Tiny NAS: a Tiny Highly-Avalaible NAS Appliance

Massimiliano Adamo



927 latest version

5.0 quality score

Version information

  • 0.5.7 (latest)
  • 0.5.6
  • 0.5.5
  • 0.5.0
  • 0.4.3
  • 0.4.2
  • 0.4.1
  • 0.4.0
  • 0.3.1
  • 0.3.0
  • 0.1.0
released Sep 18th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 7.0.0
  • RedHat

Start using this module


maxadamo/tiny_nas — version 0.5.7 Sep 18th 2020


Table of Contents

  1. Description
  2. Usage - Configuration options and additional functionality
  3. Limitations - OS compatibility, etc.
  4. Development - Guide for contributing to the module


Tiny_NAS sets up a tiny, low-end and Highly-Available NAS with two ways synchronization. Tiny_nas works in two ways. Directories can be either:

  • watched and immediately synchronized based on kernel events
  • synchronized through a cron job

You can have a combination of them (some directories watched, other directories under cron)

No ZFS. Tiny NAS is tiny, and it doesn't need a fancy filesystem nor complex volume management (stay tuned: I am working on a full fledged ZFS HA Nas).
It allows to use LVM through the options mentioned in init.pp. If you intend to use ZFS, disable LVM management, and add the ZFS volume yourself.

No NFS4. Tiny NAS is tiny and the security is based on the IP (managed throught the firewall module)

Tiny NAS is low-end by design. If you have a high load on you NAS neither lscyncd + csync2 nor scheduled job are a proper solution and you should consider a clustered filesystems.

Setup Requirements

On CentOS 7 the package csync2 is missing. You can download an RPM here

You need to create the keys beforehand, using the following commands:

openssl req -x509 -newkey rsa:1024 -days 7200 \
-keyout ./csync2_ssl_key.pem -nodes \
-out ./csync2_ssl_cert.pem -subj '/CN=puppet'
csync2 -k ./csync2_puppet-group.key

You can either store the values in Hiera or they can be provided as templates.


Server setup

This is all you need (ipv6 is optional):

      - ',insecure,async,no_root_squash)'
      - ',insecure,async,no_root_squash)'
      - '2001:777:3::50(rw,insecure,async,no_root_squash)'
      - '2001:777:3::51(rw,insecure,async,no_root_squash)'
    dir_watch: false
      - ',insecure,async,no_root_squash)'
      - ',insecure,async,no_root_squash)'
      - '2001:777:3::52(rw,insecure,async,no_root_squash)'
      - '2001:777:3::53(rw,insecure,async,no_root_squash)'
    dir_watch: true
class { 'tiny_nas':
  sync_dir             => lookup('sync_dir'),
  nodes_hostnames      => ['nas01.example.org', 'nas02.example.org'],
  nodes_ip4            => ['', ''],
  nodes_ip6            => ['2001:777:3::98', '2001:777:3::99'],
  vip_ip4              => '',
  vip_ip4_subnet       => '22',
  vip_ip6              => '2001:777:3::100',
  vip_ip6_subnet       => '64',
  csync2_ssl_key       => lookup('csync2_ssl_key'),
  csync2_ssl_cert      => lookup('csync2_ssl_cert'),
  csync2_preshared_key => lookup('csync2_preshared_key'),
  manage_lvm           => true,
  vg_name              => 'rootvg',
  lv_size              => 3;

If can also use templates for the keys:

  csync2_ssl_key       => template('mymodule/ssl_key'),
  csync2_ssl_cert      => template('mymodule/ssl_cert'),
  csync2_preshared_key => template('mymodule/preshared_key'),

Client setup

tiny_nas::client { '/etc/puppetlabs/pupet/ssl':
  ensure             => present,
  nfs_server_enabled => true,
  server             => 'nas.example.org',
  share              => '/nas/puppet_ca';

nfs options default is:

options_nfs => 'tcp,soft,nolock,rsize=32768,wsize=32768,intr,noatime,actimeo=3'

Please check manifests/client.pp for other available options.


It is untested on more then two hosts.

It is untested without IPv6.

It is not tested very well on CentOS


Feel free to make pull requests and/or open issues on my GitHub Repository