Documentation

Creating an S3 Bucket

An S3 bucket is your lifeline to a limitless bucket of storage. It scales effortlessly, keeping your data safe, accessible, and ready when you need it. Whether you're storing backups, hosting static sites, or archiving logs, S3 has you covered—just don't forget to set your permissions unless you want the whole internet to join in.

This is a quick tutorial on how to create your first AWS S3 (Simple Storage Service) Bucket. Creating a bucket is a straightforward process that can be accomplished through the AWS Management Console.

Step 1: Sign in to the AWS Management Console

1. Open the AWS Management Console (https://aws.amazon.com/console/)
2. Log in to your AWS account. If you don't have an account, you'll need to create one.

Step 2: Access the S3 Management Console

1. Once logged in, locate the Services menu at the top of the console.
2. Click on Services and then select S3 under the Storage category. This will take you to the S3 Management Console.

Step 3: Create a New Bucket

1. In the S3 Management Console, click on the Create bucket button.
2. A form will appear where you can configure your bucket.

Step 4: Configure Your Bucket

1. Bucket name: Enter a unique name for your bucket. The bucket name must be unique across all existing bucket names in Amazon S3 (globally). It must comply with DNS naming conventions, and cannot contain uppercase characters or underscores. We recommend for any bucket that will be used by gnas, that the bucket name begin with "gnas-", so that it is easily distinguishable.
2. Region: Select the AWS Region where you want the bucket to reside. Choose a region closest to you to minimize latency and costs.
3. Bucket settings for Block Public Access: These settings are used to control public access to your bucket. By default, all public access is blocked. If you need your bucket to be publicly accessible (not recommended for sensitive data), you can modify these settings. However, it's typically best to leave them as-is for security reasons.
4. Bucket Versioning: Enable versioning if you want to keep multiple variants of an object in the same bucket. This is optional and can be enabled later. For Glacier NAS, this is not required.
5. Tags, Logging, Encryption: These additional settings (like adding tags for easier management, enabling server access logging, or default encryption) are optional and can be configured based on your requirements.
6. Review: Review your settings. Ensure that the bucket name and region are correctly set, as they cannot be changed after the bucket is created.

Step 5: Create the Bucket

1. Once you've configured your bucket settings, click on the Create bucket button at the bottom of the page.
2. The bucket will be created, and you'll be redirected to the S3 Management Console, where your new bucket will be listed.
3. Take note of the bucket name.

IAM Configuration

To securely access your S3 bucket, you'll need to configure AWS Identity and Access Management (IAM) with the appropriate permissions.

Creating an IAM User

1. Navigate to the IAM console in AWS
2. Create a new user with programmatic access
3. Attach the following policy to the user:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": "arn:aws:s3:::gnas-*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::gnas-*/*"
        }
    ]
}

After creating the user, save the Access Key ID and Secret Access Key securely. You'll need these credentials to configure Glacier Backups.

Installation

GNAS can be installed on a dedicated server or virtual machine. The installation process is straightforward:

# Download the GNAS installer
wget https://downloads.glacierbackups.com/gnas/latest/gnas-installer.sh

# Make the installer executable
chmod +x gnas-installer.sh

# Run the installer
sudo ./gnas-installer.sh

# Follow the on-screen prompts to complete the installation

Configuration

After installation, you'll need to configure GNAS with your AWS credentials and backup preferences:

# Open the GNAS configuration file
sudo nano /etc/gnas/config.yaml

Edit the configuration file with your settings:

aws:
  access_key: YOUR_ACCESS_KEY_ID
  secret_key: YOUR_SECRET_ACCESS_KEY
  region: us-west-2
  bucket: gnas-backups

storage:
  local_path: /mnt/gnas/data
  retention_days: 30
  
backup:
  schedule: "0 2 * * *"  # Daily at 2 AM
  compression: true
  encryption: true
  encryption_key: "your-secure-encryption-key"
  
network:
  port: 8080
  allow_ips:
    - 192.168.1.0/24
    - 10.0.0.0/8

Save the file and restart the GNAS service:

sudo systemctl restart gnas

AMI Setup

For AWS deployments, we provide a pre-configured Amazon Machine Image (AMI) that you can use to quickly deploy GNAS:

1. Log in to the AWS Management Console
2. Navigate to EC2 > AMIs
3. Search for "GNAS" in the public images
4. Select the latest GNAS AMI and click "Launch"
5. Follow the EC2 instance launch wizard, selecting your preferred instance type and configuration
6. Once the instance is running, connect to it via SSH and complete the setup wizard

GCP Copy

GNAS also supports Google Cloud Platform for additional redundancy. To configure GCP as a secondary backup destination:

1. Create a GCP service account with Storage Admin permissions
2. Download the service account key file
3. Add the following to your GNAS configuration:

gcp:
  enabled: true
  service_account_key: /path/to/service-account-key.json
  project_id: your-gcp-project-id
  bucket: gnas-backups-gcp
  
multi_cloud:
  strategy: "copy"  # Options: copy, sync, archive
  schedule: "0 4 * * *"  # Daily at 4 AM

Save the configuration and restart the GNAS service to apply the changes.