My plan was to install Proxmox 9 on it and use it to virtualize TrueNAS Scale and OPNSense on it. Sadly Proxmox doesn’t support eMMC storage and the USB stick is too slow to run a PVE.
Since I would passthrough both HDDs to the TrueNAS VM, I would need an extra NVMe driver which I connect to the PCIE port with the NVMe adapter. But this would cost another ~400 bucks.
So I dropped the idea.
What I need:
a NAS
be able to authenticate against an IDP (SAML2.0, OAuth or LDAPS)
strong encryption
docker and docker compose support
high security standards in general
easy to use for users (not administrators)
What I considered:
OpenMediaVault – Not an option, I use it right now and it is terrible
Unraid – not an option, too insecure and no support for IDP authentication
ZimbaOS and CasaOS – not an option, doesn’t meet most requirements.
TrueNAS scale – maybe
other OS – maybe
Which OS would you recommend me to use on the ZimbaBoard 2 1664 for my needs?
Do your users need to be able to actually manage the NAS and VM bits?
Depends on it.
But Fedora is not a really good solution for it, since it needs heavy modification for it.
Like the SAML2.0 authentication is not an easy setup on Fedora and I want to avoid LDAPS, as well as the fact that many things need to be done manually, while on a system like TrueNAS it is much faster and easier to set up.
You wanted to use Proxmox and put everything in a VM?
I simply meant to use Fedora (or maybe even Rocky or Arch) as your VM host.
Then put eg. TrueNAS and OPNSense as a guest.
edit: it could actually partially solve your storage issue if you ran ZFS on the host, although TrueNAS wouldn’t be happy.
edit 2: looking at that hardware, rolling your own services would probably be best to maximize efficiency
You wanted to use Proxmox and put everything in a VM?
Yes.
I simply meant to use Fedora (or maybe even Rocky or Arch) as your VM host.
Then put eg. TrueNAS and OPNSense as a guest.
Ah, okay. I get it now.
I mean I have no idea if Fedora or Almalinux support eMMC, but it is an option. I don’t find it as smooth as with Proxmox, but a solution that should be considered.
edit: it could actually partially solve your storage issue if you ran ZFS on the host, although TrueNAS wouldn’t be happy.
This is an option, but as you said TrueNAS wouldn’t be happy and 95% of the HDD features wouldn’t be usable. So if I do it, I will passthrough the HDDs and than create on the guest the encrypted ZFS raid.
I’ve Fedora on a few eMMC Chromebooks without issue.
I’m actually not really sure why Proxmox wouldn’t either? Did they really leave out the kmod?
edit: I see their installer seems to not support the paths used and they keep it that way to prevent people from killing their eMMC
I’ve Fedora on a few eMMC Chromebooks without issue.
Good to know.
I’m actually not really sure why Proxmox wouldn’t either? Did they really leave out the kmod?
Proxmox is based on Debian.
I didn’t look deep into it, but there are tutorial out there, that say how you can install Proxmox on eMMC, and it was pretty easy with a few lines, so I guess they did leave it out of kmod.
But I don’t want to use Proxmox in an unsupported state, since an update could break my system easily then.
Maybe I’m out of the loop but can’t you use this kind of thing to manage people authenticating to it?
That’s and IDP yes and I actually use Authentik.
But to be able for users to authenticate against an IDP the service must support some protocols (like SAML2.0, OAuth or LDAPS) and it must be configured.
So I need to be able to add my Authentik instance as an IDP in the NAS.
And yes, I would also go for TrueNAS for stability purposes.
Okay.
Overall, the software looks like it’s an after-though and you focused on the hardware first.
