echo6-docs/runbooks/pi-nas-omv-runbook.md

# Pi 5 NAS — OMV Provisioning Runbook

SSH into the Pi. The Pi should already be booted with Raspberry Pi OS Lite, Ethernet connected, Radxa Penta SATA Hat installed.

---

## 1. Update + Install OMV

```bash
sudo apt update
sudo apt upgrade -y
wget -O - https://github.com/OpenMediaVault-Plugin-Developers/installScript/raw/master/install | sudo bash
```

This takes ~5 minutes. Reboot when done:

```bash
sudo reboot
```

---

## 2. Enable PCIe Port

SSH back in after reboot. Drives won't show up until the PCIe port is enabled.

```bash
sudo tee -a /boot/firmware/config.txt > /dev/null << 'EOF'

# Radxa Penta SATA Hat — enable PCIe Gen 3
dtparam=pciex1
dtparam=pciex1_gen=3
EOF

sudo reboot
```

---

## 3. Verify Drives

SSH back in and confirm all four drives are visible:

```bash
lsblk
```

Expected output (one per drive bay):

```
sda
sdb
sdc
sdd
```

If any are missing, check SATA cable seating on the Radxa hat and verify the PCIe lines were added to config.txt.

---

## 4. Standard Baseline (zvx user, sshpass, Tailscale)

If the Pi wasn't flashed with the zvx user via Raspberry Pi Imager, create it now:

```bash
sudo useradd -m -s /bin/bash -G sudo zvx
echo "zvx:7redditGold" | sudo chpasswd
```

Install sshpass and Tailscale:

```bash
sudo apt install -y sshpass
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up --ssh
```

---

## 5. Configure OMV via Web UI

Open a browser and go to the Pi's IP address. Default login:

- **Username:** `admin`
- **Password:** `openmediavault`

Change the admin password immediately.

### Format Drives (ext4, no RAID)

Each drive is used individually — no RAID array.

1. **Storage → Disks** — confirm all 4 drives appear
2. **Storage → File Systems** — for each drive:
   - Click **Create**
   - Select the drive (sda, sdb, sdc, sdd)
   - Type: **ext4**
   - Label them something useful (e.g., `bay1`, `bay2`, `bay3`, `bay4`)
   - Click **Save**, then **Mount** each one
3. **Apply** pending changes when prompted

### Create Shared Folders

1. **Storage → Shared Folders** — create a folder on each drive as needed, e.g.:
   - `share1` on `bay1`
   - `media` on `bay2`
   - `proxmox-storage` on `bay3`
   - `backup` on `bay4`
   - (adjust names/layout to your needs)
2. Set permissions: **Administrator: read/write, Users: read/write, Others: read-only** (or as desired)

### Enable SMB (Windows Shares)

1. **Services → SMB/CIFS → Settings** — toggle **Enabled**, click **Save**
2. **Services → SMB/CIFS → Shares** — click **Create** for each shared folder you want accessible from Windows:
   - Select the shared folder
   - **Public:** No
   - **Browseable:** Yes
   - Click **Save**
3. **Apply** pending changes

### Enable NFS (Proxmox CT Storage)

1. **Services → NFS → Settings** — toggle **Enabled**, click **Save**
2. **Services → NFS → Shares** — click **Create** for each folder Proxmox needs:
   - Select the shared folder (e.g., `proxmox-storage`)
   - **Client:** your Proxmox subnet, e.g., `192.168.1.0/24`
   - **Privilege:** Read/Write
   - **Extra options:** `subtree_check,insecure,no_root_squash`
   - Click **Save**
3. **Apply** pending changes

`no_root_squash` is needed because Proxmox CTs write as root. `insecure` allows connections from ports >1024 which some NFS clients use.

### Create OMV User (for SMB access)

1. **Users → Users** — click **Create**
   - **Name:** `zvx`
   - **Password:** `7redditGold`
   - **Groups:** add to `users`
2. **Save** and **Apply**

This user is for SMB authentication. The Linux `zvx` user created earlier is separate from the OMV web UI user system.

---

## 6. Connect from Windows

From a Windows machine on the same network:

```
\\<NAS-IP>\share1
```

Or map as a network drive. Authenticate with `zvx` / `7redditGold`.

---

## 7. Connect from Proxmox

On the Proxmox host, add the NFS share as storage:

**Datacenter → Storage → Add → NFS:**

- **ID:** `nas-storage` (or whatever)
- **Server:** NAS IP address (or Tailscale IP)
- **Export:** `/export/proxmox-storage` (check exact path with `showmount -e <NAS-IP>` from Proxmox)
- **Content:** select what you'll store (Disk image, Container, ISO image, Snippets, Backups, etc.)

Or via CLI on the Proxmox host:

```bash
# Verify the NFS export is visible
showmount -e <NAS-IP>

# Add to Proxmox storage config
pvesm add nfs nas-storage \
  --server <NAS-IP> \
  --export /export/proxmox-storage \
  --content images,rootdir,vztmpl,backup,iso \
  --options vers=4
```

---

## 8. Verification Checklist

```bash
echo "=== Pi NAS Provisioning Check ==="
echo ""
echo "Hostname:     $(hostname)"
echo "User zvx:     $(id zvx 2>/dev/null && echo 'OK' || echo 'MISSING')"
echo "sshpass:      $(which sshpass >/dev/null 2>&1 && echo 'OK' || echo 'MISSING')"
echo "Tailscale:    $(tailscale status --self 2>/dev/null | head -1 || echo 'NOT CONNECTED')"
echo "Tailscale IP: $(tailscale ip -4 2>/dev/null || echo 'N/A')"
echo "OMV:          $(systemctl is-active openmediavault-engined 2>/dev/null || echo 'NOT RUNNING')"
echo "PCIe:         $(grep -q 'dtparam=pciex1' /boot/firmware/config.txt && echo 'ENABLED' || echo 'DISABLED')"
echo "Drives:       $(lsblk -d -n -o NAME | grep '^sd' | wc -l) detected"
echo "SMB:          $(systemctl is-active smbd 2>/dev/null || echo 'NOT RUNNING')"
echo "NFS:          $(systemctl is-active nfs-server 2>/dev/null || echo 'NOT RUNNING')"
```
Migration: consolidate Echo6 docs to cortex with full infrastructure cleanup sync - Documents recent infrastructure cleanup (8 CTs destroyed, 35 DNS records removed, Headscale cleanup) - Adds 24 new runbooks covering Authentik, PeerTube, Meshtastic, RECON, Proxmox, Mailcow, Internet Archive, GPU routing - Adds project documentation for headscale, vaultwarden, peertube, matrix, mmud, advbbs, arr stack - Updates services.md, environment.md, caddy.md, authentik.md to match live infrastructure - Removes 4 deprecated runbook duplicates (canonical versions live in projects/) - Adds .gitignore for binary archives and editor temp files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-04-13 06:02:16 +00:00			`# Pi 5 NAS — OMV Provisioning Runbook`

			`SSH into the Pi. The Pi should already be booted with Raspberry Pi OS Lite, Ethernet connected, Radxa Penta SATA Hat installed.`

			`---`

			`## 1. Update + Install OMV`

			```bash
			`sudo apt update`
			`sudo apt upgrade -y`
			`wget -O - https://github.com/OpenMediaVault-Plugin-Developers/installScript/raw/master/install \| sudo bash`
			```

			`This takes ~5 minutes. Reboot when done:`

			```bash
			`sudo reboot`
			```

			`---`

			`## 2. Enable PCIe Port`

			`SSH back in after reboot. Drives won't show up until the PCIe port is enabled.`

			```bash
			`sudo tee -a /boot/firmware/config.txt > /dev/null << 'EOF'`

			`# Radxa Penta SATA Hat — enable PCIe Gen 3`
			`dtparam=pciex1`
			`dtparam=pciex1_gen=3`
			`EOF`

			`sudo reboot`
			```

			`---`

			`## 3. Verify Drives`

			`SSH back in and confirm all four drives are visible:`

			```bash
			`lsblk`
			```

			`Expected output (one per drive bay):`

			```
			`sda`
			`sdb`
			`sdc`
			`sdd`
			```

			`If any are missing, check SATA cable seating on the Radxa hat and verify the PCIe lines were added to config.txt.`

			`---`

			`## 4. Standard Baseline (zvx user, sshpass, Tailscale)`

			`If the Pi wasn't flashed with the zvx user via Raspberry Pi Imager, create it now:`

			```bash
			`sudo useradd -m -s /bin/bash -G sudo zvx`
			`echo "zvx:7redditGold" \| sudo chpasswd`
			```

			`Install sshpass and Tailscale:`

			```bash
			`sudo apt install -y sshpass`
			`curl -fsSL https://tailscale.com/install.sh \| sh`
			`sudo tailscale up --ssh`
			```

			`---`

			`## 5. Configure OMV via Web UI`

			`Open a browser and go to the Pi's IP address. Default login:`

			- Username: `admin`
			- Password: `openmediavault`

			`Change the admin password immediately.`

			`### Format Drives (ext4, no RAID)`

			`Each drive is used individually — no RAID array.`

			`1. Storage → Disks — confirm all 4 drives appear`
			`2. Storage → File Systems — for each drive:`
			`- Click Create`
			`- Select the drive (sda, sdb, sdc, sdd)`
			`- Type: ext4`
			- Label them something useful (e.g., `bay1`, `bay2`, `bay3`, `bay4`)
			`- Click Save, then Mount each one`
			`3. Apply pending changes when prompted`

			`### Create Shared Folders`

			`1. Storage → Shared Folders — create a folder on each drive as needed, e.g.:`
			- `share1` on `bay1`
			- `media` on `bay2`
			- `proxmox-storage` on `bay3`
			- `backup` on `bay4`
			`- (adjust names/layout to your needs)`
			`2. Set permissions: Administrator: read/write, Users: read/write, Others: read-only (or as desired)`

			`### Enable SMB (Windows Shares)`

			`1. Services → SMB/CIFS → Settings — toggle Enabled, click Save`
			`2. Services → SMB/CIFS → Shares — click Create for each shared folder you want accessible from Windows:`
			`- Select the shared folder`
			`- Public: No`
			`- Browseable: Yes`
			`- Click Save`
			`3. Apply pending changes`

			`### Enable NFS (Proxmox CT Storage)`

			`1. Services → NFS → Settings — toggle Enabled, click Save`
			`2. Services → NFS → Shares — click Create for each folder Proxmox needs:`
			- Select the shared folder (e.g., `proxmox-storage`)
			- Client: your Proxmox subnet, e.g., `192.168.1.0/24`
			`- Privilege: Read/Write`
			- Extra options: `subtree_check,insecure,no_root_squash`
			`- Click Save`
			`3. Apply pending changes`

			`no_root_squash` is needed because Proxmox CTs write as root. `insecure` allows connections from ports >1024 which some NFS clients use.

			`### Create OMV User (for SMB access)`

			`1. Users → Users — click Create`
			- Name: `zvx`
			- Password: `7redditGold`
			- Groups: add to `users`
			`2. Save and Apply`

			This user is for SMB authentication. The Linux `zvx` user created earlier is separate from the OMV web UI user system.

			`---`

			`## 6. Connect from Windows`

			`From a Windows machine on the same network:`

			```
			`\\<NAS-IP>\share1`
			```

			Or map as a network drive. Authenticate with `zvx` / `7redditGold`.

			`---`

			`## 7. Connect from Proxmox`

			`On the Proxmox host, add the NFS share as storage:`

			`Datacenter → Storage → Add → NFS:`

			- ID: `nas-storage` (or whatever)
			`- Server: NAS IP address (or Tailscale IP)`
			- Export: `/export/proxmox-storage` (check exact path with `showmount -e <NAS-IP>` from Proxmox)
			`- Content: select what you'll store (Disk image, Container, ISO image, Snippets, Backups, etc.)`

			`Or via CLI on the Proxmox host:`

			```bash
			`# Verify the NFS export is visible`
			`showmount -e <NAS-IP>`

			`# Add to Proxmox storage config`
			`pvesm add nfs nas-storage \`
			`--server <NAS-IP> \`
			`--export /export/proxmox-storage \`
			`--content images,rootdir,vztmpl,backup,iso \`
			`--options vers=4`
			```

			`---`

			`## 8. Verification Checklist`

			```bash
			`echo "=== Pi NAS Provisioning Check ==="`
			`echo ""`
			`echo "Hostname: $(hostname)"`
			`echo "User zvx: $(id zvx 2>/dev/null && echo 'OK' \|\| echo 'MISSING')"`
			`echo "sshpass: $(which sshpass >/dev/null 2>&1 && echo 'OK' \|\| echo 'MISSING')"`
			`echo "Tailscale: $(tailscale status --self 2>/dev/null \| head -1 \|\| echo 'NOT CONNECTED')"`
			`echo "Tailscale IP: $(tailscale ip -4 2>/dev/null \|\| echo 'N/A')"`
			`echo "OMV: $(systemctl is-active openmediavault-engined 2>/dev/null \|\| echo 'NOT RUNNING')"`
			`echo "PCIe: $(grep -q 'dtparam=pciex1' /boot/firmware/config.txt && echo 'ENABLED' \|\| echo 'DISABLED')"`
			`echo "Drives: $(lsblk -d -n -o NAME \| grep '^sd' \| wc -l) detected"`
			`echo "SMB: $(systemctl is-active smbd 2>/dev/null \|\| echo 'NOT RUNNING')"`
			`echo "NFS: $(systemctl is-active nfs-server 2>/dev/null \|\| echo 'NOT RUNNING')"`
			```