The story:
My largest client needed a solution to reliably enable access to enterprise data for a few tiny branch locations. Each location has two or three laptops that needed to function even when their internet connection is down. All edge location data needs to be sent to the mothership ideally on a daily basis or as soon as an internet connection is available.
Obviously these laptops are vulnerable to ransomeware and other infections so the data should be resilient even in this scenario. And due to tight budgets, IT support is minimal for these edge locations.
My solution consists of repurposing some Intel NUCs (similar to the one from STH’s Tiny / Mini / Micro project) on which I installed Ubuntu server with OpenVPN to the mothership. For storage I added two 512GB SATA SSDs on which I created a ZFS pool (with mirroring). The one critical dataset holding the data relevant for our business at that edge location is shared on the edge network via SMB and is protected with a hourly zfs snapshot schedule. A cronjob tries to replicate that dataset to the mothership daily after business hours.
The solution has been working well and is surprisingly low maintenance, so I’m wondering if it could be productised. What do you think? What solutions do you deploy for edge storage?