TiNas

@mgutt I am not sure if you can help out. But noticed you have a lot of posts on power consumption. Would appreciate it if you could take a look at my post

I am looking at reducing the power consumption of my system. System specs: ASRock H370M-ITX/ac Version Intel Pentium Gold G5400 CPU @ 3.70GHz Corsair DDR4 Valueselect 1x8GB 2666 Corsair PSU TX550M 550W 1 case fan that is set to 0rpm when system is idling Storage: Kingston SSD UV500 120GB (Cache) WD Blue 3,5" (CMR, 64MB cache, 5400rpm), 2TB WD20EZRZ (Parity) WD HDD 3.5" 1TB S-ATA3 64MB WD10EFRX Red (Data) I am using both the ethernet ports on the system (2 different VLANs) The system is running a VPN in Docker which is rarely used. Homeassistant (running as a VM) with Zigbee gateway and is used as my NAS backup drive. Things I already done to reduce power consumption: - Spin down harddrives after 4 hours - Disable WIFI and Bluetooth controller - Disable audio controller - Made sure all the C states are enabled in the BIOS - Turn of case fan below 50c CPU temp - In unraid tweaks: - Disable Intel Turbo/AMD Performance Boost - At night turn Power Saving CPU Scaling Governor to 'power saving' - Tried enabling powertop used auto-tune and it broke my Zigbee connection and didn't notice a difference in wattage used My power consumption idles at around 28 - 31 watts. I would like to see if I can lower the usage more. Any ideas?

Thank you so much!!! This did it for me after hours of debugging.

Good option Will look into that.

aaah ok thanks I have to put in my passphrase so I am save in that regard! Then I think I will keep my secret like I described above on my encrypted drives, so they wont be acquired if anyone would acquire my physical USB drive. Thanks for the info and help!!!

Ah if the encryption key from the drives is stored on the USB then this doesn't make a lot of sense to put the secrets on the encrypted data drives I didn't know that the encryption lived on the USB. But makes sense now that I think of it. Then I am wondering what is the point of encrypting the drives in the first place.. of course when they break down or you have to send them for RMA. I need to enter a password whenever I start the unraid array. Does this mean the encryption key is stored on the USB? or is it useless without the password? Is there a way to store the encryption key safely outside of the USB? Maybe I am overly worried, But I just dont like having data unecrypted.

Thanks for your reply Doron, I know that if they have access to the terminal/NAS they can get the secrets. Which is not my concern. The Threat I want to protect my secrets from, is when somebody physically would acquire the USB drive. Its also just a feeling, having my secrets on any un-encrypted drive doesn't feel 'safe'.

Not 100% sure yet if this is the best way of doing this. Not sure if every time the script runs the array gets spun up....

The way I solved it right now is: Created a hidden/not exported share named 'keys'. really IMPORTANT to not export/share this share Where I saved my text files like 'telegram' containing the tokens. File content: TOKEN=TOKENHERE In my user scripts I use 'sed' to get the value from the file like so $(sed -n 's/^TOKEN=\(.*\)/\1/p' < /mnt/user/keys/telegram) Example user script command I use docker run -e "TELEGRAM_BOT_TOKEN=$(sed -n 's/^TOKEN=\(.*\)/\1/p' < /mnt/user/keys/telegram)" telegrambot This way my telegram/aws and other secrets are stored on encrypted drives and not on the unencrypted USB.

I have multiple commands that require secrets/passwords which will be triggered with a cron and user scripts. Example commands 'AWS_ACCESS_KEY_ID=ABCD AWS_SECRET_ACCESS_KEY=EF1234 aws' 'docker run -e "SOMESECRET=TOKEN" dockername' I noticed the scripts live under /tmp folder, and looks like they get carried over on reboot/shutdown. Which sounds to me like the user scripts are stored on the USB. So I dont feel comfortable with having my secrets (AWS keys, Telegram tokens, passwords) directly in the user scripts. Was thinking of storing them on a separate encrypted hidden share in a .env or .secret file and just read them with grep/cat. Where would be a good place to store them?

Thanks!

Thanks Is /mnt/user the original data? and /mnt/user0 a symlink of /mnt/user?

I have created a small docker container that will backup data to S3. I want to only backup some of my shares. But I am not 100% sure which folder I should backup. Noticed that there are multiple 'copies' of shares. Under '/mnt' I noticed there are multiple folders with the same files/folders (I think its a symlink) /mnt/cache /mnt/disk1 /mnt/user /mnt/user0 In which directory is the original data located? What directory can I use best to do my backups offsite?