Would absolutely not recommend fedora as a first distro.

Yeah, I don’t recommend settling on it, but I stand by learning on it. It will be the most frictionless. It’ll ease you into resolving hairy problems in a way that is less discouraging, because they’re not quite as hairy.

Ubuntu. Many will disagree but, Debian flavors are a way smoother experience from the start and Ubuntu has a ton of community support. You’ll rarely find an issue no one found and solved before you.

if you want total control

You literally just moved the goalposts.

But, sure, ok… your NAS can be simply 1 16TB HDD in a server that does a dozen other things already, assuming its generally always available on your network. That’s roughly what I do (with redundancy).

Synology is made for the tech literate tech idiot.

They solve one problem and create a dozen more. That problem not only doesn’t need a physical solution, it doesn’t need to be a standalone device. It doesn’t need its own shitty proprietary operating system.

Anyways. Fuck them.

Im not saying Zuck is good or a savior of choice, but now would be a good time for facebook investors to pressure him to eat that difference.

Not that he should, but hes been all in on Open Source* lately

*Massive stipulations apply.

Okay, the permission error is almost certainly because the Samba process inside the container doesn’t have the right Linux permissions for the host directory /mnt/my_ext_hdd/my_dir/my_subdir.

On your server running docker, find the numeric UID and GID for that directory: ls -ln /mnt/my_ext_hdd/my_dir/my_subdir

you likely need to set PUID=<uid_from_step_1> and PGID=<gid_from_step_1> in the environment: section of your docker-compose.yml file for the Samba service.

Recreate the container (docker compose up -d --force-recreate).

WARNING: This assumes you are only accessing Samba from within your secure local network. Never expose Samba directly to the internet. Doing so is a major security risk and makes you a target for attacks.

You’re running into that permission error because of how Docker handles file permissions between the host and the container. It’s by design for security reasons. The user inside the container likely doesn’t have access to the mounted directory unless the UID and GID match what’s on the host. You can work around it, but it’s locked down intentionally.

Also, what’s the use case here? What do you need file sharing via Samba in a Docker container for? If it’s just about moving files in and out, docker cp or docker exec -it container /bin/bash might be easier.

If it is just you on your server and the only access from outside your network is SSHing in front the VPN? You’re good. Especially if it’s just you on your network/VPN.

If there are services that others utilize, you need a firewall. Can’t trust other people’s devices to not drag in malware.

So, this question is very difficult to answer. I don’t want you to be discouraged though.

I can’t answer you because I don’t know your goals. Since we’re in /c/selfhosted, I assume you’re experimenting with some self-hosted setups, which is awesome! But what exactly are you hoping to do with OpenWRT? And what’s the plan for the switch? Are you aiming for better network control, VLANs, firewall rules, or are you just looking to have network area storage?

If you can share more about what you’re trying to accomplish, folks here will be much better equipped to help you figure out your next steps.

https://crt.sh/ would make anyone who thought obscurity would be a solution poop themselves.

I’m all for pirating, but tbh music streaming apps are a service that is still in the “worth it” range. Not where Spotify is going, but, maintaining a library of high quality music with all the assets, and serving it to all your devices over the Internet is not a small feat to do securely.

I’ll probably switch to tidal for now while I start building up my library to include stuff beyond what I like…

I refuse to pay for ads to be delivered to me. Seeing them unpaid is bad enough and I avoid it at all costs. But I will not pay for ads.