$LOG_DIR/memory_usage.txt"

# 生成分析报告
{
  echo "=== 自动分析报告 ==="
  echo "[1] 最近重启次数: $(grep -c "reboot" "$LOG_DIR/reboot_history.txt")"
  echo "[2] 硬件错误计数: $(grep -ciE "error|warning" "$LOG_DIR/hardware_issues.txt")"
  echo "[3] OOM 事件计数: $(grep -ci "oom" "$LOG_DIR/kernel_events.txt")"
  echo "[4] 服务崩溃计数: $(grep -ciE "crash|failed" "$LOG_DIR/service_crashes.txt")"
  echo ""
  echo "=== 建议排查方向 ==="
  echo "1. 如果存在硬件错误: 检查硬盘(SMART)、内存(memtest86+)、CPU温度(sensors)"
  echo "2. 如果存在 OOM 事件: 分析内存使用模式，检查是否有内存泄漏"
  echo "3. 如果服务频繁崩溃: 检查对应服务的日志(/var/log/[service])"
  echo "4. 如果与更新相关: 检查 /var/log/apt/history.log"
} > "$LOG_DIR/analysis_report.txt"

echo "日志收集完成，结果保存在: $LOG_DIR"
echo "请查看以下关键文件:"
echo "1. analysis_report.txt    - 快速分析报告"
echo "2. hardware_issues.txt    - 硬件相关问题"
echo "3. kernel_events.txt      - 内核级错误"
echo "4. service_crashes.txt    - 服务崩溃记录"

HTTP 协议NAS搭建

Nginx: 作为反向代理，处理 HTTPS 和路由。

FileBrowser: 轻量级文件管理容器（替代传统 NAS 界面）。

Docker Compose: 编排容器依赖关系。

docker install on ubuntu

nginx 安装配置

sudo apt-get update -y
sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker
docker --version
sudo apt install docker-compose
sudo systemctl daemon-reload
sudo systemctl restart docker

sudo docker pull nginx
sudo docker images
sudo mkdir -p /data/nginx/conf
sudo mkdir -p /data/nginx/conf.d
sudo mkdir -p /data/nginx/html
sudo mkdir -p /data/nginx/logs

docker run --name nginx -d  -p 80:80   -v ~/nginx/nginx.conf:/etc/nginx/nginx.conf   -v ~/nginx/html:/usr/share/nginx/html   nginx

docker 代理设置

1 2	sudo mkdir -p /etc/systemd/system/docker.service.d sudo vim /etc/systemd/system/docker.service.d/proxy.conf

写入如下文件

[Service]
Environment="HTTP_PROXY=http://192.168.10.65:7890"
Environment="HTTPS_PROXY=http://192.168.10.65.7890"
Environment="NO_PROXY=localhost,127.0.0.1"

sudo vim /etc/docker/daemon.json

{
    "registry-mirrors": ["https://dockerhub.icu"]
}

apache 服务安装

基础准备

1 2	mkdir -p ~/nas-docker/{data,config,nginx,ssl} cd ~/nas-docker

yml 编辑

version: '3'

services:
  # FileBrowser 文件管理服务
  filebrowser:
    image: filebrowser/filebrowser:latest
    container_name: filebrowser
    volumes:
      - ./data:/srv      # 挂载共享数据目录
      - ./config/filebrowser:/etc/filebrowser  # 配置文件
    environment:
      - FB_BASEURL=/files  # 服务路径
    restart: unless-stopped
    networks:
      - nas-network

  # Nginx 反向代理
  nginx:
    image: nginx:alpine
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
      - ./ssl:/etc/nginx/ssl  # SSL 证书目录
      - ./data:/usr/share/nginx/html  # 静态文件托管（可选）
    depends_on:
      - filebrowser
    networks:
      - nas-network

networks:
  nas-network:
    driver: bridge

nginx.conf

user  nginx;
worker_processes  auto;

events {
    worker_connections  1024;
}

http {
    server {
        listen 80;
        server_name localhost;  # 替换为你的域名
        return 301 https://$host$request_uri;  # HTTP 重定向到 HTTPS
    }

    server {
        listen 443 ssl;
        server_name nas.yourdomain.com;

        # SSL 证书路径（需提前申请或自签名）
        ssl_certificate /etc/nginx/ssl/fullchain.pem;
        ssl_certificate_key /etc/nginx/ssl/privkey.pem;

        # 静态文件服务（可选）
        location / {
            root /usr/share/nginx/html;
            autoindex on;
        }

        # 代理 FileBrowser
        location /files {
            proxy_pass http://filebrowser:80;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

自签证书

# 安装 certbot
sudo apt install certbot

# 申请证书（需确保域名已解析到服务器IP）
sudo certbot certonly --standalone -d nas.yourdomain.com

# 复制证书到 Docker 挂载目录
sudo cp /etc/letsencrypt/live/nas.yourdomain.com/fullchain.pem ~/nas-docker/ssl/
sudo cp /etc/letsencrypt/live/nas.yourdomain.com/privkey.pem ~/nas-docker/ssl/

服务启动

1	sudo docker-compose up -d

see

https://webmin.com/

Zhaoqi.Cao static blog

A static personal blog.

在ubuntu服务器搭建 NAS

SMB协议搭建NAS

磁盘挂载

webmin

install

proxy

samba

samba完整配置文件

samba 用户创建

解除win组策略限制

通过脚本批量挂载磁盘

验证

卸载磁盘重新加载

最终验证

步骤 1：验证 mergerfs 配置

步骤 2：手动触发挂载

步骤 3：检查 mergerfs 挂载状态

步骤 4：修复配置问题

步骤 5：验证最终状态

NAS异常重启错误排除

HTTP 协议NAS搭建

docker install on ubuntu

docker 代理设置

apache 服务安装

服务启动

see

about me 个人微信

wechat offical 微信公众号

你的赏识是我前进的动力