r/TrueNAS: Advise on IT-plan, company: 50 people, 4 locations

r/TrueNAS: Advise on IT-plan, company: 50 people, 4 locations
💡
This article archives a conversation, which took place in a subreddit post (original source linked below) and to which I contributed a solution or answer (with the u/MasterofSynapse handle), in a Q&A format.

Original Reddit post: https://www.reddit.com/r/truenas/comments/whw6cw/advise_on_itplan_company_50_people_4_locations/

Question

Hello, recently our company "our company" (1 location, 10 employees) was acquired by a larger company "acquisition" (3 locations, 40 employees). "Our company" worked locally on a synology NAS server (DS916 in high availability mode). We make drawings for the design of public spaces. Civil engineering, inner city design. Occasional 3D models, point clouds and lots of AutoCAD files.

"Acquisition" does basically the same work and we will be a 4th location in the Netherlands, but they already work in a cloud environment with a dropbox account (40 people on 1 business account, something I think is not even allowed, but also very unsafe).

I am making a plan for the future and am personally skeptical of big tech companies and therefore prefer to avoid them. So I am thinking of a Truenas server with Nextcloud and want to build a test machine in the coming weeks to experience how i can set this up. There are few IT companies in the Netherlands that I can ask for help from (isn't that a huge business opportunity?).

Questions I have:

  • can Nextcloud or Truenas be linked to the windows azure environment we are working in now?
  • Is there also a possibility to have a truenas system running at each site and have that data synced with each other? And multiple Nextcloud environments (e.g. one cloud per branch, then each branch can also offer the possibility to keep working locally, after all, in cloud environments there is a risk that a DWG file (AutoCAD) is opened from two different branches and that the cloud service does not see that.

Answer

I will give you a short rundown, if you want any longer explanations or consulting, send me a DM and we can set something up.

Question 1:

Windows Azure can mean two things, either its a classic Active Directory running on a Windows Server, doesn't matter where. Or it can mean your new owner company uses Azure Active Directory, which comes with Microsoft 365 or one can set it up themselves. Nextcloud and TrueNAS are able to speak to the Active Directory directly, both have integrations for that. But to this day iXSystems hasn't built a native connector to the regular Azure Active Directory. You can buy-in an upgrade for 100$+ a month which adds LDAPS to Azure AD, which TrueNAS can understand, but that isn't native Azure AD.

So, in conclusion, if you new company uses Azure AD without any upgrade you are out of luck using it for Identity with TrueNAS and Nextcloud.

Question 2:

Second, yes, it is possible to have two or more TrueNAS system syncing to each other with zfs send & receive. Nextcloud will be more interesting, but there are guides for High Availability of Nextcloud installations, so with some added complexity, it will work.

But, for your use case and size multiple Nextcloud instances syncing with each other are unnecessary. Needing multiple instances just because the program being used can't merge certain file types or doesn't understand the concept of lock files to not overwrite files being used is not a good reason.

This is exactly one business case as to why using a major public cloud provider that is certified for use with CAD programs and the syncing of those files makes sense.

Comment 1 on Answer

q1: our company is using azure ad with Microsoft 365 indeed (see my comment on the comment above). So for $100 a month there is a possibility to connect Microsoft 365 users to TrueNAS and Next cloud? And without it it is not possible? That situation was also with the synology accounts and with only 10 employees $100 a Month is expensive, but with 50 now it is relatively less expensive. The ease of making accounts in one place is also pretty!

Q2: my question seems strange I guess, but at our location we are used to working locally (quicker than cloud) and the other three locations are used to working in the cloud. If we will host storage by ourselves (a wish from me!) Than it needs to work 99,9% of the time, so a mirrored system that can stand in if the primer systems is down, there needs to be attention to it.

Problem also is that I am no educated IT guy, but started by myself and did the IT by mynl self, I grew slowly in it. And I love it actually besides my dayjob! Maybe it is good to DM and sketch some possibilities that could lead to a plan! I would really like that!

My response to comment 1

Q1: The 100$ a month upgrade adds some classic functions to Azure AD that help TrueNAS and Nextcloud understand the user attributes saved to Azure AD.

Q2: Your idea of having redundancy is very commendable, since most SMB IT admins nowadays dont care about that anymore :/
And yes, it is a necessary thought going forward with a solution for 50+ users.

But make no mistake, just having two TrueNAS and an HA Nextcloud wont give you 99.9% uptime, there are more factors involved.

All in all, I believe you are on the right path and we can for sure work on something you will be satisfied with. Please go ahead and send me a DM when it fits your schedule and we will go from there.